From d2a9b312e98128d08bfc5838c8ac72ac13d0f47a Mon Sep 17 00:00:00 2001
From: Dan Brown <ssddanbrown@googlemail.com>
Date: Sun, 19 Aug 2018 15:24:42 +0100
Subject: [PATCH] Fixed LDAP group sync using wrong user filter

LDAP group sync was trying to find users based on the external_auth_id
which is not garunteed to match the username entered so somtimes
the search for a user would fail.

This passes the username to the group sync.
Picked up by @yoyokko in #959.
---
 app/Http/Controllers/Auth/LoginController.php | 2 +-
 app/Services/LdapService.php                  | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 791c265ad..c0541c9e2 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -103,7 +103,7 @@ class LoginController extends Controller
 
         // Sync LDAP groups if required
         if ($this->ldapService->shouldSyncGroups()) {
-            $this->ldapService->syncGroups($user);
+            $this->ldapService->syncGroups($user, $request->get($this->username()));
         }
 
         $path = session()->pull('url.intended', '/');
diff --git a/app/Services/LdapService.php b/app/Services/LdapService.php
index c11094aa9..11223433b 100644
--- a/app/Services/LdapService.php
+++ b/app/Services/LdapService.php
@@ -299,11 +299,12 @@ class LdapService
     /**
      * Sync the LDAP groups to the user roles for the current user
      * @param \BookStack\User $user
+     * @param string $username
      * @throws LdapException
      */
-    public function syncGroups(User $user)
+    public function syncGroups(User $user, string $username)
     {
-        $userLdapGroups = $this->getUserGroups($user->external_auth_id);
+        $userLdapGroups = $this->getUserGroups($username);
 
         // Get the ids for the roles from the names
         $ldapGroupsAsRoles = $this->matchLdapGroupsToSystemsRoles($userLdapGroups);