Reviewed: https://reviews.mahara.org/6764 Committed: https://git.mahara.org/mahara/mahara/commit/fb75f13988a5ac28b3373c8f3eed76d041c8a597 Submitter: Robert Lyon ([email protected]) Branch: 15.04_STABLE
commit fb75f13988a5ac28b3373c8f3eed76d041c8a597 Author: Ghada El-Zoghbi <[email protected]> Date: Fri Jul 29 18:40:35 2016 +1000 bug#1607669: Validate the results of ldap_search() and ldap_list() when syncing users. When retrieving data from the LDAP server, check the results retrieved from ldap_search() and ldap_list(). If there is an error, do not continue. Otherwise, the sync_users() will assume that zero users were retrieved from LDAP. It will then deleted or suspended users when 'If a user is no longer present in LDAP' is set to either suspend users or delete them. behatnotneeded Change-Id: Ib57901c61f769d96720cf932d2e0d7f643853a56 (cherry picked from commit 1daee33a1ef67a0e0fc0599c67de08896408519e) -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1607669 Title: LDAP user sync incorrectly proceeds when LDAP list or search fails Status in Mahara: Fix Committed Status in Mahara 15.04 series: Fix Committed Status in Mahara 15.10 series: Fix Committed Status in Mahara 16.04 series: Fix Committed Status in Mahara 16.10 series: Fix Committed Bug description: Mahara: 16.04 DB: Postgres OS: Linux The LDAP user sync is incorrectly continuing when the search in the context fails to contact the server. The following error is generated in the cron.log file: Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:937) ldap_list(): Search: Can't contact LDAP server Jul 29 00:01:05 server mahara-site: Call stack (most recent first): Jul 29 00:01:05 server mahara-site: * log_message("ldap_list(): Search: Can't contact LDAP server", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php", 937) at /var/www/mahara-site/lib/errors.php:489 Jul 29 00:01:05 server mahara-site: * error(2, "ldap_list(): Search: Can't contact LDAP server", "/var/www/mahara-site/auth/ldap/lib.php", 937, array(size 11)) a t Unknown:0 Jul 29 00:01:05 server mahara-site: * ldap_list(resource(#87), "ou=people,o=ldapserver.xxx", "(uid=*)", array(size 5)) at /var/www/mahara-site/auth/ldap/lib.php:937 Jul 29 00:01:05 server mahara-site: * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1 121 Jul 29 00:01:05 server mahara-site: * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614 Jul 29 00:01:05 server mahara-site: * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0 Jul 29 00:01:05 server mahara-site: * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714 Jul 29 00:01:05 server mahara-site: * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89 It then proceeds to sync the users: Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:940) ldap_first_entry() expects parameter 2 to be resource, boolean given Jul 29 00:01:05 server mahara-site: Call stack (most recent first): Jul 29 00:01:05 server mahara-site: * log_message("ldap_first_entry() expects parameter 2 to be resou...", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php ", 940) at /var/www/mahara-site/lib/errors.php:489 Jul 29 00:01:05 server mahara-site: * error(2, "ldap_first_entry() expects parameter 2 to be resou...", "/var/www/mahara-site/auth/ldap/lib.php", 940, array(size 12)) at Unknown:0 Jul 29 00:01:05 server mahara-site: * ldap_first_entry(resource(#87), false) at /var/www/mahara-site/auth/ldap/lib.php:940 Jul 29 00:01:05 server mahara-site: * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1121 Jul 29 00:01:05 server mahara-site: * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614 Jul 29 00:01:05 server mahara-site: * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0 Jul 29 00:01:05 server mahara-site: * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714 Jul 29 00:01:05 server mahara-site: * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89 Jul 29 00:01:05 server mahara-site: Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:971) ldap_free_result() expects parameter 1 to be resource, boolean given Jul 29 00:01:05 server mahara-site: Call stack (most recent first): Jul 29 00:01:05 server mahara-site: * log_message("ldap_free_result() expects parameter 1 to be resou...", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php", 971) at /var/www/mahara-site/lib/errors.php:489 Jul 29 00:01:05 server mahara-site: * error(2, "ldap_free_result() expects parameter 1 to be resou...", "/var/www/mahara-site/auth/ldap/lib.php", 971, array(size 13)) at Unknown:0 Jul 29 00:01:05 server mahara-site: * ldap_free_result(false) at /var/www/mahara-site/auth/ldap/lib.php:971 Jul 29 00:01:05 server mahara-site: * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1121 Jul 29 00:01:05 server mahara-site: * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614 Jul 29 00:01:05 server mahara-site: * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0 Jul 29 00:01:05 server mahara-site: * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714 Jul 29 00:01:05 server mahara-site: * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89 Jul 29 00:01:05 server mahara-site: Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1122) LDAP users found : 0 Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1169) 0 users known to Mahara Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1232) 45161 users no longer in LDAP Because we've set the sync to suspend users, all LDAP users are then suspended. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1607669/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
