diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2009-01-16 10:20:23 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2009-01-19 10:40:11 -0500 |
| commit | e4b9be209ef6349966cf1aeaff0f2438cee2e9a9 (patch) | |
| tree | 6e92af2f15ee63fd5cad648709e6f6d8ea3bb985 /ipaserver/servercore.py | |
| parent | 8154131ce1975c9e2109e408a0a25631ea797a8c (diff) | |
| download | freeipa-e4b9be209ef6349966cf1aeaff0f2438cee2e9a9.tar.gz freeipa-e4b9be209ef6349966cf1aeaff0f2438cee2e9a9.tar.xz freeipa-e4b9be209ef6349966cf1aeaff0f2438cee2e9a9.zip | |
Make the membership attribute an argument and add new method entry.delAttr()
We need a way to say "this attribute is blank, delete it." delAttr does this.
There are now several attributes to which we add "members" to so make the
attribute for storing members configurable, defaulting to 'member'
Diffstat (limited to 'ipaserver/servercore.py')
| -rw-r--r-- | ipaserver/servercore.py | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/ipaserver/servercore.py b/ipaserver/servercore.py index 6991989e5..362013401 100644 --- a/ipaserver/servercore.py +++ b/ipaserver/servercore.py @@ -227,16 +227,19 @@ def uid_too_long(uid): return False -def update_entry (entry): +def update_entry (entry, remove_keys=[]): """Update an LDAP entry entry is a dict + remove_keys is a list of attributes to remove from this entry This refreshes the record from LDAP in order to obtain the list of - attributes that has changed. + attributes that has changed. It only retrieves the attributes that + are in the update so attributes aren't inadvertantly lost. """ + assert type(remove_keys) is list attrs = entry.keys() - o = get_base_entry(entry['dn'], "objectclass=*", attrs) + o = get_base_entry(entry['dn'], "objectclass=*", attrs + remove_keys) oldentry = convert_scalar_values(o) newentry = convert_scalar_values(entry) @@ -395,7 +398,7 @@ def mark_entry_inactive (dn): return res -def add_member_to_group(member_dn, group_dn): +def add_member_to_group(member_dn, group_dn, memberattr='member'): """ Add a member to an existing group. """ @@ -414,18 +417,18 @@ def add_member_to_group(member_dn, group_dn): raise errors.NotFound # Add the new member to the group member attribute - members = group.get('member', []) + members = group.get(memberattr, []) if isinstance(members, basestring): members = [members] members.append(member_dn) - group['member'] = members + group[memberattr] = members try: return update_entry(group) except errors.EmptyModlist: raise -def remove_member_from_group(member_dn, group_dn=None): +def remove_member_from_group(member_dn, group_dn, memberattr='member'): """Remove a member_dn from an existing group.""" group = get_entry_by_dn(group_dn, None) @@ -439,7 +442,7 @@ def remove_member_from_group(member_dn, group_dn=None): """ api.log.info("IPA: remove_member_from_group '%s' from '%s'" % (member_dn, group_dn)) - members = group.get('member', False) + members = group.get(memberattr, False) if not members: raise errors.NotGroupMember @@ -456,7 +459,7 @@ def remove_member_from_group(member_dn, group_dn=None): except Exception, e: raise e - group['member'] = members + group[memberattr] = members try: return update_entry(group) |