PR #2345: Update escaping

The Ruby library provides a method to escape eq: `equals` d78dc1ed51/lib/net/ldap/filter.rb (L148-L150) No need to copy the escape method from that library here. Also change the `get_groups` filter from a string literal to a `Net::LDAP::Filter`
2025-03-21 14:50:08 +03:00 · 2018-08-28 05:32:30 -04:00 · 2018-08-28 05:32:30 -04:00 · 735bad69e7
commit 735bad69e7
parent 6540518158
1 changed files with 2 additions and 22 deletions
--- a/src/authm_mad/remotes/ldap/ldap_auth.rb
+++ b/src/authm_mad/remotes/ldap/ldap_auth.rb
@ -131,7 +131,7 @@ class OpenNebula::LdapAuth
    end

    def find_user(name)
-        filter = Net::LDAP::Filter.eq(@options[:user_field], escape(name))
+        filter = Net::LDAP::Filter.equals(@options[:user_field], name)

        result = @ldap.search(
            :base       => @options[:base],
@ -194,7 +194,7 @@ class OpenNebula::LdapAuth
                end
            end
        else
-            filter = "(#{@options[:group_field]}=#{@user[@options[:user_group_field]].first})"
+            filter = Net::LDAP::Filter.equals(@options[:group_field], @user[@options[:user_group_field]].first)
            @ldap.search(
                :base       => @options[:base],
                :attributes => [ "dn" ],
@ -209,23 +209,3 @@ class OpenNebula::LdapAuth
        groups.delete(false)
        groups.compact.uniq
    end
-
-private
-
-    # The escapes code has been copied from <net-ldap>/lib/net/ldap/filter.rb
-    FILTER_ESCAPES = {
-      "\0" => '00',
-      '*'  => '2A',
-      '('  => '28',
-      ')'  => '29',
-      '\\' => '5C',
-      '?'  => '3F',
-      '='  => '3D'
-    }
-
-    FILTER_ESCAPE_RE = Regexp.new("[" + FILTER_ESCAPES.keys.map { |e| Regexp.escape(e) }.join + "]")
-
-    def escape(string)
-      string.gsub(FILTER_ESCAPE_RE) { |char| "\\" + FILTER_ESCAPES[char] }
-    end
-end