1 -- check if the corresponding LDAP entry for an LiquidFeedback member

2 -- object is still existent and updates changed attributes

3 -- --------------------------------------------------------------------------

4 --

5 -- arguments:

6 -- member: a LiquidFeedback Member object (required)

7 -- ldap_conn: a ldap connection handle (optional)

8 -- uid: the uid of the member (optional, required when creating members)

9 --

10 -- returns:

11 -- ldap_conn: an LDAP connection

12 -- ldap_entry: the found LDAP entry (if any)

13 -- err: error code in case of an error (string)

14 -- err2: error dependent extra error information

15 -- err3: error dependent extra error information

16

17 function ldap.update_member_attr(member, ldap_conn, uid)

18

19 -- do this only for members with ldap authentication

20 if member.authority ~= "ldap" then

21 return nil, nil, "member_is_not_authenticated_by_ldap"

22 end

23

24 local filter = config.ldap.member.uid_filter_map(member.authority_data_uid or uid)

25 local ldap_entry, err, err2 = ldap.get_member_entry(filter, ldap_conn)

26

27 if err then

28 return ldap_conn, nil, "ldap_error", err, err2

29 end

30

31 -- If no corresponding entry found, lock the member

32 if not ldap_entry then

33 member.locked = true

34 member.active = false

35 return ldap_conn

36 end

37

38 -- If exactly one corresponding entry found, update the attributes

39 local err = config.ldap.member.attr_map(ldap_entry, member)

40

41 member.authority_data = encode.pg_hstore{

42 uid = member.authority_data_uid or uid,

43 login = config.ldap.member.login_map(ldap_entry)

44 }

45

46 if err then

47 return ldap_conn, ldap_entry, "attr_map_error", err

48 end

49

50 return ldap_conn, ldap_entry

51

52 end