Skip to content

Commit

Permalink
connector/ldap: enable groupSearch to be empty
Browse files Browse the repository at this point in the history
  • Loading branch information
rithujohn191 committed Dec 27, 2016
1 parent 3e2d857 commit 6a728f1
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions connector/ldap/ldap.go
Original file line number Diff line number Diff line change
Expand Up @@ -445,6 +445,11 @@ func (c *ldapConnector) Refresh(ctx context.Context, s connector.Scopes, ident c
}

func (c *ldapConnector) groups(ctx context.Context, user ldap.Entry) ([]string, error) {
if c.GroupSearch.BaseDN == "" {
c.logger.Debugf("No groups returned for %q because no groups baseDN has been configured.", getAttr(user, c.UserSearch.NameAttr))
return nil, nil
}

filter := fmt.Sprintf("(%s=%s)", c.GroupSearch.GroupAttr, ldap.EscapeFilter(getAttr(user, c.GroupSearch.UserAttr)))
if c.GroupSearch.Filter != "" {
filter = fmt.Sprintf("(&%s%s)", c.GroupSearch.Filter, filter)
Expand Down

0 comments on commit 6a728f1

Please sign in to comment.