From d4185cb606a891aaf99b05f7d726ac52f559c287 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Mon, 11 Mar 2019 16:47:57 +0100 Subject: [PATCH] ldap: fix indentation of LDAPObject.result3() (fixes #31273) --- src/authentic2/backends/ldap_backend.py | 36 ++++++++++++------------- tests/test_ldap.py | 24 +++++++++++++++++ 2 files changed, 42 insertions(+), 18 deletions(-) diff --git a/src/authentic2/backends/ldap_backend.py b/src/authentic2/backends/ldap_backend.py index 9417a7f0..ce75f02d 100644 --- a/src/authentic2/backends/ldap_backend.py +++ b/src/authentic2/backends/ldap_backend.py @@ -114,15 +114,15 @@ if PYTHON_LDAP3 is True: new_modlist.append((mod_op, mod_typ, mod_vals)) return NativeLDAPObject.modify_s(self, dn, new_modlist) - def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None, resp_ctrl_classes=None): - result_type, data, msgid, serverctrls = NativeLDAPObject.result3(self, - msgid=msgid, - all=all, - timeout=timeout, - resp_ctrl_classes=resp_ctrl_classes) - if data: - data = self._convert_results_to_unicode(data) - return result_type, data, msgid, serverctrls + def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None, resp_ctrl_classes=None): + result_type, data, msgid, serverctrls = NativeLDAPObject.result3(self, + msgid=msgid, + all=all, + timeout=timeout, + resp_ctrl_classes=resp_ctrl_classes) + if data: + data = self._convert_results_to_unicode(data) + return result_type, data, msgid, serverctrls elif PYTHON_LDAP3 is False: class LDAPObject(NativeLDAPObject): @@ -196,15 +196,15 @@ elif PYTHON_LDAP3 is False: new_modlist.append((mod_op, mod_typ, mod_vals)) return NativeLDAPObject.modify_s(self, dn, new_modlist) - def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None, resp_ctrl_classes=None): - result_type, data, msgid, serverctrls = NativeLDAPObject.result3(self, - msgid=msgid, - all=all, - timeout=timeout, - resp_ctrl_classes=resp_ctrl_classes) - if data: - data = self._convert_results_to_unicode(data) - return result_type, data, msgid, serverctrls + def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None, resp_ctrl_classes=None): + result_type, data, msgid, serverctrls = NativeLDAPObject.result3(self, + msgid=msgid, + all=all, + timeout=timeout, + resp_ctrl_classes=resp_ctrl_classes) + if data: + data = self._convert_results_to_unicode(data) + return result_type, data, msgid, serverctrls def map_text(d): diff --git a/tests/test_ldap.py b/tests/test_ldap.py index de874034..1e095fa3 100644 --- a/tests/test_ldap.py +++ b/tests/test_ldap.py @@ -16,6 +16,7 @@ # along with this program. If not, see . import os +import json import pytest import mock @@ -124,6 +125,8 @@ def test_simple(slapd, settings, client, db): 'use_tls': False, 'attributes': ['jpegPhoto'], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) + result = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True) @@ -152,6 +155,7 @@ def test_simple_with_binddn(slapd, settings, client): 'basedn': u'o=ôrga', 'use_tls': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) result = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True) @@ -179,6 +183,7 @@ def test_double_login(slapd, simple_user, settings, app, db): 'is_superuser': True, 'is_staff': True, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) utils.login(app, simple_user, path='/admin/') utils.login(app, UID, password=PASS, path='/admin/') @@ -218,6 +223,7 @@ def test_custom_ou(slapd, settings, client): 'use_tls': False, 'ou_slug': 'test', }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) result = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True) @@ -239,6 +245,7 @@ def test_wrong_ou(slapd, settings, client, db): 'use_tls': False, 'ou_slug': 'test', }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) with pytest.raises(ImproperlyConfigured): client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, @@ -272,6 +279,7 @@ def test_group_mapping(slapd, settings, client, db): [u'cn=group1,o=ôrga', ['Group1']], ], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) assert Group.objects.filter(name='Group1').count() == 0 response = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, @@ -294,6 +302,7 @@ def test_posix_group_mapping(slapd, settings, client, db): ], 'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))', }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) assert Group.objects.filter(name='Group2').count() == 0 response = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, @@ -335,6 +344,7 @@ def test_posix_group_to_role_mapping(slapd, settings, client, db): ], 'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))', }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) response = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True) @@ -351,6 +361,7 @@ def test_group_su(slapd, settings, client, db): 'use_tls': False, 'groupsu': [u'cn=group1,o=ôrga'], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) response = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True) @@ -369,6 +380,7 @@ def test_group_staff(slapd, settings, client, db): 'use_tls': False, 'groupstaff': [u'cn=group1,o=ôrga'], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) response = client.post('/login/', {'login-password-submit': '1', 'username': 'etienne.michu', 'password': PASS}, follow=True) @@ -392,6 +404,7 @@ def test_get_users(slapd, settings, db): ], 'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))', }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) save = mock.Mock(wraps=ldap_backend.LDAPUser.save) ldap_backend.LDAPUser.save = MethodType(save, None, ldap_backend.LDAPUser) bulk_create = mock.Mock(wraps=django.db.models.query.QuerySet.bulk_create) @@ -468,6 +481,7 @@ def test_set_mandatory_roles(slapd, settings, db): 'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))', 'set_mandatory_roles': ['tech', 'admin'], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) list(ldap_backend.LDAPBackend.get_users()) assert User.objects.first().roles.count() == 2 @@ -485,6 +499,7 @@ def test_nocreate_mandatory_roles(slapd, settings, db): 'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))', 'set_mandatory_roles': ['tech', 'admin'], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) list(ldap_backend.LDAPBackend.get_users()) assert User.objects.first().roles.count() == 0 @@ -506,6 +521,7 @@ def slapd_strict_acl(slapd): '{0}to * by dn.subtree="o=ôrga" none by * manage' ]) ]) + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) return slapd @@ -522,6 +538,7 @@ def test_no_connect_with_user_credentials(slapd_strict_acl, db, settings, app): 'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))', 'set_mandatory_roles': ['tech', 'admin'], }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) response = app.get('/login/') response.form.set('username', USERNAME) response.form.set('password', PASS) @@ -545,6 +562,7 @@ def test_reset_password_ldap_user(slapd, settings, app, db): 'basedn': u'o=ôrga', 'use_tls': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) assert User.objects.count() == 0 # first login response = app.get('/login/') @@ -592,6 +610,7 @@ def test_user_cannot_change_password(slapd, settings, app, db): 'use_tls': False, 'user_can_change_password': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) assert User.objects.count() == 0 # first login response = app.get('/login/') @@ -617,6 +636,7 @@ def test_tls(db, tls_slapd, settings, client): 'basedn': u'o=ôrga', 'use_tls': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) result = client.post('/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True) @@ -667,6 +687,7 @@ def test_user_attributes(slapd, settings, client, db): }, ] }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) # create a locality attribute models.Attribute.objects.create( @@ -710,6 +731,7 @@ def test_set_password(slapd, settings, db): 'basedn': u'o=ôrga', 'use_tls': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) user = authenticate(username=u'etienne.michu', password=u'passé') assert user assert user.check_password(u'passé') @@ -728,6 +750,7 @@ def test_ou_selector(slapd, settings, app, ou1): 'ou_slug': ou1.slug, 'use_tls': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) settings.A2_LOGIN_FORM_OU_SELECTOR = True # Check login to the wrong ou does not work @@ -756,6 +779,7 @@ def test_ou_selector_default_ou(slapd, settings, app, ou1): 'basedn': u'o=ôrga', 'use_tls': False, }] + settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS)) settings.A2_LOGIN_FORM_OU_SELECTOR = True # Check login to the wrong ou does not work -- 2.20.1