LDAP connection error handling

As infra/documentation#157 suggests, LDAP connection errors (e.g. caused by a restart of the LDAP server) cause users to be falsly deleted.

marked this issue as related to postorius-ldap-membership-management#1 (closed)

assigned to @julian

Mass user deletion only happens, if an LDAP errors occur during the SEARCH operation in the syncldap command. This is most likely the case, because django_auth_ldap choses to ignore all ldap.LDAPError exceptions in LDAPSearch.execute:

try:
		filterstr = self.filterstr % filterargs
		results = connection.search_s(
				self.base_dn, self.scope, filterstr, self.attrlist
		)
except ldap.LDAPError as e:
		results = []
		logger.error(
				"search_s('{}', {}, '{}') raised {}".format(
						self.base_dn, self.scope, filterstr, pprint.pformat(e)
				)
		)

I.e. it returns an empty list if an error occurred (as well as if there are really no users) and there is litte we can do in terms of error checking. The two options I see are: 1) Abort of search returns no results. 2) Replace user deletion with user locking (after verifying locking works as intended) to limit the impact of these errors.

mentioned in issue postorius-ldap-membership-management#1 (closed)

Technically we could do what LDAPSearch.execute does ourselves. This somewhat breaks abstractions, since django.conf.settings.AUTH_LDAP_USER_SEARCH_ALL_NAME could by any object with an execute method (e.g. LDAPSearchUnion) depending on the config. But doing strong type checking (i.e. limiting django.conf.settings.AUTH_LDAP_USER_SEARCH_ALL_NAME to LDAPSearch) and then implementing LDAPSearch.execute ourselves is probably the best option.

closed with commit 97726636