Skip to content

Commit 219d694

Browse files
duanhongyiduanhongyi
committed
chore(ldap): add AUTH_LDAP_USER_FLAGS_BY_GROUP
1 parent 7b6e17b commit 219d694

1 file changed

Lines changed: 8 additions & 0 deletions

File tree

rootfs/api/settings/production.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -412,6 +412,9 @@
412412
LDAP_USER_FILTER = os.environ.get('LDAP_USER_FILTER', 'username')
413413
LDAP_GROUP_BASEDN = os.environ.get('LDAP_GROUP_BASEDN', '')
414414
LDAP_GROUP_FILTER = os.environ.get('LDAP_GROUP_FILTER', '')
415+
LDAP_ACTIVE_GROUP = os.environ.get('LDAP_ACTIVE_GROUP', '')
416+
LDAP_STAFF_GROUP = os.environ.get('LDAP_STAFF_GROUP', '')
417+
LDAP_SUPERUSER_GROUP = os.environ.get('LDAP_SUPERUSER_GROUP', '')
415418

416419
# Django LDAP backend configuration.
417420
# See https://pythonhosted.org/django-auth-ldap/reference.html
@@ -435,6 +438,11 @@
435438
scope=ldap.SCOPE_SUBTREE,
436439
filterstr="(%s)" % LDAP_GROUP_FILTER
437440
)
441+
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
442+
'is_active': LDAP_ACTIVE_GROUP,
443+
'is_staff': LDAP_STAFF_GROUP,
444+
'is_superuser': LDAP_SUPERUSER_GROUP,
445+
}
438446
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
439447
AUTH_LDAP_USER_ATTR_MAP = {
440448
"first_name": "givenName",

0 commit comments

Comments
 (0)