[checkmk-commits] Check_MK Git: check_mk: FIX LDAP: Disable logging of password changes received from LDAP

Module: check_mk Branch: master Commit: 7deecb41653ab8807781886b86688245e87c4ff2 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7deecb41653ab8… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Mon Feb 17 09:34:50 2014 +0100 FIX LDAP: Disable logging of password changes received from LDAP --- .werks/671 | 9 +++++++++ ChangeLog | 1 + web/plugins/userdb/ldap.py | 19 +++++++++++-------- 3 files changed, 21 insertions(+), 8 deletions(-) diff --git a/.werks/671 b/.werks/671 new file mode 100644 index 0000000..10f5b1c --- /dev/null +++ b/.werks/671 @@ -0,0 +1,9 @@ +Title: LDAP: Disable logging of password changes received from LDAP +Level: 1 +Component: multisite +Class: fix +State: unknown +Version: 1.2.5i1 +Date: 1392626070 + + diff --git a/ChangeLog b/ChangeLog index 3a17581..03b0ba7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -219,6 +219,7 @@ * 0274 FIX: Fixed exception when view title or description was missing * 0278 FIX: Fixed bookmark icon images for non-english user languages... * 0670 FIX: LDAP: Fixed sync when non lower case attributes are configured... + * 0671 FIX: LDAP: Disable logging of password changes received from LDAP WATO: * 0308 Multisite can now set rotation view permissions for NagVis... diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py index 31809b3..31e1ced 100644 --- a/web/plugins/userdb/ldap.py +++ b/web/plugins/userdb/ldap.py @@ -1044,16 +1044,19 @@ def ldap_sync(add_to_changelog, only_username): details.append(_('Added: %s') % ', '.join(added)) if removed: details.append(_('Removed: %s') % ', '.join(removed)) + + # Ignore password changes from ldap - do not log them. For now. + if 'ldap_pw_last_changed' in changed: + changed.remove('ldap_pw_last_changed') + if 'serial' in changed: + changed.remove('serial') + if changed: - if 'ldap_pw_last_changed' in changed and 'serial' in changed: - details.append(_('Password Changed')) - changed.remove('ldap_pw_last_changed') - changed.remove('serial') - if changed: - details.append(('Changed: %s') % ', '.join(changed)) + details.append(('Changed: %s') % ', '.join(changed)) - wato.log_pending(wato.SYNCRESTART, None, "edit-users", - _("LDAP Connector: Modified user %s (%s)") % (user_id, ', '.join(details))) + if details: + wato.log_pending(wato.SYNCRESTART, None, "edit-users", + _("LDAP Connector: Modified user %s (%s)") % (user_id, ', '.join(details))) duration = time.time() - start_time ldap_log('SYNC FINISHED - Duration: %0.3f sec' % duration)