# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1376573424 -7200
# Node ID 52bee12470148064eeefff6cd9031216c6c89e85
# Parent  8e3420d485089a5095aff60fbc2dccbbfd617c46
mod_auth_ldap: Add a configurable scope, defaulting to onelevel

diff -r 8e3420d48508 -r 52bee1247014 mod_auth_ldap/mod_auth_ldap.lua
--- a/mod_auth_ldap/mod_auth_ldap.lua	Thu Aug 15 15:22:51 2013 +0200
+++ b/mod_auth_ldap/mod_auth_ldap.lua	Thu Aug 15 15:30:24 2013 +0200
@@ -6,6 +6,7 @@
 local ldap_rootdn = module:get_option_string("ldap_rootdn", "");
 local ldap_password = module:get_option_string("ldap_password", "");
 local ldap_tls = module:get_option_boolean("ldap_tls");
+local ldap_scope = module:get_option_string("ldap_scope", "onelevel");
 local ldap_base = assert(module:get_option_string("ldap_base"), "ldap_base is a required option for ldap");
 
 local lualdap = require "lualdap";
@@ -24,12 +25,14 @@
 function provider.test_password(username, password)
 	return do_query({
 		base = ldap_base;
+		scope = ldap_scope;
 		filter = "(&(uid="..ldap_filter_escape(username)..")(userPassword="..ldap_filter_escape(password)..")(accountStatus=active))";
 	});
 end
 function provider.user_exists(username)
 	return do_query({
 		base = ldap_base;
+		scope = ldap_scope;
 		filter = "(uid="..ldap_filter_escape(username)..")";
 	});
 end