Make externalldap sync more robust

2020-07-30 15:08:01 +02:00
parent d89bbdd50c
commit fbc666f178
1 changed files with 7 additions and 1 deletions
--- a/src/externalldap.js
+++ b/src/externalldap.js
@@ -115,6 +115,9 @@ function ldapGetByDN(externalLdapConfig, dn, callback) {

        debug(`Get object at ${dn}`);

+        // basic validation to not crash
+        try { ldap.parseDN(dn); } catch (e) { return callback(new BoxError(BoxError.BAD_FIELD, 'invalid DN')); }
+
        client.search(dn, searchOptions, function (error, result) {
            if (error instanceof ldap.NoSuchObjectError) return callback(new BoxError(BoxError.NOT_FOUND));
            if (error) return callback(new BoxError(BoxError.EXTERNAL_ERROR, error));
@@ -520,12 +523,15 @@ function syncGroupUsers(externalLdapConfig, progressCallback, callback) {

                var ldapGroupMembers = found.member || found.uniqueMember || [];

+                // if only one entry is in the group ldap returns a string, not an array!
+                if (typeof ldapGroupMembers === 'string') ldapGroupMembers = [ ldapGroupMembers ];
+
                debug(`Group ${group.name} has ${ldapGroupMembers.length} members.`);

                async.eachSeries(ldapGroupMembers, function (memberDn, iteratorCallback) {
                    ldapGetByDN(externalLdapConfig, memberDn, function (error, result) {
                        if (error) {
-                            console.error(`Failed to get ${memberDn}:`, error);
+                            console.log(`Failed to get ${memberDn}:`, error);
                            return iteratorCallback();
                        }