Don't apply the group filter when listing LDAP group membership if it is empty (#23745)
When running listLdapGroupMemberships check if the groupFilter is empty before using it to list memberships. Fix #23615 Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
parent
f4538791f5
commit
ed5e7d03c6
|
@ -208,7 +208,7 @@ func (source *Source) listLdapGroupMemberships(l *ldap.Conn, uid string, applyGr
|
|||
}
|
||||
|
||||
var searchFilter string
|
||||
if applyGroupFilter {
|
||||
if applyGroupFilter && groupFilter != "" {
|
||||
searchFilter = fmt.Sprintf("(&(%s)(%s=%s))", groupFilter, source.GroupMemberUID, ldap.EscapeFilter(uid))
|
||||
} else {
|
||||
searchFilter = fmt.Sprintf("(%s=%s)", source.GroupMemberUID, ldap.EscapeFilter(uid))
|
||||
|
|
Loading…
Reference in a new issue