* fix: S3 automatic backup fails when the backup folder is empty
* Removed conditional that returns early when
`file_path` argument is invalid i.e `None` or empty string.
This means though that the function will throw an exception if it
receives such invalid input so devs should check their inputs before
calling the function
Co-authored-by: Mohammad Hasnain Mohsin Rajan <hasnain2808@gmail.com>
Co-authored-by: Mohammad Hasnain Mohsin Rajan <hasnain2808@gmail.com>
Background: Currently, when connecting to a ldap backend, ssl.PROTOCOL_TLSv1 [2] is offered as only option to the backend.
This leads to following issues:
- LDAP Backends that do not support TLSv1.0 (because of security reasons [3]) cannot be used in ERPNext
- erpnext can ONLY connect to LDAP Backends offering the insecure [3] TLSv1.0 protocol (see ldap_settings.py ln: 61, 63)
With this change to ssl.PROTOCOL_TLS_CLIENT we allow erpnext customers to configure LDAP Backends that also support more modern/secure (TLSv1.2 and up) transport
while still ensure backwards compatibility and allowing TLSv1.0,
since ssl.PROTOCOL_TLS "Auto-negotiates the highest protocol version that both the client and server support" [1]
[1]: https://docs.python.org/3/library/ssl.html#ssl.PROTOCOL_TLS_CLIENT
[2]: https://docs.python.org/3/library/ssl.html#ssl.PROTOCOL_TLSv1
[3]: https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html
The license.txt file has been replaced with LICENSE for quite a while
now. INAL but it didn't seem accurate to say "hey, checkout license.txt
although there's no such file". Apart from this, there were
inconsistencies in the headers altogether...this change brings
consistency.
If the user selects 'Custom' LDAP Directory, when they hit save, validate the additional required fields ('ldap_group_objectclass' and 'ldap_group_member_attribute') for this selection to function.
Issue #13738
Created unit tests for integration LDAP. These tests are designed to confirm that LDAP will continue to work after changes are made to frappe.
PR-#13777
Function requires attributes to be of type x, validate to ensure any changes will break function and to prevent further exceptions. Only output to console as it's only a developer who will generate this error.
PR-#13777
As the user provides some of the ldap attributes, validate those entries when the 'LDAP Settings' editor clicks save. Provide an error message if validation fails stating what is incorrect.
issue #13738 PR-#13777
ldap search string is user input. validate to ensure is enclosed in '()', has the '{0}' placeholder and has the same number of brackets as used in complex ldap search strings.
issue #13738
to confirm user credentials, use 'rebind' instead of re-connecting to ldap. This also enables unit testing of all functions except the connection to ldap.
issue #13738
