Turn the LDAPError handler into a context manager

This has the advantage that the traceback is left intact if an error other than LDAPError is raised. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
2025-02-25 18:55:28 -06:00 · 2013-01-21 06:35:38 -05:00
parent d11c337541
commit 1960945e28
2 changed files with 45 additions and 72 deletions
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -128,7 +128,7 @@ class ldap2(LDAPConnection, CrudBackend):
        if debug_level:
            _ldap.set_option(_ldap.OPT_DEBUG_LEVEL, debug_level)

-        try:
+        with self.error_handler():
            force_updates = api.env.context in ('installer', 'updates')
            conn = IPASimpleLDAPObject(
                self.ldap_uri, force_schema_updates=force_updates)
@@ -167,9 +167,6 @@ class ldap2(LDAPConnection, CrudBackend):
                else:
                    conn.simple_bind_s(bind_dn, bind_pw)

-        except _ldap.LDAPError, e:
-            self.handle_errors(e)
-
        return conn

    def destroy_connection(self):
@@ -346,18 +343,14 @@ class ldap2(LDAPConnection, CrudBackend):
        # The python-ldap passwd command doesn't verify the old password
        # so we'll do a simple bind to validate it.
        if old_pass != '':
-            try:
+            with self.error_handler():
                conn = IPASimpleLDAPObject(
                    self.ldap_uri, force_schema_updates=False)
                conn.simple_bind_s(dn, old_pass)
                conn.unbind()
-            except _ldap.LDAPError, e:
-                self.handle_errors(e)

-        try:
+        with self.error_handler():
            self.conn.passwd_s(dn, old_pass, new_pass)
-        except _ldap.LDAPError, e:
-            self.handle_errors(e)

    def add_entry_to_group(self, dn, group_dn, member_attr='member', allow_same=False):
        """
@@ -473,10 +466,8 @@ class ldap2(LDAPConnection, CrudBackend):
        mod = [(_ldap.MOD_REPLACE, 'krbprincipalkey', None),
               (_ldap.MOD_REPLACE, 'krblastpwdchange', None)]

-        try:
+        with self.error_handler():
            self.conn.modify_s(dn, mod)
-        except _ldap.LDAPError, e:
-            self.handle_errors(e)

    # CrudBackend methods