making some attributes explicitly mandatory for Active Directory backend

kakwa · Jun 16, 2016 · d8631da · d8631da
1 parent 9a882d3
commit d8631da
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/ldapcherry/backend/backendAD.py b/ldapcherry/backend/backendAD.py
@@ -23,12 +23,16 @@ def __init__(self, cafile):
         self.log = "CA file %(cafile)s don't exist" % {'cafile': cafile}
 
 
+class MissingAttr(Exception):
+    def __init__(self):
+        self.log = 'attributes "cn" and "unicodePwd" must be declared ' \
+		   'in attributes.yml for all Active Directory backends.'
+
 NO_ATTR = 0
 DISPLAYED_ATTRS = 1
 LISTED_ATTRS = 2
 ALL_ATTRS = 3
 
-
 # UserAccountControl Attribute/Flag Values
 # For details, look at:
 # https://support.microsoft.com/en-us/kb/305144 
@@ -139,6 +143,12 @@ def __init__(self, config, logger, name, attrslist, key):
         for a in attrslist:
             self.attrlist.append(self._str(a))
 
+	if 'cn' not in self.attrlist:
+	    raise MissingAttr()
+
+	if 'unicodePwd' not in self.attrlist:
+	    raise MissingAttr()
+
     def _search_group(self, searchfilter, groupdn):
         searchfilter = self._str(searchfilter)
         ldap_client = self._bind()