1
0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-18 08:16:07 +00:00

Ldap role list (#6386)

* ldap role_list

* USE_LDAP_ROLE_LIST_MAPPING
This commit is contained in:
欢乐马
2024-07-22 14:03:20 +08:00
committed by GitHub
parent dbe878199e
commit 31f49cfcce

View File

@@ -91,18 +91,28 @@ UNUSABLE_PASSWORD = '!' # This will never be a valid hash
def default_ldap_role_mapping(role):
return role
def default_ldap_role_list_mapping(role_list):
return role_list[0] if role_list else ''
ldap_role_mapping = default_ldap_role_mapping
ldap_role_list_mapping = default_ldap_role_list_mapping
USE_LDAP_ROLE_LIST_MAPPING = False
if ENABLE_LDAP:
current_path = os.path.dirname(os.path.abspath(__file__))
conf_dir = os.path.join(current_path, '../../../../conf')
sys.path.append(conf_dir)
try:
current_path = os.path.dirname(os.path.abspath(__file__))
conf_dir = os.path.join(current_path, '../../../../conf')
sys.path.append(conf_dir)
from seahub_custom_functions import ldap_role_mapping
ldap_role_mapping = ldap_role_mapping
except:
pass
try:
from seahub_custom_functions import ldap_role_list_mapping
ldap_role_list_mapping = ldap_role_list_mapping
USE_LDAP_ROLE_LIST_MAPPING = True
except:
pass
class UserManager(object):
@@ -860,8 +870,12 @@ def parse_ldap_res(ldap_search_result, enable_sasl, sasl_mechanism, sasl_authc_i
contact_email = contact_email_list[0].decode()
if user_role_list:
user_role = user_role_list[0].decode()
user_role = ldap_role_mapping(user_role)
if not USE_LDAP_ROLE_LIST_MAPPING:
role = user_role_list[0].decode()
user_role = ldap_role_mapping(role)
else:
role_list = [role.decode() for role in user_role_list]
user_role = ldap_role_list_mapping(role_list)
if authc_id_list:
authc_id = authc_id_list[0].decode()