lib/api lib/Auth lib/Auth.php

Thu Jan 31 09:42:00 CET 2013

lib/Auth.php                             |   11 +++++++++--
 lib/Auth/LDAP.php                        |    4 ++--
 lib/api/kolab_api_service_form_value.php |    2 +-
 3 files changed, 12 insertions(+), 5 deletions(-)

New commits:
commit 6d15474b6231b649d896475e354c469246559b4b
Author: Aleksander Machniak <alec at alec.pl>
Date:   Thu Jan 31 09:40:39 2013 +0100

    Fix so OU selector for POSIX user contains only relevant organizational units (Bug #1598)

diff --git a/lib/Auth.php b/lib/Auth.php
index a2a9907..1b795a5 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -397,9 +397,16 @@ class Auth {
         return call_user_func_array(Array($this->auth_instance(), 'search'), func_get_args());
     }
 
-    public function subject_base_dn($subject)
+    public function subject_base_dn($key, $type)
     {
-        return $this->auth_instance()->subject_base_dn($subject);
+        // first try strict match
+        $base_dn = $this->auth_instance()->subject_base_dn($key . '_' . $type, true);
+
+        if (!$base_dn) {
+            $base_dn = $this->auth_instance()->subject_base_dn($type);
+        }
+
+        return $base_dn;
     }
 
     public function user_add($attributes, $typeid = null)
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index d3116c8..54fa946 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -537,9 +537,9 @@ class LDAP extends Net_LDAP3 {
         return parent::search($base_dn, $filter, $scope, $sort, $search);
     }
 
-    public function subject_base_dn($subject)
+    public function subject_base_dn($subject, $strict = false)
     {
-        return $this->_subject_base_dn($subject);
+        return $this->_subject_base_dn($subject, $strict);
     }
 
     public function user_add($attrs, $typeid = null)
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 1f74e24..9782223 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -979,7 +979,7 @@ class kolab_api_service_form_value extends kolab_api_service
         $object_type = $postdata['object_type'];
         $object_key  = $postdata['type_key'];
 
-        $base_dn = $auth->subject_base_dn($object_key . '_' . $object_type);
+        $base_dn = $auth->subject_base_dn($object_key, $object_type);
 
         if (!empty($postdata['id'])) {
             $subjects = $auth->search($base_dn, '(' . $unique_attr . '=' . $postdata['id'] . ')')->entries(true);



