From 75870d49ace5f783e163907c3ebe3eceafb79272 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Sw=C3=A4rd?= <excds@kth.se>
Date: Tue, 21 Mar 2023 13:24:18 +0100
Subject: [PATCH] graph: Hide ldap error on group membership patch.

---
 services/graph/pkg/identity/ldap_group.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/services/graph/pkg/identity/ldap_group.go b/services/graph/pkg/identity/ldap_group.go
index 778ae5b897..01a9d143ca 100644
--- a/services/graph/pkg/identity/ldap_group.go
+++ b/services/graph/pkg/identity/ldap_group.go
@@ -270,6 +270,14 @@ func (i *LDAP) AddMembersToGroup(ctx context.Context, groupID string, memberIDs
 		mr.Add(i.groupAttributeMap.member, newMemberDN)
 
 		if err := i.conn.Modify(&mr); err != nil {
+			if lerr, ok := err.(*ldap.Error); ok {
+				if lerr.ResultCode == ldap.LDAPResultAttributeOrValueExists {
+					err = fmt.Errorf("Duplicate member entries in request")
+				} else {
+					logger.Info().Err(err).Msg("Failed to modify group member entries on PATCH group")
+					err = fmt.Errorf("Unknown error when trying to modify group member entries")
+				}
+			}
 			return err
 		}
 	}