saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix ldap auth for function matches

Browse source 
The expand_ldap_entries doesn't take into account that certain entries
may not actually be dicts, such as @runner, @wheel, @jobs, or even .*
This commit is contained in:
Steve Hajducko 2016-07-15 23:12:52 -07:00
parent 51fce770a5
commit d4144039bc
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
salt/auth/ldap.py
View file

@ -391,6 +391,8 @@ def expand_ldap_entries(entries, opts=None):
bind = _bind_for_search(opts=opts)
acl_tree = []
for user_or_group_dict in entries:
if not isinstance(user_or_group_dict, dict):
acl_tree.append(user_or_group_dict)
for minion_or_ou, matchers in six.iteritems(user_or_group_dict):
permissions = matchers
retrieved_minion_ids = []