From d2a9b312e98128d08bfc5838c8ac72ac13d0f47a Mon Sep 17 00:00:00 2001 From: Dan Brown Date: Sun, 19 Aug 2018 15:24:42 +0100 Subject: [PATCH] Fixed LDAP group sync using wrong user filter LDAP group sync was trying to find users based on the external_auth_id which is not garunteed to match the username entered so somtimes the search for a user would fail. This passes the username to the group sync. Picked up by @yoyokko in #959. --- app/Http/Controllers/Auth/LoginController.php | 2 +- app/Services/LdapService.php | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 791c265ad..c0541c9e2 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -103,7 +103,7 @@ class LoginController extends Controller // Sync LDAP groups if required if ($this->ldapService->shouldSyncGroups()) { - $this->ldapService->syncGroups($user); + $this->ldapService->syncGroups($user, $request->get($this->username())); } $path = session()->pull('url.intended', '/'); diff --git a/app/Services/LdapService.php b/app/Services/LdapService.php index c11094aa9..11223433b 100644 --- a/app/Services/LdapService.php +++ b/app/Services/LdapService.php @@ -299,11 +299,12 @@ class LdapService /** * Sync the LDAP groups to the user roles for the current user * @param \BookStack\User $user + * @param string $username * @throws LdapException */ - public function syncGroups(User $user) + public function syncGroups(User $user, string $username) { - $userLdapGroups = $this->getUserGroups($user->external_auth_id); + $userLdapGroups = $this->getUserGroups($username); // Get the ids for the roles from the names $ldapGroupsAsRoles = $this->matchLdapGroupsToSystemsRoles($userLdapGroups);