vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

feat(ldap): validate the user and group search path

Browse source 
to prevent exceptions in other locations, validate the user and group search paths at the timeof input.

issue #13738 PR-#13777
This commit is contained in:
Jon Lockwood 2021-07-27 11:42:30 +09:30
parent 99b141017f
commit c37e16bd09
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
frappe/integrations/doctype/ldap_settings/ldap_settings.py
View file

@ -31,8 +31,18 @@ class LDAPSettings(Document):
search_filter="(objectClass=*)",
attributes=self.get_ldap_attributes())
conn.search(
search_base=self.organizational_unit_for_groups,
search_filter="(objectClass=*)",
attributes=['cn'])
except ldap3.core.exceptions.LDAPAttributeError as ex:
frappe.throw(_("LDAP settings incorrect. validation response was: {0}").format(ex), title=_("Misconfigured"))
frappe.throw(_("LDAP settings incorrect. validation response was: {0}").format(ex),
title=_("Misconfigured"))
except ldap3.core.exceptions.LDAPNoSuchObjectResult:
frappe.throw(_("Ensure the user and group search paths are correct."),
title=_("Misconfigured"))
else:
frappe.throw(_("LDAP Search String must be enclosed in '()' and needs to contian the user placeholder {0}, eg sAMAccountName={0}"))