sparc-request · Stuart-Johnson · Oct 4, 2017 · Sep 3, 2017 · Sep 3, 2017 · Oct 4, 2017
diff --git a/app/lib/directory.rb b/app/lib/directory.rb
@@ -81,6 +81,23 @@ def self.search_database(term)
     return identities
   end
 
+  def self.get_ldap_filter_for_full_name(term)
+    search_terms = term.strip.split
+    givenName = search_terms[0]
+    sn = search_terms[1]
+    "(& (sn=#{sn}*) (givenName=#{givenName}*))"
+  end
+
+  def self.get_ldap_filter(term, fields)
+    search_terms = term.strip.split
+    if search_terms.length == 2
+      filter = self.get_ldap_filter_for_full_name(term)
+    else
+      filter = (LDAP_FILTER && LDAP_FILTER.gsub('#{term}', term)) || fields.map { |f| Net::LDAP::Filter.contains(f, term) }.inject(:|)
+    end
+    filter
+  end
+
   def self.find_or_create(ldap_uid)
     identity = Identity.find_by_ldap_uid(ldap_uid)
     return identity if identity
@@ -105,9 +122,7 @@ def self.search_ldap(term)
          base: LDAP_BASE,
          encryption: LDAP_ENCRYPTION)
       ldap.auth LDAP_AUTH_USERNAME, LDAP_AUTH_PASSWORD unless !LDAP_AUTH_USERNAME || !LDAP_AUTH_PASSWORD
-      # use LDAP_FILTER to override default filter with custom string
-      filter = (LDAP_FILTER && LDAP_FILTER.gsub('#{term}', term)) || fields.map { |f| Net::LDAP::Filter.contains(f, term) }.inject(:|)
-      res = ldap.search(:attributes => fields, :filter => filter)
+      res = ldap.search(:attributes => fields, :filter => self.get_ldap_filter(term, fields))
       Rails.logger.info ldap.get_operation_result unless res
     rescue => e
       Rails.logger.info '#'*100
@@ -216,7 +231,7 @@ def self.find_for_cas_oauth(cas_uid)
     Directory.create_or_update_database_from_ldap(ldap_results, [])
     Identity.find_by_ldap_uid(ldap_uid)
   end
-
+  
   # search and merge results but don't change the database
   # this assumes USE_LDAP = true, otherwise you wouldn't use this function
   def self.search_and_merge_ldap_and_database_results(term)