diff --git a/Documentation/SOGoInstallationGuide.asciidoc b/Documentation/SOGoInstallationGuide.asciidoc index 511a60c0e..1dbf83006 100644 --- a/Documentation/SOGoInstallationGuide.asciidoc +++ b/Documentation/SOGoInstallationGuide.asciidoc @@ -1270,6 +1270,10 @@ Defaults to `YES` when unset. |globalAddressBookFirstEntriesCount (optional) |Number of entries displayed when `listRequiresDot` is enabled. Default value is `-1` (all records). If source is LDAP, the LDAP overlay sssvlv must be enabled on the system for server side sorting. +|disableSubgroups (optional) +|If set to `YES`, disable recursive search. Consider this option when groups have the same name than a member (https://bugs.sogo.nu/view.php?id=5913). +Defaults to `NO` when unset. + |ModulesConstraints (optional) |Limits the access of any module through a constraint based on an LDAP attribute; must be a dictionary with keys `Mail`, and/or `Calendar`, diff --git a/SoObjects/SOGo/LDAPSource.h b/SoObjects/SOGo/LDAPSource.h index 8c2b858b4..e07c15ba2 100644 --- a/SoObjects/SOGo/LDAPSource.h +++ b/SoObjects/SOGo/LDAPSource.h @@ -66,6 +66,8 @@ BOOL _listRequiresDot; int _globalAddressBookFirstEntriesCount; + BOOL _disableSubgroups; + NSString *_domain; NSString *_contactInfoAttribute; BOOL _groupExpansionEnabled; diff --git a/SoObjects/SOGo/LDAPSource.m b/SoObjects/SOGo/LDAPSource.m index bf6b95496..1795dfbf5 100644 --- a/SoObjects/SOGo/LDAPSource.m +++ b/SoObjects/SOGo/LDAPSource.m @@ -108,6 +108,8 @@ static Class NSStringK; _listRequiresDot = YES; _globalAddressBookFirstEntriesCount = -1; + _disableSubgroups = NO; + _passwordPolicy = NO; _updateSambaNTLMPasswords = NO; _lookupFields = [NSArray arrayWithObject: @"*"]; @@ -171,7 +173,7 @@ static Class NSStringK; inDomain: (NSString *) sourceDomain { SOGoDomainDefaults *dd; - NSNumber *udQueryLimit, *udQueryTimeout, *udGroupExpansionEnabled, *dotValue; + NSNumber *udQueryLimit, *udQueryTimeout, *udGroupExpansionEnabled, *dotValue, *disableSubgroupsValue; if ((self = [self init])) { @@ -207,6 +209,10 @@ static Class NSStringK; [self setGlobalAddressBookFirstEntriesCount: [[udSource objectForKey: @"globalAddressBookFirstEntriesCount"] intValue]]; } + disableSubgroupsValue = [udSource objectForKey: @"disableSubgroups"]; + if (disableSubgroupsValue) + _disableSubgroups = [disableSubgroupsValue boolValue]; + [self setContactMapping: [udSource objectForKey: @"mapping"] andObjectClasses: [udSource objectForKey: @"objectClasses"]]; @@ -2355,16 +2361,21 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection, user = [SOGoUser userWithLogin: login roles: nil]; if (user) { - contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil]; - if ([contactInfos objectForKey: @"isGroup"]) + if (!_disableSubgroups) { + contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil]; + if ([contactInfos objectForKey: @"isGroup"]) { subusers = [self membersForGroupWithUID: login]; [members addObjectsFromArray: subusers]; } - else + else { [members addObject: user]; } + } else { + [members addObject: user]; + } + } [pool release]; } @@ -2377,16 +2388,20 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection, user = [SOGoUser userWithLogin: login roles: nil]; if (user) { - contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil]; - if ([contactInfos objectForKey: @"isGroup"]) + if (!_disableSubgroups) { + contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil]; + if ([contactInfos objectForKey: @"isGroup"]) { subusers = [self membersForGroupWithUID: login]; [members addObjectsFromArray: subusers]; } - else + else { [members addObject: user]; } + } else { + [members addObject: user]; + } } [pool release]; }