This change allow the AUTH_LDAP_START_TLS flag to be set to False. In the past, StartTLS would be enabled even if AUTH_LDAP_START_TLS="False" was specified in the configuration. This has high probability of leading to user-error, especially when configuring alcali with the alcali-playbook which sets it to False, and also contradicts the ldap module documentation.
String comparison was used instead of strtobool, because the distutils module is deprecated and will be removed by Python 3.12. The collection of values to compare against was copied from settings.py in order to have matching behavior of DJANGO_DEBUG.
This commit is marked as breaking because it can theoretically break setups for people who have historically configured this environment variable with a bogus value, and upgrading Alcali therefore risk breaking that environment. Although this risk can in my opinion be considered acceptable due to the forgiving amount of acceptable values, as well as using anything other than True is technically against documentation.
This change allow the AUTH_LDAP_START_TLS flag to be set to
False
. In the past, StartTLS would be enabled even ifAUTH_LDAP_START_TLS="False"
was specified in the configuration. This has high probability of leading to user-error, especially when configuring alcali with the alcali-playbook which sets it to False, and also contradicts the ldap module documentation.String comparison was used instead of
strtobool
, because the distutils module is deprecated and will be removed by Python 3.12. The collection of values to compare against was copied fromsettings.py
in order to have matching behavior of DJANGO_DEBUG.This commit is marked as breaking because it can theoretically break setups for people who have historically configured this environment variable with a bogus value, and upgrading Alcali therefore risk breaking that environment. Although this risk can in my opinion be considered acceptable due to the forgiving amount of acceptable values, as well as using anything other than
True
is technically against documentation.