From d78e8e977686a97ed7647ae2739d11af6ac3eca2 Mon Sep 17 00:00:00 2001 From: DacongDA Date: Fri, 21 Feb 2025 13:09:39 +0800 Subject: [PATCH] feat: fix LDAP filter condition will return nil if error happened (#3604) --- ldap/util.go | 9 +++------ object/group.go | 10 +++++++++- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/ldap/util.go b/ldap/util.go index 3c955200..78ddcbc4 100644 --- a/ldap/util.go +++ b/ldap/util.go @@ -185,12 +185,9 @@ func buildUserFilterCondition(filter interface{}) (builder.Cond, error) { attr := string(f.AttributeDesc()) if attr == ldapMemberOfAttr { - groupId := string(f.AssertionValue()) - users, err := object.GetGroupUsers(groupId) - if err != nil { - return nil, err - } var names []string + groupId := string(f.AssertionValue()) + users := object.GetGroupUsersWithoutError(groupId) for _, user := range users { names = append(names, user.Name) } @@ -249,7 +246,7 @@ func buildSafeCondition(filter interface{}) builder.Cond { condition, err := buildUserFilterCondition(filter) if err != nil { log.Printf("err = %v", err.Error()) - return nil + return builder.And(builder.Expr("1 != 1")) } return condition } diff --git a/object/group.go b/object/group.go index 910d17ea..30c5fef1 100644 --- a/object/group.go +++ b/object/group.go @@ -302,7 +302,10 @@ func GetPaginationGroupUsers(groupId string, offset, limit int, field, value, so func GetGroupUsers(groupId string) ([]*User, error) { users := []*User{} - owner, _ := util.GetOwnerAndNameFromId(groupId) + owner, _, err := util.GetOwnerAndNameFromIdWithError(groupId) + if err != nil { + return nil, err + } names, err := userEnforcer.GetUserNamesByGroupName(groupId) if err != nil { return nil, err @@ -314,6 +317,11 @@ func GetGroupUsers(groupId string) ([]*User, error) { return users, nil } +func GetGroupUsersWithoutError(groupId string) []*User { + users, _ := GetGroupUsers(groupId) + return users +} + func ExtendGroupWithUsers(group *Group) error { if group == nil { return nil