From 1337793be8c9353c222b571ad82f7d85bc7adce8 Mon Sep 17 00:00:00 2001
From: Ryan Cole <admin@ryanc.me>
Date: Thu, 1 Aug 2024 09:18:05 +1200
Subject: [PATCH] [IMP] auth_ldaps: Allow disabling LDAP ref-chasing

---
 auth_ldaps/models/res_company_ldap.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/auth_ldaps/models/res_company_ldap.py b/auth_ldaps/models/res_company_ldap.py
index 6a72d5f899..b4a3775638 100644
--- a/auth_ldaps/models/res_company_ldap.py
+++ b/auth_ldaps/models/res_company_ldap.py
@@ -8,6 +8,7 @@
 import ldap
 
 from odoo import fields, models
+from odoo.tools.misc import str2bool
 
 _logger = logging.getLogger(__name__)
 
@@ -32,6 +33,13 @@ def _connect(self, conf):
         if conf["is_ssl"]:
             uri = "ldaps://%s:%d" % (conf["ldap_server"], conf["ldap_server_port"])
             connection = ldap.initialize(uri)
+            ldap_chase_ref_disabled = (
+                self.env["ir.config_parameter"]
+                .sudo()
+                .get_param("auth_ldap.disable_chase_ref")
+            )
+            if str2bool(ldap_chase_ref_disabled):
+                connection.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
             if conf["skip_cert_validation"]:
                 connection.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
                 # this creates a new tls context, which is required to apply