0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-29 10:54:02 -05:00
forgejo/services/auth
Giteabot 37d3e0ec33
Fix accidental overwriting of LDAP team memberships (#24050) (#24065)
Backport #24050 by @sillyguodong

In the `for` loop, the value of `membershipsToAdd[org]` and
`membershipsToRemove[org]` is a slice that should be appended instead of
overwritten.
Due to the current overwrite, the LDAP group sync only matches the last
group at the moment.

## Example reproduction
- an LDAP user is both a member of
`cn=admin_staff,ou=people,dc=planetexpress,dc=com` and
`cn=ship_crew,ou=people,dc=planetexpress,dc=com`.
- configuration of `Map LDAP groups to Organization teams ` in
`Authentication Sources`:
```json
{
    "cn=admin_staff,ou=people,dc=planetexpress,dc=com":{
        "test_organization":[
            "admin_staff",
            "test_add"
        ]
    },
    "cn=ship_crew,ou=people,dc=planetexpress,dc=com":{
        "test_organization":[
            "ship_crew"
        ]
}
```
- start `Synchronize external user data` task in the `Dashboard`.
- the user was only added for the team `test_organization.ship_crew`

Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
2023-04-12 07:22:02 -04:00
..
source Fix accidental overwriting of LDAP team memberships (#24050) (#24065) 2023-04-12 07:22:02 -04:00
auth.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
auth_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
basic.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
group.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
httpsign.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
interface.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
middleware.go Map OIDC groups to Orgs/Teams (#21441) 2023-02-08 14:44:42 +08:00
oauth2.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
reverseproxy.go Add context cache as a request level cache (#22294) 2023-02-15 21:37:34 +08:00
session.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
signin.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
source.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
sspi_windows.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
sync.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00