feat(ldap): make member id attribute configurable

2025-03-19 22:15:50 +01:00 · 2025-03-19 22:15:50 +01:00 · f4b9a9cccd
commit f4b9a9cccd
parent 84cbd25e67
3 changed files with 9 additions and 2 deletions
--- a/config-raw.json
+++ b/config-raw.json
@ -799,6 +799,11 @@
                                    "key": "displayname",
                                    "default_value": "displayName",
                                    "comment": "The LDAP attribute used to set the displayed name in Vikunja."
+                                },
+                                {
+                                    "key": "memberid",
+                                    "default_value": "member",
+                                    "comment": "The LDAP attribute used to check group membership of a team in Vikunja. Only used when groups are synced to Vikunja."
                                }
                            ]
                        }
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -94,6 +94,7 @@ const (
 	AuthLdapAttributeUsername    Key = `auth.ldap.attribute.username`
 	AuthLdapAttributeEmail       Key = `auth.ldap.attribute.email`
 	AuthLdapAttributeDisplayname Key = `auth.ldap.attribute.displayname`
+	AuthLdapAttributeMemberID    Key = `auth.ldap.attribute.memberid`

 	LegalImprintURL Key = `legal.imprinturl`
 	LegalPrivacyURL Key = `legal.privacyurl`
@ -360,6 +361,7 @@ func InitDefaultConfig() {
 	AuthLdapAttributeUsername.setDefault("uid")
 	AuthLdapAttributeEmail.setDefault("mail")
 	AuthLdapAttributeDisplayname.setDefault("displayName")
+	AuthLdapAttributeMemberID.setDefault("member")

 	// Database
 	DatabaseType.setDefault("sqlite")
--- a/pkg/modules/auth/ldap/ldap.go
+++ b/pkg/modules/auth/ldap/ldap.go
@ -231,7 +231,7 @@ func syncUserGroups(l *ldap.Conn, u *user.User, userdn string) (err error) {
 		[]string{
 			"dn",
 			"cn",
-			"member",
+			config.AuthLdapAttributeMemberID.GetString(),
 			"description",
 		},
 		nil,
@ -247,7 +247,7 @@ func syncUserGroups(l *ldap.Conn, u *user.User, userdn string) (err error) {

 	for _, group := range sr.Entries {
 		groupName := group.GetAttributeValue("cn")
-		members := group.GetAttributeValues("member")
+		members := group.GetAttributeValues(config.AuthLdapAttributeMemberID.GetString())
 		description := group.GetAttributeValue("description")

 		log.Debugf("Group %s has %d members", groupName, len(members))