mahara-contributors team mailing list archive

Thread
Date
[Bug 1607669] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <1607669@xxxxxxxxxxxxxxxxxx>
Date: Mon, 01 Aug 2016 04:55:38 -0000
Reply-to: Bug 1607669 <1607669@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Reviewed:  https://reviews.mahara.org/6758
Committed: https://git.mahara.org/mahara/mahara/commit/1daee33a1ef67a0e0fc0599c67de08896408519e
Submitter: Aaron Wells (aaronw@xxxxxxxxxxxxxxx)
Branch:    master

commit 1daee33a1ef67a0e0fc0599c67de08896408519e
Author: Ghada El-Zoghbi <ghada@xxxxxxxxxxxxxxx>
Date:   Fri Jul 29 18:40:35 2016 +1000

bug#1607669: Validate the results of ldap_search() and ldap_list() when
syncing users.

When retrieving data from the LDAP server, check the results retrieved from
ldap_search() and ldap_list(). If there is an error, do not continue.

Otherwise, the sync_users() will assume that zero users were retrieved
from LDAP. It will then deleted or suspended users when
'If a user is no longer present in LDAP' is set to either suspend
users or delete them.

behatnotneeded

Change-Id: Ib57901c61f769d96720cf932d2e0d7f643853a56

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1607669

Title:
  LDAP user sync incorrectly proceeds when LDAP list or search fails

Status in Mahara:
  Fix Committed
Status in Mahara 15.04 series:
  In Progress
Status in Mahara 15.10 series:
  In Progress
Status in Mahara 16.04 series:
  In Progress
Status in Mahara 16.10 series:
  Fix Committed

Bug description:
  Mahara: 16.04
  DB: Postgres
  OS: Linux

  The LDAP user sync is incorrectly continuing when the search in the
  context fails to contact the server.

  The following error is generated in the cron.log file:

  Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:937) ldap_list(): Search: Can't contact LDAP server
  Jul 29 00:01:05 server mahara-site: Call stack (most recent first):
  Jul 29 00:01:05 server mahara-site:   * log_message("ldap_list(): Search: Can't contact LDAP server", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php", 937)
   at /var/www/mahara-site/lib/errors.php:489
  Jul 29 00:01:05 server mahara-site:   * error(2, "ldap_list(): Search: Can't contact LDAP server", "/var/www/mahara-site/auth/ldap/lib.php", 937, array(size 11)) a
  t Unknown:0
  Jul 29 00:01:05 server mahara-site:   * ldap_list(resource(#87), "ou=people,o=ldapserver.xxx", "(uid=*)", array(size 5)) at /var/www/mahara-site/auth/ldap/lib.php:937
  Jul 29 00:01:05 server mahara-site:   * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1
  121
  Jul 29 00:01:05 server mahara-site:   * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614
  Jul 29 00:01:05 server mahara-site:   * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0
  Jul 29 00:01:05 server mahara-site:   * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714
  Jul 29 00:01:05 server mahara-site:   * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89


  It then proceeds to sync the users:

  Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:940) ldap_first_entry() expects parameter 2 to be resource, boolean given
  Jul 29 00:01:05 server mahara-site: Call stack (most recent first):
  Jul 29 00:01:05 server mahara-site:   * log_message("ldap_first_entry() expects parameter 2 to be resou...", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php
  ", 940) at /var/www/mahara-site/lib/errors.php:489
  Jul 29 00:01:05 server mahara-site:   * error(2, "ldap_first_entry() expects parameter 2 to be resou...", "/var/www/mahara-site/auth/ldap/lib.php", 940, array(size
   12)) at Unknown:0
  Jul 29 00:01:05 server mahara-site:   * ldap_first_entry(resource(#87), false) at /var/www/mahara-site/auth/ldap/lib.php:940
  Jul 29 00:01:05 server mahara-site:   * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1121
  Jul 29 00:01:05 server mahara-site:   * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614
  Jul 29 00:01:05 server mahara-site:   * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0
  Jul 29 00:01:05 server mahara-site:   * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714
  Jul 29 00:01:05 server mahara-site:   * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89
  Jul 29 00:01:05 server mahara-site: 
  Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:971) ldap_free_result() expects parameter 1 to be resource, boolean given
  Jul 29 00:01:05 server mahara-site: Call stack (most recent first):
  Jul 29 00:01:05 server mahara-site:   * log_message("ldap_free_result() expects parameter 1 to be resou...", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php", 971) at /var/www/mahara-site/lib/errors.php:489
  Jul 29 00:01:05 server mahara-site:   * error(2, "ldap_free_result() expects parameter 1 to be resou...", "/var/www/mahara-site/auth/ldap/lib.php", 971, array(size 13)) at Unknown:0
  Jul 29 00:01:05 server mahara-site:   * ldap_free_result(false) at /var/www/mahara-site/auth/ldap/lib.php:971
  Jul 29 00:01:05 server mahara-site:   * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1121
  Jul 29 00:01:05 server mahara-site:   * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614
  Jul 29 00:01:05 server mahara-site:   * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0
  Jul 29 00:01:05 server mahara-site:   * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714
  Jul 29 00:01:05 server mahara-site:   * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89
  Jul 29 00:01:05 server mahara-site: 
  Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1122) LDAP users found : 0
  Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1169) 0 users known to Mahara 
  Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1232) 45161 users no longer in LDAP 


  Because we've set the sync to suspend users, all LDAP users are then
  suspended.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1607669/+subscriptions
References

[Bug 1607669] [NEW] LDAP user sync incorrectly proceeds when LDAP list or search fails
From: Ghada El-Zoghbi, 2016-07-29