Products.LDAPUserFolder

Nested group support

Bug #650417 reported by Eric BREHAULT
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Products.LDAPUserFolder
Triaged
Wishlist
Unassigned

Bug Description

Hello,

At the moment, LDAPUserFolder does not support LDAP nested groups, so if we set a specific Plone role to a group, this role will be applied to any user who are directly members of this group but not to members who are member of another group which is part of this group.

Here is a fix for LDAPUserFolder.py which fix that (in method getGroups):

1262,1264d1261
<
< # FIX EBR: nested group support
< group_list = group_list + [g for g in self.getGroups(dn=dn, attr=attr, pwd=pwd) if g not in group_list]

Tags: bug
Revision history for this message
Matous Hora (matuho) wrote :

Hi,

I have created a different patch for Nested Groups support. The idea is that a Group can contain groups and can be a member of other groups. This makes the P.PluggableAuthService recursive plugin to work if required.

The patch is built using the version 2.20 of LDAPUserFolder and Products.LDAPMultiPlugin v. 1.14

Any reviews, comments very welcome.

Matous

Revision history for this message
Matous Hora (matuho) wrote :

Would not let me to post two files... this one is for LDAPMultiPlugins

Jens Vagelpohl (dataflake-deactivatedaccount-deactivatedaccount)
Changed in ldapuserfolder:
status: New → Triaged
importance: Medium → Wishlist
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.