[#3619] Validate the AuthSourceLdap#custom_filter
Conflicts: app/models/auth_source_ldap.rb test/unit/auth_source_ldap_test.rb
This commit is contained in:
parent
1318ac204e
commit
0f8a040d28
|
@ -21,6 +21,7 @@ class AuthSourceLdap < AuthSource
|
||||||
validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true
|
validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true
|
||||||
validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
|
validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
|
||||||
validates_numericality_of :port, :only_integer => true
|
validates_numericality_of :port, :only_integer => true
|
||||||
|
validate :custom_filter_should_be_valid_ldap_filter_syntax
|
||||||
|
|
||||||
before_validation :strip_ldap_attributes
|
before_validation :strip_ldap_attributes
|
||||||
|
|
||||||
|
@ -136,6 +137,16 @@ class AuthSourceLdap < AuthSource
|
||||||
return nil
|
return nil
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def custom_filter_should_be_valid_ldap_filter_syntax
|
||||||
|
return true unless custom_filter.present?
|
||||||
|
|
||||||
|
begin
|
||||||
|
return Net::LDAP::Filter.construct(custom_filter)
|
||||||
|
rescue Net::LDAP::LdapError # Filter syntax error
|
||||||
|
errors.add(:custom_filter, :invalid)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def self.get_attr(entry, attr_name)
|
def self.get_attr(entry, attr_name)
|
||||||
if !attr_name.blank?
|
if !attr_name.blank?
|
||||||
|
|
|
@ -31,6 +31,20 @@ class AuthSourceLdapTest < ActiveSupport::TestCase
|
||||||
assert_equal 'givenName', a.reload.attr_firstname
|
assert_equal 'givenName', a.reload.attr_firstname
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "validations" do
|
||||||
|
should "validate that custom_filter is a valid LDAP filter" do
|
||||||
|
@auth = AuthSourceLdap.new(:name => 'Validation', :host => 'localhost', :port => 389, :attr_login => 'login')
|
||||||
|
@auth.custom_filter = "(& (homeDirectory=*) (sn=O*" # Missing ((
|
||||||
|
assert @auth.invalid?
|
||||||
|
assert_equal "is invalid", @auth.errors.on(:custom_filter)
|
||||||
|
|
||||||
|
@auth.custom_filter = "(& (homeDirectory=*) (sn=O*))"
|
||||||
|
assert @auth.valid?
|
||||||
|
assert_equal nil, @auth.errors.on(:custom_filter)
|
||||||
|
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if ldap_configured?
|
if ldap_configured?
|
||||||
context '#authenticate' do
|
context '#authenticate' do
|
||||||
setup do
|
setup do
|
||||||
|
|
Loading…
Reference in New Issue