fix #2510 add ldap.lowercase.permission.name

2020-12-24 17:44:22 +09:00 · 2020-12-24 17:44:22 +09:00 · be91848439
commit be91848439
parent 34db0d3683
4 changed files with 39 additions and 4 deletions
--- a/src/main/java/org/codelibs/fess/ldap/LdapManager.java
+++ b/src/main/java/org/codelibs/fess/ldap/LdapManager.java
@ -268,13 +268,20 @@ public class LdapManager {
        final boolean isRole = entryDn.toLowerCase(Locale.ROOT).indexOf("ou=role") != -1;
        if (isRole) {
            if (fessConfig.isLdapRoleSearchRoleEnabled()) {
-                roleSet.add(systemHelper.getSearchRoleByRole(name));
+                roleSet.add(systemHelper.getSearchRoleByRole(normalizePermissionName(name)));
            }
        } else if (fessConfig.isLdapRoleSearchGroupEnabled()) {
-            roleSet.add(systemHelper.getSearchRoleByGroup(name));
+            roleSet.add(systemHelper.getSearchRoleByGroup(normalizePermissionName(name)));
        }
    }

+    public String normalizePermissionName(final String name) {
+        if (fessConfig.isLdapLowercasePermissionName()) {
+            return name.toLowerCase(Locale.ROOT);
+        }
+        return name;
+    }
+
    protected void processSearchRoles(final List<SearchResult> result, final BiConsumer<String, String> consumer) throws NamingException {
        processSearchRoles(result, entryDn -> {
            final String name = getSearchRoleName(entryDn);
--- a/src/main/java/org/codelibs/fess/ldap/LdapUser.java
+++ b/src/main/java/org/codelibs/fess/ldap/LdapUser.java
@ -55,10 +55,11 @@ public class LdapUser implements FessUser {
            final String accountFilter = fessConfig.getLdapAccountFilter();
            final String groupFilter = fessConfig.getLdapGroupFilter();
            if (StringUtil.isNotBlank(baseDn) && StringUtil.isNotBlank(accountFilter)) {
-                permissions = ArrayUtils.addAll(ComponentUtil.getLdapManager().getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
+                final LdapManager ldapManager = ComponentUtil.getLdapManager();
+                permissions = ArrayUtils.addAll(ldapManager.getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
                    permissions = roles;
                    ComponentUtil.getActivityHelper().permissionChanged(OptionalThing.of(new FessUserBean(this)));
-                }), fessConfig.getRoleSearchUserPrefix() + getName());
+                }), fessConfig.getRoleSearchUserPrefix() + ldapManager.normalizePermissionName(getName()));
            } else {
                permissions = StringUtil.EMPTY_STRINGS;
            }
--- a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
+++ b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
@ -1508,6 +1508,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
    /** The key of the configuration. e.g. false */
    String LDAP_GROUP_NAME_WITH_UNDERSCORES = "ldap.group.name.with.underscores";

+    /** The key of the configuration. e.g. false */
+    String LDAP_LOWERCASE_PERMISSION_NAME = "ldap.lowercase.permission.name";
+
    /** The key of the configuration. e.g. true */
    String LDAP_ROLE_SEARCH_USER_ENABLED = "ldap.role.search.user.enabled";

@ -6437,6 +6440,20 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     */
    boolean isLdapGroupNameWithUnderscores();

+    /**
+     * Get the value for the key 'ldap.lowercase.permission.name'. <br>
+     * The value is, e.g. false <br>
+     * @return The value of found property. (NotNull: if not found, exception but basically no way)
+     */
+    String getLdapLowercasePermissionName();
+
+    /**
+     * Is the property for the key 'ldap.lowercase.permission.name' true? <br>
+     * The value is, e.g. false <br>
+     * @return The determination, true or false. (if not found, exception but basically no way)
+     */
+    boolean isLdapLowercasePermissionName();
+
    /**
     * Get the value for the key 'ldap.role.search.user.enabled'. <br>
     * The value is, e.g. true <br>
@ -9271,6 +9288,14 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
            return is(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES);
        }

+        public String getLdapLowercasePermissionName() {
+            return get(FessConfig.LDAP_LOWERCASE_PERMISSION_NAME);
+        }
+
+        public boolean isLdapLowercasePermissionName() {
+            return is(FessConfig.LDAP_LOWERCASE_PERMISSION_NAME);
+        }
+
        public String getLdapRoleSearchUserEnabled() {
            return get(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED);
        }
@ -9900,6 +9925,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
            defaultMap.put(FessConfig.LDAP_MAX_USERNAME_LENGTH, "-1");
            defaultMap.put(FessConfig.LDAP_IGNORE_NETBIOS_NAME, "true");
            defaultMap.put(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES, "false");
+            defaultMap.put(FessConfig.LDAP_LOWERCASE_PERMISSION_NAME, "false");
            defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED, "true");
            defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_GROUP_ENABLED, "true");
            defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_ROLE_ENABLED, "true");
--- a/src/main/resources/fess_config.properties
+++ b/src/main/resources/fess_config.properties
@ -794,6 +794,7 @@ ldap.auth.validation=true
 ldap.max.username.length=-1
 ldap.ignore.netbios.name=true
 ldap.group.name.with.underscores=false
+ldap.lowercase.permission.name=false

 ldap.role.search.user.enabled=true
 ldap.role.search.group.enabled=true