feat(api): provide context for LDAP error

2021-03-14 20:47:33 +01:00 · 2021-03-14 20:47:33 +01:00 · 0d1cc9ae54
commit 0d1cc9ae54
parent cf74883227
1 changed files with 18 additions and 7 deletions
--- a/src/api.rs
+++ b/src/api.rs
@ -14,10 +14,11 @@
 //
 // You should have received a copy of the GNU General Affero Public License
 // along with the WebLDAPPasswd. If not, see <https://www.gnu.org/licenses/>.
+use anyhow::{Context as AnyhowContext, Result};
 use handlebars::Handlebars;
 use ldap3::{ldap_escape, LdapConn};
 use ldap3::exop::PasswordModify;
-use ldap3::result::{LdapError, Result};
+use ldap3::result::LdapError;
 use rocket_contrib::json::Json;

 use rocket::post;
@ -53,18 +54,26 @@ fn change_password(data: &Json<PasswordData>,
                         &json!({"username" : ldap_escape(&data.username)}))
        .expect("Unexpected DN template error. Was tested in config.rs");

-    let mut ldap = LdapConn::new(&context.ldap_url)?;
+    let mut ldap = LdapConn::new(&context.ldap_url)
+        .with_context(|| format!(
+            "Failed to open LDAP connection for URL '{}'",
+            &context.ldap_url
+        ))?;
    ldap
-        .simple_bind(&dn, &data.old_password)?
-        .success()?;
+        .simple_bind(&dn, &data.old_password)
+        .with_context(|| format!("Failed to bind with DN '{}'", &dn))?
+        .success()
+        .with_context(|| format!("Failed to bind with DN '{}'", &dn))?;

    ldap
        .extended(PasswordModify{
            user_id: Some(&dn),
            old_pass: Some(&data.old_password),
            new_pass: Some(&data.new_password),
-        })?
-        .success()?;
+        })
+        .with_context(|| format!("Failed to modify password for DN '{}'", &dn))?
+        .success()
+        .with_context(|| format!("Failed to modify password for DN '{}'", &dn))?;

    Ok(())
 }
@ -83,7 +92,9 @@ pub fn update(data: Json<PasswordData>,
                Response {
                    success: false,
                    message: Some(
-                        match error {
+                        match error.downcast::<LdapError>().expect(
+                            "No other error should occur here"
+                        ) {
                            LdapError::LdapResult{ result } => {
                                if result.rc == 49 {
                                    Message::InvalidCredentials