Allow installation definable LDAP filters as a Parameter

RESOLVED FIXED in Bugzilla 2.18

Status

()

task
P3
normal
RESOLVED FIXED
18 years ago
7 years ago

People

(Reporter: jlaska, Assigned: bbaetz)

Tracking

2.15
Bugzilla 2.18
x86
Linux
Bug Flags:
approval +

Details

Attachments

(1 attachment, 1 obsolete attachment)

I wanted to restrict LDAP users to bugzilla.  Since most LDAP servers maintain a
wealth of info about it's users, I wanted to filter on some of that information.
 To this end, I have added a Parameter to defparams.pl called LDAPadditional. 
This parameter should conform to the string representation for search filters as
defined in RFC 2254 (http://www.faqs.org/rfcs/rfc2254.html).  When set, it is
AND'd with the Param("LDAPmailattribute") to come up with a search.  For
example, my variables are set as follows:

LDAPmailattribute = mail
LDAPadditional    = (|(dept=A)(dept=B))

The above would search for the user with mail equal to the given LDAPusername,
that is in either dept A OR dept B.

Code changes were the addition of a parameter in defparams.pl and filter code in
CGI.pl.  I have been using this for several weeks now and I haven't hit any
problems.  I will submit a patch following the bug submission.
This patch affects: defparams.pl, CGI.pl
Ooops, I have some extra stuff in the CGI.pl part of the patch.  Those fixes are
the result of an outstanding bug that no one has responded to (bug#105504). 
Sorry to sneak them in, adjust as you see fit.

Thanks!
Priority: -- → P3
Target Milestone: --- → Bugzilla 2.18
Mine - I have a patch
Assignee: justdave → bbaetz
Posted patch patchSplinter Review
Attachment #66871 - Attachment is obsolete: true
Attachment #126894 - Flags: review?(justdave)
Comment on attachment 126894 [details] [diff] [review]
patch

tried this out on landfill.  It appears to work as advertised. :)
Attachment #126894 - Flags: review?(justdave) → review+
Fixed.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.