Fix #6: regression.

almet · Jun 21, 2010 · cbfea5d · cbfea5d
1 parent 8700f41
commit cbfea5d
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 22 deletions.
diff --git a/.hgignore b/.hgignore
@@ -1,3 +1,4 @@
 ^build/
 ^dist/
 ^docs/_build/
+^MANIFEST$
diff --git a/django_auth_ldap/backend.py b/django_auth_ldap/backend.py
@@ -50,6 +50,8 @@
 except NameError:
     from sets import Set as set     # Python 2.3 fallback
 
+import sys
+import traceback
 import pprint
 import copy
 
@@ -253,12 +255,13 @@ def authenticate(self, password):
             logger.warning(u"Caught LDAPError while authenticating %s: %s",
                 self._username, pprint.pformat(e))
         except Exception, e:
-            logger.warning(u"Caught Exception while authenticating %s: %s",
+            logger.error(u"Caught Exception while authenticating %s: %s",
                 self._username, pprint.pformat(e))
+            logger.error(''.join(traceback.format_tb(sys.exc_info()[2])))
             raise
-        
+
         return user
-    
+
     def get_group_permissions(self):
         """
         If allowed by the configuration, this returns the set of permissions
@@ -290,8 +293,9 @@ def populate_user(self):
             logger.warning(u"Caught LDAPError while authenticating %s: %s",
                 self._username, pprint.pformat(e))
         except Exception, e:
-            logger.warning(u"Caught Exception while authenticating %s: %s",
+            logger.error(u"Caught Exception while authenticating %s: %s",
                 self._username, pprint.pformat(e))
+            logger.error(''.join(traceback.format_tb(sys.exc_info()[2])))
             raise
 
         return user
@@ -302,20 +306,14 @@ def populate_user(self):
 
     def _get_user_dn(self):
         if self._user_dn is None:
-            try:
-                self._load_user_dn()
-            except self.AuthenticationFailed:
-                pass
+            self._load_user_dn()
 
         return self._user_dn
     dn = property(_get_user_dn)
 
     def _get_user_attrs(self):
         if self._user_attrs is None:
-            try:
-                self._load_user_attrs()
-            except self.AuthenticationFailed:
-                pass
+            self._load_user_attrs()
 
         return self._user_attrs
     attrs = property(_get_user_attrs)
@@ -336,16 +334,21 @@ def _authenticate_user_dn(self, password):
         Binds to the LDAP server with the user's DN and password. Raises
         AuthenticationFailed on failure.
         """
+        if self.dn is None:
+            raise self.AuthenticationFailed("Failed to map the username to a DN.")
+
         try:
             self._bind_as(self.dn, password)
         except self.ldap.INVALID_CREDENTIALS:
             raise self.AuthenticationFailed("User DN/password rejected by LDAP server.")
 
     def _load_user_attrs(self):
-        search = LDAPSearch(self.dn, self.ldap.SCOPE_BASE)
-        results = search.execute(self.connection)
-
-        self._user_attrs = results[0][1]
+        if self.dn is not None:
+            search = LDAPSearch(self.dn, self.ldap.SCOPE_BASE)
+            results = search.execute(self.connection)
+
+            if results is not None and len(results) > 0:
+                self._user_attrs = results[0][1]
 
     def _load_user_dn(self):
         """
@@ -379,10 +382,8 @@ def _search_for_user_dn(self):
             raise ImproperlyConfigured('AUTH_LDAP_USER_SEARCH must be an LDAPSearch instance.')
 
         results = search.execute(self.connection, {'user': self._username})
-        if results is None or len(results) != 1:
-            raise self.AuthenticationFailed("AUTH_LDAP_USER_SEARCH failed to return exactly one result.")
-
-        (self._user_dn, self._user_attrs) = results[0]
+        if results is not None and len(results) == 1:
+            (self._user_dn, self._user_attrs) = results[0]
 
     def _check_requirements(self):
         """

diff --git a/django_auth_ldap/tests.py b/django_auth_ldap/tests.py
@@ -594,6 +594,9 @@ def test_search_bind_with_credentials(self):
         user = self.backend.authenticate(username='alice', password='password')
 
         self.assert_(user is not None)
+        self.assert_(user.ldap_user is not None)
+        self.assertEqual(user.ldap_user.dn, self.alice[0])
+        self.assertEqual(user.ldap_user.attrs, self.alice[1])
         self.assertEqual(self.mock_ldap.ldap_methods_called(),
             ['initialize', 'simple_bind_s', 'search_s', 'simple_bind_s'])
 

diff --git a/docs/conf.py b/docs/conf.py
@@ -47,7 +47,7 @@
 # The short X.Y version.
 version = '1.0'
 # The full version, including alpha/beta/rc tags.
-release = '1.0.4'
+release = '1.0.5'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.

diff --git a/setup.py b/setup.py
@@ -4,7 +4,7 @@
 
 setup(
     name="django-auth-ldap",
-    version="1.0.4",
+    version="1.0.5",
     description="Django LDAP authentication backend",
     long_description="""This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.