We use cookies to ensure you get the best experience on our website
Startsida Utforska Hjälp
Registrera dig Logga in
0ct0pu5
/
pwm
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

fix issue with ldap group permissions not resolving issue #583

Jason Rivard 4 år sedan
förälder
9e9d4705b0
incheckning
496bb646ea
5 ändrade filer med 7 tillägg och 8 borttagningar
Delad Vy Visa Diff Statistik
  1. 0 1
      server/src/main/java/password/pwm/AppProperty.java
  2. 1 1
      server/src/main/java/password/pwm/config/function/UserMatchViewerFunction.java
  3. 2 2
      server/src/main/java/password/pwm/ldap/permission/LdapGroupTypeHelper.java
  4. 4 3
      server/src/main/java/password/pwm/ldap/permission/UserPermissionUtility.java
  5. 0 1
      server/src/main/resources/password/pwm/AppProperty.properties

+ 0 - 1
server/src/main/java/password/pwm/AppProperty.java
Visa fil 

@@ -75,7 +75,6 @@ public enum AppProperty
 
     CONFIG_JBCRYPT_PWLIB_ENABLE                     ( "config.enableJbCryptPwLibrary" ),
 
     CONFIG_EDITOR_BLOCK_OLD_IE                      ( "configEditor.blockOldIE" ),
 
     CONFIG_EDITOR_USER_PERMISSION_MATCH_LIMIT       ( "configEditor.userPermission.matchResultsLimit" ),
 
-    CONFIG_EDITOR_USER_PERMISSION_TIMEOUT_SECONDS   ( "configEditor.userPermission.matchTimeoutSeconds" ),
 
     CONFIG_EDITOR_IDLE_TIMEOUT                      ( "configEditor.idleTimeoutSeconds" ),
 
     CONFIG_GUIDE_IDLE_TIMEOUT                       ( "configGuide.idleTimeoutSeconds" ),
 
     CONFIG_MANAGER_ZIPDEBUG_MAXLOGBYTES             ( "configManager.zipDebug.maxLogBytes" ),

+ 1 - 1
server/src/main/java/password/pwm/config/function/UserMatchViewerFunction.java
Visa fil 

@@ -106,7 +106,7 @@ public class UserMatchViewerFunction implements SettingUIFunction
 
 
         validateUserPermissionLdapValues( tempApplication, permissions );
 
 
-        final int maxSearchSeconds = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_TIMEOUT_SECONDS ) );
 
+        final long maxSearchSeconds = config.getLdapProfiles().getOrDefault( profile, config.getDefaultLdapProfile() ).readSettingAsLong( PwmSetting.LDAP_SEARCH_TIMEOUT );
 
         final TimeDuration maxSearchTime = TimeDuration.of( maxSearchSeconds, TimeDuration.Unit.SECONDS );
 
         return UserPermissionUtility.discoverMatchingUsers( tempApplication, permissions, SessionLabel.SYSTEM_LABEL, maxResultSize, maxSearchTime );
 
     }

+ 2 - 2
server/src/main/java/password/pwm/ldap/permission/LdapGroupTypeHelper.java
Visa fil 

@@ -49,14 +49,14 @@ class LdapGroupTypeHelper implements PermissionTypeHelper
 
             throws PwmUnrecoverableException
 
     {
 
         final Instant startTime = Instant.now();
 
-        final String groupDN = userPermission.getLdapQuery();
 
+        final String groupDN = userPermission.getLdapBase();
 
 
         if ( userIdentity == null )
 
         {
 
             return false;
 
         }
 
 
-        LOGGER.trace( sessionLabel, () -> "begin check for ldapGroup match for " + userIdentity + " using queryMatch: " + groupDN );
 
+        LOGGER.trace( sessionLabel, () -> "begin check for ldapGroup match for " + userIdentity + " using groupMatch: " + groupDN );
 
 
         boolean result = false;
 
         if ( StringUtil.isEmpty( groupDN ) )

+ 4 - 3
server/src/main/java/password/pwm/ldap/permission/UserPermissionUtility.java
Visa fil 

@@ -178,9 +178,10 @@ public class UserPermissionUtility
 
         }
 
 
         final List<UserIdentity> strippedResults = stripUserMatchesOutsideUserContexts( sessionLabel, pwmApplication, resultSet );
 
-        final List<UserIdentity> sortedResults = new ArrayList<>( strippedResults );
 
-        Collections.sort( sortedResults );
 
-        return Collections.unmodifiableList( sortedResults );
 
+        return strippedResults.stream()
 
+                .distinct()
 
+                .sorted()
 
+                .collect( Collectors.toUnmodifiableList() );
 
     }
 
 
     static String profileIdForPermission( final UserPermission userPermission )

+ 0 - 1
server/src/main/resources/password/pwm/AppProperty.properties
Visa fil 

@@ -74,7 +74,6 @@ config.theme=pwm
 
 config.enableJbCryptPwLibrary=true
 
 configEditor.blockOldIE=true
 
 configEditor.userPermission.matchResultsLimit=5000
 
-configEditor.userPermission.matchTimeoutSeconds=10
 
 configEditor.idleTimeoutSeconds=900
 
 configGuide.idleTimeoutSeconds=3600
 
 configManager.zipDebug.maxLogBytes=50000000

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5