Mirrors/wg-portal
1
0
Fork 0
mirror of https://github.com/h44z/wg-portal.git synced 2026-05-28 08:56:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: sanitize external identity provider user data (#681)

Browse Source 
* feat: sanitize external user data

* remove config option to disable Sanitization: sanitize_external_user_data

* cleanup

---------

Co-authored-by: Christoph Haas <christoph.h@sprinternet.at>
This commit is contained in:
Mykhailo Roit
2026-05-18 23:28:27 +03:00
committed by GitHub
parent ff935a404e
commit 958dcb8fa9
24 changed files with 1545 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
internal/app/users/ldap_helper.go
View File

@@ -28,7 +28,7 @@ func convertRawLdapUser(
uid := domain.UserIdentifier(internal.MapDefaultString(rawUser, fields.UserIdentifier, ""))
return &domain.User{
user := &domain.User{
BaseModel: domain.BaseModel{
CreatedBy: domain.CtxSystemLdapSyncer,
UpdatedBy: domain.CtxSystemLdapSyncer,
@@ -49,10 +49,16 @@ func convertRawLdapUser(
Lastname: internal.MapDefaultString(rawUser, fields.Lastname, ""),
Phone: internal.MapDefaultString(rawUser, fields.Phone, ""),
Department: internal.MapDefaultString(rawUser, fields.Department, ""),
Notes: "",
Password: "",
Disabled: nil,
}, nil
}
if err := user.SanitizeExternalData("ldap", providerName); err != nil {
return nil, err
}
// Update authentication identifier after sanitization
user.Authentications[0].UserIdentifier = user.Identifier
return user, nil
}
func userChangedInLdap(dbUser, ldapUser *domain.User) bool {