forked from Github-Mirrors/canaille
ldap backend: make sure to escape special chars in object identifiers
This commit is contained in:
Éloi Rivard
Éloi Rivard
parent
3ecb8b4722
commit
7bce9b9a74
2 changed files with 17 additions and 8 deletions
|
|
@ -303,6 +303,7 @@ class LDAPObject(metaclass=LDAPObjectMetaclass):
|
||||||
if base is None:
|
if base is None:
|
||||||
base = f"{cls.base},{cls.root_dn}"
|
base = f"{cls.base},{cls.root_dn}"
|
||||||
elif "=" not in base:
|
elif "=" not in base:
|
||||||
|
base = ldap.dn.escape_dn_chars(base)
|
||||||
base = f"{cls.rdn_attribute}={base},{cls.base},{cls.root_dn}"
|
base = f"{cls.rdn_attribute}={base},{cls.base},{cls.root_dn}"
|
||||||
|
|
||||||
class_filter = (
|
class_filter = (
|
||||||
|
|
|
||||||
|
|
@ -36,11 +36,11 @@ def test_repr(backend, foo_group, user):
|
||||||
assert repr(user) == "<User user_name=user>"
|
assert repr(user) == "<User user_name=user>"
|
||||||
|
|
||||||
|
|
||||||
def test_dn_when_leading_space_in_id_attribute(backend):
|
def test_dn_when_leading_space_in_id_attribute(testclient, backend):
|
||||||
user = models.User(
|
user = models.User(
|
||||||
formatted_name=" Doe", # leading space
|
formatted_name=" Doe", # leading space
|
||||||
family_name="Doe",
|
family_name=" Doe",
|
||||||
user_name="user",
|
user_name=" user",
|
||||||
emails="john@doe.com",
|
emails="john@doe.com",
|
||||||
)
|
)
|
||||||
user.save()
|
user.save()
|
||||||
|
|
@ -49,15 +49,19 @@ def test_dn_when_leading_space_in_id_attribute(backend):
|
||||||
assert ldap.dn.dn2str(ldap.dn.str2dn(user.dn)) == user.dn
|
assert ldap.dn.dn2str(ldap.dn.str2dn(user.dn)) == user.dn
|
||||||
assert user.dn == "uid=user,ou=users,dc=mydomain,dc=tld"
|
assert user.dn == "uid=user,ou=users,dc=mydomain,dc=tld"
|
||||||
|
|
||||||
|
assert user == models.User.get(user.identifier)
|
||||||
|
assert user == models.User.get(user_name=user.identifier)
|
||||||
|
assert user == models.User.get(id=user.dn)
|
||||||
|
|
||||||
user.delete()
|
user.delete()
|
||||||
|
|
||||||
|
|
||||||
def test_dn_when_ldap_special_char_in_id_attribute(backend):
|
def test_special_chars_in_rdn(testclient, backend):
|
||||||
user = models.User(
|
user = models.User(
|
||||||
formatted_name="#Doe", # special char
|
formatted_name="#Doe",
|
||||||
family_name="Doe",
|
family_name="#Doe",
|
||||||
user_name="#user",
|
user_name="#user", # special char
|
||||||
emails="john@doe.com",
|
emails=["john@doe.com"],
|
||||||
)
|
)
|
||||||
user.save()
|
user.save()
|
||||||
|
|
||||||
|
|
@ -65,6 +69,10 @@ def test_dn_when_ldap_special_char_in_id_attribute(backend):
|
||||||
assert ldap.dn.dn2str(ldap.dn.str2dn(user.dn)) == user.dn
|
assert ldap.dn.dn2str(ldap.dn.str2dn(user.dn)) == user.dn
|
||||||
assert user.dn == "uid=\\#user,ou=users,dc=mydomain,dc=tld"
|
assert user.dn == "uid=\\#user,ou=users,dc=mydomain,dc=tld"
|
||||||
|
|
||||||
|
assert user == models.User.get(user.identifier)
|
||||||
|
assert user == models.User.get(user_name=user.identifier)
|
||||||
|
assert user == models.User.get(id=user.dn)
|
||||||
|
|
||||||
user.delete()
|
user.delete()
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue