Add LOG_LEVEL config option and improve LDAP sync resiliency

README.md

@@ -86,6 +86,8 @@ Now it's time to configure AMIV API. Create a file `config.py`
 
 
 ```python
+import logging 
+
 # Root password, *definitely* change this!
 ROOT_PASSWORD = 'root'
 
@@ -96,6 +98,8 @@ MONGO_DBNAME = 'amivapi'
 MONGO_USERNAME = 'amivapi'
 MONGO_PASSWORD = 'amivapi'
 
+LOG_LEVEL = logging.INFO
+
 # Sentry error logging
 # SENTRY_DSN = "https://<key>@sentry.io/<project>"
 # SENTRY_ENVIRONMENT = 'production'

amivapi/auth/sessions.py

@@ -17,13 +17,7 @@
 from flask import abort
 from flask import current_app as app
 from ldap3.core.exceptions import LDAPException
-
-
-# Change when we drop python3.5 support
-try:
-    from secrets import token_urlsafe
-except ImportError:
-    from amivapi.utils import token_urlsafe
+from secrets import token_urlsafe
 
 
 class SessionAuth(AmivTokenAuth):

amivapi/bootstrap.py

@@ -7,6 +7,7 @@
 
 from os import getcwd, getenv
 from os.path import abspath
+import logging
 
 from eve import Eve
 from flask import Config
@@ -88,6 +89,7 @@ def create_app(config_file=None, **kwargs):
     app = Eve("amivapi",  # Flask needs this name to find the static folder
               settings=config,
               validator=ValidatorAMIV)
+    app.logger.setLevel(app.config.get('LOG_LEVEL') or logging.INFO)
     app.logger.info(config_status)
 
     # Set up error logging with sentry

amivapi/ldap.py

@@ -154,7 +154,7 @@ def _process_data(data):
     to the correct fields for the user resource.
     """
     res = {'nethz': data.get('cn', [None])[0],
-           'legi': data.get('swissEduPersonMatriculationNumber'),
+           'legi': data.get('swissEduPersonMatriculationNumber', None),
            'firstname': data.get('givenName', [None])[0],
            'lastname': data.get('sn', [None])[0]}
     if res['nethz'] is not None:
@@ -165,7 +165,7 @@ def _process_data(data):
         res['gender'] = \
             u"male" if int(data['swissEduPersonGender']) == 1 else u"female"
 
-    # See file docstring for explanation of `deparmentNumber` field
+    # See file docstring for explanation of `departmentNumber` field
     # In some rare cases, the departmentNumber field is either empty
     # or missing -> normalize to empty string
     department_info = next(iter(
@@ -210,7 +210,7 @@ def _create_or_update_user(ldap_data):
     with admin_permissions():
         if db_data:
             # Membership will not be downgraded and email not be overwritten
-            # Newletter settings will also not be adjusted
+            # Newsletter settings will also not be adjusted
             ldap_data.pop('email', None)
             if db_data.get('membership') != u"none":
                 ldap_data.pop('membership', None)

amivapi/utils.py

@@ -4,7 +4,6 @@
 #          you to buy us beer if we meet and you like the software.
 """Utilities."""
 
-from base64 import b64encode
 from contextlib import contextmanager
 from copy import deepcopy
 from email.mime.multipart import MIMEMultipart
@@ -22,24 +21,6 @@
 from flask import g
 
 
-def token_urlsafe(nbytes=32):
-    """Cryptographically random generate a token that can be passed in a URL.
-
-    This function is available as secrets.token_urlsafe in python3.6. We can
-    remove this function when we drop python3.5 support.
-
-    Args:
-        nbytes: Number of random bytes used to generate the token. Note that
-        this is not the resulting length of the token, just the amount of
-        randomness.
-
-    Returns:
-        str: A random string containing only urlsafe characters.
-    """
-    return b64encode(urandom(nbytes)).decode("utf-8").replace("+", "-").replace(
-        "/", "_").rstrip("=")
-
-
 @contextmanager
 def admin_permissions():
     """Switch to a context with admin rights and restore state afterwards.

dev_config.py

@@ -1,3 +1,5 @@
+import logging
+
 # Mongo config. Do not change!
 MONGO_HOST = 'mongodb'
 MONGO_PORT = 27017
@@ -8,6 +10,8 @@
 # Add other config options as you need below.
 ROOT_PASSWORD = 'root'
 
+LOG_LEVEL = logging.DEBUG
+
 # Sentry error logging
 # SENTRY_DSN = "https://<key>@sentry.io/<project>"
 # SENTRY_ENVIRONMENT = 'production'