You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by bo...@apache.org on 2017/10/30 18:35:15 UTC
incubator-airflow git commit: [AIRFLOW-1711] Use ldap3 dict for group
membership
Repository: incubator-airflow
Updated Branches:
refs/heads/master 574e1c63d -> abcf1d584
[AIRFLOW-1711] Use ldap3 dict for group membership
Certain schemas for group membership return a
string
instead of a list. Instead of using a check we now
use the entries API from ldap3.
Closes #2731 from bolkedebruin/AIRFLOW-1711
Project: http://git-wip-us.apache.org/repos/asf/incubator-airflow/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-airflow/commit/abcf1d58
Tree: http://git-wip-us.apache.org/repos/asf/incubator-airflow/tree/abcf1d58
Diff: http://git-wip-us.apache.org/repos/asf/incubator-airflow/diff/abcf1d58
Branch: refs/heads/master
Commit: abcf1d584c66ab4f0a4c8c2c56c74104d9a50903
Parents: 574e1c6
Author: Bolke de Bruin <bo...@xs4all.nl>
Authored: Mon Oct 30 19:35:10 2017 +0100
Committer: Bolke de Bruin <bo...@xs4all.nl>
Committed: Mon Oct 30 19:35:10 2017 +0100
----------------------------------------------------------------------
airflow/contrib/auth/backends/ldap_auth.py | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-airflow/blob/abcf1d58/airflow/contrib/auth/backends/ldap_auth.py
----------------------------------------------------------------------
diff --git a/airflow/contrib/auth/backends/ldap_auth.py b/airflow/contrib/auth/backends/ldap_auth.py
index df29de3..2dcacda 100644
--- a/airflow/contrib/auth/backends/ldap_auth.py
+++ b/airflow/contrib/auth/backends/ldap_auth.py
@@ -76,14 +76,10 @@ def group_contains_user(conn, search_base, group_filter, user_name_attr, usernam
attributes=[native(user_name_attr)]):
log.warning("Unable to find group for %s %s", search_base, search_filter)
else:
- for resp in conn.response:
- if (
- 'attributes' in resp and (
- resp['attributes'].get(user_name_attr)[0] == username or
- resp['attributes'].get(user_name_attr) == username
- )
- ):
+ for entry in conn.entries:
+ if username in getattr(entry, user_name_attr).values:
return True
+
return False