Philippe Pepiot <philippe.pepiot@logilab.fr> [Thu, 28 Mar 2019 11:39:36 +0100] rev 12627
[server/test] make test filename uniques
To avoid these pytest error when collecting the whole test suite:
import file mismatch:
imported module 'unittest_utils' has this __file__ attribute:
cubicweb/cubicweb/server/test/unittest_utils.py
which is not the same as the test file we want to collect:
cubicweb/cubicweb/test/unittest_utils.py
Move cubicweb/server/test/unittest_security.py to cubicweb/server/test/unittest_security.py
and cubicweb/test/unittest_utils.py to cubicweb/test/unittest_server_utils.py
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 24 May 2019 16:29:14 +0200] rev 12626
Merge 3.26
julien tayon <julien.tayon@logilab.fr> [Tue, 21 May 2019 10:50:08 +0200] rev 12625
[dataimport] Fix case when extid is text in use_extid_as_cwuri()
Extid can be bytes or text.
This avoid AttributeError: 'str' object has no attribute 'decode'
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:34:08 +0200] rev 12624
[doc] fix key used in the hook example
The hook's regid is check_no_subsidiary_cycle.
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:32:09 +0200] rev 12623
[doc] set_operation has been replaced by add_data
See the changelog https://cubicweb.readthedocs.io/en/3.26/changes/changelog/#id14
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:30:52 +0200] rev 12622
[doc] check_cycle is a standard function
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:29:49 +0200] rev 12621
[doc] fix several typos
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 21 May 2019 10:18:54 +0200] rev 12620
[pkg] make cubicweb[crypto] depends on pycryptodome instead of pycrypto
pycrypto isn't maintained anymore, the last release 2.6.1 is from 2014.
Use the drop-in replacement fork pycryptodome instead.
pycryptodome is packaged in debian starting from stretch-backports.
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 21 May 2019 10:18:38 +0200] rev 12619
[crypto] Encode unicode strings in _cypherer()
pycrypto accept both bytes or string but pycryptodome, which will be introduced
in next changeset, doesn't accept this.
For backward compatibility, encode unicode strings in _cypherer()
julien tayon <julien.tayon@logilab.fr> [Thu, 16 May 2019 14:26:38 +0200] rev 12618
[ldapfeed] FIX: Unique Key violation when synchronizing with LDAPfeed
What was happening
==================
The bug appears when ldapfeed tries to insert a user while another user exists
exists with a different source.
Simple use case to reproduce:
- create a local user in cubicweb (source=system)
- sync with ldap
- ldapfeed will stop complaining user already exists.
Without next patch the test MUST fail with message:
cubicweb/server/sources/native.py:714: UniqueTogetherError
The ldapfeed is thus stopped ignoring any further ldap entries.
The proposal
============
Prior to this patch, the insertion was trying to create all CWUser with the
computed login from eeimporter.extid2eid (method process of DataFeedLDAPAdapter).
When a CWUser existed with a different cw_source ("system" for user created
with cubicweb for instance), it created a conflict.
To avoid collisions, in the extentities_generator method a bypass
was added at the insertion layer.
Prior to insertion the absence of the computed login is checked on a list of
all existing login from a different source.
If collision is detected, we skip the ldap record.
By short circuiting at the CWUser entity insertion level we also avoid to treat
CWGroup and EmailAddress related to this user.
Hence ensuring a behaviour that will not break existing instances.
(conservative approach: faced with ambiguity better do nothing than guess).
An error message is added stating explicitly the conflict.