Merge "Handle ldap size limit exeeded exception"
This commit is contained in:
commit
ebbe9194a1
|
@ -608,3 +608,9 @@ class LDAPServerConnectionError(UnexpectedError):
|
|||
class LDAPInvalidCredentialsError(UnexpectedError):
|
||||
message_format = _('Unable to authenticate against Identity backend - '
|
||||
'Invalid username or password')
|
||||
|
||||
|
||||
class LDAPSizeLimitExceeded(UnexpectedError):
|
||||
message_format = _('Number of User/Group entities returned by LDAP '
|
||||
'exceeded size limit. Contact your LDAP '
|
||||
'administrator.')
|
||||
|
|
|
@ -930,9 +930,12 @@ class KeystoneLDAPHandler(LDAPHandler):
|
|||
attrlist_utf8 = None
|
||||
else:
|
||||
attrlist_utf8 = list(map(utf8_encode, attrlist))
|
||||
ldap_result = self.conn.search_s(base_utf8, scope,
|
||||
filterstr_utf8,
|
||||
attrlist_utf8, attrsonly)
|
||||
try:
|
||||
ldap_result = self.conn.search_s(base_utf8, scope,
|
||||
filterstr_utf8,
|
||||
attrlist_utf8, attrsonly)
|
||||
except ldap.SIZELIMIT_EXCEEDED:
|
||||
raise exception.LDAPSizeLimitExceeded()
|
||||
|
||||
py_result = convert_ldap_result(ldap_result)
|
||||
|
||||
|
|
|
@ -22,6 +22,7 @@ from oslo_config import fixture as config_fixture
|
|||
|
||||
from keystone.common import driver_hints
|
||||
import keystone.conf
|
||||
from keystone import exception as ks_exception
|
||||
from keystone.identity.backends.ldap import common as common_ldap
|
||||
from keystone.tests import unit
|
||||
from keystone.tests.unit import default_fixtures
|
||||
|
@ -575,3 +576,34 @@ class LDAPFilterQueryCompositionTest(unit.BaseTestCase):
|
|||
self.filter_attribute_name, username)
|
||||
self.assertEqual(expected_ldap_filter,
|
||||
self.base_ldap.filter_query(hints=hints, query=None))
|
||||
|
||||
|
||||
class LDAPSizeLimitTest(unit.TestCase):
|
||||
"""Test the size limit exceeded handling in keystone.common.ldap.core."""
|
||||
|
||||
def setUp(self):
|
||||
super(LDAPSizeLimitTest, self).setUp()
|
||||
|
||||
self.useFixture(ldapdb.LDAPDatabase())
|
||||
self.useFixture(database.Database())
|
||||
|
||||
self.load_backends()
|
||||
self.load_fixtures(default_fixtures)
|
||||
|
||||
def config_overrides(self):
|
||||
super(LDAPSizeLimitTest, self).config_overrides()
|
||||
self.config_fixture.config(group='identity', driver='ldap')
|
||||
|
||||
def config_files(self):
|
||||
config_files = super(LDAPSizeLimitTest, self).config_files()
|
||||
config_files.append(unit.dirs.tests_conf('backend_ldap.conf'))
|
||||
return config_files
|
||||
|
||||
@mock.patch.object(fakeldap.FakeLdap, 'search_s')
|
||||
def test_search_s_sizelimit_exceeded(self, mock_search_s):
|
||||
mock_search_s.side_effect = ldap.SIZELIMIT_EXCEEDED
|
||||
conn = self.identity_api.user.get_connection()
|
||||
self.assertRaises(ks_exception.LDAPSizeLimitExceeded,
|
||||
conn.search_s,
|
||||
'dc=example,dc=test',
|
||||
ldap.SCOPE_SUBTREE)
|
||||
|
|
Loading…
Reference in New Issue