From 7a5b810fa56b76b338d0ba2edad94aea6359ab63 Mon Sep 17 00:00:00 2001
From: Adam Laycock <adam@arcath.net>
Date: Wed, 19 Feb 2014 14:41:33 +0000
Subject: [PATCH] Tweak the allowed to login code, hotfix for issue #48

---
 lib/adauth/authenticate.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/adauth/authenticate.rb b/lib/adauth/authenticate.rb
index a0287f3..58b5d22 100644
--- a/lib/adauth/authenticate.rb
+++ b/lib/adauth/authenticate.rb
@@ -23,7 +23,7 @@ def self.authenticate(username, password)
     
     # Check if the user is allowed to login
     def self.allowed_to_login(user)
-      (allowed_from_arrays(@config.allowed_groups, @config.denied_groups, user.cn_groups_nested) && allowed_from_arrays(@config.allowed_ous, @config.denied_ous, user.dn_ous))
+      (((@config.allowed_groups.empty? && @config.denied_groups.empty?) || allowed_from_arrays(@config.allowed_groups, @config.denied_groups, user.cn_groups_nested)) && ((@config.allowed_ous.empty? && @config.denied_ous.empty?) || allowed_from_arrays(@config.allowed_ous, @config.denied_ous, user.dn_ous)))
     end
     
     private