From f466904a1c655deecce3c61625fd13293b90bda9 Mon Sep 17 00:00:00 2001
From: Bai <baijiangjie@gmail.com>
Date: Tue, 18 Jul 2023 10:10:24 +0800
Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=20LDAP=20=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E5=AF=BC=E5=85=A5/=E5=90=8C=E6=AD=A5=E6=97=B6?=
 =?UTF-8?q?=E6=94=AF=E6=8C=81=20is=5Factive=20=E4=B8=BA=20-1=20=E7=9A=84?=
 =?UTF-8?q?=E6=83=85=E5=86=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/authentication/backends/ldap.py | 10 ++++++----
 apps/settings/utils/ldap.py          | 10 +++++++---
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/apps/authentication/backends/ldap.py b/apps/authentication/backends/ldap.py
index 354d6211e..616052af2 100644
--- a/apps/authentication/backends/ldap.py
+++ b/apps/authentication/backends/ldap.py
@@ -9,6 +9,7 @@ from django_auth_ldap.config import _LDAPConfig, LDAPSearch, LDAPSearchUnion
 
 from users.utils import construct_user_email
 from common.const import LDAP_AD_ACCOUNT_DISABLE
+from common.utils.http import is_true
 from .base import JMSBaseAuthBackend
 
 logger = _LDAPConfig.get_logger()
@@ -162,10 +163,11 @@ class LDAPUser(_LDAPUser):
             try:
                 value = self.attrs[attr][0]
                 value = value.strip()
-                if attr.lower() == 'useraccountcontrol' \
-                        and field == 'is_active' and value:
-                    value = int(value) & LDAP_AD_ACCOUNT_DISABLE \
-                            != LDAP_AD_ACCOUNT_DISABLE
+                if field == 'is_active':
+                    if attr.lower() == 'useraccountcontrol' and value:
+                        value = int(value) & LDAP_AD_ACCOUNT_DISABLE != LDAP_AD_ACCOUNT_DISABLE
+                    else:
+                        value = is_true(value)
             except LookupError:
                 logger.warning("{} does not have a value for the attribute {}".format(self.dn, attr))
             else:
diff --git a/apps/settings/utils/ldap.py b/apps/settings/utils/ldap.py
index 2d91306ad..e8ff0ab79 100644
--- a/apps/settings/utils/ldap.py
+++ b/apps/settings/utils/ldap.py
@@ -28,6 +28,7 @@ from authentication.backends.ldap import LDAPAuthorizationBackend, LDAPUser
 from common.const import LDAP_AD_ACCOUNT_DISABLE
 from common.db.utils import close_old_connections
 from common.utils import timeit, get_logger
+from common.utils.http import is_true
 from orgs.utils import tmp_to_org
 from users.models import User, UserGroup
 from users.utils import construct_user_email
@@ -185,9 +186,12 @@ class LDAPServerUtil(object):
             if not hasattr(entry, mapping):
                 continue
             value = getattr(entry, mapping).value or ''
-            if attr == 'is_active' and mapping.lower() == 'useraccountcontrol' \
-                    and value:
-                value = int(value) & LDAP_AD_ACCOUNT_DISABLE != LDAP_AD_ACCOUNT_DISABLE
+            if attr == 'is_active':
+                if mapping.lower() == 'useraccountcontrol' and value:
+                    value = int(value) & LDAP_AD_ACCOUNT_DISABLE != LDAP_AD_ACCOUNT_DISABLE
+                else:
+                    value = is_true(value)
+
             if attr == 'groups' and mapping.lower() == 'memberof':
                 # AD: {'groups': 'memberOf'}
                 if isinstance(value, str) and value: