Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to check if user in ANY of listed groups rather than ALL #149

Open
scheerer opened this issue Nov 15, 2013 · 2 comments
Open

Ability to check if user in ANY of listed groups rather than ALL #149

scheerer opened this issue Nov 15, 2013 · 2 comments

Comments

@scheerer
Copy link

It seems the current logic will AND the listed required_groups.

For instance this would require the user to be in ALL 4 groups.

  required_groups:
  # If an array is given, the first element will be the attribute to check against, the second the group name
   - ["memberOf", " CN=HD Admin,OU=Groups,OU=Corp,DC=test,DC=com"]
   - ["memberOf", " CN=HD Helper,OU=Groups,OU=Corp,DC=test,DC=com"]
   - ["memberOf", " CN=HD Reset,OU=Groups,OU=Corp,DC=test,DC=com"]
   - ["memberOf", " CN=Security,OU=Groups,OU=Corp,DC=test,DC=com"]

It is desirable to check if a user belongs to ANY 1 of the groups listed to allow access by returning true to in_required_groups? if the user belongs to 1 or more of the listed groups.

Perhaps a separate YAML config option to control this behavior?
@yourtallness
Copy link

+1

RoxasShadow added a commit to RoxasShadow/devise_ldap_authenticatable that referenced this issue Oct 4, 2021
@RoxasShadow
Check if user is present in any listed group
41ca993 
Target cschiewek#149.

Should not be a breaking change since both the code and the documentation
clearly state that `required_groups` members either are strings,
or must have only two elements when any member is an array.

The feature here is that we can list a number of groups after the attribute
and at least any of them has to be matched to be able to pass the verification.
@Greg-Myers-SB Greg-Myers-SB mentioned this issue Oct 6, 2021
Open
@RoxasShadow
Copy link

Implemented in #271

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@scheerer @RoxasShadow @yourtallness