Details
-
Bug Report
-
Resolution: Fixed
-
L3 - Default
-
None
-
None
Description
When using AD as and LDAP provider, the task list does not show any tasks that have been allocated to a group, even if you are a member of the group.
Additionally, the colleagues section is never populated.
I have isolated the first problem to an issue with the escaping of special characters, similar to CAM-2309. In the LdapIdentityProviderSession class, the getUserSearchFilter method also needs to escape special characters in the user id, similar to what was done in getGroupSearchFilter.
The second issue (colleagues) is caused by the findUsersByGroupId assuming that the DN for a group member will always start with the UID:
String userId = userDn.substring(userDn.indexOf("=")+1, userDn.indexOf(","));
if(queriedUserId == null)
if(queriedUserId == null || queriedUserId.equals(userId))
{ userList.addAll(findUsersWithoutGroupId(query, userBaseDn)); }In the case of our Active Directory, the user DN looks something like "CN=Howe\, David,OU=Users,OU=Accounts etc.". When the above code runs, it tries to find a user with the id of "Howe\" which never matches anything, leading to your list of colleagues never being populated. The solution is to just query using the DN:
List<User> users = findUsersWithoutGroupId(query, userDn);
if (users.size() > 0)
In fixing this, I also noticed a bug in the loop that iterates over the group members until it reaches the maximum size. In checking the size of the list, it is using the empty userList, rather than the userDnList that it is adding to.
while (allMembers.hasMoreElements() && userList.size() < query.getMaxResults())
{ userDnList.add((String) allMembers.nextElement()); }I have created a test case that demonstrates the above and updated the code with the fixes. I will submit a pull request.