From e8f06e7bef747cab0c2a1a76454734151057f4e5 Mon Sep 17 00:00:00 2001
From: Ryan Cole <admin@ryanc.me>
Date: Thu, 1 Aug 2024 09:18:05 +1200
Subject: [PATCH] [IMP] auth_ldaps: Allow disabling LDAP ref-chasing

---
 auth_ldaps/models/res_company_ldap.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/auth_ldaps/models/res_company_ldap.py b/auth_ldaps/models/res_company_ldap.py
index 6a72d5f899..55f813df31 100644
--- a/auth_ldaps/models/res_company_ldap.py
+++ b/auth_ldaps/models/res_company_ldap.py
@@ -8,6 +8,7 @@
 import ldap
 
 from odoo import fields, models
+from odoo.tools.misc import str2bool
 
 _logger = logging.getLogger(__name__)
 
@@ -32,6 +33,9 @@ def _connect(self, conf):
         if conf["is_ssl"]:
             uri = "ldaps://%s:%d" % (conf["ldap_server"], conf["ldap_server_port"])
             connection = ldap.initialize(uri)
+            ldap_chase_ref_disabled = self.env['ir.config_parameter'].sudo().get_param('auth_ldap.disable_chase_ref')
+            if str2bool(ldap_chase_ref_disabled):
+                connection.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
             if conf["skip_cert_validation"]:
                 connection.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
                 # this creates a new tls context, which is required to apply