From 2087fbfc19072178f1329058f5067b57678c902f Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 4 Apr 2013 20:31:38 +0200
Subject: [PATCH] Apply group filter on mod_vcard_ldap

---
 .../e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf   | 12 ++++++------
 .../templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP    | 10 +++++++++-
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf
index 0fff76b..c081087 100644
--- a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf
+++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf
@@ -17,16 +17,16 @@ HERE
 # (Only available on iPasserelle)
 
 our @groups = split(/[;,]/, ($ejabberd{'AllowedGroups'} || ''));
-my $filter = '';
+our $groupFilter = '';
 if (scalar(@groups) == 1){
-    $filter = "(posixMemberOf=$groups[0])";
+    $groupFilter = "(posixMemberOf=$groups[0])";
 }
 elsif (scalar(@groups) gt 1){
-    $filter = '(|';
-    $filter .= "(posixMemberOf=$_)" foreach (@groups);
-    $filter .= ')';
+    $groupFilter = '(|';
+    $groupFilter .= "(posixMemberOf=$_)" foreach (@groups);
+    $groupFilter .= ')';
 }
 
-$OUT .= ($filter eq '') ? '' : '{ldap_filter, "' . $filter . '"}.';
+$OUT .= ($groupFilter eq '') ? '' : '{ldap_filter, "' . $groupFilter . '"}.';
 
 }
diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP
index 5b272c9..c341a6f 100644
--- a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP
+++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP
@@ -1,9 +1,17 @@
 {
 
+my $filter = '';
+if (scalar(@groups) ge 1){
+    $filter = "(&(objectClass=inetOrgPerson)$groupFilter)";
+}
+else{
+    $filter = "(objectClass=inetOrgPerson)";
+}
+
 $OUT .=<<"HERE";
   ,{mod_vcard_ldap, [
     {ldap_base, "ou=Users,$base"},
-    {ldap_filter, "(objectClass=inetOrgPerson)"},
+    {ldap_filter, "$filter"},
     {ldap_vcard_map,
     %% vcard patterns
      [{"NICKNAME", "%u", []}, % just use user's part of JID as his nickname