From 56be9a450c43992f77f3a607264b18812b896915 Mon Sep 17 00:00:00 2001
From: Sebastian Hasler <sebastian.hasler@sec.uni-stuttgart.de>
Date: Fri, 14 May 2021 23:21:56 +0200
Subject: [PATCH] Configurable usage of UID in LDAP filters

Signed-off-by: Sebastian Hasler <sebastian.hasler@sec.uni-stuttgart.de>
---
 ldap-overleaf-sl/sharelatex/AuthenticationManager.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
index f2c712a..78f8589 100644
--- a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
+++ b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
@@ -275,10 +275,10 @@ const AuthenticationManager = {
     //const bindPassword = process.env.LDAP_BIND_PW
     const ldap_bd = process.env.LDAP_BINDDN
     const ldap_base = process.env.LDAP_BASE
-    var mail = query.email 
-    var uid = query.email.split('@')[0]
-    const filterstr = '(&' + process.env.LDAP_GROUP_FILTER + '(' + ldapEscape.filter`uid=${uid}` + '))'
+    var uid = query.email
+    const filterstr = process.env.LDAP_GROUP_FILTER.replaceAll('%u', ldapEscape.filter`${uid}`)
     const userDn = ldapEscape.filter`uid=${uid}` + ',' + ldap_bd;
+    var mail = ""
     var firstname = ""
     var lastname = ""
     var isAdmin = false
@@ -313,7 +313,7 @@ const AuthenticationManager = {
       // if admin filter is set - only set admin for user in ldap group
       // does not matter - admin is deactivated: managed through ldap
       if (process.env.LDAP_ADMIN_GROUP_FILTER) {
-        const adminfilter = '(&' + process.env.LDAP_ADMIN_GROUP_FILTER + '(' +ldapEscape.filter`uid=${uid}` + '))' 
+        const adminfilter = process.env.LDAP_ADMIN_GROUP_FILTER.replaceAll('%u', ldapEscape.filter`${uid}`)
         adminEntry = await client.search(ldap_base, {
           scope: 'sub',
           filter: adminfilter,