From c9036f870ddb66b822c9e611f91bc85e8d57fd12 Mon Sep 17 00:00:00 2001
From: "Jens L." <jens@goauthentik.io>
Date: Thu, 14 Nov 2024 19:45:35 +0100
Subject: [PATCH] providers/ldap: fix global search_full_directory permission
 not being sufficient (#12028)

* providers/ldap: fix global search_full_directory permission not being sufficient

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use full name of permission

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/providers/ldap/api.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/authentik/providers/ldap/api.py b/authentik/providers/ldap/api.py
index d5eed6cdf5..93b66eeea0 100644
--- a/authentik/providers/ldap/api.py
+++ b/authentik/providers/ldap/api.py
@@ -159,7 +159,10 @@ class LDAPOutpostConfigViewSet(ListModelMixin, GenericViewSet):
         access_response = PolicyResult(result.passing)
         response = self.LDAPCheckAccessSerializer(
             instance={
-                "has_search_permission": request.user.has_perm("search_full_directory", provider),
+                "has_search_permission": (
+                    request.user.has_perm("search_full_directory", provider)
+                    or request.user.has_perm("authentik_providers_ldap.search_full_directory")
+                ),
                 "access": access_response,
             }
         )