attributes for include membership

[GiladShoham]

hi,
the include membership get an opts object.
but there is no way to change it from outside, because it's internal function.
maybe we need to find a way to pass this object to this internal function.
(for example, in my mongo i save a ref from user to his groups, and i need to save the objectSid because the group dn can be change).
i don't want to change the attributes in include membership hard coded but to pass this somehow.

any ideas?

[gheeres]

Can you clarify or give a pseudocode example of what you're trying to accomplish?

[GiladShoham]

yes of course:
inside getGroupMembershipForDN
there is this code:

var opts = _.defaults(opts || {}, {
    filter: '(member='+parseDistinguishedName(dn)+')',
    scope: 'sub',
    attributes: [ 'objectCategory', 'groupType', 'distinguishedName', 'cn' ]
});

so when i look for user i get back something like this:

{
    "groups" : [ 
        {
            dn : "CN=mygroup,CN=Users,DC=domain,DC=com",
            cn : "mygroup"
        }
    ],
    "dn" : "CN=user,CN=Users,DC=domain,DC=com",
    "mail" : "user@mail.com",
    "objectSid" : { "$binary" : "AQUAAAAAAAUVAAAAmW1PAFA5Gl+FXFmMr7UBAA==", "$type" : "00" },
    "principalName" : "user@domain",
    "uSNChanged" : "2204933"
}

and i want to add more attributes to the groups array for example i want it to be (with the objectSid):

{
    "groups" : [ 
        {
            dn : "CN=mygroup,CN=Users,DC=domain,DC=com",
            cn : "mygroup",
            "objectSid" : { "$binary" : "AQUAAAAAAAUVAAAAmW1PAFA5Gl+FXFmMr7UBAA==", "$type" : "00" }
        }
    ],
    "dn" : "CN=user,CN=Users,DC=domain,DC=com",
    "mail" : "user@mail.com",
    "objectSid" : { "$binary" : "AQUAAAAAAAUVAAAAmW1PAFA5Gl+FXFmMr7UBAA==", "$type" : "00" },
    "principalName" : "user@domain",
    "uSNChanged" : "2204933"
}

the problem is there is no way to change the groups' attribute inside the get membership.

[GiladShoham]

hi,
what do you think about that?
do you have an idea how to pass this opts from outside to this function?

[gheeres]

I believe the .on('entry', function(item, result, callback) { ... } that we've discussed would take care of this need / request for you.

[GiladShoham]

hi,
the on entry could not take care of this because if you don't mention the attribute on the query options, then the entry object doesn't contain this fields.

or you meant to move all the include membership logic to occur on this event, but this move this implementation to the user of ad.js. which means, if now he only need to set one param to true when calling search and the library would take care of this, in the future he will need to implement everything by itself inside his event, means all of the following code will move from ad.js to the user event.

if (includeMembership) {
      getGroupMembershipForDN.call(self, user.dn, function(err, groups) {
        if (err) {
          if (callback) callback(err);
          return;
        }

        user.groups = groups;
        self.emit('user', user);
        if (callback) callback(err, user);
      });
    }

[gheeres]

Sorry. You're right. I remember what the problem is / thanks for refreshing my memory. The solution should be pretty simple. Basically, I just need to change the query to use the defaultAttributes.group array which can be overridden on create. I'll get something pushed shortly.

[gheeres]

See the following commit: a44a7a2

Let me know if that solves your problem. My tests indicates that it should. If so, we'll get this closed.

[GiladShoham]

i will check it tomorrow when i get to my office.
any way this can solve my problem for now but adding someway the option to pass the attributes for membership can be a more modular solution.
i can see use cases where when you want to search groups you want some attributes and when you want to get the membership you want other attributes.
but for now i believe it will be fine.

[GiladShoham]

worked as expected:)