From b2bcf34673ef37471d7a0500803c205d6d64760d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robin=20Hru=C5=A1ka?= Date: Fri, 13 Sep 2024 18:02:40 +0200 Subject: [PATCH] fix ldap search when filtering with empty string --- seacatauth/credentials/providers/ldap.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/seacatauth/credentials/providers/ldap.py b/seacatauth/credentials/providers/ldap.py index 793c1006..1719933c 100644 --- a/seacatauth/credentials/providers/ldap.py +++ b/seacatauth/credentials/providers/ldap.py @@ -288,11 +288,12 @@ async def iterate(self, offset: int = 0, limit: int = -1, filtr: str = None): yield i def _build_search_filter(self, filtr=None): - if filtr is None: + if not filtr: filterstr = self.Config["filter"] else: # The query filter is the intersection of the filter from config # and the filter defined by the search request + # The username must START WITH the given filter string filter_template = "(&{}({}=*%s*))".format(self.Config["filter"], self.Config["attrusername"]) assertion_values = ["{}".format(filtr.lower())] filterstr = ldap.filter.filter_format(