#1554 check adminFilter length before LDAP search

2015-09-01 08:40:11 -04:00 · 2015-09-01 08:40:11 -04:00 · f1adbca0f1
commit f1adbca0f1
parent 90a6553c37
2 changed files with 16 additions and 14 deletions
--- a/modules/auth/ldap/ldap.go
+++ b/modules/auth/ldap/ldap.go
@ -120,19 +120,21 @@ func (ls Ldapsource) SearchEntry(name, passwd string) (string, string, string, b
 	sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname)
 	mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail)

-	search = ldap.NewSearchRequest(
-		userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
-		[]string{ls.AttributeName},
-		nil)
-
-	sr, err = l.Search(search)
 	admin_attr := false
-	if err != nil {
-		log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err)
-	} else if len(sr.Entries) < 1 {
-		log.Error(4, "LDAP Admin Search failed")
-	} else {
-		admin_attr = true
+	if len(ls.AdminFilter) > 0 {
+		search = ldap.NewSearchRequest(
+			userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
+			[]string{ls.AttributeName},
+			nil)
+
+		sr, err = l.Search(search)
+		if err != nil {
+			log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err)
+		} else if len(sr.Entries) < 1 {
+			log.Error(4, "LDAP Admin Search failed")
+		} else {
+			admin_attr = true
+		}
 	}

 	return name_attr, sn_attr, mail_attr, admin_attr, true
--- a/modules/bindata/bindata.go
+++ b/modules/bindata/bindata.go