Fixed LDAP operational attributes handling

2022-12-15 12:41:31 +01:00 · 2022-12-15 12:41:31 +01:00 · 482f949c09
commit 482f949c09
parent a65f785040
3 changed files with 39 additions and 2 deletions
--- a/CHANGES.rst
+++ b/CHANGES.rst
@ -3,6 +3,11 @@ All notable changes to this project will be documented in this file.
 The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.0.0/>`_,
 and this project adheres to `Semantic Versioning <https://semver.org/spec/v2.0.0.html>`_.

+Fixed
+*****
+
+- Fixed LDAP operational attributes handling.
+
 [0.0.15] - 2022-12-15
 =====================

--- a/canaille/ldap_backend/ldapobject.py
+++ b/canaille/ldap_backend/ldapobject.py
@ -161,9 +161,12 @@ class LDAPObject:

    @staticmethod
    def ldap_attrs_to_python(attrs):
+        ldap_attrs = LDAPObject.ldap_object_attributes()
        return {
            name: [
-                ldap_to_python(value, LDAPObject.ldap_object_attributes()[name].syntax)
+                ldap_to_python(
+                    value, ldap_attrs[name].syntax if name in ldap_attrs else None
+                )
                for value in values
            ]
            for name, values in attrs.items()
@ -171,9 +174,12 @@ class LDAPObject:

    @staticmethod
    def python_attrs_to_ldap(attrs):
+        ldap_attrs = LDAPObject.ldap_object_attributes()
        return {
            name: [
-                python_to_ldap(value, LDAPObject.ldap_object_attributes()[name].syntax)
+                python_to_ldap(
+                    value, ldap_attrs[name].syntax if name in ldap_attrs else None
+                )
                for value in values
            ]
            for name, values in attrs.items()
--- a/tests/ldap/test_utils.py
+++ b/tests/ldap/test_utils.py
@ -1,6 +1,7 @@
 import datetime

 import ldap.dn
+from canaille.ldap_backend.ldapobject import LDAPObject
 from canaille.ldap_backend.utils import ldap_to_python
 from canaille.ldap_backend.utils import python_to_ldap
 from canaille.ldap_backend.utils import Syntax
@ -103,3 +104,28 @@ def test_python_to_ldap():
    assert ldap_to_python(b"foobar", Syntax.DIRECTORY_STRING) == "foobar"

    assert ldap_to_python(b"foobar", Syntax.JPEG) == b"foobar"
+
+
+def test_operational_attribute_conversion(slapd_connection):
+    assert "oauthClientName" in LDAPObject.ldap_object_attributes(slapd_connection)
+    assert "invalidAttribute" not in LDAPObject.ldap_object_attributes(slapd_connection)
+
+    assert LDAPObject.ldap_attrs_to_python(
+        {
+            "oauthClientName": [b"foobar_name"],
+            "invalidAttribute": [b"foobar"],
+        }
+    ) == {
+        "oauthClientName": ["foobar_name"],
+        "invalidAttribute": ["foobar"],
+    }
+
+    assert LDAPObject.python_attrs_to_ldap(
+        {
+            "oauthClientName": ["foobar_name"],
+            "invalidAttribute": ["foobar"],
+        }
+    ) == {
+        "oauthClientName": [b"foobar_name"],
+        "invalidAttribute": [b"foobar"],
+    }