Merge pull request #482 from MultiDirectoryLab/fix_filter

Fix filter
MultiDirectoryLab · Feb 14, 2025 · e7d5eff · e7d5eff
2 parents 20c343a + 38084c7
commit e7d5eff
Show file tree

Hide file tree

Showing 4 changed files with 61 additions and 1 deletion.
diff --git a/app/extra/dev_data.py b/app/extra/dev_data.py
@@ -271,6 +271,7 @@
                     "posixEmail": ["abctest@mail.com"],
                     "attr_with_bvalue": [b"any"],
                     "userAccountControl": ["512"],
+                    "description": ["123 desc"],
                 },
             },
             {

diff --git a/app/ldap_protocol/asn1parser.py b/app/ldap_protocol/asn1parser.py
@@ -239,7 +239,7 @@ def value_to_string(
     value: str | bytes | int | bool,
 ) -> bytes | str | int:
     """Convert value to string."""
-    if tag.nr == Numbers.Integer and tag.cls != Classes.Context:
+    if tag.nr == Numbers.Integer:
         with suppress(ValueError):
             return int(value)
         return value

diff --git a/app/ldap_protocol/filter_interpreter.py b/app/ldap_protocol/filter_interpreter.py
@@ -7,6 +7,7 @@
 """
 
 import uuid
+from contextlib import suppress
 from operator import eq, ge, le, ne
 from typing import Callable
 
@@ -30,6 +31,9 @@
 def _get_substring(right: ASN1Row) -> str:  # RFC 4511
     expr = right.value[0]
     value = expr.value
+    if isinstance(value, bytes):
+        with suppress(UnicodeDecodeError):
+            value = value.decode()
     index = expr.tag_id
     return [f"{value}%", f"%{value}%", f"%{value}"][index]
 

diff --git a/tests/test_ldap/test_util/test_search.py b/tests/test_ldap/test_util/test_search.py
@@ -48,6 +48,61 @@ async def test_ldap_search(settings: Settings, creds: TestCreds) -> None:
     assert "dn: cn=user0,ou=users,dc=md,dc=test" in data
 
 
+@pytest.mark.asyncio
+@pytest.mark.usefixtures('setup_session')
+@pytest.mark.usefixtures('session')
+async def test_ldap_search_filter(
+    settings: Settings, creds: TestCreds,
+) -> None:
+    """Test ldapsearch with filter on server."""
+    proc = await asyncio.create_subprocess_exec(
+        'ldapsearch',
+        '-vvv', '-x', '-H', f'ldap://{settings.HOST}:{settings.PORT}',
+        '-D', creds.un,
+        '-w', creds.pw,
+        '-b', 'dc=md,dc=test',
+        '(&'
+        '(objectClass=user)'
+        '(memberOf:1.2.840.113556.1.4.1941:=cn=domain admins,cn=groups,dc=md,\
+            dc=test)'
+        ')',
+        stdout=asyncio.subprocess.PIPE,
+        stderr=asyncio.subprocess.PIPE)
+
+    raw_data, _ = await proc.communicate()
+    data = raw_data.decode().split('\n')
+    result = await proc.wait()
+
+    assert result == 0
+    assert "dn: cn=user0,ou=users,dc=md,dc=test" in data
+    assert "dn: cn=user1,ou=moscow,ou=russia,ou=users,dc=md,dc=test" in data
+
+
+@pytest.mark.asyncio
+@pytest.mark.usefixtures('setup_session')
+@pytest.mark.usefixtures('session')
+async def test_ldap_search_filter_prefix(
+    settings: Settings, creds: TestCreds,
+) -> None:
+    """Test ldapsearch with filter on server."""
+    proc = await asyncio.create_subprocess_exec(
+        'ldapsearch',
+        '-vvv', '-x', '-H', f'ldap://{settings.HOST}:{settings.PORT}',
+        '-D', creds.un,
+        '-w', creds.pw,
+        '-b', 'dc=md,dc=test',
+        '(description=*desc)',
+        stdout=asyncio.subprocess.PIPE,
+        stderr=asyncio.subprocess.PIPE)
+
+    raw_data, _ = await proc.communicate()
+    data = raw_data.decode().split('\n')
+    result = await proc.wait()
+
+    assert result == 0
+    assert "dn: cn=user0,ou=users,dc=md,dc=test" in data
+
+
 @pytest.mark.asyncio
 @pytest.mark.usefixtures('setup_session')
 async def test_bind_policy(