From 0d48b7f8c961d03abee89eada1a87e0bcfef5f0b Mon Sep 17 00:00:00 2001
From: Valentin Tolmer <valentin@tolmer.fr>
Date: Sat, 30 Dec 2023 22:28:58 +0100
Subject: [PATCH] server: add support for entryDN

---
 server/src/domain/ldap/group.rs  |  3 +++
 server/src/domain/ldap/user.rs   |  3 +++
 server/src/infra/ldap_handler.rs | 17 ++++++++++++++++-
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/server/src/domain/ldap/group.rs b/server/src/domain/ldap/group.rs
index ff28abd..9fe15de 100644
--- a/server/src/domain/ldap/group.rs
+++ b/server/src/domain/ldap/group.rs
@@ -31,6 +31,9 @@ pub fn get_group_attribute(
         "objectclass" => vec![b"groupOfUniqueNames".to_vec()],
         // Always returned as part of the base response.
         "dn" | "distinguishedname" => return None,
+        "entrydn" => {
+            vec![format!("uid={},ou=groups,{}", group.display_name, base_dn_str).into_bytes()]
+        }
         "cn" | "uid" | "id" => vec![group.display_name.to_string().into_bytes()],
         "entryuuid" | "uuid" => vec![group.uuid.to_string().into_bytes()],
         "member" | "uniquemember" => group
diff --git a/server/src/domain/ldap/user.rs b/server/src/domain/ldap/user.rs
index 5306fde..1ffce50 100644
--- a/server/src/domain/ldap/user.rs
+++ b/server/src/domain/ldap/user.rs
@@ -35,6 +35,9 @@ pub fn get_user_attribute(
         ],
         // dn is always returned as part of the base response.
         "dn" | "distinguishedname" => return None,
+        "entrydn" => {
+            vec![format!("uid={},ou=people,{}", &user.user_id, base_dn_str).into_bytes()]
+        }
         "uid" | "user_id" | "id" => vec![user.user_id.to_string().into_bytes()],
         "entryuuid" | "uuid" => vec![user.uuid.to_string().into_bytes()],
         "mail" | "email" => vec![user.email.to_string().into_bytes()],
diff --git a/server/src/infra/ldap_handler.rs b/server/src/infra/ldap_handler.rs
index 5e6624a..cc0666b 100644
--- a/server/src/infra/ldap_handler.rs
+++ b/server/src/infra/ldap_handler.rs
@@ -1368,7 +1368,14 @@ mod tests {
         let mut ldap_handler = setup_bound_admin_handler(mock).await;
         let request = make_group_search_request(
             LdapFilter::And(vec![]),
-            vec!["objectClass", "dn", "cn", "uniqueMember", "entryUuid"],
+            vec![
+                "objectClass",
+                "dn",
+                "cn",
+                "uniqueMember",
+                "entryUuid",
+                "entryDN",
+            ],
         );
         assert_eq!(
             ldap_handler.do_search_or_dse(&request).await,
@@ -1395,6 +1402,10 @@ mod tests {
                             atype: "entryUuid".to_string(),
                             vals: vec![b"04ac75e0-2900-3e21-926c-2f732c26b3fc".to_vec()],
                         },
+                        LdapPartialAttribute {
+                            atype: "entryDN".to_string(),
+                            vals: vec![b"uid=group_1,ou=groups,dc=example,dc=com".to_vec()],
+                        },
                     ],
                 }),
                 LdapOp::SearchResultEntry(LdapSearchResultEntry {
@@ -1416,6 +1427,10 @@ mod tests {
                             atype: "entryUuid".to_string(),
                             vals: vec![b"04ac75e0-2900-3e21-926c-2f732c26b3fc".to_vec()],
                         },
+                        LdapPartialAttribute {
+                            atype: "entryDN".to_string(),
+                            vals: vec![b"uid=BestGroup,ou=groups,dc=example,dc=com".to_vec()],
+                        },
                     ],
                 }),
                 make_search_success(),