0001-ldap-don-t-crash-on-duplicated-users-27697.patch
src/authentic2/backends/ldap_backend.py | ||
---|---|---|
834 | 834 |
external_id = self.build_external_id(eid_tuple, attributes) |
835 | 835 |
if not external_id: |
836 | 836 |
continue |
837 |
try: |
|
838 |
log.debug('lookup using external_id %r: %r', eid_tuple, external_id) |
|
839 |
return LDAPUser.objects.prefetch_related('groups').get( |
|
840 |
userexternalid__external_id=external_id, userexternalid__source=block['realm']) |
|
841 |
except User.DoesNotExist: |
|
842 |
pass |
|
837 |
log.debug('lookup using external_id %r: %r', eid_tuple, external_id) |
|
838 |
users = LDAPUser.objects.prefetch_related('groups').filter( |
|
839 |
userexternalid__external_id__iexact=external_id, |
|
840 |
userexternalid__source=block['realm']).order_by('-last_login') |
|
841 |
# ordering of NULLs cannot be done through the ORM |
|
842 |
users = sorted(users, key=lambda u: (u.last_login is not None, u.last_login)) |
|
843 |
if users: |
|
844 |
user = users[0] |
|
845 |
if len(users) > 1: |
|
846 |
log.info('found %d users, collectings roles into the first one and deleting the other ones.', |
|
847 |
len(users)) |
|
848 |
for other in users[1:]: |
|
849 |
user.roles.add(other.roles.all()) |
|
850 |
other.delete() |
|
851 |
return user |
|
852 |
return None |
|
843 | 853 | |
844 | 854 |
def lookup_existing_user(self, username, block, attributes): |
845 | 855 |
for lookup_type in block['lookups']: |
846 |
- |