yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(auth_ldap): Handle missing attributes 

Fixes: #4953
This commit is contained in:
k32 2021-06-09 11:40:52 +02:00 committed by zhanghongtong
parent 0451f89c22
commit c1d2bae833
2 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/emqx_auth_ldap/src/emqx_acl_ldap.erl
View File

@ -27,10 +27,6 @@
, description/0
]).
-import(proplists, [get_value/2]).
-import(emqx_auth_ldap_cli, [search/4]).
-spec(register_metrics() -> ok).
register_metrics() ->
lists:foreach(fun emqx_metrics:ensure/1, ?ACL_METRICS).
@ -70,14 +66,14 @@ do_check_acl(#{username := Username}, PubSub, Topic, _NoMatchAction,
BaseDN = emqx_auth_ldap:replace_vars(CustomBaseDN, ReplaceRules),
case search(Pool, BaseDN, Filter, [Attribute, Attribute1]) of
case emqx_auth_ldap_cli:search(Pool, BaseDN, Filter, [Attribute, Attribute1]) of
{error, noSuchObject} ->
ok;
{ok, #eldap_search_result{entries = []}} ->
ok;
{ok, #eldap_search_result{entries = [Entry]}} ->
Topics = get_value(Attribute, Entry#eldap_entry.attributes)
++ get_value(Attribute1, Entry#eldap_entry.attributes),
Topics = proplists:get_value(Attribute, Entry#eldap_entry.attributes, [])
++ proplists:get_value(Attribute1, Entry#eldap_entry.attributes, []),
match(Topic, Topics);
Error ->
?LOG(error, "[LDAP] search error:~p", [Error]),
@ -95,4 +91,3 @@ match(Topic, [Filter | Topics]) ->
description() ->
"ACL with LDAP".

8
apps/emqx_auth_ldap/src/emqx_auth_ldap.appup.src Normal file
View File

@ -0,0 +1,8 @@
%% -*- mode: erlang -*-
{VSN,
[{"4.3.0",
[{load_module,emqx_auth_ldap,brutal_purge,soft_purge,[]}]},
{<<".*">>,[]}],
[{"4.3.0",
[{load_module,emqx_auth_ldap,brutal_purge,soft_purge,[]}]},
{<<".*">>,[]}]}.