0001-ldap_backend-alert-on-wrong-user-filter-31590.patch
src/authentic2/backends/ldap_backend.py | ||
---|---|---|
538 | 538 |
# allow multiple occurences of the username in the filter |
539 | 539 |
user_filter = force_text(block['user_filter']) |
540 | 540 |
n = len(user_filter.split('%s')) - 1 |
541 |
if not n: |
|
542 |
log.error("account name authentication filter doesn't contain '%s'") |
|
541 | 543 |
try: |
542 | 544 |
query = filter_format(user_filter, (username,) * n) |
543 | 545 |
except TypeError as e: |
tests/test_ldap.py | ||
---|---|---|
817 | 817 |
assert all([user.userexternalid_set.first().external_id |
818 | 818 |
== urlparse.quote(user.username.split('@')[0].encode('utf-8')) |
819 | 819 |
for user in User.objects.all()]) |
820 | ||
821 | ||
822 |
def test_alert_on_wrong_user_filter(slapd, settings, client, db, caplog): |
|
823 |
settings.LDAP_AUTH_SETTINGS = [{ |
|
824 |
'url': [slapd.ldap_url], |
|
825 |
'basedn': u'o=ôrga', |
|
826 |
'use_tls': False, |
|
827 |
'user_filter': '(&(objectClass=user)(sAMAccountName=*)', #wrong |
|
828 | ||
829 |
}] |
|
830 |
with utils.check_log(caplog, "account name authentication filter doesn't contain '%s'"): |
|
831 |
response = client.post('/login/', {'login-password-submit': '1', |
|
832 |
'username': USERNAME, |
|
833 |
'password': PASS}, follow=True) |
|
820 |
- |