[
https://issues.apache.org/jira/browse/AIRFLOW-1711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16225507#comment-16225507
]
ASF subversion and git services commented on AIRFLOW-1711:
----------------------------------------------------------
Commit abcf1d584c66ab4f0a4c8c2c56c74104d9a50903 in incubator-airflow's branch
refs/heads/master from [~bolke]
[ https://git-wip-us.apache.org/repos/asf?p=incubator-airflow.git;h=abcf1d5 ]
[AIRFLOW-1711] Use ldap3 dict for group membership
Certain schemas for group membership return a
string
instead of a list. Instead of using a check we now
use the entries API from ldap3.
Closes #2731 from bolkedebruin/AIRFLOW-1711
> Ldap Attributes not always a "list" part 2
> ------------------------------------------
>
> Key: AIRFLOW-1711
> URL: https://issues.apache.org/jira/browse/AIRFLOW-1711
> Project: Apache Airflow
> Issue Type: Bug
> Components: contrib
> Affects Versions: Airflow 1.7.1
> Environment: Linux + Active Directory
> Reporter: Steve Jacobs
> Priority: Blocker
> Fix For: 1.9.0
>
>
> in the LDAP auth module
> `group_contains_user` checks for `resp['attributes'].get(user_name_attr)[0]
> == username`
> Some Ldaps apparently have this as a simple string
> `resp['attributes'].get(user_name_attr) == username`
> also should be checked.
> But really a test should be done to see if the return is a 'list' and perform
> the check differently. If its not a list, python will check both arguments
> and exit with an error.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
