mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-12-04 19:15:30 +00:00
Fixing new LDAP search filter cleansing mechanism to only target user DN value returned on AD connections (#1727)
This commit is contained in:
commit
bbe8d69345
@ -146,8 +146,6 @@ class User(db.Model):
|
|||||||
def ldap_search(self, searchFilter, baseDN, retrieveAttributes=None):
|
def ldap_search(self, searchFilter, baseDN, retrieveAttributes=None):
|
||||||
searchScope = ldap.SCOPE_SUBTREE
|
searchScope = ldap.SCOPE_SUBTREE
|
||||||
|
|
||||||
searchFilter = self.escape_filter_chars(searchFilter)
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
conn = self.ldap_init_conn()
|
conn = self.ldap_init_conn()
|
||||||
if Setting().get('ldap_type') == 'ad':
|
if Setting().get('ldap_type') == 'ad':
|
||||||
@ -292,7 +290,7 @@ class User(db.Model):
|
|||||||
Operator=LDAP_OPERATOR_GROUP,
|
Operator=LDAP_OPERATOR_GROUP,
|
||||||
User=LDAP_USER_GROUP,
|
User=LDAP_USER_GROUP,
|
||||||
)
|
)
|
||||||
user_dn = ldap_result[0][0][0]
|
user_dn = self.escape_filter_chars(ldap_result[0][0][0])
|
||||||
sf_groups = ""
|
sf_groups = ""
|
||||||
|
|
||||||
for group in ldap_group_security_roles.values():
|
for group in ldap_group_security_roles.values():
|
||||||
|
Loading…
Reference in New Issue
Block a user