diff options
author | Martin Kosek <mkosek@redhat.com> | 2012-10-29 10:32:39 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-11-01 15:32:11 +0100 |
commit | d180d3c10145d4f2ad2d4dfd5243f9f1eb1083b3 (patch) | |
tree | b2e8b8f2b3967cbe9010c14f2181c2aa8f26af60 /ipaserver/plugins | |
parent | e7c99e7d21f7923c92cf9dae9fd8c7d5ae4aa8cd (diff) | |
download | freeipa-d180d3c10145d4f2ad2d4dfd5243f9f1eb1083b3.tar.gz freeipa-d180d3c10145d4f2ad2d4dfd5243f9f1eb1083b3.tar.xz freeipa-d180d3c10145d4f2ad2d4dfd5243f9f1eb1083b3.zip |
Use common encoding in modlist generation
ldap2 server plugin generates a modlist for every IPA command entry
modification. However, encoding of attributes entry_attrs generated
by our framework still does not match entry read from LDAP (until
ticket #2265 is addressed), convert compared values to common ground
so that the comparison does not report false positives when encoding
do not match (e.g. 'int' and 'unicode').
https://fedorahosted.org/freeipa/ticket/3220
Diffstat (limited to 'ipaserver/plugins')
-rw-r--r-- | ipaserver/plugins/ldap2.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index caf35096c..519f4613a 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -1341,6 +1341,22 @@ class ldap2(CrudBackend): v = set(filter(lambda value: value is not None, v)) old_v = set(entry_attrs_old.get(k.lower(), [])) + # FIXME: Convert all values to either unicode, DN or str + # before detecting value changes (see IPASimpleLDAPObject for + # supported types). + # This conversion will set a common ground for the comparison. + # + # This fix can be removed when ticket 2265 is fixed and our + # encoded entry_attrs' types will match get_entry result + try: + v = set(unicode_from_utf8(self.conn.encode(value)) + if not isinstance(value, (DN, str, unicode)) + else value for value in v) + except Exception, e: + # Rather let the value slip in modlist than let ldap2 crash + self.error("Cannot convert attribute '%s' for modlist " + "for modlist comparison: %s", k, e) + adds = list(v.difference(old_v)) rems = list(old_v.difference(v)) |