Fixed ldap _altuser attributes adding

2020-09-07 12:49:48 +02:00 · 2020-09-07 12:49:48 +02:00 · d46c806ae3
commit d46c806ae3
parent b35ffbbf58
2 changed files with 23 additions and 11 deletions
--- a/server/src/uds/auths/RegexLdap/authenticator.py
+++ b/server/src/uds/auths/RegexLdap/authenticator.py
@ -269,20 +269,32 @@ class RegexLdap(auths.Authenticator):
        # For example, you can have authentication in an "user" object class and attributes in an "user_attributes" object class.
        # Note: This is very rare situation, but it ocurrs :)
        if user and self._altClass:
-            altUser = ldaputil.getFirst(
+            for usr in  ldaputil.getAsDict(
                con=self.__connection(),
                base=self._ldapBase,
-                objectClass=self._altClass,
-                field=self._userIdAttr,
-                value=username,
-                attributes=attributes,
+                ldapFilter='(&(objectClass={})({}={}))'.format(self._altClass, self._userIdAttr, ldaputil.escape(username)),
+                attrList=attributes,
                sizeLimit=LDAP_RESULT_LIMIT
-            )
+            ):
+
+                for k, v in usr.items():
+                    kl = k.lower()
+                    # If already exists the field, check if it is a list to add new elements...
+                    if kl in usr:
+                        # Convert existing to list, so we can add a new value
+                        if not isinstance(user[kl], (list, tuple)):
+                            user[kl] = [user[kl]]
+
+                        # Convert values to list, if not list
+                        if not isinstance(v, (list, tuple)):
+                            v = [v]
+
+                        # Now append to existing values
+                        for x in v:
+                            user[kl].append(x)
+                    else:
+                        user[kl] = v

-            if altUser:
-                for i in attributes:
-                    if i in altUser:
-                        user[i] = altUser[i]

        return user

--- a/server/src/uds/core/util/ldaputil.py
+++ b/server/src/uds/core/util/ldaputil.py
@ -169,7 +169,7 @@ def getFirst(
    @return: None if username is not found, an dictionary of LDAP entry attributes if found (all in unicode on py2, str on py3).
    """
    value = ldap.filter.escape_filter_chars(value)
-    # Convert atttribute list to bynary ONLY on python2
+
    attrList = [field] + [i for i in attributes] if attributes else []

    ldapFilter = '(&(objectClass={})({}={}))'.format(objectClass, field, value)