[pve-devel] [PATCH common 2/3] ldap: add optional classes to query_users

Dominik Csapak d.csapak at proxmox.com
Fri Mar 6 11:05:35 CET 2020


and filter by it

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
 src/PVE/LDAP.pm | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/PVE/LDAP.pm b/src/PVE/LDAP.pm
index 5bf52dd..661e3a3 100644
--- a/src/PVE/LDAP.pm
+++ b/src/PVE/LDAP.pm
@@ -94,7 +94,7 @@ sub auth_user_dn {
 }
 
 sub query_users {
-    my ($ldap, $filter, $attributes, $base_dn) = @_;
+    my ($ldap, $filter, $attributes, $base_dn, $classes) = @_;
 
     # build filter from given filter and attribute list
     my $tmp = "(|";
@@ -103,6 +103,14 @@ sub query_users {
     }
     $tmp .= ")";
 
+    if ($classes) {
+	$tmp = "(&$tmp(|";
+	for my $class (@$classes) {
+	    $tmp .= "(objectclass=$class)";
+	}
+	$tmp .= "))";
+    }
+
     if ($filter) {
 	$filter = "($filter)" if $filter !~ m/^\(.*\)$/;
 	$filter = "(&${filter}${tmp})"
-- 
2.20.1





More information about the pve-devel mailing list