From aefeb5bacf0dfb9305454fb8f5dd0b6837ed9b37 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 8 Apr 2021 23:13:11 +0200 Subject: [PATCH] sources/ldap: create Event when changing a user's password fails Signed-off-by: Jens Langhammer --- authentik/sources/ldap/signals.py | 9 +++++++-- authentik/sources/ldap/tasks.py | 1 + 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/authentik/sources/ldap/signals.py b/authentik/sources/ldap/signals.py index 1802b8906..a20473035 100644 --- a/authentik/sources/ldap/signals.py +++ b/authentik/sources/ldap/signals.py @@ -9,6 +9,7 @@ from rest_framework.serializers import ValidationError from authentik.core.models import User from authentik.core.signals import password_changed +from authentik.events.models import Event, EventAction from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER from authentik.sources.ldap.models import LDAPSource from authentik.sources.ldap.password import LDAPPasswordChanger @@ -46,8 +47,7 @@ def ldap_password_validate(sender, password: str, plan_context: dict[str, Any], @receiver(password_changed) # pylint: disable=unused-argument def ldap_sync_password(sender, user: User, password: str, **_): - """Connect to ldap and update password. We do this in the background to get - automatic retries on error.""" + """Connect to ldap and update password.""" sources = LDAPSource.objects.filter(sync_users_password=True) if not sources.exists(): return @@ -56,4 +56,9 @@ def ldap_sync_password(sender, user: User, password: str, **_): try: changer.change_password(user, password) except LDAPException as exc: + Event.new( + EventAction.CONFIGURATION_ERROR, + message=str(exc), + source=source, + ).set_user(user).save() raise ValidationError("Failed to set password") from exc diff --git a/authentik/sources/ldap/tasks.py b/authentik/sources/ldap/tasks.py index 85377de53..32a4e88b6 100644 --- a/authentik/sources/ldap/tasks.py +++ b/authentik/sources/ldap/tasks.py @@ -52,5 +52,6 @@ def ldap_sync(self: MonitoredTask, source_pk: str): ) ) except LDAPException as exc: + # No explicit event is created here as .set_status with an error will do that LOGGER.debug(exc) self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc))