Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-12-23 10:45:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: Add resiliency to LDAP admin filter (#6766)

Browse Source
This commit is contained in:
Michael Genson
2025-12-22 15:37:15 -06:00
committed by GitHub
parent 8b4111d68f
commit c64c2d25e7
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
mealie/core/security/providers/ldap_provider.py
View File

@@ -176,7 +176,16 @@ class LDAPProvider(CredentialsProvider):
)
if settings.LDAP_ADMIN_FILTER:
try:
should_be_admin = len(conn.search_s(user_dn, ldap.SCOPE_BASE, settings.LDAP_ADMIN_FILTER, [])) > 0
except (ldap.FILTER_ERROR, ldap.NO_SUCH_OBJECT) as e:
self._logger.warning(
"Unable to determine if LDAP user should be an admin, defaulting to False. "
"Is the LDAP_ADMIN_FILTER correct?"
)
self._logger.warning(f"{e.__class__.__name__}: {e}")
should_be_admin = False
if user.admin != should_be_admin:
self._logger.debug(f"[LDAP] {'Setting' if should_be_admin else 'Removing'} user as admin")
user.admin = should_be_admin