sources/ldap: don't sync ldap source when no property mappings are set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-09-30 18:47:40 +02:00
parent 5f6565ee27
commit 21a9aa229a
3 changed files with 16 additions and 8 deletions

View file

@ -25,13 +25,20 @@ from authentik.stages.prompt.signals import password_validate
# pylint: disable=unused-argument
def sync_ldap_source_on_save(sender, instance: LDAPSource, **_):
"""Ensure that source is synced on save (if enabled)"""
if instance.enabled:
for sync_class in [
UserLDAPSynchronizer,
GroupLDAPSynchronizer,
MembershipLDAPSynchronizer,
]:
ldap_sync.delay(instance.pk, class_to_path(sync_class))
if not instance.enabled:
return
# Don't sync sources when they don't have any property mappings. This will only happen if:
# - the user forgets to set them or
# - the source is newly created, this is the first save event
# and the mappings are created with an m2m event
if not instance.property_mappings.exists() or not instance.property_mappings_group.exists():
return
for sync_class in [
UserLDAPSynchronizer,
GroupLDAPSynchronizer,
MembershipLDAPSynchronizer,
]:
ldap_sync.delay(instance.pk, class_to_path(sync_class))
@receiver(password_validate)

View file

@ -162,7 +162,7 @@ export class LDAPSourceForm extends ModelForm<LDAPSource, string> {
</ak-form-element-horizontal>
</div>
</ak-form-group>
<ak-form-group>
<ak-form-group ?expanded=${true}>
<span slot="header"> ${t`LDAP Attribute mapping`} </span>
<div slot="body" class="pf-c-form">
<ak-form-element-horizontal

View file

@ -207,6 +207,7 @@ export class LDAPSourceViewPage extends LitElement {
</div>
<div class="pf-c-card__footer">
<ak-action-button
class="pf-m-primary"
.apiRequest=${() => {
return new SourcesApi(DEFAULT_CONFIG)
.sourcesLdapPartialUpdate({