Closed Bug 122365 Opened 20 years ago Closed 18 years ago

Allow installation definable LDAP filters as a Parameter

Categories

(Bugzilla :: Administration, task, P3)

2.15
x86
Linux

Tracking

()

RESOLVED FIXED
Bugzilla 2.18

People

(Reporter: jlaska, Assigned: bbaetz)

Details

Attachments

(1 file, 1 obsolete file)

I wanted to restrict LDAP users to bugzilla.  Since most LDAP servers maintain a
wealth of info about it's users, I wanted to filter on some of that information.
 To this end, I have added a Parameter to defparams.pl called LDAPadditional. 
This parameter should conform to the string representation for search filters as
defined in RFC 2254 (http://www.faqs.org/rfcs/rfc2254.html).  When set, it is
AND'd with the Param("LDAPmailattribute") to come up with a search.  For
example, my variables are set as follows:

LDAPmailattribute = mail
LDAPadditional    = (|(dept=A)(dept=B))

The above would search for the user with mail equal to the given LDAPusername,
that is in either dept A OR dept B.

Code changes were the addition of a parameter in defparams.pl and filter code in
CGI.pl.  I have been using this for several weeks now and I haven't hit any
problems.  I will submit a patch following the bug submission.
This patch affects: defparams.pl, CGI.pl
Ooops, I have some extra stuff in the CGI.pl part of the patch.  Those fixes are
the result of an outstanding bug that no one has responded to (bug#105504). 
Sorry to sneak them in, adjust as you see fit.

Thanks!
Priority: -- → P3
Target Milestone: --- → Bugzilla 2.18
Mine - I have a patch
Assignee: justdave → bbaetz
Attached patch patchSplinter Review
Attachment #66871 - Attachment is obsolete: true
Attachment #126894 - Flags: review?(justdave)
Comment on attachment 126894 [details] [diff] [review]
patch

tried this out on landfill.  It appears to work as advertised. :)
Attachment #126894 - Flags: review?(justdave) → review+
Fixed.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.