annotate env/ldap/get_member_entry.lua @ 1316:186a172c8b9e
Allow forced manual verification w/o sms check
 | author | bsw | 
 | date | Wed Aug 01 17:46:20 2018 +0200 (2018-08-01) | 
 | parents | 58f48a8a202a | 
 | children | 35e605322b41 | 
 
 | rev | line source | 
| bsw@1071 | 1 -- gets the corresponding ldap entry for a given member login | 
| bsw@1071 | 2 -- -------------------------------------------------------------------------- | 
| bsw@1071 | 3 -- | 
| bsw@1071 | 4 -- arguments: | 
| bsw@1071 | 5 --   filter: the LDAP filter for searching the member (required) | 
| bsw@1071 | 6 --   use_ldap_conn: an already existing LDAP connection to be used (optional) | 
| bsw@1071 | 7 -- | 
| bsw@1071 | 8 -- returns: | 
| bsw@1071 | 9 --   ldap_entry: in case of success, the LDAP entry (object) | 
| bsw@1071 | 10 --   err: in case of an error, an error message (string) | 
| bsw@1071 | 11 --   err2: error dependent extra error information | 
| bsw@1071 | 12 | 
| bsw@1071 | 13 function ldap.get_member_entry(filter, use_ldap_conn) | 
| bsw@1071 | 14 | 
| bsw@1071 | 15   local ldap_conn, err | 
| bsw@1071 | 16 | 
| bsw@1071 | 17   if use_ldap_conn then | 
| bsw@1071 | 18     ldap_conn = use_ldap_conn | 
| bsw@1071 | 19   else | 
| bsw@1071 | 20     ldap_conn, bind_err = ldap.bind_as_app() | 
| bsw@1071 | 21   end | 
| bsw@1071 | 22 | 
| bsw@1071 | 23   if not ldap_conn then | 
| bsw@1071 | 24     return nil, "ldap_bind_error", bind_err | 
| bsw@1071 | 25   end | 
| bsw@1071 | 26 | 
| bsw@1071 | 27   local entries, search_err = ldap_conn:search{ | 
| bsw@1071 | 28     base = config.ldap.base, | 
| bsw@1071 | 29     scope = config.ldap.member.scope, | 
| bsw@1071 | 30     filter = filter, | 
| bsw@1071 | 31     attr = config.ldap.member.fetch_attr, | 
| bsw@1071 | 32   } | 
| bsw@1071 | 33 | 
| bsw@1071 | 34   if not use_ldap_conn then | 
| bsw@1071 | 35     ldap_conn:unbind() | 
| bsw@1071 | 36   end | 
| bsw@1071 | 37 | 
| bsw@1071 | 38   if not entries then | 
| bsw@1071 | 39     return nil, "ldap_search_error", search_err | 
| bsw@1071 | 40   end | 
| bsw@1071 | 41 | 
| bsw@1071 | 42   if #entries > 1 then | 
| bsw@1071 | 43     return nil, "too_many_ldap_entries_found" | 
| bsw@1071 | 44   end | 
| bsw@1071 | 45 | 
| bsw@1071 | 46   if #entries < 0 then | 
| bsw@1071 | 47     return nil, "no_ldap_entry_found" | 
| bsw@1071 | 48   end | 
| bsw@1071 | 49 | 
| bsw@1071 | 50   return entries[1] | 
| bsw@1071 | 51 | 
| bsw@1071 | 52 end |