ldap: add uniform reporting of exceptions (#61462)
This commit is contained in:
parent
ced3e83112
commit
b8c499d892
|
@ -87,6 +87,10 @@ def filter_non_unicode_values(atvs):
|
|||
pass
|
||||
|
||||
|
||||
def ldap_error_str(e):
|
||||
return repr(e) if not getattr(e, 'desc', None) else '%r - %s' % (e, e.desc)
|
||||
|
||||
|
||||
class LDAPObject(NativeLDAPObject):
|
||||
def __init__(
|
||||
self,
|
||||
|
@ -346,7 +350,7 @@ class LDAPUser(User):
|
|||
except ldap.INVALID_CREDENTIALS:
|
||||
return False
|
||||
except ldap.LDAPError as e:
|
||||
log.warning('ldap: check_password failed, %r', e)
|
||||
log.warning('ldap: check_password failed (%s)', ldap_error_str(e))
|
||||
log.warning('ldap: check_password failed, could not get a connection')
|
||||
return False
|
||||
|
||||
|
@ -362,7 +366,7 @@ class LDAPUser(User):
|
|||
try:
|
||||
self.ldap_backend.modify_password(conn, self.block, self.dn, _current_password, new_password)
|
||||
except ldap.LDAPError as e:
|
||||
log.warning('ldap: set_password failed (%s)', type(e).__name__)
|
||||
log.warning('ldap: set_password failed (%s)', ldap_error_str(e))
|
||||
raise PasswordChangeError(_('LDAP directory refused the password change.'))
|
||||
self._current_password = new_password
|
||||
self.keep_password_in_session(new_password)
|
||||
|
@ -674,7 +678,9 @@ class LDAPBackend:
|
|||
break
|
||||
continue
|
||||
except ldap.LDAPError as e:
|
||||
log.error('[%s] user lookup failed, with query %r: %r', ldap_uri, query, e)
|
||||
log.error(
|
||||
'[%s] user lookup failed, with query %r (%s)', ldap_uri, query, ldap_error_str(e)
|
||||
)
|
||||
continue
|
||||
if not authz_ids:
|
||||
continue
|
||||
|
@ -1088,7 +1094,7 @@ class LDAPBackend:
|
|||
try:
|
||||
results = conn.search_s(dn, ldap.SCOPE_BASE, '(objectclass=*)', attributes)
|
||||
except ldap.LDAPError as e:
|
||||
log.error('[%s] unable to retrieve attributes of dn %r: %r', ldap_uri, dn, e)
|
||||
log.error('[%s] unable to retrieve attributes of dn %r (%s)', ldap_uri, dn, ldap_error_str(e))
|
||||
return {}
|
||||
results = cls.normalize_ldap_results(results)
|
||||
if results:
|
||||
|
@ -1140,7 +1146,7 @@ class LDAPBackend:
|
|||
try:
|
||||
results = conn.search_s(dn, ldap.SCOPE_BASE, '(objectclass=*)', attributes)
|
||||
except ldap.LDAPError as e:
|
||||
log.error('[%s] unable to retrieve attributes of dn %r: %r', ldap_uri, dn, e)
|
||||
log.error('[%s] unable to retrieve attributes of dn %r (%s)', ldap_uri, dn, ldap_error_str(e))
|
||||
return None
|
||||
else:
|
||||
results = cls.normalize_ldap_results(results)
|
||||
|
@ -1500,7 +1506,7 @@ class LDAPBackend:
|
|||
count += 1
|
||||
yield user
|
||||
except ldap.LDAPError as e:
|
||||
log.error('synchronization failed on an LDAP error: "%s"', e)
|
||||
log.error('synchronization failed on an LDAP error (%s)', ldap_error_str(e))
|
||||
user_filter = cls.get_sync_ldap_user_filter(block)
|
||||
log.info('Search for %s returned %s users.', user_filter, count)
|
||||
|
||||
|
@ -1849,7 +1855,10 @@ class LDAPBackendPasswordLost(LDAPBackend):
|
|||
dn = results[0][0]
|
||||
except ldap.LDAPError as e:
|
||||
log.warning(
|
||||
'unable to find user %r based on external id %s: %r', user, external_id, e
|
||||
'unable to find user %r based on external id %s (%s)',
|
||||
user,
|
||||
external_id,
|
||||
ldap_error_str(e),
|
||||
)
|
||||
continue
|
||||
return self._return_user(dn, None, conn, block)
|
||||
|
|
Loading…
Reference in New Issue