Skip to content

Check if user is present in any of multiple possible group names #271

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: default
Choose a base branch
from
Open

Check if user is present in any of multiple possible group names #271

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
41ca993
Check if user is present in any listed group
RoxasShadow Oct 4, 2021
dc72554
Update tmpls to show how to match multiple groups
RoxasShadow Oct 4, 2021
6be32e4
Remove original line of code for group verification
RoxasShadow Oct 7, 2021
3ce637f
Create manifest
RoxasShadow Oct 7, 2021
9cc57d9
Ignore rails tmp files
RoxasShadow Oct 7, 2021
ade9a1e
Add tests for #in_required_groups?
RoxasShadow Oct 7, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions lib/devise_ldap_authenticatable/ldap/connection.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,7 @@ def in_required_groups?
for group in @required_groups
if group.is_a?(Array)
return false unless in_group?(group[1], group[0])
return false unless group[1..-1].select(&:present?).any? { |g| in_group?(g, group[0]) }
else
return false unless in_group?(group)
end
Expand Down
2 changes: 2 additions & 0 deletions lib/generators/devise_ldap_authenticatable/templates/ldap.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ authorizations: &AUTHORIZATIONS
- cn=users,ou=groups,dc=test,dc=com
# If an array is given, the first element will be the attribute to check against, the second the group name
- ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
# If multiple group names are given, verification will be satisfied if at least one of them matches the check
- ["moreMembers", "cn=mods,ou=groups,dc=test,dc=com", "cn=admins,ou=groups,dc=test,dc=com"]
## Requires config.ldap_check_attributes in devise.rb to be true
## Can have multiple attributes and values, must match all to be authorized
require_attribute:
Expand Down