Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: LDAP - add flag which enable nested groups for MS AD #2173

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

barloc
Copy link

@barloc barloc commented Nov 27, 2023

Description

Enable search for user nested groups in LDAP system. Use attribute member:1.2.840.113556.1.4.1941: for Microsoft Active Directory and set groups from the search to the user_info[self.auth_ldap_group_field] field.

Add flag AUTH_LDAP_USE_NESTED_GROUPS_FOR_ROLES which enables this feature. Default value is False.

Fix this issues:

ADDITIONAL INFORMATION

  • Has associated issue:
  • Is CRUD MVC related.
  • Is Auth, RBAC security related.
  • Changes the security db schema.
  • Introduces new feature
  • Removes existing feature

@barloc barloc force-pushed the feature/add-ldap-nested-groups-for-ms-ad branch from f7860d0 to a5e679d Compare November 27, 2023 16:01
@barloc barloc changed the title LDAP: add flag which enable nested groups for MS AD feat: LDAP - add flag which enable nested groups for MS AD Nov 27, 2023
Copy link

codecov bot commented Nov 27, 2023

Codecov Report

Attention: Patch coverage is 42.85714% with 8 lines in your changes missing coverage. Please review.

Project coverage is 74.32%. Comparing base (59db85d) to head (b9df441).
Report is 35 commits behind head on master.

Files with missing lines Patch % Lines
flask_appbuilder/security/manager.py 42.85% 8 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##           master    #2173      +/-   ##
==========================================
- Coverage   79.31%   74.32%   -5.00%     
==========================================
  Files          72       72              
  Lines        8974     8930      -44     
==========================================
- Hits         7118     6637     -481     
- Misses       1856     2293     +437     
Flag Coverage Δ
python 74.32% <42.85%> (-5.00%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@lfrancke
Copy link

@barloc Can I ask what the status of this is?
I do see build failures and I assume it's now at least partially outdated.

Do you plan to work on this?

@chevcheli0s
Copy link

@barloc do you plan to implement this?

@barloc
Copy link
Author

barloc commented Sep 27, 2024

@barloc Can I ask what the status of this is? I do see build failures and I assume it's now at least partially outdated.

Do you plan to work on this?

hello
sorry for long answer
yep, i'll update code

…ested groups from ms active directory

* fix: don't load inactive users with sessions

* add test

* fix test
@barloc barloc force-pushed the feature/add-ldap-nested-groups-for-ms-ad branch from ff9e76a to 5def4f8 Compare September 28, 2024 00:21
@barloc
Copy link
Author

barloc commented Sep 28, 2024

Hello
I added test for the feature but test-mssql is broken and I don't understand how to fix it :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants