Skip to content

Commit

Permalink
fixup! Fixes #24749: Disabled LDAP users can still login and use Rudder
Browse files Browse the repository at this point in the history 
Fixes #24749:  Disabled LDAP users can still login and use Rudder
  • Loading branch information
@clarktsiory
clarktsiory committed Apr 18, 2024
1 parent feb3bca commit 1e4e7ab
Showing 1 changed file with 3 additions and 11 deletions.
14 changes: 3 additions & 11 deletions webapp/sources/rudder/rudder-web/src/main/scala/bootstrap/liftweb/AppConfigAuth.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -329,7 +329,7 @@ class AppConfigAuth extends ApplicationContextAware {
* Map an user from XML user config file
*/
@Bean def rudderXMLUserDetails: UserDetailsContextMapper = {
new RudderXmlUserDetailsContextMapper(RudderConfig.rudderUserListProvider)
new RudderXmlUserDetailsContextMapper(rudderUserDetailsService)
}

// userSessionLogEvent must not be lazy, because not used by anybody directly
Expand Down Expand Up @@ -432,7 +432,7 @@ class RudderInMemoryUserDetailsService(val authConfigProvider: UserDetailListPro
/**
* Spring context mapper
*/
class RudderXmlUserDetailsContextMapper(authConfigProvider: UserDetailListProvider) extends UserDetailsContextMapper {
class RudderXmlUserDetailsContextMapper(userDetailsService: UserDetailsService) extends UserDetailsContextMapper {
// we are not able to try to save user in the XML file
def mapUserToContext(user: UserDetails, ctx: DirContextAdapter): Unit = ()

Expand All @@ -441,15 +441,7 @@ class RudderXmlUserDetailsContextMapper(authConfigProvider: UserDetailListProvid
username: String,
authorities: Collection[? <: GrantedAuthority]
): UserDetails = {
val user = authConfigProvider.authConfig.users
.getOrElse(
username,
RudderUserDetail(RudderAccount.User(username, ""), UserStatus.Disabled, Set(Role.NoRights), ApiAuthorization.None)
)
user.status match {
case UserStatus.Disabled => throw new DisabledException("User is disabled")
case _ => user
}
userDetailsService.loadUserByUsername(username)
}
}

Expand Down

0 comments on commit 1e4e7ab

Please sign in to comment.