Add restricted user filter to LDAP authentication (#10600)

* Add restricted user filter to LDAP authentification * Fix unit test cases
author: Lauris BH <lauris@nix.lv> 2020-03-05 07:30:33 +0100
committer: GitHub <noreply@github.com> 2020-03-05 07:30:33 +0100
commit: 37c3db7be6dd6fc5ee085979cc5f5dda09d978c3 (patch)
tree: f77e1d61daaee11f6aab8e491120620e597c2782 /cmd/admin_auth_ldap.go
parent: Versions (#10597) (diff)
download: forgejo-37c3db7be6dd6fc5ee085979cc5f5dda09d978c3.tar.xz
forgejo-37c3db7be6dd6fc5ee085979cc5f5dda09d978c3.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/cmd/admin_auth_ldap.go b/cmd/admin_auth_ldap.go
index e869686cbd..5ab64ec7d5 100644
--- a/cmd/admin_auth_ldap.go
+++ b/cmd/admin_auth_ldap.go
@@ -61,6 +61,10 @@ var (
 			Name:  "admin-filter",
 			Usage: "An LDAP filter specifying if a user should be given administrator privileges.",
 		},
+		cli.StringFlag{
+			Name:  "restricted-filter",
+			Usage: "An LDAP filter specifying if a user should be given restricted status.",
+		},
 		cli.BoolFlag{
 			Name:  "allow-deactivate-all",
 			Usage: "Allow empty search results to deactivate all users.",
@@ -235,6 +239,9 @@ func parseLdapConfig(c *cli.Context, config *models.LDAPConfig) error {
 	if c.IsSet("admin-filter") {
 		config.Source.AdminFilter = c.String("admin-filter")
 	}
+	if c.IsSet("restricted-filter") {
+		config.Source.RestrictedFilter = c.String("restricted-filter")
+	}
 	if c.IsSet("allow-deactivate-all") {
 		config.Source.AllowDeactivateAll = c.Bool("allow-deactivate-all")
 	}
author	Lauris BH <lauris@nix.lv>	2020-03-05 07:30:33 +0100
committer	GitHub <noreply@github.com>	2020-03-05 07:30:33 +0100
commit	37c3db7be6dd6fc5ee085979cc5f5dda09d978c3 (patch)
tree	f77e1d61daaee11f6aab8e491120620e597c2782 /cmd/admin_auth_ldap.go
parent	Versions (#10597) (diff)
download	forgejo-37c3db7be6dd6fc5ee085979cc5f5dda09d978c3.tar.xz forgejo-37c3db7be6dd6fc5ee085979cc5f5dda09d978c3.zip