From 949b123e92f06b912eb33e3b6c1607732cffffc9 Mon Sep 17 00:00:00 2001
From: Nikolay Stupak <nstupak@i-core.ru>
Date: Fri, 1 Nov 2019 16:24:24 +0300
Subject: [PATCH] add support of group/groupOfNames/groupOfUniqueNames (#6)

---
 go.mod                            | 2 ++
 internal/ldapclient/ldapclient.go | 5 ++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 2141325..8598c99 100644
--- a/go.mod
+++ b/go.mod
@@ -19,3 +19,5 @@ require (
 	gopkg.in/asn1-ber.v1 v1.0.0-20170511165959-379148ca0225 // indirect
 	gopkg.in/ldap.v2 v2.5.1
 )
+
+go 1.13
diff --git a/internal/ldapclient/ldapclient.go b/internal/ldapclient/ldapclient.go
index 2d515c2..603d067 100644
--- a/internal/ldapclient/ldapclient.go
+++ b/internal/ldapclient/ldapclient.go
@@ -344,7 +344,10 @@ func (c *ldapConn) SearchUser(user string, attrs ...string) ([]map[string]interf
 }
 
 func (c *ldapConn) SearchUserRoles(user string, attrs ...string) ([]map[string]interface{}, error) {
-	query := fmt.Sprintf("(&(objectClass=group)(member=%s))", user)
+	query := fmt.Sprintf("(|"+
+		"(&(|(objectClass=group)(objectClass=groupOfNames))(member=%[1]s))"+
+		"(&(objectClass=groupOfUniqueNames)(uniqueMember=%[1]s))"+
+		")", user)
 	return c.searchEntries(c.RoleBaseDN, query, attrs)
 }