Johannes Zellner
+2
-2
@@ -194,7 +194,7 @@ function groupSearch(req, res, next) {
|
||||
|
||||
groups.forEach(function (group) {
|
||||
var dn = ldap.parseDN('cn=' + group.name + ',ou=groups,dc=cloudron');
|
||||
var members = group.admin ? result.filter(function (entry) { return entry.admin; }) : result;
|
||||
var members = group.admin ? result.filter(function (entry) { return entry.admin || req.app.ownerId === entry.id; }) : result;
|
||||
|
||||
var obj = {
|
||||
dn: dn.toString(),
|
||||
@@ -243,7 +243,7 @@ function groupAdminsCompare(req, res, next) {
|
||||
// we only support memberuid here, if we add new group attributes later add them here
|
||||
if (req.attribute === 'memberuid') {
|
||||
var found = result.find(function (u) { return u.id === req.value; });
|
||||
if (found && found.admin) return res.end(true);
|
||||
if (found && (found.admin || req.app.ownerId == found.id)) return res.end(true);
|
||||
}
|
||||
|
||||
res.end(false);
|
||||
|
||||
@@ -742,6 +742,45 @@ describe('Ldap', function () {
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it ('shows owner as admin', function (done) {
|
||||
appdb.update(APP_0.id, { ownerId: USER_1.id, accessRestriction: { users: [], groups: [ GROUP_ID ] } }, function (error) {
|
||||
expect(error).to.be(null);
|
||||
|
||||
var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') });
|
||||
|
||||
var opts = {
|
||||
filter: '&(objectclass=group)(cn=*)'
|
||||
};
|
||||
|
||||
client.search('ou=groups,dc=cloudron', opts, function (error, result) {
|
||||
expect(error).to.be(null);
|
||||
expect(result).to.be.an(EventEmitter);
|
||||
|
||||
var entries = [];
|
||||
|
||||
result.on('searchEntry', function (entry) { entries.push(entry.object); });
|
||||
result.on('error', done);
|
||||
result.on('end', function (result) {
|
||||
expect(result.status).to.equal(0);
|
||||
expect(entries.length).to.equal(2);
|
||||
expect(entries[0].cn).to.equal('users');
|
||||
expect(entries[0].memberuid.length).to.equal(2);
|
||||
expect(entries[0].memberuid[0]).to.equal(USER_0.id);
|
||||
expect(entries[0].memberuid[1]).to.equal(USER_1.id);
|
||||
expect(entries[1].cn).to.equal('admins');
|
||||
|
||||
expect(entries[1].memberuid.length).to.equal(2);
|
||||
expect(entries[1].memberuid[0]).to.equal(USER_0.id);
|
||||
expect(entries[1].memberuid[1]).to.equal(USER_1.id);
|
||||
|
||||
client.unbind();
|
||||
|
||||
appdb.update(APP_0.id, { ownerId: USER_0.id, accessRestriction: null }, done);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
function ldapSearch(dn, filter, callback) {
|
||||
|
||||
Reference in New Issue
Block a user