Set IsAdmin using LDAP

The IsAdmin flag is set based on whether the admin filter returned any result. The admin filter is applied with the user dn as the search root. In the future, we should update IsAdmin as well on each login. Alternately, we can have a periodic sync operation.
2015-08-18 21:34:03 -07:00 · 2015-08-18 21:34:03 -07:00 · 24d7a86a8d
commit 24d7a86a8d
parent 03b85b73af
7 changed files with 38 additions and 8 deletions
--- a/routers/admin/auths.go
+++ b/routers/admin/auths.go
@ -71,6 +71,7 @@ func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
 				BindPassword:      form.BindPassword,
 				UserBase:          form.UserBase,
 				Filter:            form.Filter,
+				AdminFilter:       form.AdminFilter,
 				AttributeName:     form.AttributeName,
 				AttributeSurname:  form.AttributeSurname,
 				AttributeMail:     form.AttributeMail,
@ -160,6 +161,7 @@ func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
 				AttributeSurname:  form.AttributeSurname,
 				AttributeMail:     form.AttributeMail,
 				Filter:            form.Filter,
+				AdminFilter:       form.AdminFilter,
 				Enabled:           true,
 			},
 		}