enumerateUsers offers exact_match option but returns non exact matches
Bug #585901 reported by
Patrick Gerken
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Products.LDAPMultiPlugins |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
We are using PloneFlashUpload, that needs to authenticate users when a request
started. It gets the user from acl_users and gets himself a new security_manager
with that user.
In case of the user "admin" nothing works as it should as he believes we are the User
"Admin" that exists in LDAP, but without Admin rights.
From stepping through it, I can see that enumerateUsers, gets a parameter exact_match set to 1.
It then forwards the request for getting users to the LDAPUserFolder.
The API of LDAPUserFolder does not promise exact matches, and in this case it returned an "Admin"
user when I wanted an "admin" user.
I think it should check the ID after the query, or maybe change the API of LDAPUserFolder.
to be more exact.
| Changed in products.ldapmultiplugins: | |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| assignee: | nobody → Jens Vagelpohl (jens-dataflake) |
Revision history for this message
| Jens Vagelpohl (dataflake-deactivatedaccount-deactivatedaccount) wrote | #1 |
| Changed in products.ldapmultiplugins: | |
| status: | Confirmed → Fix Committed |
Revision history for this message
| Patrick Gerken (do3cc) wrote | #2 |
Revision history for this message
| Jens Vagelpohl (dataflake-deactivatedaccount-deactivatedaccount) wrote | #3 |
| Changed in products.ldapmultiplugins: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Patrick, could you test the latest code from the SVN branch at http://
http://