Fix an issue when the DNS AD referal is in the path.
An Exception is raised, with the following stacktrace::
Traceback (most recent call last):
File "/www/lemur/lemur/auth/views.py", line 317, in post
user = ldap_principal.authenticate()
File "/www/lemur/lemur/auth/ldap.py", line 147, in authenticate
self._bind()
File "/www/lemur/lemur/auth/ldap.py", line 216, in _bind
self.ldap_groups.append(values["cn"][0].decode("ascii"))
TypeError: list indices must be integers or slices, not str
This is issue is trigerred by some extra rows that referrences
the DNS subtree::
['ldaps://DomainDnsZones.xxxx']
Limiting the extraction to the expected dicts fix this issue.
This commit fixes the ability to assign roles to people in the ui
when the user is SSO. The idea is if a role is ever assigned via
SSO it becomes a "SSO Role" or a "Third Party" Role. by setting
third_party to true on the role object.
Once a role is marked as third party it can no longer be controlled
through the ui for SSO Users. (for ui users this poses no functional
change). It must be controlled via SSO.
