Projet

Général

Profil

0001-ldap-don-t-crash-on-duplicated-users-27697.patch

Benjamin Dauvergne, 05 novembre 2018 11:48

Télécharger (2 ko)

Voir les différences: 

Subject: [PATCH] ldap: don't crash on duplicated users (#27697)

And keep roles on the more recently used user, then delete the other
ones.

 src/authentic2/backends/ldap_backend.py | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)
src/authentic2/backends/ldap_backend.py
834 834 
            external_id = self.build_external_id(eid_tuple, attributes)
835 835 
            if not external_id:
836 836 
                continue
837 
            try:
838 
                log.debug('lookup using external_id %r: %r', eid_tuple, external_id)
839 
                return LDAPUser.objects.prefetch_related('groups').get(
840 
                    userexternalid__external_id=external_id, userexternalid__source=block['realm'])
841 
            except User.DoesNotExist:
842 
                pass
837 
            log.debug('lookup using external_id %r: %r', eid_tuple, external_id)
838 
            users = LDAPUser.objects.prefetch_related('groups').filter(
839 
                userexternalid__external_id__iexact=external_id,
840 
                userexternalid__source=block['realm']).order_by('-last_login')
841 
            if users:
842 
                user = users[0]
843 
                if len(user) > 1:
844 
                    log.debug('found %d users, collectings roles into the first one and deleting the other ones.',
845 
                              len(user))
846 
                    for other in users[1:]:
847 
                        user.roles.add(other.roles.all())
848 
                        u.delete()
849 
                return user
850 
        return None
843 851 

  		




  844
  852
  
    
    def lookup_existing_user(self, username, block, attributes):

  		




  845
  853
  
    
        for lookup_type in block['lookups']:

  		




  846
  
  
    
-