From 0b9d9fc6e446d9964f2b035563bac9bd32116ec8 Mon Sep 17 00:00:00 2001
From: Filip Stenbacka <filip.stenbacka@gmail.com>
Date: Sat, 6 Jan 2024 16:48:12 +0200
Subject: [PATCH] Fixed issue where removing a user from the member group would
 fail if the user was not part of the group. An addition to the already
 resolved issue #186.

---
 teknologr/api/ldap.py | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/teknologr/api/ldap.py b/teknologr/api/ldap.py
index d1c5a646..209e2faa 100644
--- a/teknologr/api/ldap.py
+++ b/teknologr/api/ldap.py
@@ -123,11 +123,16 @@ def check_account(self, username):
             raise e
 
     def delete_account(self, username):
-        # Remove user from members group
-        group_dn = env("LDAP_MEMBER_GROUP_DN")
-        self.ldap.modify_s(group_dn, [(ldap.MOD_DELETE, 'memberUid', username.encode('utf-8'))])
+        # Remove user from the members LDAP group, but do not throw if the user it not part of it
+        try:
+            group_dn = env("LDAP_MEMBER_GROUP_DN")
+            self.ldap.modify_s(group_dn, [(ldap.MOD_DELETE, 'memberUid', username.encode('utf-8'))])
+        except ldap.LDAPError as e:
+            # Result code 16 = noSuchAttribute
+            if e.args[0].get('result') != 16:
+                raise e
 
-        # Remove user, if it exists
+        # Removing non-existent user would fail, so checking that first
         if self.check_account(username):
             dn = env("LDAP_USER_DN_TEMPLATE") % {'user': username}
             self.ldap.delete_s(dn)