From f0896e951ab68d38e3a1634faf5aa26ee83ae389 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Mon, 23 May 2022 16:19:54 +0200
Subject: [PATCH] ldap: add page_size configuration option (#65605)

---
 src/authentic2/backends/ldap_backend.py | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/authentic2/backends/ldap_backend.py b/src/authentic2/backends/ldap_backend.py
index 54a70efc..6be86ea8 100644
--- a/src/authentic2/backends/ldap_backend.py
+++ b/src/authentic2/backends/ldap_backend.py
@@ -543,6 +543,8 @@ class LDAPBackend:
         # https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html#ldap-controls
         'use_controls': False,
         'ppolicy_dn': '',
+        # default page size for SimplePagedSearch extension
+        'page_size': 100,
     }
     _REQUIRED = ('url', 'basedn')
     _TO_ITERABLE = ('url', 'groupsu', 'groupstaff', 'groupactive')
@@ -1609,18 +1611,16 @@ class LDAPBackend:
         return [(a, '%s (LDAP)' % a) for a in sorted(names)]
 
     @classmethod
-    def paged_search(cls, conn, *args, **kwargs):
-        COOKIE = ''
-        PAGE_SIZE = 100
-        CRITICALITY = True
-        first_pass = True
-        pg_ctrl = SimplePagedResultsControl(CRITICALITY, PAGE_SIZE, COOKIE)
-        while first_pass or pg_ctrl.cookie:
-            first_pass = False
+    def paged_search(cls, block, conn, *args, **kwargs):
+        page_size = block.get('page_size', 100)
+        pg_ctrl = SimplePagedResultsControl(criticality=True, size=page_size, cookie='')
+        while True:
             msgid = conn.search_ext(*args, serverctrls=[pg_ctrl], **kwargs)
             dummy_result_type, data, msgid, serverctrls = conn.result3(msgid)
             pg_ctrl.cookie = serverctrls[0].cookie
             yield from cls.normalize_ldap_results(data)
+            if not pg_ctrl.cookie:
+                break
 
     @classmethod
     def get_users_for_block(cls, block):
@@ -1634,7 +1634,7 @@ class LDAPBackend:
         user_filter = cls.get_sync_ldap_user_filter(block)
         attribute_names = cls.get_ldap_attributes_names(block)
         results = cls.paged_search(
-            conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
+            block, conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
         )
         backend = cls()
         for dn, attrs in results:
@@ -1700,7 +1700,7 @@ class LDAPBackend:
             )
             user_filter = cls.get_sync_ldap_user_filter(block)
             results = cls.paged_search(
-                conn, basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
+                block, conn, basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
             )
             for dn, attrs in results:
                 data = attrs.copy()
-- 
2.35.1