1
0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-01-10 04:18:10 +02:00

[Web] add LDAP query filter

This commit is contained in:
FreddleSpl0it 2024-02-20 10:46:23 +01:00
parent a06c78362a
commit 78e7266368
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
4 changed files with 10 additions and 1 deletions

View File

@ -495,6 +495,7 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
try { try {
$user_res = $iam_provider->query() $user_res = $iam_provider->query()
->where($iam_settings['username_field'], '=', $user) ->where($iam_settings['username_field'], '=', $user)
->whereRaw($iam_settings['filter'])
->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname']) ->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname'])
->firstOrFail(); ->firstOrFail();
} catch (Exception $e) { } catch (Exception $e) {

View File

@ -2189,11 +2189,12 @@ function identity_provider($_action, $_data = null, $_extra = null) {
case "ldap": case "ldap":
$_data['port'] = (!empty($_data['port'])) ? intval($_data['port']) : 389; $_data['port'] = (!empty($_data['port'])) ? intval($_data['port']) : 389;
$_data['username_field'] = (!empty($_data['username_field'])) ? $_data['username_field'] : "mail"; $_data['username_field'] = (!empty($_data['username_field'])) ? $_data['username_field'] : "mail";
$_data['filter'] = (!empty($_data['filter'])) ? $_data['filter'] : "";
$_data['periodic_sync'] = isset($_data['periodic_sync']) ? intval($_data['periodic_sync']) : 0; $_data['periodic_sync'] = isset($_data['periodic_sync']) ? intval($_data['periodic_sync']) : 0;
$_data['import_users'] = isset($_data['import_users']) ? intval($_data['import_users']) : 0; $_data['import_users'] = isset($_data['import_users']) ? intval($_data['import_users']) : 0;
$_data['sync_interval'] = (!empty($_data['sync_interval'])) ? intval($_data['sync_interval']) : 15; $_data['sync_interval'] = (!empty($_data['sync_interval'])) ? intval($_data['sync_interval']) : 15;
$_data['sync_interval'] = $_data['sync_interval'] < 1 ? 1 : $_data['sync_interval']; $_data['sync_interval'] = $_data['sync_interval'] < 1 ? 1 : $_data['sync_interval'];
$required_settings = array('authsource', 'host', 'port', 'basedn', 'username_field', 'attribute_field', 'binddn', 'bindpass', 'periodic_sync', 'import_users', 'sync_interval'); $required_settings = array('authsource', 'host', 'port', 'basedn', 'username_field', 'filter', 'attribute_field', 'binddn', 'bindpass', 'periodic_sync', 'import_users', 'sync_interval');
break; break;
} }

View File

@ -199,6 +199,7 @@
"f2b_regex_info": "Logs taken into consideration: SOGo, Postfix, Dovecot, PHP-FPM.", "f2b_regex_info": "Logs taken into consideration: SOGo, Postfix, Dovecot, PHP-FPM.",
"f2b_retry_window": "Retry window (s) for max. attempts", "f2b_retry_window": "Retry window (s) for max. attempts",
"f2b_whitelist": "Whitelisted networks/hosts", "f2b_whitelist": "Whitelisted networks/hosts",
"filter": "Filter",
"filter_table": "Filter table", "filter_table": "Filter table",
"forwarding_hosts": "Forwarding Hosts", "forwarding_hosts": "Forwarding Hosts",
"forwarding_hosts_add_hint": "You can either specify IPv4/IPv6 addresses, networks in CIDR notation, host names (which will be resolved to IP addresses), or domain names (which will be resolved to IP addresses by querying SPF records or, in their absence, MX records).", "forwarding_hosts_add_hint": "You can either specify IPv4/IPv6 addresses, networks in CIDR notation, host names (which will be resolved to IP addresses), or domain names (which will be resolved to IP addresses by querying SPF records or, in their absence, MX records).",

View File

@ -314,6 +314,12 @@
<input type="text" class="form-control" placeholder="mail" id="iam_ldap_username_field" name="username_field" value="{{ iam_settings.username_field }}"> <input type="text" class="form-control" placeholder="mail" id="iam_ldap_username_field" name="username_field" value="{{ iam_settings.username_field }}">
</div> </div>
</div> </div>
<div class="row mb-2">
<label class="control-label col-md-3 text-sm-end" for="iam_ldap_filter">{{ lang.admin.filter }}:</label>
<div class="col-12 col-md-9 col-lg-4">
<input type="text" class="form-control" placeholder="" id="iam_ldap_filter" name="filter" value="{{ iam_settings.filter }}">
</div>
</div>
<div class="row mb-2"> <div class="row mb-2">
<label class="control-label col-md-3 text-sm-end" for="iam_ldap_attribute_field">{{ lang.admin.iam_attribute_field }}:</label> <label class="control-label col-md-3 text-sm-end" for="iam_ldap_attribute_field">{{ lang.admin.iam_attribute_field }}:</label>
<div class="col-12 col-md-9 col-lg-4"> <div class="col-12 col-md-9 col-lg-4">