agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-23 17:19:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove LDAP admin check via group search in ldap-passport

Browse Source
This commit is contained in:
yu-i-i
2025-07-21 18:40:25 +02:00
parent d18bdb907f
commit 03fa1be85b
2 changed files with 2 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
services/web/modules/authentication/ldap/app/src/LDAPAuthenticationManager.mjs
View File

@@ -30,9 +30,8 @@ const LDAPAuthenticationManager = {
if (!firstName && !lastName) lastName = email
let isAdmin = false
if( attAdmin && valAdmin ) {
isAdmin = (profile._groups?.length > 0) ||
(Array.isArray(profile[attAdmin]) ? profile[attAdmin].includes(valAdmin) :
profile[attAdmin] === valAdmin)
isAdmin = Array.isArray(profile[attAdmin]) ? profile[attAdmin].includes(valAdmin) :
profile[attAdmin] === valAdmin
}
let user = await User.findOne({ 'email': email }).exec()

5
services/web/modules/authentication/ldap/app/src/LDAPModuleManager.mjs
View File

@@ -31,11 +31,6 @@ const LDAPModuleManager = {
searchFilter: process.env.OVERLEAF_LDAP_SEARCH_FILTER,
searchScope: process.env.OVERLEAF_LDAP_SEARCH_SCOPE || 'sub',
searchAttributes: JSON.parse(process.env.OVERLEAF_LDAP_SEARCH_ATTRIBUTES || '[]'),
groupSearchBase: process.env.OVERLEAF_LDAP_ADMIN_SEARCH_BASE,
groupSearchFilter: process.env.OVERLEAF_LDAP_ADMIN_SEARCH_FILTER,
groupSearchScope: process.env.OVERLEAF_LDAP_ADMIN_SEARCH_SCOPE || 'sub',
groupSearchAttributes: ["dn"],
groupDnProperty: process.env.OVERLEAF_LDAP_ADMIN_DN_PROPERTY,
cache: boolFromEnv(process.env.OVERLEAF_LDAP_CACHE),
timeout: numFromEnv(process.env.OVERLEAF_LDAP_TIMEOUT),
connectTimeout: numFromEnv(process.env.OVERLEAF_LDAP_CONNECT_TIMEOUT),