Skip to content
Snippets Groups Projects
Commit 948a66ef authored by Reiter, Christoph's avatar Reiter, Christoph :snake:
Browse files

Filter out LDAP users which are missing the identifier attribute 

In case the identifier attribtue was missing we were defaulting to an empty string,
which (1) isn't really correct and (2) is not a valid identifier for api-platform
and makes it fail when serializig API responses.

Avoid this by ignoring all LDAP users without an identifier.
parent 23916d8f
No related branches found
No related tags found
No related merge requests found
Pipeline #218492 passed
Stage: test
Hide whitespace changes
Inline Side-by-side
src/Service/LDAPApi.php
+ 14
2
View file @ 948a66ef
...@@ -241,6 +241,9 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface ...@@ -241,6 +241,9 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface
$persons = []; $persons = [];
foreach ($this->getPeopleUserItems($currentPageNumber, $maxNumItemsPerPage, $options) as $userItem) { foreach ($this->getPeopleUserItems($currentPageNumber, $maxNumItemsPerPage, $options) as $userItem) {
$person = $this->personFromUserItem($userItem, false); $person = $this->personFromUserItem($userItem, false);
if ($person === null) {
continue;
}
$persons[] = $person; $persons[] = $person;
} }
...@@ -280,9 +283,15 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface ...@@ -280,9 +283,15 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface
} }
} }
public function personFromUserItem(User $user, bool $full): Person /**
* Returns null in case the user is not a valid Person, for example if the identifier is missing.
*/
public function personFromUserItem(User $user, bool $full): ?Person
{ {
$identifier = $user->getFirstAttribute($this->identifierAttributeName) ?? ''; $identifier = $user->getFirstAttribute($this->identifierAttributeName);
if ($identifier === null) {
return null;
}
$person = new Person(); $person = new Person();
$person->setIdentifier($identifier); $person->setIdentifier($identifier);
...@@ -339,6 +348,9 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface ...@@ -339,6 +348,9 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface
} else { } else {
$user = $this->getPersonUserItem($id); $user = $this->getPersonUserItem($id);
$person = $this->personFromUserItem($user, true); $person = $this->personFromUserItem($user, true);
if ($person === null) {
throw ApiError::withDetails(Response::HTTP_NOT_FOUND, sprintf("Person with id '%s' could not be found!", $id));
}
} }
return $person; return $person;
......
tests/PersonTest.php
+ 11
0
View file @ 948a66ef
...@@ -106,4 +106,15 @@ class PersonTest extends ApiTestCase ...@@ -106,4 +106,15 @@ class PersonTest extends ApiTestCase
$this->assertEquals($person->getExtraData('test'), 'my-test-string'); $this->assertEquals($person->getExtraData('test'), 'my-test-string');
} }
public function testPersonFromUserItemNoIdentifier()
{
$user = new AdldapUser([
'givenName' => ['givenName'],
'sn' => ['familyName'],
], $this->newBuilder());
$person = $this->api->personFromUserItem($user, false);
$this->assertNull($person);
}
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment