mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Loosen requirements to detach policies for LDAP (#18419)
This commit is contained in:
parent
2229509362
commit
117ad1b65b
25
cmd/iam.go
25
cmd/iam.go
@ -1663,18 +1663,25 @@ func (sys *IAMSys) PolicyDBUpdateLDAP(ctx context.Context, isAttach bool,
|
||||
return
|
||||
}
|
||||
if dn == "" {
|
||||
err = errNoSuchUser
|
||||
return
|
||||
// Still attempt to detach if provided user is a DN.
|
||||
if !isAttach && sys.LDAPConfig.IsLDAPUserDN(r.User) {
|
||||
dn = r.User
|
||||
} else {
|
||||
err = errNoSuchUser
|
||||
return
|
||||
}
|
||||
}
|
||||
isGroup = false
|
||||
} else {
|
||||
var exists bool
|
||||
if exists, err = sys.LDAPConfig.DoesGroupDNExist(r.Group); err != nil {
|
||||
logger.LogIf(ctx, err)
|
||||
return
|
||||
} else if !exists {
|
||||
err = errNoSuchGroup
|
||||
return
|
||||
if isAttach {
|
||||
var exists bool
|
||||
if exists, err = sys.LDAPConfig.DoesGroupDNExist(r.Group); err != nil {
|
||||
logger.LogIf(ctx, err)
|
||||
return
|
||||
} else if !exists {
|
||||
err = errNoSuchGroup
|
||||
return
|
||||
}
|
||||
}
|
||||
dn = r.Group
|
||||
isGroup = true
|
||||
|
Loading…
Reference in New Issue
Block a user