fiveop/WebLDAPPasswd
1
0
Fork 0
Code Issues Pull Requests Releases Activity

feat(api): provide context for LDAP error

Browse Source
This commit is contained in:
Philipp Matthias Schaefer 2021-03-14 20:47:33 +01:00
parent cf74883227
commit 0d1cc9ae54
1 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/api.rs
View File

@ -14,10 +14,11 @@
// //
// You should have received a copy of the GNU General Affero Public License // You should have received a copy of the GNU General Affero Public License
// along with the WebLDAPPasswd. If not, see <https://www.gnu.org/licenses/>. // along with the WebLDAPPasswd. If not, see <https://www.gnu.org/licenses/>.
use anyhow::{Context as AnyhowContext, Result};
use handlebars::Handlebars; use handlebars::Handlebars;
use ldap3::{ldap_escape, LdapConn}; use ldap3::{ldap_escape, LdapConn};
use ldap3::exop::PasswordModify; use ldap3::exop::PasswordModify;
use ldap3::result::{LdapError, Result}; use ldap3::result::LdapError;
use rocket_contrib::json::Json; use rocket_contrib::json::Json;
use rocket::post; use rocket::post;
@ -53,18 +54,26 @@ fn change_password(data: &Json<PasswordData>,
&json!({"username" : ldap_escape(&data.username)})) &json!({"username" : ldap_escape(&data.username)}))
.expect("Unexpected DN template error. Was tested in config.rs"); .expect("Unexpected DN template error. Was tested in config.rs");
let mut ldap = LdapConn::new(&context.ldap_url)?; let mut ldap = LdapConn::new(&context.ldap_url)
.with_context(|| format!(
"Failed to open LDAP connection for URL '{}'",
&context.ldap_url
))?;
ldap ldap
.simple_bind(&dn, &data.old_password)? .simple_bind(&dn, &data.old_password)
.success()?; .with_context(|| format!("Failed to bind with DN '{}'", &dn))?
.success()
.with_context(|| format!("Failed to bind with DN '{}'", &dn))?;
ldap ldap
.extended(PasswordModify{ .extended(PasswordModify{
user_id: Some(&dn), user_id: Some(&dn),
old_pass: Some(&data.old_password), old_pass: Some(&data.old_password),
new_pass: Some(&data.new_password), new_pass: Some(&data.new_password),
})? })
.success()?; .with_context(|| format!("Failed to modify password for DN '{}'", &dn))?
.success()
.with_context(|| format!("Failed to modify password for DN '{}'", &dn))?;
Ok(()) Ok(())
} }
@ -83,7 +92,9 @@ pub fn update(data: Json<PasswordData>,
Response { Response {
success: false, success: false,
message: Some( message: Some(
match error { match error.downcast::<LdapError>().expect(
"No other error should occur here"
) {
LdapError::LdapResult{ result } => { LdapError::LdapResult{ result } => {
if result.rc == 49 { if result.rc == 49 {
Message::InvalidCredentials Message::InvalidCredentials