Merge "Fix invalid LDAP filter for user ID with comma" into milestone-proposed

This commit is contained in:
Jenkins 2014-04-07 18:18:22 +00:00 committed by Gerrit Code Review
commit b07840a053
1 changed files with 3 additions and 1 deletions

View File

@ -15,6 +15,7 @@ from __future__ import absolute_import
import uuid
import ldap
import ldap.filter
from keystone import clean
from keystone.common import dependency
@ -328,9 +329,10 @@ class GroupApi(common_ldap.BaseLdap):
def list_user_groups(self, user_dn):
"""Return a list of groups for which the user is a member."""
user_dn_esc = ldap.filter.escape_filter_chars(user_dn)
query = '(&(objectClass=%s)(%s=%s)%s)' % (self.object_class,
self.member_attribute,
user_dn,
user_dn_esc,
self.ldap_filter or '')
memberships = self.get_all(query)
return memberships