mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-25 22:42:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

query numeric attribute values without quotes

Browse Source 
Some LDAP properties like `uidnumber` and `gidnumber` are numeric. When an OS tries to look up a user it will not only try to lookup the user by username, but also by the `uidnumber`: `(&(objectclass=posixAccount)(uidnumber=20000))`. The accounts backend for glauth was sending that as a string query `uid_number eq '20000'` in the ListAccounts query. This PR changes that to `uid_number eq 20000`. The removed quotes allow the parser in ocis-accounts to identify the numeric literal.

Related:
- https://github.com/owncloud/ocis-accounts/pull/68
- https://github.com/owncloud/ocis-glauth/issues/28

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
This commit is contained in:
Jörn Friedrich Dreyer
2020-07-24 18:24:44 +02:00
parent 36cbeea297
commit ec1b45cc38
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
changelog/unreleased/fix-int-queries.md Normal file
View File

@@ -0,0 +1,7 @@
Bugfix: query numeric attribute values without quotes
Some LDAP properties like `uidnumber` and `gidnumber` are numeric. When an OS tries to look up a user it will not only try to lookup the user by username, but also by the `uidnumber`: `(&(objectclass=posixAccount)(uidnumber=20000))`. The accounts backend for glauth was sending that as a string query `uid_number eq '20000'` in the ListAccounts query. This PR changes that to `uid_number eq 20000`. The removed quotes allow the parser in ocis-accounts to identify the numeric literal.
https://github.com/owncloud/ocis-glauth/issues/28
https://github.com/owncloud/ocis-glauth/pull/29
https://github.com/owncloud/ocis-accounts/pull/68

5
pkg/server/glauth/handler.go
View File

@@ -224,6 +224,7 @@ func (h ocisHandler) mapAccounts(accounts []*accounts.Account) []*ldap.Entry {
attribute("cn", accounts[i].PreferredName),
attribute("uid", accounts[i].PreferredName),
attribute("sn", accounts[i].PreferredName),
attribute("homeDirectory", ""),
attribute("ownCloudUUID", accounts[i].Id), // see https://github.com/butonic/owncloud-ldap-schema/blob/master/owncloud.schema#L28-L34
}
if accounts[i].DisplayName != "" {
@@ -330,9 +331,9 @@ func parseFilter(f *ber.Packet) (qtype queryType, q string, err error) {
case "displayname":
q = fmt.Sprintf("display_name eq '%s'", escapeValue(value))
case "uidnumber":
q = fmt.Sprintf("uid_number eq '%s'", escapeValue(value))
q = fmt.Sprintf("uid_number eq %s", value) // TODO check it is a number?
case "gidnumber":
q = fmt.Sprintf("gid_number eq '%s'", escapeValue(value))
q = fmt.Sprintf("gid_number eq %s", value) // TODO check it is a number?
case "description":
q = fmt.Sprintf("description eq '%s'", escapeValue(value))
default: