Merge pull request #2005 from hashicorp/dedup-ldap-policies

Deduplicate the policies in ldap backend
This commit is contained in:
Vishal Nayak 2016-10-18 10:42:11 -04:00 committed by GitHub
commit 6dd560d9c6

View file

@ -7,6 +7,7 @@ import (
"github.com/go-ldap/ldap"
"github.com/hashicorp/vault/helper/mfa"
"github.com/hashicorp/vault/helper/strutil"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/logical/framework"
)
@ -158,6 +159,9 @@ func (b *backend) Login(req *logical.Request, username string, password string)
}
}
// Policies from each group may overlap
policies = strutil.RemoveDuplicates(policies)
if len(policies) == 0 {
errStr := "user is not a member of any authorized group"
if len(ldapResponse.Warnings()) > 0 {