def ldap_context(settings, use_cache=True):
"""Establishes an LDAP session context.
Establishes a connection to the LDAP server from the `uri` in the
``settings`` and makes the context available in ``current_ldap``.
Yields a namedtuple containing the connection to the server and the
provider settings.
:param settings: dict -- The settings for a LDAP provider.
:param use_cache: bool -- If the connection should be cached.
"""
try:
connection = ldap_connect(settings, use_cache=use_cache)
ldap_ctx = LDAPContext(connection=connection, settings=settings)
_ldap_ctx_stack.push(ldap_ctx)
try:
yield ldap_ctx
except ldap.LDAPError:
# If something went wrong we get rid of cached connections.
# This is mostly for the python shell where you have a very
# long-living application context that usually results in
# the ldap connection timing out.
_clear_ldap_cache()
raise
finally:
assert _ldap_ctx_stack.pop(
) is ldap_ctx, "Popped wrong LDAP context"
except ldap.SERVER_DOWN:
if has_app_context() and current_app.debug:
raise
raise MultipassException("The LDAP server is unreachable")
except ldap.INVALID_CREDENTIALS:
if has_app_context() and current_app.debug:
raise
raise ValueError("Invalid bind credentials")
except ldap.SIZELIMIT_EXCEEDED:
raise MultipassException(
"Size limit exceeded (try setting a smaller page size)")
except ldap.TIMELIMIT_EXCEEDED:
raise MultipassException(
"The time limit for the operation has been exceeded.")
except ldap.TIMEOUT:
raise MultipassException("The operation timed out.")
except ldap.FILTER_ERROR:
raise ValueError(
"The filter supplied to the operation is invalid. "
"(This is most likely due to a bad user or group filter.")
def ldap_context(settings, use_cache=True):
"""Establishes an LDAP session context.
Establishes a connection to the LDAP server from the `uri` in the
``settings`` and makes the context available in ``current_ldap``.
Yields a namedtuple containing the connection to the server and the
provider settings.
:param settings: dict -- The settings for a LDAP provider.
:param use_cache: bool -- If the connection should be cached.
"""
try:
connection = ldap_connect(settings, use_cache=use_cache)
ldap_ctx = LDAPContext(connection=connection, settings=settings)
_ldap_ctx_stack.push(ldap_ctx)
try:
yield ldap_ctx
except ldap.LDAPError:
# If something went wrong we get rid of cached connections.
# This is mostly for the python shell where you have a very
# long-living application context that usually results in
# the ldap connection timing out.
_clear_ldap_cache()
raise
finally:
assert _ldap_ctx_stack.pop() is ldap_ctx, "Popped wrong LDAP context"
except ldap.SERVER_DOWN:
if has_app_context() and current_app.debug:
raise
raise MultipassException("The LDAP server is unreachable")
except ldap.INVALID_CREDENTIALS:
if has_app_context() and current_app.debug:
raise
raise ValueError("Invalid bind credentials")
except ldap.SIZELIMIT_EXCEEDED:
raise MultipassException("Size limit exceeded (try setting a smaller page size)")
except ldap.TIMELIMIT_EXCEEDED:
raise MultipassException("The time limit for the operation has been exceeded.")
except ldap.TIMEOUT:
raise MultipassException("The operation timed out.")
except ldap.FILTER_ERROR:
raise ValueError("The filter supplied to the operation is invalid. "
"(This is most likely due to a bad user or group filter.")