[pbs-devel] [PATCH proxmox-backup] ldap: surround user filter expression in parenthesis if not already
Lukas Wagner
l.wagner at proxmox.com
Wed May 24 10:41:19 CEST 2023
In PVE, the `filter` attribute is surrounded in () if it is not already,
allowing "uid=test" as well as "(uid=test)" [1].
A forum user [2] just ran into this incosistency, so I decieded to adjust
the behavior.
[1] https://git.proxmox.com/?p=pve-common.git;a=blob;f=src/PVE/LDAP.pm;h=ff98e367e63265bf76c0f302847c3749eea095a6;hb=HEAD#l115
[2] https://forum.proxmox.com/threads/ldap-query-for-security-group-members.127882/
Signed-off-by: Lukas Wagner <l.wagner at proxmox.com>
---
proxmox-ldap/src/lib.rs | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/proxmox-ldap/src/lib.rs b/proxmox-ldap/src/lib.rs
index ea210b3e..4fa866d8 100644
--- a/proxmox-ldap/src/lib.rs
+++ b/proxmox-ldap/src/lib.rs
@@ -351,7 +351,14 @@ impl<'a> Display for FilterElement<'a> {
FilterElement::Condition(attr, value) => {
write!(f, "({attr}={value})")?;
}
- FilterElement::Verbatim(verbatim) => write!(f, "{verbatim}")?,
+ FilterElement::Verbatim(verbatim) => {
+
+ if !verbatim.starts_with('(') && !verbatim.ends_with(')') {
+ write!(f, "({verbatim})")?
+ } else {
+ write!(f, "{verbatim}")?
+ }
+ },
}
Ok(())
@@ -371,6 +378,7 @@ mod tests {
);
assert_eq!("(foo=bar)", &Verbatim("(foo=bar)").to_string());
+ assert_eq!("(foo=bar)", &Verbatim("foo=bar").to_string());
let filter_string = And(vec![
Condition("givenname", "john"),
--
2.30.2
More information about the pbs-devel
mailing list