This repository was archived by the owner on Jul 24, 2023. It is now read-only.
File tree Expand file tree Collapse file tree 2 files changed +36
-1
lines changed Expand file tree Collapse file tree 2 files changed +36
-1
lines changed Original file line number Diff line number Diff line change 21
21
22
22
'username_attribute ' => ['username ' => 'samaccountname ' ],
23
23
24
+ /*
25
+ |--------------------------------------------------------------------------
26
+ | Limitation Filter
27
+ |--------------------------------------------------------------------------
28
+ |
29
+ | The limitation filter allows you to enter a raw filter to only allow
30
+ | specific users / groups / ous to authenticate.
31
+ |
32
+ | This should be a standard LDAP filter.
33
+ |
34
+ */
35
+
36
+ 'limitation_filter ' => '' ,
37
+
24
38
/*
25
39
|--------------------------------------------------------------------------
26
40
| Login Fallback
Original file line number Diff line number Diff line change @@ -207,7 +207,18 @@ protected function handleAttributeRetrieval(User $user, $field)
207
207
*/
208
208
protected function newAdldapUserQuery ()
209
209
{
210
- return Adldap::users ()->search ()->select ($ this ->getSelectAttributes ());
210
+ /** @var \Adldap\Query\Builder $query */
211
+ $ query = Adldap::users ()->search ();
212
+
213
+ $ filter = $ this ->getLimitationFilter ();
214
+
215
+ if (!empty ($ filter )) {
216
+ // If we're provided a login limitation filter,
217
+ // we'll add it to the user query.
218
+ $ query ->rawFilter ($ filter );
219
+ }
220
+
221
+ return $ query ->select ($ this ->getSelectAttributes ());
211
222
}
212
223
213
224
/**
@@ -262,4 +273,14 @@ protected function getSyncAttributes()
262
273
{
263
274
return Config::get ('adldap_auth.sync_attributes ' , ['name ' => ActiveDirectory::COMMON_NAME ]);
264
275
}
276
+
277
+ /**
278
+ * Returns the configured login limitation filter.
279
+ *
280
+ * @return string|null
281
+ */
282
+ protected function getLimitationFilter ()
283
+ {
284
+ return Config::get ('adldap_auth.limitation_filter ' );
285
+ }
265
286
}
You can’t perform that action at this time.
0 commit comments