mozreview: Allow passing an existing ldap connection to query_scm_group (
bug 1287988) r?smacleod
MozReview-Commit-ID: 2UxIn0GW7dl
--- a/pylib/mozreview/mozreview/ldap/__init__.py
+++ b/pylib/mozreview/mozreview/ldap/__init__.py
@@ -37,33 +37,34 @@ def get_ldap_connection():
c.simple_bind_s(user, password)
except ldap.LDAPError as e:
logger.error('Failed to connect to ldap: %s' % e)
return None
return c
-def query_scm_group(username, group):
+def query_scm_group(username, group, ldap_connection=None):
"""Return true if the user is a member of the scm group.
For scm_* groups, the ldap users mail attribute is added
as a memberUid of the group, so check that.
We are cautious and will return false in cases where we
failed to actually query ldap for the group membership.
"""
- l = get_ldap_connection()
- if not l:
+ ldap_connection = ldap_connection or get_ldap_connection()
+ if not ldap_connection:
return False
try:
- l.search('dc=mozilla', ldap.SCOPE_SUBTREE, filterstr='cn=%s' % group)
- result = l.result(timeout=LDAP_QUERY_TIMEOUT)
+ ldap_connection.search('dc=mozilla', ldap.SCOPE_SUBTREE,
+ filterstr='cn=%s' % group)
+ result = ldap_connection.result(timeout=LDAP_QUERY_TIMEOUT)
# The memberUid attribute will only exist if there is
# at least one member of the group.
members = result[1][0][1].get('memberUid') or []
return username in members
except ldap.LDAPError as e:
logger.error('Failed to query ldap for group membership: %s' % e)
return False