From 2becf821d3d63469a2fd3dd012bc579674c5cd1e Mon Sep 17 00:00:00 2001
From: Daniel STAN <daniel.stan@crans.org>
Date: Wed, 28 Oct 2015 17:42:17 +0100
Subject: [PATCH] readonly_password is None => ask secrets

---
 lc_ldap.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lc_ldap.py b/lc_ldap.py
index f557b50..ff0a622 100644
--- a/lc_ldap.py
+++ b/lc_ldap.py
@@ -58,6 +58,7 @@ if "/usr/scripts" not in sys.path:
     sys.path.append('/usr/scripts')
 
 import gestion.config as config
+from gestion import secrets_new as secrets
 import cranslib.deprecated
 
 # A priori, ldif_to_uldif et ldif_to_cldif sont obsolètes,
@@ -105,6 +106,10 @@ class lc_ldap(ldap.ldapobject.LDAPObject, object):
 
         # Si un username, on récupère le dn associé…
         if user and not dn:
+            if readonly_dn is None:
+                readonly_dn = secrets.get('ldap_readonly_auth_dn')
+            if readonly_password is None:
+                readonly_password = secrets.get('ldap_readonly_password')
             dn = self.user_to_dn(user, readonly_dn, readonly_password)
 
         # Si on a un dn, on se connecte avec à la base ldap sinon on s'y