sources/ldap: use entryDN attribute from ldap3 as opposed to implicit DN attribute
This commit is contained in:
parent
51cbb7cc8e
commit
b0e3b8b39d
|
@ -29,16 +29,17 @@ class UserLDAPSynchronizer(BaseLDAPSynchronizer):
|
||||||
user_count = 0
|
user_count = 0
|
||||||
for user in users:
|
for user in users:
|
||||||
attributes = user.get("attributes", {})
|
attributes = user.get("attributes", {})
|
||||||
|
user_dn = user.get("entryDN", "")
|
||||||
if self._source.object_uniqueness_field not in attributes:
|
if self._source.object_uniqueness_field not in attributes:
|
||||||
self._logger.warning(
|
self._logger.warning(
|
||||||
"Cannot find uniqueness Field in attributes",
|
"Cannot find uniqueness Field in attributes",
|
||||||
attributes=attributes.keys(),
|
attributes=attributes.keys(),
|
||||||
dn=attributes.get(LDAP_DISTINGUISHED_NAME, ""),
|
dn=user_dn,
|
||||||
)
|
)
|
||||||
continue
|
continue
|
||||||
uniq = attributes[self._source.object_uniqueness_field]
|
uniq = attributes[self._source.object_uniqueness_field]
|
||||||
try:
|
try:
|
||||||
defaults = self._build_object_properties(attributes)
|
defaults = self._build_object_properties(user_dn, **attributes)
|
||||||
user, created = User.objects.update_or_create(
|
user, created = User.objects.update_or_create(
|
||||||
**{
|
**{
|
||||||
f"attributes__{LDAP_UNIQUENESS}": uniq,
|
f"attributes__{LDAP_UNIQUENESS}": uniq,
|
||||||
|
@ -64,7 +65,7 @@ class UserLDAPSynchronizer(BaseLDAPSynchronizer):
|
||||||
return user_count
|
return user_count
|
||||||
|
|
||||||
def _build_object_properties(
|
def _build_object_properties(
|
||||||
self, attributes: dict[str, Any]
|
self, user_dn: str, **kwargs
|
||||||
) -> dict[str, dict[Any, Any]]:
|
) -> dict[str, dict[Any, Any]]:
|
||||||
properties = {"attributes": {}}
|
properties = {"attributes": {}}
|
||||||
for mapping in self._source.property_mappings.all().select_subclasses():
|
for mapping in self._source.property_mappings.all().select_subclasses():
|
||||||
|
@ -72,7 +73,9 @@ class UserLDAPSynchronizer(BaseLDAPSynchronizer):
|
||||||
continue
|
continue
|
||||||
mapping: LDAPPropertyMapping
|
mapping: LDAPPropertyMapping
|
||||||
try:
|
try:
|
||||||
value = mapping.evaluate(user=None, request=None, ldap=attributes)
|
value = mapping.evaluate(
|
||||||
|
user=None, request=None, ldap=kwargs, dn=user_dn
|
||||||
|
)
|
||||||
if value is None:
|
if value is None:
|
||||||
continue
|
continue
|
||||||
object_field = mapping.object_field
|
object_field = mapping.object_field
|
||||||
|
@ -87,11 +90,9 @@ class UserLDAPSynchronizer(BaseLDAPSynchronizer):
|
||||||
"Mapping failed to evaluate", exc=exc, mapping=mapping
|
"Mapping failed to evaluate", exc=exc, mapping=mapping
|
||||||
)
|
)
|
||||||
continue
|
continue
|
||||||
if self._source.object_uniqueness_field in attributes:
|
if self._source.object_uniqueness_field in kwargs:
|
||||||
properties["attributes"][LDAP_UNIQUENESS] = attributes.get(
|
properties["attributes"][LDAP_UNIQUENESS] = kwargs.get(
|
||||||
self._source.object_uniqueness_field
|
self._source.object_uniqueness_field
|
||||||
)
|
)
|
||||||
properties["attributes"][LDAP_DISTINGUISHED_NAME] = attributes.get(
|
properties["attributes"][LDAP_DISTINGUISHED_NAME] = user_dn
|
||||||
"distinguishedName", attributes.get("dn")
|
|
||||||
)
|
|
||||||
return properties
|
return properties
|
||||||
|
|
Reference in New Issue