Commit b76bbf22 authored by Thomas Sibley's avatar Thomas Sibley
Browse files

Restore the old uncached group member search logic when Member_Attr_Value is DN

Filtering on (dn=...) is invalid because DN isn't an attribute.
Therefore if DN is what we need to search on, use the member's DN as the
search base and the standard user filter.  Only if we're searching on an
attribute do we now use the standard user base and an extended user
filter.
parent 05f15db9
......@@ -1080,10 +1080,14 @@ sub add_group_members {
if (exists $users->{lc $member}) {
next unless $username = $users->{lc $member};
} else {
my $attr = lc($RT::LDAPGroupMapping->{Member_Attr_Value} || 'dn');
my $base = $attr eq 'dn' ? $member : $RT::LDAPBase;
my $filter = $attr eq 'dn'
? $RT::LDAPFilter
: "(&$RT::LDAPFilter($attr=" . escape_filter_value($member) . "))";
my @results = $self->_run_search(
base => $RT::LDAPBase,
filter => "(&$RT::LDAPFilter($RT::LDAPGroupMapping->{Member_Attr_Value}="
. escape_filter_value($member) . "))"
base => $base,
filter => $filter,
);
unless ( @results ) {
$users->{lc $member} = undef;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment