fix #2510 add ldap.lowercase.permission.name

src/main/java/org/codelibs/fess/ldap/LdapManager.java

@@ -268,13 +268,20 @@ public class LdapManager {
         final boolean isRole = entryDn.toLowerCase(Locale.ROOT).indexOf("ou=role") != -1;
         if (isRole) {
             if (fessConfig.isLdapRoleSearchRoleEnabled()) {
-                roleSet.add(systemHelper.getSearchRoleByRole(name));
+                roleSet.add(systemHelper.getSearchRoleByRole(normalizePermissionName(name)));
             }
         } else if (fessConfig.isLdapRoleSearchGroupEnabled()) {
-            roleSet.add(systemHelper.getSearchRoleByGroup(name));
+            roleSet.add(systemHelper.getSearchRoleByGroup(normalizePermissionName(name)));
         }
     }
 
+    public String normalizePermissionName(final String name) {
+        if (fessConfig.isLdapLowercasePermissionName()) {
+            return name.toLowerCase(Locale.ROOT);
+        }
+        return name;
+    }
+
     protected void processSearchRoles(final List<SearchResult> result, final BiConsumer<String, String> consumer) throws NamingException {
         processSearchRoles(result, entryDn -> {
             final String name = getSearchRoleName(entryDn);

src/main/java/org/codelibs/fess/ldap/LdapUser.java

@@ -55,10 +55,11 @@ public class LdapUser implements FessUser {
             final String accountFilter = fessConfig.getLdapAccountFilter();
             final String groupFilter = fessConfig.getLdapGroupFilter();
             if (StringUtil.isNotBlank(baseDn) && StringUtil.isNotBlank(accountFilter)) {
-                permissions = ArrayUtils.addAll(ComponentUtil.getLdapManager().getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
+                final LdapManager ldapManager = ComponentUtil.getLdapManager();
+                permissions = ArrayUtils.addAll(ldapManager.getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
                     permissions = roles;
                     ComponentUtil.getActivityHelper().permissionChanged(OptionalThing.of(new FessUserBean(this)));
-                }), fessConfig.getRoleSearchUserPrefix() + getName());
+                }), fessConfig.getRoleSearchUserPrefix() + ldapManager.normalizePermissionName(getName()));
             } else {
                 permissions = StringUtil.EMPTY_STRINGS;
             }

src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java

@@ -1508,6 +1508,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     /** The key of the configuration. e.g. false */
     String LDAP_GROUP_NAME_WITH_UNDERSCORES = "ldap.group.name.with.underscores";
 
+    /** The key of the configuration. e.g. false */
+    String LDAP_LOWERCASE_PERMISSION_NAME = "ldap.lowercase.permission.name";
+
     /** The key of the configuration. e.g. true */
     String LDAP_ROLE_SEARCH_USER_ENABLED = "ldap.role.search.user.enabled";
 
@@ -6437,6 +6440,20 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
      */
     boolean isLdapGroupNameWithUnderscores();
 
+    /**
+     * Get the value for the key 'ldap.lowercase.permission.name'. <br>
+     * The value is, e.g. false <br>
+     * @return The value of found property. (NotNull: if not found, exception but basically no way)
+     */
+    String getLdapLowercasePermissionName();
+
+    /**
+     * Is the property for the key 'ldap.lowercase.permission.name' true? <br>
+     * The value is, e.g. false <br>
+     * @return The determination, true or false. (if not found, exception but basically no way)
+     */
+    boolean isLdapLowercasePermissionName();
+
     /**
      * Get the value for the key 'ldap.role.search.user.enabled'. <br>
      * The value is, e.g. true <br>
@@ -9271,6 +9288,14 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             return is(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES);
         }
 
+        public String getLdapLowercasePermissionName() {
+            return get(FessConfig.LDAP_LOWERCASE_PERMISSION_NAME);
+        }
+
+        public boolean isLdapLowercasePermissionName() {
+            return is(FessConfig.LDAP_LOWERCASE_PERMISSION_NAME);
+        }
+
         public String getLdapRoleSearchUserEnabled() {
             return get(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED);
         }
@@ -9900,6 +9925,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             defaultMap.put(FessConfig.LDAP_MAX_USERNAME_LENGTH, "-1");
             defaultMap.put(FessConfig.LDAP_IGNORE_NETBIOS_NAME, "true");
             defaultMap.put(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES, "false");
+            defaultMap.put(FessConfig.LDAP_LOWERCASE_PERMISSION_NAME, "false");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED, "true");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_GROUP_ENABLED, "true");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_ROLE_ENABLED, "true");

src/main/resources/fess_config.properties

@@ -794,6 +794,7 @@ ldap.auth.validation=true
 ldap.max.username.length=-1
 ldap.ignore.netbios.name=true
 ldap.group.name.with.underscores=false
+ldap.lowercase.permission.name=false
 
 ldap.role.search.user.enabled=true
 ldap.role.search.group.enabled=true