Ldap search filter fixing (#438)

* fixing config parser * fixing ldapsearchfilter implementing standard logic for ldapsearchfilter - for example: https://github.com/postgres/pgadmin4/blob/master/web/pgadmin/authenticate/ldap.py - def search_ldap_user * add example for ldapsearchfilter * fix format
2022-07-04 10:17:31 +03:00 · 2022-07-04 10:17:31 +03:00 · 7a769c50dd
parent 01ca5b345c
commit 7a769c50dd
3 changed files with 15 additions and 7 deletions
--- a/config-examples/odyssey-dev-ldap.conf
+++ b/config-examples/odyssey-dev-ldap.conf
@ -59,6 +59,7 @@ ldap_endpoint "ldap1" {
        ldapbasedn "dc=example,dc=org"
        ldapbinddn "cn=admin,dc=example,dc=org"
        ldapbindpasswd "admin"
+#       ldapsearchfilter "(memberOf=cn=test-db-for-ldap,cn=groups,dc=example,dc=org)"
        ldapsearchattribute "gecos"
        ldapserver "localhost"
        ldapport 389
--- a/sources/config_reader.c
+++ b/sources/config_reader.c
@ -126,7 +126,7 @@ typedef enum {
 	OD_LLDAP_BIND_PASSWD,
 	OD_LLDAP_SCHEME,
 	OD_LLDAP_SCOPE,
-	OD_LLDAP_FILTER,
+	OD_LLDAP_SEARCH_FILTER,
 	OD_LLDAP_ENDPOINT_NAME,
 	OD_LWATCHDOG,
 	OD_LWATCHDOG_LAG_QUERY,
@ -274,7 +274,7 @@ static od_keyword_t od_config_keywords[] = {
 	od_keyword("ldapurl", OD_LLDAP_URL),
 	od_keyword("ldapsearchattribute", OD_LLDAP_SEARCH_ATTRIBUTE),
 	od_keyword("ldapscheme", OD_LLDAP_SCHEME),
-	od_keyword("ldapfilter", OD_LLDAP_FILTER),
+	od_keyword("ldapsearchfilter", OD_LLDAP_SEARCH_FILTER),
 	od_keyword("ldapscope", OD_LLDAP_SCOPE),
 	od_keyword("ldap_endpoint_name", OD_LLDAP_ENDPOINT_NAME),

@ -1464,6 +1464,12 @@ od_config_reader_ldap_endpoint(od_config_reader_t *reader)
 				    reader, &ldap_current->ldapbindpasswd))
 				goto error;

+		} break;
+		case OD_LLDAP_SEARCH_FILTER: {
+			if (!od_config_reader_string(
+				    reader, &ldap_current->ldapsearchfilter))
+				goto error;
+
 		} break;
 		}
 	}
--- a/sources/ldap.c
+++ b/sources/ldap.c
@ -135,11 +135,7 @@ static inline od_retcode_t od_ldap_server_prepare(od_logger_t *logger,
 			return NOT_OK_RESPONSE;
 		}

-		/* Build a custom filter or a single attribute filter? */
-		if (serv->endpoint->ldapsearchfilter) {
-			// TODO: support;
-			return NOT_OK_RESPONSE;
-		} else if (serv->endpoint->ldapsearchattribute) {
+		if (serv->endpoint->ldapsearchattribute) {
 			od_asprintf(&filter, "(%s=%s)",
 				    serv->endpoint->ldapsearchattribute,
 				    client->startup.user.value);
@ -148,6 +144,11 @@ static inline od_retcode_t od_ldap_server_prepare(od_logger_t *logger,
 				    client->startup.user.value);
 		}

+		if (serv->endpoint->ldapsearchfilter) {
+			od_asprintf(&filter, "(&%s%s)", filter,
+				    serv->endpoint->ldapsearchfilter);
+		}
+
 		rc = ldap_search_s(serv->conn, serv->endpoint->ldapbasedn,
 				   LDAP_SCOPE_SUBTREE, filter, attributes, 0,
 				   &search_message);