Some fixes in LDAP

ACU/LDAP.pm

@@ -11,6 +11,7 @@ use Net::LDAP::Util qw(ldap_error_text);
 
 use ACU::Password;
 use ACU::Right;
+use ACU::Log;
 
 ## Connection functions
 
@@ -27,15 +28,17 @@ our $secret_search = \&ldap_get_password;
 
 sub ldap_connect()
 {
-    if ($bindsecret eq "") {
+    if (!$bindsecret) {
 	$bindsecret = $secret_search->();
     }
 
     my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");
     my $mesg = $ldap->bind($binddn, password => $bindsecret) or die ("$@");
 
+    ACU::Log::do_debug("Connect to LDAP with $binddn");
+
     if ($mesg->code) {
-	die "An error occurred: " .ldap_error_text($mesg->code)."\n";
+	ACU::Log::do_err("An error occurred: " .ldap_error_text($mesg->code));
     }
 
     return $ldap;
@@ -46,8 +49,10 @@ sub ldap_connect_anon()
     my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");
     my $mesg = $ldap->bind or die ("$@");
 
+    ACU::Log::do_debug("Connect to LDAP anonymously");
+
     if ($mesg->code) {
-	die "An error occurred: " .ldap_error_text($mesg->code)."\n";
+	ACU::Log::do_err("An error occurred: " .ldap_error_text($mesg->code));
     }
 
     return $ldap;
@@ -65,13 +70,15 @@ sub add_group($$$;$)
 
     my $dn = "cn=$cn,ou=$year,ou=$ou,ou=groups,dc=acu,dc=epita,dc=fr";
 
+    ACU::Log::do_debug("Add group $dn");
+
     my $mesg = $ldap->add( $dn,
 		attrs => [
 		    objectclass => "intraGroup",
 		    cn => $cn,
 		]
 	);
-    if ($mesg->code != 0) { die $mesg->error; }
+    if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; }
 
     return $dn;
 }
@@ -84,17 +91,19 @@ sub delete_group($$;$)
 
     my $ldap = ldap_connect();
 
+    ACU::Log::do_debug("Delete group ou=groups,dc=acu,dc=epita,dc=fr");
+
     my $mesg = $ldap->search( # search
 			      base   => "ou=groups,dc=acu,dc=epita,dc=fr",
 			      filter => "cn=$cn",
 			      scope => "sub"
 	);
-    if ($mesg->code != 0) { die $mesg->error; }
-    if ($mesg->count != 1) { die  "$cn not found or multiple entries match"; }
+    if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; }
+    if ($mesg->count != 1) { ACU::Log::do_warn("$cn not found or multiple entries match"); return 0; }
 
     $ldap->delete( $mesg->entry(0)->dn );
 
-    $ldap->unbind or die ("couldn't disconnect correctly");
+    $ldap->unbind or ACU::Log::do_warn ("couldn't disconnect correctly");
 }
 
 sub get_year(;$)
@@ -118,8 +127,8 @@ sub get_dn($$@)
 			      attrs => @_,
 			      scope => "base"
 	);
-    if ($mesg->code != 0) { print $mesg->error; return undef; }
-    if ($mesg->count != 1) { return undef; }
+    if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return undef; }
+    if ($mesg->count != 1) { ACU::Log::do_warn("$cn not found or multiple entries match"); return undef; }
 
     return $mesg->entry(0);
 }
@@ -138,6 +147,9 @@ sub add_attribute($$$@)
     {
 	if (! grep(/^$value$/, @data)) {
 	    $mod = 1;
+
+	    ACU::Log::do_debug("Add attribute $value to $dn");
+
 	    push @data, $value;
 	}
     }
@@ -145,7 +157,11 @@ sub add_attribute($$$@)
     if ($mod)
     {
 	$entry->replace($what => \@data) or die $!;
-	$entry->update($ldap) or die $!;
+	my $mesg = $entry->update($ldap) or die $!;
+
+	if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; }
+	if ($mesg->count != 1) { ACU::Log::do_warn("$cn not found or multiple entries match"); return 0; }
+
 	return 1;
     }
     else {
@@ -166,6 +182,8 @@ sub delete_attribute($$$@)
     for my $value (@_)
     {
 	if (grep(/^$value$/, @data)) {
+	    ACU::Log::do_debug("Remove attribute $what ($value) from $dn");
+
 	    @data = grep(!/$value$/, @data);
 	    $mod = 1;
 	}
@@ -174,7 +192,8 @@ sub delete_attribute($$$@)
     if ($mod)
     {
 	$entry->replace($what => \@data) or die $!;
-	$entry->update($ldap) or die $!;
+	my $mesg = $entry->update($ldap) or die $!;
+	if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; }
 	return 1;
     }
     else {
@@ -186,9 +205,11 @@ sub delete_entry($$)
 {
     my $ldap = shift // ldap_connect();
 
-    $ldap->delete( shift );
+    my $mesg = $ldap->delete( shift );
 
-    $ldap->unbind or die ("couldn't disconnect correctly");
+    if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; }
+
+    return 1;
 }
 
 sub flush_attribute($$@)
@@ -196,7 +217,11 @@ sub flush_attribute($$@)
     my $ldap = shift // ldap_connect();
     my $dn = shift;
 
-    return !($ldap->modify($dn, delete => \@_)->code);
+    $ldap->modify($dn, delete => \@_)->code;
+
+    if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return 0; }
+
+    return 1;
 }
 
 sub get_attribute($$$)
@@ -224,8 +249,8 @@ sub search_dn($$@)
 			      attrs => [ ],
 			      scope => "sub"
 	);
-    if ($mesg->code != 0) { print $mesg->error; return undef; }
-    if ($mesg->count != 1) { return undef; }
+    if ($mesg->code != 0) { ACU::Log::do_warn($mesg->error); return undef; }
+    if ($mesg->count != 1) { ACU::Log::do_warn("$cn not found or multiple entries match"); return undef; }
 
     return $mesg->entry(0)->dn;
 }
@@ -237,8 +262,14 @@ sub update_attribute($$$@)
     my $what = shift;
 
     my $entry = get_dn($ldap, $dn, $what);
-    $entry->replace($what => \@_) or die $!;
-    $entry->update($ldap) or die $!;
+    $entry->replace($what => \@_);
+    my $mesg = $entry->update($ldap);
+
+    if ($mesg->code != 0) {
+	ACU::Log::do_warn($mesg->error);
+	return 0;
+    }
+
     return 1;
 }