diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-07-05 13:36:48 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-07-11 18:45:49 -0400 |
| commit | d9627ab1651f4ab00c3734cc5bd69b051f79f92b (patch) | |
| tree | 8c6ec64e0f0bd48791d4b326d5e4ef5912f82194 /ipaserver | |
| parent | 3a5e26a01c9cbb7b0a1c38d1b0467b780c3df124 (diff) | |
| download | freeipa-d9627ab1651f4ab00c3734cc5bd69b051f79f92b.tar.gz freeipa-d9627ab1651f4ab00c3734cc5bd69b051f79f92b.tar.xz freeipa-d9627ab1651f4ab00c3734cc5bd69b051f79f92b.zip | |
find_entry_by_attr() should fail if multiple entries are found
It will only ever return one entry so if more than one are found
then we raise an exception. This is most easily seen in the host
plugin where we search on the server shortname which can be the
same across sub-domains (e.g. foo.example.com &
foo.lab.example.com).
https://fedorahosted.org/freeipa/ticket/1388
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 5d6d21d43..6f34984ca 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -620,7 +620,12 @@ class ldap2(CrudBackend, Encoder): """ search_kw = {attr: value, 'objectClass': object_class} filter = self.make_filter(search_kw, rules=self.MATCH_ALL) - return self.find_entries(filter, attrs_list, base_dn)[0][0] + (entries, truncated) = self.find_entries(filter, attrs_list, base_dn) + + if len(entries) > 1: + raise errors.SingleMatchExpected(found=len(entries)) + else: + return entries[0] def get_entry(self, dn, attrs_list=None, time_limit=None, size_limit=None, normalize=True): |