#13490 closed defect (fixed)
LDAPStore has no attribute 'has_user'
Reported by: | Jun Omae | Owned by: | Jun Omae |
---|---|---|---|
Priority: | normal | Component: | LDAPAcctMngrPlugin |
Severity: | normal | Keywords: | |
Cc: | Trac Release: |
Description
06:27:44 PM Trac[main] ERROR: [192.168.11.19] Internal Server Error: <RequestWithSession "GET '/admin/accounts/users/USERNAME'">, referrer 'http://192.168.11.27:3000/t13487-env/admin/accounts/users' Traceback (most recent call last): File "/dev/shm/t13487/local/lib/python2.7/site-packages/trac/web/main.py", line 623, in _dispatch_request dispatcher.dispatch(req) File "/dev/shm/t13487/local/lib/python2.7/site-packages/trac/web/main.py", line 239, in dispatch resp = chosen_handler.process_request(req) File "/dev/shm/t13487/local/lib/python2.7/site-packages/trac/admin/web_ui.py", line 109, in process_request provider.render_admin_panel(req, cat_id, panel_id, path_info) File "/dev/shm/t13487/local/lib/python2.7/site-packages/acct_mgr/admin.py", line 218, in render_admin_panel return self._do_acct_details(req, path_info) File "/dev/shm/t13487/local/lib/python2.7/site-packages/acct_mgr/admin.py", line 332, in _do_acct_details if not (username and acctmgr.has_user(username)): File "/dev/shm/t13487/local/lib/python2.7/site-packages/acct_mgr/api.py", line 245, in has_user if store.has_user(user): AttributeError: 'LDAPStore' object has no attribute 'has_user'
Attachments (0)
Change History (12)
comment:2 Changed 6 years ago by
Replying to totalcaos:
Also noticed that when logging in to trac with an LDAP user for the first time the following error pops up (and the login fails):
AttributeError: 'LDAPStore' object has no attribute 'delete_user'
Weird. AccountManagerPlugin invokes the delete_user()
only when the store has delete_user
attribute, accountmanagerplugin/trunk/acct_mgr/api.py@17223:301-302#L297.
Could you please post stack trace of the AttributeError
?
comment:3 Changed 5 years ago by
Resolution: | → worksforme |
---|---|
Status: | new → closed |
Feel free to reopen if you can provide the traceback (comment:2).
comment:4 Changed 5 years ago by
Resolution: | worksforme |
---|---|
Status: | closed → reopened |
The reported issue is not fixed.
comment:5 Changed 5 years ago by
What is the plan to fix it then? It may or may not be a valid issue. Most likely it just stays open indefinitely with no user feedback.
comment:6 Changed 5 years ago by
I've reported AttributeError: 'LDAPStore' object has no attribute 'has_user'
. The method is invoked by AccountManager
. Then, LDAPStore
component should have has_user
method of IPasswordStore
.
-
ldapacctmngrplugin/trunk/ldapacctmngrplugin/security/ldapstore.py
diff --git a/ldapacctmngrplugin/trunk/ldapacctmngrplugin/security/ldapstore.py b/ldapacctmngrplugin/trunk/ldapacctmngrplugin/security/ldapstore.py index 2ee361972..8c39c4768 100644
a b 1 1 import ldap 2 import ldap.filter 2 3 3 4 from trac.core import * 4 5 from trac.config import * … … class LDAPStore (Component): 18 19 def check_password(self, user, password): 19 20 # Authenticate a user by checking password 20 21 con = None 21 base = self.user_searchbase22 filter = self.user_matchfilter % user23 22 24 23 # nested "try:" for python2.4 25 24 try: 26 25 try: 27 26 con = self.init_connection() 28 resp = con.search_s(base, ldap.SCOPE_SUBTREE, filter, ['dn'])27 resp = self._ldap_search_user(con, user, ['dn']) 29 28 30 29 # Added to prevent empty password authentication (some server allows that) 31 30 if not len(resp) : … … class LDAPStore (Component): 59 58 if entry[1]['uid'][0]: 60 59 yield entry[1]['uid'][0] 61 60 61 def has_user(self, user): 62 con = self.init_connection() 63 try: 64 resp = self._ldap_search_user(con, user, ['dn']) 65 return len(resp) != 0 66 finally: 67 con.unbind() 68 62 69 def init_connection(self): 63 70 # Initialize LDAP connection 64 71 connection = ldap.initialize(self.bind_server) … … class LDAPStore (Component): 72 79 resp = connection.simple_bind_s(self.bind_dn, self.bind_passwd) 73 80 74 81 return connection 82 83 def _ldap_search_user(self, conn, user, attrs): 84 filter_ = ldap.filter.filter_format(self.user_matchfilter, [user]) 85 return con.search_s(self.user_searchbase, ldap.SCOPE_SUBTREE, filter_, 86 attrs)
comment:7 Changed 5 years ago by
I would just go ahead and commit the change. There's been no maintainer activity in a while and there seem to be quite a few users of the plugin.
comment:9 Changed 5 years ago by
Owner: | changed from c0redumb to Jun Omae |
---|
comment:10 Changed 5 years ago by
I found it's not working:
Sep 28 19:54:07 ip-10-255-0-12 Trac[main] ERROR: [220.137.4.246] Internal Server Error: <RequestWithSession "POST '/login'">, referrer 'https://x/login'#012Traceback (most recent call last):#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 647, in _dispatch_requ est#012 dispatcher.dispatch(req)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/t rac/web/main.py", line 215, in dispatch#012 chosen_handler = self._pre_process_request(req, chosen_handle r)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 455, in _p re_process_request#012 chosen_handler = filter_.pre_process_request(req, chosen_handler)#012 File "/var/ www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/api.py", line 461, in pre_process_request#01 2 if not req.session.authenticated or 'ACCTMGR_USER_ADMIN' in req.perm:#012 File "/var/www/.pyenv/versio ns/2.7.16/lib/python2.7/site-packages/trac/web/api.py", line 498, in __getattr__#012 value = self.callbac ks[name](self)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", lin e 366, in _get_session#012 return Session(self.env, req)#012 File "/var/www/.pyenv/versions/2.7.16/lib/p ython2.7/site-packages/trac/web/session.py", line 248, in __init__#012 if req.authname == 'anonymous':#01 2 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/api.py", line 498, in __getatt r__#012 value = self.callbacks[name](self)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site- packages/trac/web/main.py", line 181, in authenticate#012 authname = authenticator.authenticate(req)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/util.py", line 81, in wrap#012 return func(self, *args, **kwds)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/ac ct_mgr/web_ui.py", line 452, in authenticate#012 username = self._remote_user(req)#012 File "/var/www/.p yenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/web_ui.py", line 768, in _remote_user#012 if ac ctmgr.check_password(username, password) is True:#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/s ite-packages/acct_mgr/api.py", line 287, in check_password#012 valid = store.check_password(user, passwor d)#012 File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/security/ldapstore.py", line 27, i n check_password#012 resp = self._ldap_search_user(con, user, ['dn'])#012 File "/var/www/.pyenv/versions /2.7.16/lib/python2.7/site-packages/security/ldapstore.py", line 85, in _ldap_search_user#012 return con. search_s(self.user_searchbase, ldap.SCOPE_SUBTREE, filter_,#012NameError: global name 'con' is not defined
Reformat:
Internal Server Error: <RequestWithSession "POST '/login'">, referrer 'https://x/login' Traceback (most recent call last): File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 647, in _dispatch_request dispatcher.dispatch(req) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 215, in dispatch chosen_handler = self._pre_process_request(req, chosen_handler) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 455, in _pre_process_request chosen_handler = filter_.pre_process_request(req, chosen_handler) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/api.py", line 461, in pre_process_request if not req.session.authenticated or 'ACCTMGR_USER_ADMIN' in req.perm: File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/api.py", line 498, in __getattr__ value = self.callbacks[name](self) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 366, in _get_session return Session(self.env, req) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/session.py", line 248, in __init__ if req.authname == 'anonymous': File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/api.py", line 498, in __getattr__ value = self.callbacks[name](self) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/trac/web/main.py", line 181, in authenticate authname = authenticator.authenticate(req) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/util.py", line 81, in wrap return func(self, *args, **kwds) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/web_ui.py", line 452, in authenticate username = self._remote_user(req) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/web_ui.py", line 768, in _remote_user if acctmgr.check_password(username, password) is True: File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/acct_mgr/api.py", line 287, in check_password valid = store.check_password(user, password) File "/var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/security/ldapstore.py", line 27, in check_password resp = self._ldap_search_user(con, user, ['dn']) File /var/www/.pyenv/versions/2.7.16/lib/python2.7/site-packages/security/ldapstore.py", line 85, in _ldap_search_user return con.search_s(self.user_searchbase, ldap.SCOPE_SUBTREE, filter_, NameError: global name 'con' is not defined
Currently I specify the old version to make it work:
pip install svn+https://trac-hacks.org/svn/ldapacctmngrplugin/trunk/ldapacctmngrplugin/@17412
+1 The login using the LDAPAcctMngr works along with the sync of users from LDAP, but not user management is possible.