Commit 9490abf4 authored by Jacob Vosmaer's avatar Jacob Vosmaer

Merge branch 'ldap_scoping' into 'master'

Restrict LDAP scope in dn_matches_filter
parents f4f99a93 d9c0ecdc
...@@ -74,7 +74,8 @@ module Gitlab ...@@ -74,7 +74,8 @@ module Gitlab
def users(field, value) def users(field, value)
if field.to_sym == :dn if field.to_sym == :dn
options = { options = {
base: value base: value,
scope: Net::LDAP::SearchScope_BaseObject
} }
else else
options = { options = {
...@@ -107,7 +108,7 @@ module Gitlab ...@@ -107,7 +108,7 @@ module Gitlab
end end
def dn_matches_filter?(dn, filter) def dn_matches_filter?(dn, filter)
ldap_search(base: dn, filter: filter, attributes: %w{dn}).any? ldap_search(base: dn, filter: filter, scope: Net::LDAP::SearchScope_BaseObject, attributes: %w{dn}).any?
end end
def ldap_search(*args) def ldap_search(*args)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment