MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-07-08 16:42:17 -04:00
Code Issues Packages Projects Releases Wiki Activity

Loosen requirements to detach policies for LDAP (#18419)

Browse Source
This commit is contained in:
Taran Pelkey 2023-11-09 17:44:43 -05:00 committed by GitHub
parent 2229509362
commit 117ad1b65b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/iam.go
View File

@ -1663,11 +1663,17 @@ func (sys *IAMSys) PolicyDBUpdateLDAP(ctx context.Context, isAttach bool,
return return
} }
if dn == "" { if dn == "" {
// Still attempt to detach if provided user is a DN.
if !isAttach && sys.LDAPConfig.IsLDAPUserDN(r.User) {
dn = r.User
} else {
err = errNoSuchUser err = errNoSuchUser
return return
} }
}
isGroup = false isGroup = false
} else { } else {
if isAttach {
var exists bool var exists bool
if exists, err = sys.LDAPConfig.DoesGroupDNExist(r.Group); err != nil { if exists, err = sys.LDAPConfig.DoesGroupDNExist(r.Group); err != nil {
logger.LogIf(ctx, err) logger.LogIf(ctx, err)
@ -1676,6 +1682,7 @@ func (sys *IAMSys) PolicyDBUpdateLDAP(ctx context.Context, isAttach bool,
err = errNoSuchGroup err = errNoSuchGroup
return return
} }
}
dn = r.Group dn = r.Group
isGroup = true isGroup = true
} }