diff options
-rw-r--r-- | ipalib/plugins/baseldap.py | 22 | ||||
-rw-r--r-- | ipaserver/plugins/ldap2.py | 22 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_user_plugin.py | 25 |
3 files changed, 52 insertions, 17 deletions
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index 69bda6d81..1757a452e 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -829,21 +829,19 @@ class LDAPSearch(CallbackInterface, crud.Search): Retrieve all LDAP entries matching the given criteria. """ takes_options = ( - Int('timelimit', + Int('timelimit?', label=_('Time Limit'), - doc=_('Time limit of search in seconds (default 1)'), - flags=['no_dispaly'], + doc=_('Time limit of search in seconds'), + flags=['no_display'], minvalue=0, - default=1, - autofill=True, + autofill=False, ), - Int('sizelimit', + Int('sizelimit?', label=_('Size Limit'), - doc=_('Maximum number of entries returned (default 3000)'), - flags=['no_dispaly'], + doc=_('Maximum number of entries returned'), + flags=['no_display'], minvalue=0, - default=3000, - autofill=True, + autofill=False, ), ) @@ -911,8 +909,8 @@ class LDAPSearch(CallbackInterface, crud.Search): try: (entries, truncated) = ldap.find_entries( filter, attrs_list, base_dn, scope=ldap.SCOPE_ONELEVEL, - time_limit=options.get('timelimit', 1), - size_limit=options.get('sizelimit', 3000) + time_limit=options.get('timelimit', None), + size_limit=options.get('sizelimit', None) ) except errors.ExecutionError, e: try: diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 81c2aeb53..79d6d9960 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -466,7 +466,7 @@ class ldap2(CrudBackend, Encoder): @encode_args(1, 2, 3) @decode_retval() def find_entries(self, filter, attrs_list=None, base_dn='', - scope=_ldap.SCOPE_SUBTREE, time_limit=1, size_limit=3000, + scope=_ldap.SCOPE_SUBTREE, time_limit=None, size_limit=None, normalize=True): """ Return a list of entries [(dn, entry_attrs)] matching specified @@ -477,8 +477,8 @@ class ldap2(CrudBackend, Encoder): attrs_list -- list of attributes to return, all if None (default None) base_dn -- dn of the entry at which to start the search (default '') scope -- search scope, see LDAP docs (default ldap2.SCOPE_SUBTREE) - time_limit -- time limit in seconds (default 1) - size_limit -- size (number of entries returned) limit (default 3000) + time_limit -- time limit in seconds (default use IPA config values) + size_limit -- size (number of entries returned) limit (default use IPA config values) normalize -- normalize the DN (default True) """ if normalize: @@ -488,6 +488,17 @@ class ldap2(CrudBackend, Encoder): res = [] truncated = False + if time_limit is None or size_limit is None: + (cdn, config) = self.get_ipa_config() + if time_limit is None: + time_limit = config.get('ipasearchtimelimit')[0] + if size_limit is None: + size_limit = config.get('ipasearchrecordslimit')[0] + if not isinstance(size_limit, int): + size_limit = int(size_limit) + if not isinstance(time_limit, float): + time_limit = float(time_limit) + # pass arguments to python-ldap try: id = self.conn.search_ext( @@ -534,8 +545,9 @@ class ldap2(CrudBackend, Encoder): def get_ipa_config(self): """Returns the IPA configuration entry (dn, entry_attrs).""" - filter = '(cn=ipaConfig)' - return self.find_entries(filter, None, 'cn=etc', self.SCOPE_ONELEVEL)[0][0] + cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn) + return self.find_entries(None, None, cdn, self.SCOPE_BASE, + time_limit=2, size_limit=10)[0][0] def get_schema(self): """Returns a copy of the current LDAP schema.""" diff --git a/tests/test_xmlrpc/test_user_plugin.py b/tests/test_xmlrpc/test_user_plugin.py index 4bae4c8df..1cbccbbc4 100644 --- a/tests/test_xmlrpc/test_user_plugin.py +++ b/tests/test_xmlrpc/test_user_plugin.py @@ -209,6 +209,31 @@ class test_user(Declarative): dict( + desc='Search for all users with a limit of 1', + command=( + 'user_find', [], dict(sizelimit=1,), + ), + expected=dict( + result=[ + dict( + dn=u'uid=admin,cn=users,cn=accounts,' + api.env.basedn, + homedirectory=[u'/home/admin'], + loginshell=[u'/bin/bash'], + sn=[u'Administrator'], + uid=[u'admin'], + memberof_group=[u'admins'], + memberof_rolegroup=[u'replicaadmin'], + memberof_taskgroup=[u'managereplica', u'deletereplica'], + ), + ], + summary=u'1 user matched', + count=1, + truncated=True, + ), + ), + + + dict( desc='Lock %r' % user1, command=( 'user_lock', [user1], {} |