Merge branch 'add-features-to-ldapauth' of https://github.com/yjkony/gitbucket into yjkony-add-features-to-ldapauth

Conflicts: src/main/scala/app/IndexController.scala src/main/scala/service/SystemSettingsService.scala src/main/scala/util/LDAPUtil.scala src/main/scala/util/Notifier.scala
2025-11-08 22:45:51 +01:00 · 2014-07-13 13:49:04 +09:00
parent 258d53b7a6 e2c99a46be
commit b287c1f60d
9 changed files with 72 additions and 17 deletions
--- a/src/main/scala/util/AccountUtil.scala
+++ b/src/main/scala/util/AccountUtil.scala
@@ -0,0 +1,18 @@
+package util
+
+import model.Account
+
+/**
+ * Utility for account model.
+ */
+object AccountUtil {
+  private val LDAP_DUMMY_MAL = "@ldap-devnull"
+
+  def hasLdapDummyMailAddress(account: Account): Boolean = {
+    account.mailAddress.endsWith(LDAP_DUMMY_MAL)
+  }
+
+  def getLdapDummyMailAddress(userName: String): String = {
+    userName + LDAP_DUMMY_MAL
+  }
+}
--- a/src/main/scala/util/LDAPUtil.scala
+++ b/src/main/scala/util/LDAPUtil.scala
@@ -30,7 +30,7 @@ object LDAPUtil {
      keystore = ldapSettings.keystore.getOrElse(""),
      error    = "System LDAP authentication failed."
    ){ conn =>
-      findUser(conn, userName, ldapSettings.baseDN, ldapSettings.userNameAttribute) match {
+      findUser(conn, userName, ldapSettings.baseDN, ldapSettings.userNameAttribute, ldapSettings.additionalFilterCondition) match {
        case Some(userDN) => userAuthentication(ldapSettings, userDN, userName, password)
        case None         => Left("User does not exist.")
      }
@@ -47,14 +47,23 @@ object LDAPUtil {
      keystore = ldapSettings.keystore.getOrElse(""),
      error    = "User LDAP Authentication Failed."
    ){ conn =>
-      findMailAddress(conn, userDN, ldapSettings.userNameAttribute, userName, ldapSettings.mailAttribute) match {
-        case Some(mailAddress) => Right(LDAPUserInfo(
-          userName    = getUserNameFromMailAddress(userName),
+      if(ldapSettings.mailAttribute.getOrElse("").isEmpty) {
+        Right(LDAPUserInfo(
+          userName    = userName,
          fullName    = ldapSettings.fullNameAttribute.flatMap { fullNameAttribute =>
            findFullName(conn, userDN, ldapSettings.userNameAttribute, userName, fullNameAttribute)
          }.getOrElse(userName),
-          mailAddress = mailAddress))
-        case None => Left("Can't find mail address.")
+          mailAddress = AccountUtil.getLdapDummyMailAddress(userName)))
+      } else {
+        findMailAddress(conn, userDN, ldapSettings.userNameAttribute, userName, ldapSettings.mailAttribute.get) match {
+          case Some(mailAddress) => Right(LDAPUserInfo(
+            userName    = getUserNameFromMailAddress(userName),
+            fullName    = ldapSettings.fullNameAttribute.flatMap { fullNameAttribute =>
+              findFullName(conn, userDN, ldapSettings.userNameAttribute, userName, fullNameAttribute)
+            }.getOrElse(userName),
+            mailAddress = mailAddress))
+          case None => Left("Can't find mail address.")
+        }
      }
    }
  }
@@ -112,7 +121,7 @@ object LDAPUtil {
  /**
   * Search a specified user and returns userDN if exists.
   */
-  private def findUser(conn: LDAPConnection, userName: String, baseDN: String, userNameAttribute: String): Option[String] = {
+  private def findUser(conn: LDAPConnection, userName: String, baseDN: String, userNameAttribute: String, additionalFilterCondition: Option[String]): Option[String] = {
    @tailrec
    def getEntries(results: LDAPSearchResults, entries: List[Option[LDAPEntry]] = Nil): List[LDAPEntry] = {
      if(results.hasMore){
@@ -125,7 +134,13 @@ object LDAPUtil {
        entries.flatten
      }
    }
-    getEntries(conn.search(baseDN, LDAPConnection.SCOPE_SUB, userNameAttribute + "=" + userName, null, false)).collectFirst {
+
+    val filterCond = additionalFilterCondition.getOrElse("") match {
+      case "" => userNameAttribute + "=" + userName
+      case x => "(&(" + x + ")(" + userNameAttribute + "=" + userName + "))"
+    }
+
+    getEntries(conn.search(baseDN, LDAPConnection.SCOPE_SUB, filterCond, null, false)).collectFirst {
      case x => x.getDN
    }
  }
--- a/src/main/scala/util/Notifier.scala
+++ b/src/main/scala/util/Notifier.scala
@@ -28,7 +28,7 @@ trait Notifier extends RepositoryService with AccountService with IssuesService
    )
    .distinct
    .withFilter ( _ != context.loginAccount.get.userName )	// the operation in person is excluded
-    .foreach ( getAccountByUserName(_) filterNot (_.isGroupAccount) foreach (x => notify(x.mailAddress)) )
+    .foreach ( getAccountByUserName(_) filterNot (_.isGroupAccount) filterNot (AccountUtil.hasLdapDummyMailAddress(_)) foreach (x => notify(x.mailAddress)) )

 }