From: Dan Brown <redacted>
Date: Sun, 19 Aug 2018 14:24:42 +0000 (+0100)
Subject: Fixed LDAP group sync using wrong user filter
X-Git-Tag: v0.23.2~1^2
X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/d2a9b312e98128d08bfc5838c8ac72ac13d0f47a

Fixed LDAP group sync using wrong user filter

LDAP group sync was trying to find users based on the external_auth_id
which is not garunteed to match the username entered so somtimes
the search for a user would fail.

This passes the username to the group sync.
Picked up by @yoyokko in #959.
---

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 791c265ad..c0541c9e2 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -103,7 +103,7 @@ class LoginController extends Controller
 
         // Sync LDAP groups if required
         if ($this->ldapService->shouldSyncGroups()) {
-            $this->ldapService->syncGroups($user);
+            $this->ldapService->syncGroups($user, $request->get($this->username()));
         }
 
         $path = session()->pull('url.intended', '/');
diff --git a/app/Services/LdapService.php b/app/Services/LdapService.php
index c11094aa9..11223433b 100644
--- a/app/Services/LdapService.php
+++ b/app/Services/LdapService.php
@@ -299,11 +299,12 @@ class LdapService
     /**
      * Sync the LDAP groups to the user roles for the current user
      * @param \BookStack\User $user
+     * @param string $username
      * @throws LdapException
      */
-    public function syncGroups(User $user)
+    public function syncGroups(User $user, string $username)
     {
-        $userLdapGroups = $this->getUserGroups($user->external_auth_id);
+        $userLdapGroups = $this->getUserGroups($username);
 
         // Get the ids for the roles from the names
         $ldapGroupsAsRoles = $this->matchLdapGroupsToSystemsRoles($userLdapGroups);