Update code to reflect latest changes.

.env.example

@@ -177,6 +177,12 @@ MAP_DEFAULT_ZOOM=6
 # https://docs.firefly-iii.org/advanced-installation/authentication
 AUTHENTICATION_GUARD=web
 
+#
+# Your LDAP server may speak a dialect. You can choose between 'OpenLDAP' and 'ActiveDirectory'
+# Anything else defaults to 'ActiveDirectory'
+#
+LDAP_DIALECT=OpenLDAP
+
 #
 # LDAP connection settings:
 #

app/Ldap/Rules/UserDefinedRule.php

@@ -5,6 +5,7 @@ namespace FireflyIII\Ldap\Rules;
 
 use LdapRecord\Laravel\Auth\Rule;
 use LdapRecord\Models\ActiveDirectory\Group;
+use LdapRecord\Query\ObjectNotFoundException;
 use Log;
 
 /**
@@ -16,19 +17,15 @@ class UserDefinedRule extends Rule
      * Check if the rule passes validation.
      *
      * @return bool
+     * @throws ObjectNotFoundException
      */
     public function isValid()
     {
-        // LDAP_GROUP_FILTER
         $groupFilter = config('ldap.group_filter');
         Log::debug(sprintf('UserDefinedRule with group filter "%s"', $groupFilter));
         if (null !== $groupFilter && '' !== (string)$groupFilter) {
             Log::debug('Group filter is not empty, will now apply it.');
-            $administrators = Group::find($groupFilter);
-            $result         = $this->user->groups()->recursive()->exists($administrators);
-            Log::debug(sprintf('Search result is %s.', var_export($result, true)));
-
-            return $result;
+            return $this->user->groups()->recursive()->exists(Group::findOrFail($groupFilter));
         }
         Log::debug('Group filter is empty or NULL, so will return true.');
 

app/Ldap/Scopes/UserDefinedScope.php

@@ -0,0 +1,43 @@
+<?php
+
+namespace FireflyIII\Ldap\Scopes;
+
+use LdapRecord\Models\Model;
+use LdapRecord\Models\Scope;
+use LdapRecord\Query\Model\Builder;
+use Log;
+
+
+/**
+ * Class UserDefinedScope
+ */
+class UserDefinedScope implements Scope
+{
+    /**
+     * Apply the scope to the given query.
+     *
+     * @param Builder $query
+     * @param Model   $model
+     *
+     * @return void
+     */
+    public function apply(Builder $query, Model $model)
+    {
+
+        Log::debug('UserDefinedScope is disabled.');
+
+        // scope is disabled:
+
+
+
+        /*
+        $groupFilter = config('ldap.group_filter');
+        Log::debug(sprintf('UserDefinedScope with group filter "%s"', $groupFilter));
+        if (null !== $groupFilter && '' !== (string)$groupFilter) {
+            Log::debug('UserDefinedScope: Group filter is not empty, will now apply it.');
+            $query->in($groupFilter);
+        }
+        Log::debug('UserDefinedScope: done!');
+        */
+    }
+}

app/Providers/AuthServiceProvider.php

@@ -22,6 +22,7 @@ declare(strict_types=1);
 
 namespace FireflyIII\Providers;
 
+use FireflyIII\Ldap\Scopes\UserDefinedScope;
 use FireflyIII\Support\Authentication\RemoteUserGuard;
 use FireflyIII\Support\Authentication\RemoteUserProvider;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
@@ -66,5 +67,11 @@ class AuthServiceProvider extends ServiceProvider
         $this->registerPolicies();
         Passport::routes();
         Passport::tokensExpireIn(now()->addDays(14));
+
+
+        \LdapRecord\Models\OpenLDAP\User::addGlobalScope(
+            new UserDefinedScope
+        );
+
     }
 }

config/auth.php

@@ -108,8 +108,7 @@ return [
 
         'ldap' => [
             'driver'   => 'ldap',
-            //'model'    => LdapRecord\Models\ActiveDirectory\User::class,
-            'model'    => LdapRecord\Models\OpenLDAP\User::class,
+            'model'    => env('LDAP_DIALECT') === 'OpenLDAP' ? LdapRecord\Models\OpenLDAP\User::class : LdapRecord\Models\ActiveDirectory\User::class,
             'rules'    => [
                 UserDefinedRule::class,
             ],