|
|
@@ -39,10 +39,18 @@ SCOPE = getattr(ldap, "SCOPE_%s" % config.get("acl", "ldap_scope").upper())
|
|
|
|
|
|
def has_right(owner, user, password):
|
|
|
"""Check if ``user``/``password`` couple is valid."""
|
|
|
+ global CONNEXION
|
|
|
+
|
|
|
if not user or (owner not in acl.PRIVATE_USERS and user != owner):
|
|
|
# No user given, or owner is not private and is not user, forbidden
|
|
|
return False
|
|
|
|
|
|
+ try:
|
|
|
+ CONNEXION.whoami_s()
|
|
|
+ except:
|
|
|
+ log.LOGGER.debug("Reconnecting the LDAP server")
|
|
|
+ CONNEXION = ldap.initialize(config.get("acl", "ldap_url"))
|
|
|
+
|
|
|
if BINDDN and PASSWORD:
|
|
|
log.LOGGER.debug("Initial LDAP bind as %s" % BINDDN)
|
|
|
CONNEXION.simple_bind_s(BINDDN, PASSWORD)
|
Guillaume Ayoub