Change log for the LDAPMultiPlugins product 1.5 (2007/06/13) Bugs fixed - The product will no longer silently fail to install if the LDAPUserFolder package is not installed. Silent failure does not look like a good strategy here. - fixes and import cleanups after running Pyflakes (http://divmod.org:81/svn/Divmod/trunk/Pyflakes/) Other - added some additional configuration hints to the README, thanks go to Brett Lentz (http://www.dataflake.org/tracker/issue_00559) 1.5-beta (2007/03/03) Bugs fixed - LDAPMultiPlugin.enumerateUsers: If no useful search criteria are given (meaning no user ID or login is specified), fabricate a criteria set that will return all users, this is the expected behavior when calling enumerateUsers. - LDAPMultiPlugin.enumerateUsers: When iterating over search results from the user folder we now look for the special "fake result" emitted by the user folder if there is an error. Not elegant, but needed until error handling is changed in the LDAPUserFolder. - Instead of throwing exceptions, the ActiveDirectoryMultiPlugin will now log error conditions and continue, with a patch from Mark Hammond. (http://www.dataflake.org/tracker/issue_00554) - Adjusted an import that has been removed from the PluggableAuthService utils module. (http://www.dataflake.org/tracker/issue_00542) - Remove the ICredentialsUpdatePlugin implementation - it was implemented wrongly and should not have been part of the contract at all due to an interface misunderstanding. (http://www.dataflake.org/tracker/issue_00539) Other - Moved the PluggableAuthService dependency up to version 1.4 1.4 (2006/10/16) Bugs fixed - The ActiveDirectoryMultiPlugin did not ensure to correctly escape search filters it constructed internally. (http://www.dataflake.org/tracker/issue_00507) - The add form selection whether or not to use SSL for the LDAP server connection was not handed through correctly, identified by Olivier Nicole (http://www.dataflake.org/tracker/issue_00526) Other - Revamped the way recursive group memberships are found and applied, not sure if the previous implementation was a bug or not. Many thanks to John Hannon for a patch. This change includes the ability to specify a nesting depth to which the recursive search will go. (http://www.dataflake.org/tracker/issue_00513) - Added some notes on how to enable caching using the ZCacheable mechanism 1.3 (2006/07/29) Bugs fixed * Update the enumerateGroups method to use the new LDAPUserFolder method "searchGroups". This changes the LDAPUserFolder dependency to version 2.7. Patch provided by Leonardo Rochael Almeida. * The ActiveDirectoryMultiPlugin enumerateUsers method would only search correctly if login or id were explicitly specified (thanks to Sidnei da Silva for the patch). * Make sure to apply the same checks for user existence in getRolesForPrincipal that are used by getPropertiesForUser (http://www.dataflake.org/tracker/issue_00503 by Riccardo Lemmi) * Fixed the enumerateUsers implementation to be more efficient and use the new searchUsers method on the LDAPUserFolder (thanks to Wichert Akkerman for the problem description and solution) Other * Added simple caching of groups information, provided by Leonardo Rochael Almeida. * Software dependencies are now documented in a separate DEPENDENCIES.txt file. Please note that the packages mentioned in DEPENDENCIES.txt may have their own dependencies that must be satisfied as well. * Replaced all zLOG usage with equivalent calls into the Python logging module, and reducing the chattiness coded into the ActiveDirectoryMultiPlugin (INFO -> DEBUG) * Started on a test suite 1.2 (2006/03/02) Bugs fixed * In order to avoid duplicate search results, the enumerateUsers method used a simple dictionary to store DNs for records that were already processed. However, the keys put into this dictionary were munged and really could not be compared to raw search result DNs anymore. Thanks go to Wichert Akkerman for spotting this obvious error (http://www.dataflake.org/tracker/issue_00485). * Speed up enumerateGroups by letting the LDAP server do more of the filtering (thanks to Wichert Akkerman, http://www.dataflake.org/tracker/issue_00483) * Applied a performance fix to the ActiveDirectoryPlugin's _recurseGroups method (thanks got to Mark Hammond for the patch, http://www.dataflake.org/tracker/issue_00476) 1.1 (2005/10/29) Bugs fixed * The LDAPMultiPlugins ignored default roles configured on the LDAPUserFolder and would not add it to the set of roles computed (seen by Sidnei da Silva). * enumerateUsers now allows you to do exact-match searches on attributes other than just the user ID and login (patch by Sidnei da Silva). **Note**: This code now requires LDAPUserFolder versions 2.6 or higher, which support exact match searches using LDAPUserFolder.findUsers. 1.0 (2005/08/18) Other * The interface machinery expected by the PluggableAuthService has been changed to use Zope 3-style interfaces. Thanks go to Leonardo Rochael Almeida who provided a patch to fix the resulting breakage. * Changed the initialization code for the plugins to conform to the changed initialization code in the LDAPUserFolder product versions 2.6beta3 and up. 1.0beta3 Other * Changes to the way the user IDs are mangled/unmangled to be in line with the changes in the latest PluggableAuthService code (Patch provided by Mark Hammond) 1.0beta2 Bugs fixed * When retrieving properties for a user, None values have to be converted to an empty string to prevent the user propertysheet machinery from blowing up trying to guess what kind of property a None value could represent. 1.0beta1 Bugs fixed * Role retrieval was broken, small fix involves changing a call to the LDAPUserFolder LDAPMultiPlugins 0.9 First public release