Revert "bugfix: Don't return disabled users on GetUser call"

This reverts commit 9b7ec1e. This needs some more work we need to allow admins to lookup disabled users.
rhafer · Dec 21, 2023 · 3a8dbd4 · 3a8dbd4
1 parent 44ba5ee
commit 3a8dbd4
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 13 deletions.
diff --git a/changelog/unreleased/fix-hide-disabled-users.md b/changelog/unreleased/fix-hide-disabled-users.md
diff --git a/pkg/user/manager/ldap/ldap.go b/pkg/user/manager/ldap/ldap.go
@@ -116,10 +116,6 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId, skipFetchingG
 		return nil, err
 	}
 
-	if m.c.LDAPIdentity.IsLDAPUserInDisabledGroup(log, m.ldapClient, userEntry) {
-		return nil, errtypes.NotFound("user is locally disabled")
-	}
-
 	if skipFetchingGroups {
 		return u, nil
 	}

diff --git a/pkg/utils/ldap/identity.go b/pkg/utils/ldap/identity.go
@@ -503,12 +503,11 @@ func (i *Identity) getUserFilter(uid string) (string, error) {
 		escapedUUID = ldap.EscapeFilter(uid)
 	}
 
-	return fmt.Sprintf("(&%s(objectclass=%s)(%s=%s)%s)",
+	return fmt.Sprintf("(&%s(objectclass=%s)(%s=%s))",
 		i.User.Filter,
 		i.User.Objectclass,
 		i.User.Schema.ID,
 		escapedUUID,
-		i.disabledFilter(),
 	), nil
 }