IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2024-11-28 11:43:53 -06:00
Code Issues Packages Projects Releases Wiki Activity

This adds support for the ADLDAP_AUTH_FILTER env var, and the

Browse Source 
ldap_auth.custom_filter config option. These are optional.

If provided, the custom filter will be applied to the LDAP query
using the FireflyIII\Scopes\LdapFilterScope class.

This allows the integrator to specify a custom LDAP filter.
This commit is contained in:
root 2020-08-26 14:07:47 +00:00
parent 4e05ce4c35
commit 0ee3941b43
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
app/Scopes/LdapFilterScope.php Normal file
View File

@ -0,0 +1,21 @@
<?php
namespace FireflyIII\Scopes;
use Adldap\Query\Builder;
use Adldap\Laravel\Scopes\ScopeInterface;
class LdapFilterScope implements ScopeInterface {
/**
* If the ADLDAP_AUTH_FILTER is provided, apply the filter to the LDAP query.
* @param Builder $query
* @return void
*/
public function apply(Builder $query)
{
$filter = config('ldap_auth.custom_filter');
if ( $filter ) {
$query->rawFilter($filter);
}
}
}

20
config/ldap_auth.php
View File

@ -22,6 +22,8 @@
declare(strict_types=1);
use FireflyIII\Scopes\LdapFilterScope;
use Adldap\Laravel\Events\Authenticated;
use Adldap\Laravel\Events\AuthenticatedModelTrashed;
use Adldap\Laravel\Events\AuthenticatedWithWindows;
@ -49,13 +51,17 @@ use Adldap\Laravel\Scopes\UpnScope;
// default OpenLDAP scopes.
$scopes = [
LdapFilterScope::class,
UidScope::class,
];
if ('FreeIPA' === env('ADLDAP_CONNECTION_SCHEME')) {
$scopes = [];
$scopes = [
LdapFilterScope::class,
];
}
if ('ActiveDirectory' === env('ADLDAP_CONNECTION_SCHEME')) {
$scopes = [
LdapFilterScope::class,
UpnScope::class,
];
}
@ -374,4 +380,16 @@ return [
],
],
/*
|--------------------------------------------------------------------------
| Custom LDAP Filter
|--------------------------------------------------------------------------
|
| This value can be optionally provided to restrict LDAP queries to the
| given filter. It should be in LDAP filter format, and will be
| applied in the LdapFilterScope.
|
*/
'custom_filter' => env('ADLDAP_AUTH_FILTER', ''),
];