fix e commenti

Author: mamico

setup.py

@@ -14,7 +14,7 @@
 
 setup(
     name="redturtle.pasldap",
-    version="1.0.0a0",
+    version="1.0.0a1",
     description="A new addon for Plone",
     long_description=long_description,
     long_description_content_type="text/markdown",

src/redturtle/pasldap/__init__.py

@@ -33,18 +33,18 @@ def return_false(self, *args, **kwargs):
     LDAPUserPropertySheet.setProperties = return_false
 
 
-def debug(f):
-    def _wrapper(*args, **kwargs):
-        logger.debug("Entering %s", f.__name__)
-        import pdb
-
-        pdb.set_trace()
-        try:
-            return f(*args, **kwargs)
-        finally:
-            logger.debug("Exiting %s", f.__name__)
-
-    return _wrapper
+# def debug(f):
+#     def _wrapper(*args, **kwargs):
+#         logger.debug("Entering %s", f.__name__)
+#         import pdb
+#
+#         pdb.set_trace()
+#         try:
+#             return f(*args, **kwargs)
+#         finally:
+#             logger.debug("Exiting %s", f.__name__)
+#
+#     return _wrapper
 
 
 def apply_patches():

src/redturtle/pasldap/resilient.py

@@ -9,6 +9,21 @@
 
 # logger = logging.getLogger(__name__)
 
+# potential users in the Zope acl_users
+RESERVED_LOGINS = ["root", "admin", "adminrt"]
+RESERVED_IDS = ["root", "admin", "adminrt"]
+
+# [node.ext.ldap:511][MainThread] LDAP search with filter: (&(objectClass=person)(sAMAccountName=root))
+
+# [redturtle.pasldap:58][MainThread] func=pas.plugins.ldap.plugin.enumerateUsers info=None args=(<LDAPPlugin at /.../acl_users/pasldap>,) kwargs={'id': None, 'login': None, 'exact_match': False, 'sort_by': None, 'max_results': None, 'fullname': 'mario'} elapsed=32ms threshold=-1ms 🤔
+
+# [redturtle.pasldap:58][MainThread] func=pas.plugins.ldap.plugin.enumerateUsers info=None args=(<LDAPPlugin at /.../acl_users/pasldap>,) kwargs={'id': None, 'login': None, 'exact_match': False, 'sort_by': None, 'max_results': None, 'email': 'mario'} elapsed=38ms threshold=-1ms 🤔
+
+# [redturtle.pasldap:58][MainThread] func=pas.plugins.ldap.plugin.enumerateUsers info=None args=(<LDAPPlugin at /.../acl_users/pasldap>,) kwargs={'id': '...', 'login': None, 'exact_match': False, 'sort_by': None, 'max_results': None} elapsed=30ms threshold=-1ms 🤔
+
+# XXX: se si fa una ricerca sul pannello di controllo, ad esempio con "mario" vengono comunque interrogati (almeno una volta)
+#      tutti gli utenti dell'ldap ( !?)
+
 
 # OPIONINATED
 def resilient_enumerate_users(orig):
@@ -30,8 +45,12 @@ def _wrapper(
         cache_key = None
         if login is not None and exact_match:
             cache_key = "login:%s" % login
+            if login in RESERVED_LOGINS:
+                return []
         elif id is not None and exact_match:
             cache_key = "id:%s" % id
+            if id in RESERVED_IDS:
+                return []
         if (
             cache_key
             and hasattr(self, "_cache_users")

src/redturtle/pasldap/subscribers/startup.py

@@ -49,6 +49,8 @@ def site_load(event):
 
 def check_pas(plugin):
     # import pdb; pdb.set_trace()
+    # TODO: enumerateUsers deve essere dopo, rispetto a source_users e mutable_properties
+    #       in modo che le risoluzioni locali avvengano subito
     logger.info("  Check plugin: %s", plugin.getId())
     if plugin.is_plugin_active(pas_interfaces.IGroupEnumerationPlugin):
         logger.warning(
@@ -62,6 +64,7 @@ def check_pas(plugin):
         )
     if plugin.is_plugin_active(plonepas_interfaces.group.IGroupManagement):
         logger.warning("    [WARNING] GroupManagement is active => evaluate to disable")
+
     # if plugin.is_plugin_active(pas_interfaces.IPropertiesPlugin):
     #     logger.warning("    [WARNING] PropertiesPlugin is active => evaluate to disable")
     # if plugin.is_plugin_active(pas_interfaces.IRoleEnumerationPlugin):