devise_ldap_authenticatable Ability to check if user in ANY of listed groups rather than ALL

Ability to check if user in ANY of listed groups rather than ALL

Open scheerer opened this issue 11 years ago • 2 comments

It seems the current logic will AND the listed required_groups.

For instance this would require the user to be in ALL 4 groups.

  required_groups:
  # If an array is given, the first element will be the attribute to check against, the second the group name
   - ["memberOf", " CN=HD Admin,OU=Groups,OU=Corp,DC=test,DC=com"]
   - ["memberOf", " CN=HD Helper,OU=Groups,OU=Corp,DC=test,DC=com"]
   - ["memberOf", " CN=HD Reset,OU=Groups,OU=Corp,DC=test,DC=com"]
   - ["memberOf", " CN=Security,OU=Groups,OU=Corp,DC=test,DC=com"]

It is desirable to check if a user belongs to ANY 1 of the groups listed to allow access by returning true to in_required_groups? if the user belongs to 1 or more of the listed groups.

Perhaps a separate YAML config option to control this behavior?

Nov 15 '13 03:11 scheerer

Apr 07 '14 09:04 yourtallness

Implemented in #271

Oct 06 '21 11:10 RoxasShadow

devise_ldap_authenticatable devise_ldap_authenticatable copied to clipboard

Ability to check if user in ANY of listed groups rather than ALL

devise_ldap_authenticatable
devise_ldap_authenticatable copied to clipboard