Commit c4a7bcb0 authored by Vincent Pelletier's avatar Vincent Pelletier

ERP5Security.ERP5LoginUserManager: Loudly bail in case of database error.

Allows recovering from broken connection strings, as ERP5 authentication
still relies on having a working catalog.
parent 6693bb31
...@@ -37,6 +37,8 @@ from Products.PluggableAuthService.interfaces.plugins import IUserEnumerationPlu ...@@ -37,6 +37,8 @@ from Products.PluggableAuthService.interfaces.plugins import IUserEnumerationPlu
from DateTime import DateTime from DateTime import DateTime
from Products import ERP5Security from Products import ERP5Security
from AccessControl import SpecialUsers from AccessControl import SpecialUsers
from Shared.DC.ZRDB.DA import DatabaseError
from zLOG import LOG, ERROR
# To prevent login thieves # To prevent login thieves
SPECIAL_USER_NAME_SET = ( SPECIAL_USER_NAME_SET = (
...@@ -139,11 +141,23 @@ class ERP5LoginUserManager(BasePlugin): ...@@ -139,11 +141,23 @@ class ERP5LoginUserManager(BasePlugin):
return (user_value.getUserId(), login_value.getReference()) return (user_value.getUserId(), login_value.getReference())
def _getLoginValueFromLogin(self, login, login_portal_type=None): def _getLoginValueFromLogin(self, login, login_portal_type=None):
try:
user_list = self.enumerateUsers( user_list = self.enumerateUsers(
login=login, login=login,
exact_match=True, exact_match=True,
login_portal_type=login_portal_type, login_portal_type=login_portal_type,
) )
except DatabaseError:
# DatabaseError gets raised when catalog is not functional. In which case
# it should be fine to bail without any user, letting PAS continue trying
# other plugins.
LOG(
repr(self),
ERROR,
'enumerateUsers raised, bailing',
error=True,
)
user_list = []
if not user_list: if not user_list:
return return
single_user, = user_list single_user, = user_list
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment