aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-02-11 20:10:47 +0100
committerAlex Auvolat <alex@adnab.me>2020-02-11 20:10:47 +0100
commitdc9b2bc4584aa690455954d4b6476b537b356c88 (patch)
tree492e683bb6a8cdc9775a9f01ac32780082f38077
parent0dca53bca06fbdb2096e4426acf8a2f3f3bf9c24 (diff)
downloadguichet-dc9b2bc4584aa690455954d4b6476b537b356c88.tar.gz
guichet-dc9b2bc4584aa690455954d4b6476b537b356c88.zip
Fix several group membership issue
TODO: - check for other wrong uses of GetAttributeValue(s) - refactor is_admin check
-rw-r--r--admin.go11
-rw-r--r--main.go16
2 files changed, 18 insertions, 9 deletions
diff --git a/admin.go b/admin.go
index fa230bc..ccfbe31 100644
--- a/admin.go
+++ b/admin.go
@@ -19,9 +19,14 @@ func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
}
can_admin := (login.Info.DN == config.AdminAccount)
- for _, group := range login.UserEntry.GetAttributeValues("memberof") {
- if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
- can_admin = true
+ fmt.Printf("%#v", login.UserEntry)
+ for _, attr := range login.UserEntry.Attributes {
+ if strings.EqualFold(attr.Name, "memberof") {
+ for _, group := range attr.Values {
+ if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
+ can_admin = true
+ }
+ }
}
}
diff --git a/main.go b/main.go
index d8848de..574ea21 100644
--- a/main.go
+++ b/main.go
@@ -259,12 +259,16 @@ func handleHome(w http.ResponseWriter, r *http.Request) {
can_admin := (login.Info.DN == config.AdminAccount)
can_invite := false
- for _, group := range login.UserEntry.GetAttributeValues("memberof") {
- if config.GroupCanInvite != "" && group == config.GroupCanInvite {
- can_invite = true
- }
- if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
- can_admin = true
+ for _, attr := range login.UserEntry.Attributes {
+ if strings.EqualFold(attr.Name, "memberof") {
+ for _, group := range attr.Values {
+ if config.GroupCanInvite != "" && group == config.GroupCanInvite {
+ can_invite = true
+ }
+ if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
+ can_admin = true
+ }
+ }
}
}