Don't apply the group filter when listing LDAP group membership if it is empty ()

When running listLdapGroupMemberships check if the groupFilter is empty
before using it to list memberships.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2023-03-29 10:54:36 +01:00 committed by GitHub
parent f4538791f5
commit ed5e7d03c6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -208,7 +208,7 @@ func (source *Source) listLdapGroupMemberships(l *ldap.Conn, uid string, applyGr
}
var searchFilter string
if applyGroupFilter {
if applyGroupFilter && groupFilter != "" {
searchFilter = fmt.Sprintf("(&(%s)(%s=%s))", groupFilter, source.GroupMemberUID, ldap.EscapeFilter(uid))
} else {
searchFilter = fmt.Sprintf("(%s=%s)", source.GroupMemberUID, ldap.EscapeFilter(uid))