djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add back entries because I think it's actually necessary

Browse Source
This commit is contained in:
Margo Crawford 2022-02-11 12:06:16 -08:00
parent f890fad90c
commit dd11c02b6a
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
internal/upstreamldap/upstreamldap.go
View File

@ -464,6 +464,7 @@ func (p *Provider) searchGroupsForUserDN(conn Conn, userDN string) ([]string, er
} }
groups := []string{} groups := []string{}
entries:
for _, groupEntry := range searchResult.Entries { for _, groupEntry := range searchResult.Entries {
if len(groupEntry.DN) == 0 { if len(groupEntry.DN) == 0 {
return nil, fmt.Errorf(`searching for group memberships for user with DN %q resulted in search result without DN`, userDN) return nil, fmt.Errorf(`searching for group memberships for user with DN %q resulted in search result without DN`, userDN)
@ -474,6 +475,7 @@ func (p *Provider) searchGroupsForUserDN(conn Conn, userDN string) ([]string, er
return nil, fmt.Errorf("error finding groups for user %s: %w", userDN, err) return nil, fmt.Errorf("error finding groups for user %s: %w", userDN, err)
} }
groups = append(groups, overrideGroupName) groups = append(groups, overrideGroupName)
continue entries
} }
// if none of the overrides matched, use the default behavior (no mapping) // if none of the overrides matched, use the default behavior (no mapping)
mappedGroupName, err := p.getSearchResultAttributeValue(groupAttributeName, groupEntry, userDN) mappedGroupName, err := p.getSearchResultAttributeValue(groupAttributeName, groupEntry, userDN)