From c6806af2ee8b7c300c8364bd5702055a627f3861 Mon Sep 17 00:00:00 2001
From: Kayou <pierre.moltess@gmail.com>
Date: Wed, 1 Apr 2020 14:26:31 +0200
Subject: [PATCH] Fix postinstall

---
 moulinette/authenticators/ldap.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/moulinette/authenticators/ldap.py b/moulinette/authenticators/ldap.py
index 283094c5..6c48c534 100644
--- a/moulinette/authenticators/ldap.py
+++ b/moulinette/authenticators/ldap.py
@@ -94,11 +94,8 @@ class Authenticator(BaseAuthenticator):
             logger.warning("Error during ldap authentication process: %s", e)
             raise
         else:
-            # If we are trying to login with SASL, we must be logged in as admin
-            if self.sasldn in self.userdn and who != self.admincn:
-                raise MoulinetteError("Not logged in with the expected userdn ?!")
-            # else if the userdn must be the same as the identity
-            elif self.sasldn not in self.userdn and who != self.userdn:
+            # FIXME: During SASL bind whoami from the test server return the admindn while userdn is returned normally :
+            if not (who == self.admindn or who == self.userdn):
                 raise MoulinetteError("Not logged in with the expected userdn ?!")
             else:
                 self.con = con