search

micahmanquen / django-ldap-groups

Automatically exported from code.google.com/p/django-ldap-groups
0 stars 0 forks source link

Null-integrity error when creating users from AD when no last name or email is set #8

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Use postgresql backend, django trunk, Centos machine.
2. Connect to Active Directory PDC, try to authenticate a user.
3. User auth succeeds but create a user in django fails as None is returned
rather than ''.

What is the expected output? What do you see instead?
Expected output is to continue to create the LDAP/AD user and authenticate
them. Instead I get errors such as:

Relevant code listing example (from django.contrib.auth.models):

class UserManager(models.Manager):
    def create_user(self, username, email, password=None):
        "Creates and saves a User with the given username, e-mail and
password."
        now = datetime.datetime.now()
        user = self.model(None, username, '', '', email.strip().lower(),
'placeholder', False, True, False, now, now)
        if password:
            user.set_password(password)
        else:
            user.set_unusable_password()
        user.save()
        return user

The section that needs to change is in ldap_groups/accounts/backends.py
In the ActiveDirectorySSLBackend:

def get_or_create_user(self, username, password):
        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:

            try:
                l = self.bind_ldap(username, password)
                # search
                result =
l.search_ext_s(settings.SEARCH_DN,ldap.SCOPE_SUBTREE,"sAMAccountName=%s" %
username,settings.SEARCH_FIELDS)[0][1]

                if result.has_key('memberOf'):
                    membership = result['memberOf']
                else:
                    membership = ''

                # get email
                if result.has_key('mail'):
                    mail = result['mail'][0]
                else:
                    mail = ''
                # get surname
                if result.has_key('sn'):
                    last_name = result['sn'][0]
                else:
                    last_name = ''

                # get display name
                if result.has_key('givenName'):
                    first_name = result['givenName'][0]
                else:
                    first_name = ''

                l.unbind_s()

                user =
User(username=username,first_name=first_name,last_name=last_name,email=mail)

            except Exception, e:
                return None

            user.is_staff = False
            user.is_superuser = False
            user.set_password('ldap authenticated')
            user.save()

            self.set_memberships_from_ldap(user, membership)

        return user

Please use labels and text to provide additional information.

Original issue reported on code.google.com by daniel.hilton@gmail.com on 12 Apr 2010 at 10:26