UBO-315 Made search filter base template configurable by introducing …

…property MCR.user2.LDAP.searchFilter.base=(&(objectClass=eduPerson)(|%s))
MyCoRe-Org · Mar 26, 2024 · e066e9c · e066e9c
1 parent 2a11194
commit e066e9c
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 4 deletions.
diff --git a/ubo-common/src/main/java/org/mycore/ubo/matcher/MCRUserMatcherLDAP.java b/ubo-common/src/main/java/org/mycore/ubo/matcher/MCRUserMatcherLDAP.java
@@ -100,6 +100,15 @@ public class MCRUserMatcherLDAP implements MCRUserMatcher {
 
     private String realm;
 
+    /**
+     * The default filter applied to LDAP searches
+     *
+     * TODO: take into consideration the member-status of the (email?) of the LDAP-users
+     * */
+    protected final String SEARCH_FILTER_TEMPLATE = MCRConfiguration2
+        .getString("MCR.user2.LDAP.searchFilter.base")
+        .orElse("(&(objectClass=eduPerson)(|%s))");
+
     public MCRUserMatcherLDAP() {
         loadLDAPMappingConfiguration();
         orcid_resolver = MCRConfiguration2.getString(CONFIG_ORCID_NORMALIZATION_RESOLVER).orElse("");
@@ -492,9 +501,6 @@ public List<LDAPObject> getLDAPUsersByGivenLDAPAttributes(Multimap ldapAttribute
      * @return A LDAP-searchfilter of the form (&(objectClass=eduPerson)(|(%a1=%v1)(%a2=%v2)...(%aN=%vN)))
      */
     private String createLDAPSearchFilter(Multimap<String, String> ldapAttributes, String innerTemplate) {
-        // TODO: take into consideration the member-status of the (email?) of the LDAP-users
-        String searchFilterBaseTemplate = "(&(objectClass=eduPerson)(|%s))";
-
         StringBuilder searchFilterInner = new StringBuilder();
         for (Map.Entry<String, Collection<String>> ldapAttribute : ldapAttributes.asMap().entrySet()) {
             String attributeName = ldapAttribute.getKey();
@@ -521,7 +527,7 @@ private String createLDAPSearchFilter(Multimap<String, String> ldapAttributes, S
                 searchFilterInner.append(")");
             }
         }
-        return String.format(Locale.ROOT, searchFilterBaseTemplate, searchFilterInner);
+        return String.format(Locale.ROOT, SEARCH_FILTER_TEMPLATE, searchFilterInner);
     }
 
     /**

diff --git a/ubo-common/src/main/resources/config/ubo-common/mycore.properties b/ubo-common/src/main/resources/config/ubo-common/mycore.properties
@@ -220,6 +220,9 @@ MCR.user2.LDAP.Mapping.explicit=id_orcid:eduPersonOrcid
 # eduPersonScopedAffiliation may be faculty|staff|employee|student|alum|member|affiliate
 # MCR.user2.LDAP.Mapping.Group.eduPersonScopedAffiliation.staff@uni-duisburg-essen.de=submitter
 
+# The default filter applied to LDAP searches
+MCR.user2.LDAP.searchFilter.base=(&(objectClass=eduPerson)(|%s))
+
 # only author and editor are considered as result in the PersonalList
 UBO.Search.PersonalList.Roles=aut.top,cre.top,tch.top,pht.top,prg.top,edt.top
 UBO.Search.PersonalList.Ids=%MCR.user2.matching.lead_id%,dhsbid