From b6b156070176a68c0bdc1935a03eab2d98227c4b Mon Sep 17 00:00:00 2001 From: David Svantesson Date: Sun, 25 Aug 2019 02:59:21 +0200 Subject: [PATCH] Abort syncrhonization from LDAP source if there is some error. (#7965) Signed-off-by: David Svantesson (cherry picked from commit b2d23a138942179d62f9bffdb3df272e9300e35b) --- models/user.go | 7 ++++++- modules/auth/ldap/ldap.go | 10 +++++----- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/models/user.go b/models/user.go index cec783ff5..e5e30ea9e 100644 --- a/models/user.go +++ b/models/user.go @@ -1645,7 +1645,12 @@ func SyncExternalUsers() { return } - sr := s.LDAP().SearchEntries() + sr, err := s.LDAP().SearchEntries() + if err != nil { + log.Error("SyncExternalUsers LDAP source failure [%s], skipped", s.Name) + continue + } + for _, su := range sr { if len(su.Username) == 0 { continue diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go index ddeaf1243..ed83a77e1 100644 --- a/modules/auth/ldap/ldap.go +++ b/modules/auth/ldap/ldap.go @@ -308,12 +308,12 @@ func (ls *Source) UsePagedSearch() bool { } // SearchEntries : search an LDAP source for all users matching userFilter -func (ls *Source) SearchEntries() []*SearchResult { +func (ls *Source) SearchEntries() ([]*SearchResult, error) { l, err := dial(ls) if err != nil { log.Error("LDAP Connect error, %s:%v", ls.Host, err) ls.Enabled = false - return nil + return nil, err } defer l.Close() @@ -321,7 +321,7 @@ func (ls *Source) SearchEntries() []*SearchResult { err := l.Bind(ls.BindDN, ls.BindPassword) if err != nil { log.Debug("Failed to bind as BindDN[%s]: %v", ls.BindDN, err) - return nil + return nil, err } log.Trace("Bound as BindDN %s", ls.BindDN) } else { @@ -350,7 +350,7 @@ func (ls *Source) SearchEntries() []*SearchResult { } if err != nil { log.Error("LDAP Search failed unexpectedly! (%v)", err) - return nil + return nil, err } result := make([]*SearchResult, len(sr.Entries)) @@ -368,5 +368,5 @@ func (ls *Source) SearchEntries() []*SearchResult { } } - return result + return result, nil }