0001-ldap_backend-alert-on-wrong-user-filter-31590.patch

Paul Marillonnet, 20 mars 2019 14:15

Voir les différences: en ligne côte à côte

Subject: [PATCH] ldap_backend: alert on wrong user filter (#31590)

 src/authentic2/backends/ldap_backend.py |  2 ++
 tests/test_ldap.py                      | 14 ++++++++++++++
 2 files changed, 16 insertions(+)

                                 # allow multiple occurences of the username in the filter
                                 user_filter = force_text(block['user_filter'])
                                 n = len(user_filter.split('%s')) - 1
                                 if not n:
                                     log.error("account name authentication filter doesn't contain '%s'")
                                 try:
                                     query = filter_format(user_filter, (username,) * n)
                                 except TypeError as e:

         assert all([user.userexternalid_set.first().external_id
                     == urlparse.quote(user.username.split('@')[0].encode('utf-8'))
                     for user in User.objects.all()])
     def test_alert_on_wrong_user_filter(slapd, settings, client, db, caplog):
         settings.LDAP_AUTH_SETTINGS = [{
             'url': [slapd.ldap_url],
             'basedn': u'o=ôrga',
             'use_tls': False,
             'user_filter': '(&(objectClass=user)(sAMAccountName=*)', #wrong
         }]
         with utils.check_log(caplog, "account name authentication filter doesn't contain '%s'"):
             response = client.post('/login/', {'login-password-submit': '1',
                                                'username': USERNAME,
                                                'password': PASS}, follow=True)
+    -

Produits Entr'ouvert » Authentic 2