From b0a0545abbf937b463abe4fab6c76a76e3c97696 Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Fri, 19 May 2017 22:27:58 +0200
Subject: [PATCH] Added support for multiple LDAP groups

---
 config.py.example | 1 +
 server.py         | 7 ++++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/config.py.example b/config.py.example
index 8e2c4b7..a9dfd82 100644
--- a/config.py.example
+++ b/config.py.example
@@ -25,6 +25,7 @@ SQLITE_INIT_DATA = True
 
 #LDAP_HOST = 'rumo.fsmpi.rwth-aachen.de'
 LDAP_PORT = 636
+LDAP_GROUPS = ['users']
 #ICAL_URL = 'https://user:password@mail.fsmpi.rwth-aachen.de/SOGo/....ics'
 ERROR_PAGE = 'static/500.html'
 RWTH_IP_RANGES = ['134.130.0.0/16', '137.226.0.0/16', '134.61.0.0/16', '192.35.229.0/24', '2a00:8a60::/32']
diff --git a/server.py b/server.py
index 381d323..7503ead 100644
--- a/server.py
+++ b/server.py
@@ -502,7 +502,12 @@ def search():
 	return render_template('search.html', searchtext=request.args['q'], courses=courses, lectures=lectures)
 
 def check_mod(user, groups):
-	return user and 'fachschaft' in groups
+	if not user:
+		return False
+	for group in config['LDAP_GROUPS']:
+		if group in groups:
+			return True
+	return False
 
 @app.route('/internal/login', methods=['GET', 'POST'])
 def login():
-- 
GitLab