diff options
author | Pavel Zuna <pzuna@redhat.com> | 2011-01-25 15:24:03 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-01-26 11:38:58 -0500 |
commit | c9ab92f21076c3a97cb2b945cee7c585afc830d0 (patch) | |
tree | 534cba446bb0e7b4693a9c71cca39778dd24b65b /ipaserver/plugins | |
parent | b871b90ef023ebc705ea17bd076cfece619180f6 (diff) | |
download | freeipa-c9ab92f21076c3a97cb2b945cee7c585afc830d0.tar.gz freeipa-c9ab92f21076c3a97cb2b945cee7c585afc830d0.tar.xz freeipa-c9ab92f21076c3a97cb2b945cee7c585afc830d0.zip |
Add ldap2 method to retrieve allowed attributes for specified objectClasses.
ldap2.get_allowed_attribute(['posixuser'])
returns a list of unicode all lower case attribute names allowed
for the object class 'posixuser'
Diffstat (limited to 'ipaserver/plugins')
-rw-r--r-- | ipaserver/plugins/ldap2.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index c920d21f9..f540880bb 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -266,6 +266,16 @@ class ldap2(CrudBackend, Encoder): else: return None + def get_allowed_attributes(self, objectclasses): + if not self.schema: + return [] + allowed_attributes = [] + for oc in objectclasses: + obj = self.schema.get_obj(_ldap.schema.ObjectClass, oc) + if obj is not None: + allowed_attributes += obj.must + obj.may + return [unicode(a).lower() for a in list(set(allowed_attributes))] + def get_single_value(self, attr): """ Check the schema to see if the attribute is single-valued. @@ -597,15 +607,19 @@ class ldap2(CrudBackend, Encoder): Keyword arguments: attrs_list - list of attributes to return, all if None (default None) """ - return self.find_entries(None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit, size_limit=size_limit, normalize=normalize)[0][0] + return self.find_entries( + None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit, + size_limit=size_limit, normalize=normalize + )[0][0] config_defaults = {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]} - def get_ipa_config(self): + def get_ipa_config(self, attrs_list=None): """Returns the IPA configuration entry (dn, entry_attrs).""" cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn) try: (cdn, config_entry) = self.find_entries( - base_dn=cdn, scope=self.SCOPE_BASE, time_limit=2, size_limit=10 + None, attrs_list, base_dn=cdn, scope=self.SCOPE_BASE, + time_limit=2, size_limit=10 )[0][0] except errors.NotFound: config_entry = {} |