Fix several group membership issue

TODO: - check for other wrong uses of GetAttributeValue(s) - refactor is_admin check
author: Alex Auvolat <alex@adnab.me> 2020-02-11 20:10:47 +0100
committer: Alex Auvolat <alex@adnab.me> 2020-02-11 20:10:47 +0100
commit: dc9b2bc4584aa690455954d4b6476b537b356c88 (patch)
tree: 492e683bb6a8cdc9775a9f01ac32780082f38077 /admin.go
parent: 0dca53bca06fbdb2096e4426acf8a2f3f3bf9c24 (diff)
download: guichet-dc9b2bc4584aa690455954d4b6476b537b356c88.tar.gz
guichet-dc9b2bc4584aa690455954d4b6476b537b356c88.zip
1 files changed, 8 insertions, 3 deletions
diff --git a/admin.go b/admin.go
index fa230bc..ccfbe31 100644
--- a/admin.go
+++ b/admin.go
@@ -19,9 +19,14 @@ func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
 	}
 
 	can_admin := (login.Info.DN == config.AdminAccount)
-	for _, group := range login.UserEntry.GetAttributeValues("memberof") {
-		if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
-			can_admin = true
+	fmt.Printf("%#v", login.UserEntry)
+	for _, attr := range login.UserEntry.Attributes {
+		if strings.EqualFold(attr.Name, "memberof") {
+			for _, group := range attr.Values {
+				if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
+					can_admin = true
+				}
+			}
 		}
 	}
author	Alex Auvolat <alex@adnab.me>	2020-02-11 20:10:47 +0100
committer	Alex Auvolat <alex@adnab.me>	2020-02-11 20:10:47 +0100
commit	dc9b2bc4584aa690455954d4b6476b537b356c88 (patch)
tree	492e683bb6a8cdc9775a9f01ac32780082f38077 /admin.go
parent	0dca53bca06fbdb2096e4426acf8a2f3f3bf9c24 (diff)
download	guichet-dc9b2bc4584aa690455954d4b6476b537b356c88.tar.gz guichet-dc9b2bc4584aa690455954d4b6476b537b356c88.zip