diff options
-rw-r--r-- | ipalib/plugins/baseldap.py | 16 | ||||
-rw-r--r-- | ipalib/plugins/group.py | 1 | ||||
-rw-r--r-- | ipalib/plugins/user.py | 1 |
3 files changed, 17 insertions, 1 deletions
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index ffd60e7eb..2b0ff2d73 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -67,6 +67,8 @@ class LDAPObject(Object): object_name_plural = 'entries' object_class = [] object_class_config = None + search_attributes = [] + search_attributes_config = None default_attributes = [] hidden_attributes = ['objectclass', 'aci'] uuid_attribute = '' @@ -819,11 +821,23 @@ class LDAPSearch(CallbackInterface, crud.Search): set(self.obj.default_attributes + search_kw.keys()) ) + if self.obj.search_attributes: + search_attrs = self.obj.search_attributes + else: + search_attrs = self.obj.default_attributes + if self.obj.search_attributes_config: + config = ldap.get_ipa_config()[1] + config_attrs = config.get( + self.obj.search_attributes_config, []) + if len(config_attrs) == 1 and ( + isinstance(config_attrs[0], basestring)): + search_attrs = config_attrs[0].split(',') + search_kw['objectclass'] = self.obj.object_class attr_filter = ldap.make_filter(search_kw, rules=ldap.MATCH_ALL) search_kw = {} - for a in self.obj.default_attributes: + for a in search_attrs: search_kw[a] = term term_filter = ldap.make_filter(search_kw, exact=False) diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 9da4fe569..2558c38ab 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -75,6 +75,7 @@ class group(LDAPObject): object_name_plural = 'groups' object_class = ['ipausergroup'] object_class_config = 'ipagroupobjectclasses' + search_attributes_config = 'ipagroupsearchfields' default_attributes = [ 'cn', 'description', 'gidnumber', 'member', 'memberof' ] diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 610d85a95..de5ff2d27 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -58,6 +58,7 @@ class user(LDAPObject): object_name_plural = 'users' object_class = ['posixaccount'] object_class_config = 'ipauserobjectclasses' + search_attributes_config = 'ipausersearchfields' default_attributes = [ 'uid', 'givenname', 'sn', 'homedirectory', 'loginshell', 'ou', 'telephonenumber', 'title', 'memberof', |