r80984 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r80983‎ \| r80984 \| r80985 >
Date:	20:07, 25 January 2011
Author:	laner
Status:	deferred
Tags:
Comment:	Ensure uid attribute is already in use. Anyone sane is already doing this on their directory server, but it's better safe than sorry.
Modified paths:	/trunk/extensions/OpenStackManager/OpenStackNovaUser.php (modified) (history)

Diff [purge]

Index: trunk/extensions/OpenStackManager/OpenStackNovaUser.php
—	—	@@ -396,6 +396,7 @@
397	397	static function LDAPSetCreationValues( $auth, $username, &$values, &$result ) {
398	398	global $wgOpenStackManagerLDAPDefaultGid;
399	399	global $wgRequest;
	400	+ global $wgAuth;
400	401
401	402	$values['objectclass'][] = 'person';
402	403	$values['objectclass'][] = 'novauser';
—	—	@@ -420,6 +421,23 @@
421	422	return false;
422	423	}
423	424	$values['uid'] = $username;
	425	+ $base = $auth->getBaseDN( USERDN );
	426	+ # Though the LDAP plugin checks to see if the user account exists,
	427	+ # it does not check to see if the uid attribute is already used.
	428	+ wfSuppressWarnings();
	429	+ $result = ldap_search( $auth->ldapconn, $base, "(uid=$username)" );
	430	+ wfRestoreWarnings();
	431	+ if ( $result ) {
	432	+ wfSuppressWarnings();
	433	+ $entries = ldap_get_entries( $auth->ldapconn, $result );
	434	+ wfRestoreWarnings();
	435	+ if ( (int)$entries['count'] > 0 ) {
	436	+ $auth->printDebug( "User $username already exists.", NONSENSITIVE );
	437	+ # uid attribute is already in use, fail.
	438	+ $result = false;
	439	+ return false;
	440	+ }
	441	+ }
424	442	$values['uidnumber'] = $uidnumber;
425	443	$values['gidnumber'] = $wgOpenStackManagerLDAPDefaultGid;
426	444	$values['homedirectory'] = '/home/' . $username;

00:02, 27 January 2011 Reedy (talk | contribs) changed the status of r80984 [removed: new added: deferred]