Skip to content

Commit

Permalink
[FIX] users_ldap_groups: safe LDAP decode
Browse files Browse the repository at this point in the history 
The group mapping in query mode fails if LDAP returns binary data in any
of the fields. This adds a function that handles such situation by
base64 encoding it.
  • Loading branch information
@oh2fih
oh2fih committed Dec 25, 2023
1 parent 83060f7 commit a7c568b
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion users_ldap_groups/models/res_company_ldap_operator.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,10 +32,21 @@ def equals(self, ldap_entry, mapping):

def query(self, ldap_entry, mapping):
query_string = Template(mapping.value).safe_substitute(
{attr: ldap_entry[1][attr][0].decode() for attr in ldap_entry[1]}
{
attr: self.safe_ldap_decode(ldap_entry[1][attr][0])
for attr in ldap_entry[1]
}
)

results = mapping.ldap_id._query(mapping.ldap_id.read()[0], query_string)
_logger.debug('Performed LDAP query "%s" results: %s', query_string, results)

return bool(results)

def safe_ldap_decode(self, attr):
import base64

try:
return attr.decode()
except ValueError:
return base64.b64encode(attr)

Check warning on line 52 in users_ldap_groups/models/res_company_ldap_operator.py

View check run for this annotation

Codecov / codecov/patch

users_ldap_groups/models/res_company_ldap_operator.py#L51-L52 

Added lines #L51 - L52 were not covered by tests

0 comments on commit a7c568b

Please sign in to comment.