From 7ad31567cdc8206e0080b851a9b880729266b084 Mon Sep 17 00:00:00 2001 From: CaiCandong <50507092+CaiCandong@users.noreply.github.com> Date: Sun, 1 Oct 2023 19:32:12 +0800 Subject: [PATCH] Fix ldap admin privileges update bug (#27051) When the user does not set a username lookup condition, LDAP will get an empty string `""` for the user, hence the following code ``` if isExist, err := user_model.IsUserExist(db.DefaultContext, 0, sr.Username) ``` The user presence determination will always be nonexistent, so updates to user information will never be performed. Fix #27049 --- .../auth/source/ldap/source_authenticate.go | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go index c480851084..9f4d7ed68f 100644 --- a/services/auth/source/ldap/source_authenticate.go +++ b/services/auth/source/ldap/source_authenticate.go @@ -29,7 +29,13 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u // User not in LDAP, do nothing return nil, user_model.ErrUserNotExist{Name: loginName} } - + // Fallback. + if len(sr.Username) == 0 { + sr.Username = userName + } + if len(sr.Mail) == 0 { + sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username) + } isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0 // Update User admin flag if exist @@ -70,15 +76,6 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u } } } else { - // Fallback. - if len(sr.Username) == 0 { - sr.Username = userName - } - - if len(sr.Mail) == 0 { - sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username) - } - user = &user_model.User{ LowerName: strings.ToLower(sr.Username), Name: sr.Username,