Skip to content

Commit 79c1d48

Browse files
zeripathtechknowlogick
authored and
sapk
committed
Do not try to recreate ldap user if they are already created (#9900) (#9919)
* Do not try to recreate ldap user if they are already created * just remove autoregister Co-authored-by: techknowlogick <[email protected]> Co-authored-by: techknowlogick <[email protected]>
1 parent 05b9864 commit 79c1d48

File tree

1 file changed

+12
-12
lines changed

1 file changed

+12
-12
lines changed

models/login_source.go

+12-12
Original file line numberDiff line numberDiff line change
@@ -461,7 +461,7 @@ var (
461461

462462
// LoginViaLDAP queries if login/password is valid against the LDAP directory pool,
463463
// and create a local user if success when enabled.
464-
func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoRegister bool) (*User, error) {
464+
func LoginViaLDAP(user *User, login, password string, source *LoginSource) (*User, error) {
465465
sr := source.Cfg.(*LDAPConfig).SearchEntry(login, password, source.Type == LoginDLDAP)
466466
if sr == nil {
467467
// User not in LDAP, do nothing
@@ -491,7 +491,7 @@ func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoR
491491
}
492492
}
493493

494-
if !autoRegister {
494+
if user != nil {
495495
if isAttributeSSHPublicKeySet && synchronizeLdapSSHPublicKeys(user, source, sr.SSHPublicKey) {
496496
return user, RewriteAllPublicKeys()
497497
}
@@ -602,7 +602,7 @@ func SMTPAuth(a smtp.Auth, cfg *SMTPConfig) error {
602602

603603
// LoginViaSMTP queries if login/password is valid against the SMTP,
604604
// and create a local user if success when enabled.
605-
func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPConfig, autoRegister bool) (*User, error) {
605+
func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPConfig) (*User, error) {
606606
// Verify allowed domains.
607607
if len(cfg.AllowedDomains) > 0 {
608608
idx := strings.Index(login, "@")
@@ -633,7 +633,7 @@ func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPC
633633
return nil, err
634634
}
635635

636-
if !autoRegister {
636+
if user != nil {
637637
return user, nil
638638
}
639639

@@ -665,15 +665,15 @@ func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPC
665665

666666
// LoginViaPAM queries if login/password is valid against the PAM,
667667
// and create a local user if success when enabled.
668-
func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMConfig, autoRegister bool) (*User, error) {
668+
func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMConfig) (*User, error) {
669669
if err := pam.Auth(cfg.ServiceName, login, password); err != nil {
670670
if strings.Contains(err.Error(), "Authentication failure") {
671671
return nil, ErrUserNotExist{0, login, 0}
672672
}
673673
return nil, err
674674
}
675675

676-
if !autoRegister {
676+
if user != nil {
677677
return user, nil
678678
}
679679

@@ -691,19 +691,19 @@ func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMCon
691691
}
692692

693693
// ExternalUserLogin attempts a login using external source types.
694-
func ExternalUserLogin(user *User, login, password string, source *LoginSource, autoRegister bool) (*User, error) {
694+
func ExternalUserLogin(user *User, login, password string, source *LoginSource) (*User, error) {
695695
if !source.IsActived {
696696
return nil, ErrLoginSourceNotActived
697697
}
698698

699699
var err error
700700
switch source.Type {
701701
case LoginLDAP, LoginDLDAP:
702-
user, err = LoginViaLDAP(user, login, password, source, autoRegister)
702+
user, err = LoginViaLDAP(user, login, password, source)
703703
case LoginSMTP:
704-
user, err = LoginViaSMTP(user, login, password, source.ID, source.Cfg.(*SMTPConfig), autoRegister)
704+
user, err = LoginViaSMTP(user, login, password, source.ID, source.Cfg.(*SMTPConfig))
705705
case LoginPAM:
706-
user, err = LoginViaPAM(user, login, password, source.ID, source.Cfg.(*PAMConfig), autoRegister)
706+
user, err = LoginViaPAM(user, login, password, source.ID, source.Cfg.(*PAMConfig))
707707
default:
708708
return nil, ErrUnsupportedLoginType
709709
}
@@ -783,7 +783,7 @@ func UserSignIn(username, password string) (*User, error) {
783783
return nil, ErrLoginSourceNotExist{user.LoginSource}
784784
}
785785

786-
return ExternalUserLogin(user, user.LoginName, password, &source, false)
786+
return ExternalUserLogin(user, user.LoginName, password, &source)
787787
}
788788
}
789789

@@ -797,7 +797,7 @@ func UserSignIn(username, password string) (*User, error) {
797797
// don't try to authenticate against OAuth2 and SSPI sources here
798798
continue
799799
}
800-
authUser, err := ExternalUserLogin(nil, username, password, source, true)
800+
authUser, err := ExternalUserLogin(nil, username, password, source)
801801
if err == nil {
802802
return authUser, nil
803803
}

0 commit comments

Comments
 (0)