server: add support for entryDN

2023-12-30 22:28:58 +01:00 · 2023-12-30 22:28:58 +01:00 · 0d48b7f8c9
parent f2b1e73929
commit 0d48b7f8c9
3 changed files with 22 additions and 1 deletions
--- a/server/src/domain/ldap/group.rs
+++ b/server/src/domain/ldap/group.rs
@ -31,6 +31,9 @@ pub fn get_group_attribute(
        "objectclass" => vec![b"groupOfUniqueNames".to_vec()],
        // Always returned as part of the base response.
        "dn" | "distinguishedname" => return None,
+        "entrydn" => {
+            vec![format!("uid={},ou=groups,{}", group.display_name, base_dn_str).into_bytes()]
+        }
        "cn" | "uid" | "id" => vec![group.display_name.to_string().into_bytes()],
        "entryuuid" | "uuid" => vec![group.uuid.to_string().into_bytes()],
        "member" | "uniquemember" => group
--- a/server/src/domain/ldap/user.rs
+++ b/server/src/domain/ldap/user.rs
@ -35,6 +35,9 @@ pub fn get_user_attribute(
        ],
        // dn is always returned as part of the base response.
        "dn" | "distinguishedname" => return None,
+        "entrydn" => {
+            vec![format!("uid={},ou=people,{}", &user.user_id, base_dn_str).into_bytes()]
+        }
        "uid" | "user_id" | "id" => vec![user.user_id.to_string().into_bytes()],
        "entryuuid" | "uuid" => vec![user.uuid.to_string().into_bytes()],
        "mail" | "email" => vec![user.email.to_string().into_bytes()],
--- a/server/src/infra/ldap_handler.rs
+++ b/server/src/infra/ldap_handler.rs
@ -1368,7 +1368,14 @@ mod tests {
        let mut ldap_handler = setup_bound_admin_handler(mock).await;
        let request = make_group_search_request(
            LdapFilter::And(vec![]),
-            vec!["objectClass", "dn", "cn", "uniqueMember", "entryUuid"],
+            vec![
+                "objectClass",
+                "dn",
+                "cn",
+                "uniqueMember",
+                "entryUuid",
+                "entryDN",
+            ],
        );
        assert_eq!(
            ldap_handler.do_search_or_dse(&request).await,
@ -1395,6 +1402,10 @@ mod tests {
                            atype: "entryUuid".to_string(),
                            vals: vec![b"04ac75e0-2900-3e21-926c-2f732c26b3fc".to_vec()],
                        },
+                        LdapPartialAttribute {
+                            atype: "entryDN".to_string(),
+                            vals: vec![b"uid=group_1,ou=groups,dc=example,dc=com".to_vec()],
+                        },
                    ],
                }),
                LdapOp::SearchResultEntry(LdapSearchResultEntry {
@ -1416,6 +1427,10 @@ mod tests {
                            atype: "entryUuid".to_string(),
                            vals: vec![b"04ac75e0-2900-3e21-926c-2f732c26b3fc".to_vec()],
                        },
+                        LdapPartialAttribute {
+                            atype: "entryDN".to_string(),
+                            vals: vec![b"uid=BestGroup,ou=groups,dc=example,dc=com".to_vec()],
+                        },
                    ],
                }),
                make_search_success(),