fix ldap tls env vars (#1351)

bihealth · Feb 9, 2024 · fdab9f8 · fdab9f8
1 parent 30df804
commit fdab9f8
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 12 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -5,6 +5,16 @@ Changelog for the **SODAR Core** Django app package. Loosely follows the
 `Keep a Changelog <http://keepachangelog.com/en/1.0.0/>`_ guidelines.
 
 
+Unreleased
+==========
+
+Fixed
+-----
+
+- **General**
+    - Invalid env var retrieval for ``AUTH_LDAP*_START_TLS`` (#1351)
+
+
 v0.13.3 (2023-12-06)
 ====================
 

diff --git a/config/settings/base.py b/config/settings/base.py
@@ -340,9 +340,8 @@
 ENABLE_LDAP = env.bool('ENABLE_LDAP', False)
 ENABLE_LDAP_SECONDARY = env.bool('ENABLE_LDAP_SECONDARY', False)
 LDAP_DEBUG = env.bool('LDAP_DEBUG', False)
-
 # Alternative domains for detecting LDAP access by email address
-LDAP_ALT_DOMAINS = env.list('LDAP_ALT_DOMAINS', None, [])
+LDAP_ALT_DOMAINS = env.list('LDAP_ALT_DOMAINS', None, default=[])
 
 if ENABLE_LDAP:
     import itertools
@@ -363,18 +362,17 @@
     AUTH_LDAP_SERVER_URI = env.str('AUTH_LDAP_SERVER_URI', None)
     AUTH_LDAP_BIND_DN = env.str('AUTH_LDAP_BIND_DN', None)
     AUTH_LDAP_BIND_PASSWORD = env.str('AUTH_LDAP_BIND_PASSWORD', None)
-    AUTH_LDAP_START_TLS = env.str('AUTH_LDAP_START_TLS', False)
+    AUTH_LDAP_START_TLS = env.bool('AUTH_LDAP_START_TLS', False)
     AUTH_LDAP_CA_CERT_FILE = env.str('AUTH_LDAP_CA_CERT_FILE', None)
     AUTH_LDAP_CONNECTION_OPTIONS = {**LDAP_DEFAULT_CONN_OPTIONS}
-    if AUTH_LDAP_CA_CERT_FILE is not None:
+    if AUTH_LDAP_CA_CERT_FILE:
         AUTH_LDAP_CONNECTION_OPTIONS[
             ldap.OPT_X_TLS_CACERTFILE
         ] = AUTH_LDAP_CA_CERT_FILE
         AUTH_LDAP_CONNECTION_OPTIONS[ldap.OPT_X_TLS_NEWCTX] = 0
     AUTH_LDAP_USER_FILTER = env.str(
         'AUTH_LDAP_USER_FILTER', '(sAMAccountName=%(user)s)'
     )
-
     AUTH_LDAP_USER_SEARCH = LDAPSearch(
         env.str('AUTH_LDAP_USER_SEARCH_BASE', None),
         ldap.SCOPE_SUBTREE,
@@ -385,7 +383,6 @@
     AUTH_LDAP_DOMAIN_PRINTABLE = env.str(
         'AUTH_LDAP_DOMAIN_PRINTABLE', AUTH_LDAP_USERNAME_DOMAIN
     )
-
     AUTHENTICATION_BACKENDS = tuple(
         itertools.chain(
             ('projectroles.auth_backends.PrimaryLDAPBackend',),
@@ -398,18 +395,17 @@
         AUTH_LDAP2_SERVER_URI = env.str('AUTH_LDAP2_SERVER_URI', None)
         AUTH_LDAP2_BIND_DN = env.str('AUTH_LDAP2_BIND_DN', None)
         AUTH_LDAP2_BIND_PASSWORD = env.str('AUTH_LDAP2_BIND_PASSWORD', None)
-        AUTH_LDAP2_START_TLS = env.str('AUTH_LDAP2_START_TLS', False)
+        AUTH_LDAP2_START_TLS = env.bool('AUTH_LDAP2_START_TLS', False)
         AUTH_LDAP2_CA_CERT_FILE = env.str('AUTH_LDAP2_CA_CERT_FILE', None)
         AUTH_LDAP2_CONNECTION_OPTIONS = {**LDAP_DEFAULT_CONN_OPTIONS}
-        if AUTH_LDAP2_CA_CERT_FILE is not None:
+        if AUTH_LDAP2_CA_CERT_FILE:
             AUTH_LDAP2_CONNECTION_OPTIONS[
                 ldap.OPT_X_TLS_CACERTFILE
             ] = AUTH_LDAP2_CA_CERT_FILE
             AUTH_LDAP2_CONNECTION_OPTIONS[ldap.OPT_X_TLS_NEWCTX] = 0
         AUTH_LDAP2_USER_FILTER = env.str(
             'AUTH_LDAP2_USER_FILTER', '(sAMAccountName=%(user)s)'
         )
-
         AUTH_LDAP2_USER_SEARCH = LDAPSearch(
             env.str('AUTH_LDAP2_USER_SEARCH_BASE', None),
             ldap.SCOPE_SUBTREE,
@@ -420,7 +416,6 @@
         AUTH_LDAP2_DOMAIN_PRINTABLE = env.str(
             'AUTH_LDAP2_DOMAIN_PRINTABLE', AUTH_LDAP2_USERNAME_DOMAIN
         )
-
         AUTHENTICATION_BACKENDS = tuple(
             itertools.chain(
                 ('projectroles.auth_backends.SecondaryLDAPBackend',),

diff --git a/docs/source/conf.py b/docs/source/conf.py
@@ -23,13 +23,13 @@
 # -- Project information -----------------------------------------------------
 
 project = 'SODAR Core'
-copyright = '2018-2023, Berlin Institute of Health'
+copyright = '2018-2024, Berlin Institute of Health'
 author = 'BIH Core Unit Bioinformatics'
 
 # The short X.Y version
 version = '0.13'
 # The full version, including alpha/beta/rc tags
-release = '0.13.3'
+release = '0.13.4-WIP'
 
 
 # -- General configuration ---------------------------------------------------

diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
@@ -10,6 +10,15 @@ older SODAR Core version. For a complete list of changes in current and previous
 releases, see the :ref:`full changelog<changelog>`.
 
 
+v0.13.4 (WIP)
+*************
+
+Release Highlights
+==================
+
+- General bug fixes and minor updates
+
+
 v0.13.3 (2023-12-06)
 ********************