From a6294ba041aa4568b414b5f25a345c00a031667e Mon Sep 17 00:00:00 2001 From: Jason Gerard DeRose Date: Tue, 31 Mar 2009 09:24:26 -0600 Subject: Renamed remaining plugins still using f_* b_* convention --- ipaserver/plugins/b_ldap.py | 440 -------------------------------------------- ipaserver/plugins/ldap.py | 440 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 440 insertions(+), 440 deletions(-) delete mode 100644 ipaserver/plugins/b_ldap.py create mode 100644 ipaserver/plugins/ldap.py (limited to 'ipaserver/plugins') diff --git a/ipaserver/plugins/b_ldap.py b/ipaserver/plugins/b_ldap.py deleted file mode 100644 index 7c132153e..000000000 --- a/ipaserver/plugins/b_ldap.py +++ /dev/null @@ -1,440 +0,0 @@ -# Authors: -# Rob Crittenden -# Jason Gerard DeRose -# -# Copyright (C) 2008 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -""" -Backend plugin for LDAP. - -This wraps the python-ldap bindings. -""" - -import ldap as _ldap -import ldap.dn -from ipalib import api -from ipalib import errors2 -from ipalib.crud import CrudBackend -from ipaserver import servercore, ipaldap -import krbV - - -class ldap(CrudBackend): - """ - LDAP backend plugin. - """ - - def __init__(self): - self.dn = _ldap.dn - super(ldap, self).__init__() - - def create_connection(self, ccache): - if ccache is None: - raise errors2.CCacheError() - conn = ipaldap.IPAdmin(self.env.ldap_host, self.env.ldap_port) - principle = krbV.CCache( - name=ccache, context=krbV.default_context() - ).principal().name - conn.set_krbccache(ccache, principle) - return conn - - def destroy_connection(self): - self.conn.unbind_s() - - def make_user_dn(self, uid): - """ - Construct user dn from uid. - """ - return 'uid=%s,%s,%s' % ( - self.dn.escape_dn_chars(uid), - self.api.env.container_user, - self.api.env.basedn, - ) - - def make_group_dn(self, cn): - """ - Construct group dn from cn. - """ - return 'cn=%s,%s,%s' % ( - self.dn.escape_dn_chars(cn), - self.api.env.container_group, - self.api.env.basedn, - ) - - def make_hostgroup_dn(self, cn): - """ - Construct group of hosts dn from cn. - """ - return 'cn=%s,%s,%s' % ( - self.dn.escape_dn_chars(cn), - self.api.env.container_hostgroup, - self.api.env.basedn, - ) - - def make_taskgroup_dn(self, cn): - """ - Construct group of tasks dn from cn. - """ - return 'cn=%s,%s,%s' % ( - self.dn.escape_dn_chars(cn), - self.api.env.container_taskgroup, - self.api.env.basedn, - ) - - def make_service_dn(self, principal): - """ - Construct service principal dn from principal name - """ - return 'krbprincipalname=%s,%s,%s' % ( - self.dn.escape_dn_chars(principal), - self.api.env.container_service, - self.api.env.basedn, - ) - - def make_host_dn(self, hostname): - """ - Construct host dn from hostname - """ - return 'cn=%s,%s,%s' % ( - self.dn.escape_dn_chars(hostname), - self.api.env.container_host, - self.api.env.basedn, - ) - - def make_application_dn(self, appname): - """ - Construct application dn from cn. - """ - return 'cn=%s,%s,%s' % ( - self.dn.escape_dn_chars(appname), - self.api.env.container_applications, - self.api.env.basedn, - ) - - def make_policytemplate_dn(self, appname, uuid): - """ - Construct policytemplate dn from appname - """ - return 'ipaUniqueID=%s,%s' % ( - self.dn.escape_dn_chars(uuid), - self.make_application_dn(appname), - ) - - def make_role_application_dn(self, appname): - """ - Construct application role container from appname - """ - return 'cn=%s,%s,%s' % ( - self.dn.escape_dn_chars(appname), - self.api.env.container_roles, - self.api.env.basedn, - ) - - def make_role_policytemplate_dn(self, appname, uuid): - """ - Construct policytemplate dn from uuid and appname - """ - return 'ipaUniqueID=%s,cn=templates,%s' % ( - self.dn.escape_dn_chars(uuid), - self.make_role_application_dn(appname), - ) - - def make_policygroup_dn(self, uuid): - """ - Construct policygroup dn from uuid - """ - return 'ipaUniqueID=%s,%s,%s' % ( - self.dn.escape_dn_chars(uuid), - self.api.env.container_policygroups, - self.api.env.basedn, - ) - - def make_policy_dn(self, uuid, polgroup_uuid): - """ - Construct policy dn from uuid of policy and its policygroup - """ - return 'ipaUniqueID=%s,%s' % ( - self.dn.escape_dn_chars(uuid), - self.make_policygroup_dn(polgroup_uuid), - ) - - def make_policy_blob_dn(self, blob_uuid, policy_uuid, polgroup_uuid): - """ - Construct policy blob dn from uuids of its policy and policygroup - objects - """ - return 'ipaUniqueID=%s,%s' % ( - self.dn.escape_dn_chars(blob_uuid), - self.make_policy_dn(policy_uuid, polgroup_uuid), - ) - - def make_policylink_dn(self, uuid): - """ - Construct policy link dn from uuid - """ - return 'ipaUniqueID=%s,%s,%s' % ( - self.dn.escape_dn_chars(uuid), - self.api.env.container_policylinks, - self.api.env.basedn, - ) - - def get_object_type(self, attribute): - """ - Based on attribute, make an educated guess as to the type of - object we're looking for. - """ - attribute = attribute.lower() - object_type = None - if attribute == "uid": # User - object_type = "posixAccount" - elif attribute == "cn": # Group - object_type = "ipaUserGroup" - elif attribute == "krbprincipalname": # Service - object_type = "krbPrincipal" - - return object_type - - def find_entry_dn(self, key_attribute, primary_key, object_type=None, base=None): - """ - Find an existing entry's dn from an attribute - """ - key_attribute = key_attribute.lower() - if not object_type: - object_type = self.get_object_type(key_attribute) - if not object_type: - return None - - search_filter = "(&(objectclass=%s)(%s=%s))" % ( - object_type, - key_attribute, - self.dn.escape_dn_chars(primary_key) - ) - - if not base: - base = self.api.env.container_accounts - - search_base = "%s, %s" % (base, self.api.env.basedn) - - entry = servercore.get_sub_entry(search_base, search_filter, ['dn', 'objectclass']) - - return entry.get('dn') - - def get_base_entry(self, searchbase, searchfilter, attrs): - return servercore.get_base_entry(searchbase, searchfilter, attrs) - - def get_sub_entry(self, searchbase, searchfilter, attrs): - return servercore.get_sub_entry(searchbase, searchfilter, attrs) - - def get_one_entry(self, searchbase, searchfilter, attrs): - return servercore.get_one_entry(searchbase, searchfilter, attrs) - - def get_ipa_config(self): - """Return a dictionary of the IPA configuration""" - return servercore.get_ipa_config() - - def mark_entry_active(self, dn): - return servercore.mark_entry_active(dn) - - def mark_entry_inactive(self, dn): - return servercore.mark_entry_inactive(dn) - - def _generate_search_filters(self, **kw): - """Generates a search filter based on a list of words and a list - of fields to search against. - - Returns a tuple of two filters: (exact_match, partial_match) - """ - - # construct search pattern for a single word - # (|(f1=word)(f2=word)...) - exact_pattern = "(|" - for field in kw.keys(): - exact_pattern += "(%s=%s)" % (field, kw[field]) - exact_pattern += ")" - - sub_pattern = "(|" - for field in kw.keys(): - sub_pattern += "(%s=*%s*)" % (field, kw[field]) - sub_pattern += ")" - - # construct the giant match for all words - exact_match_filter = "(&" + exact_pattern + ")" - partial_match_filter = "(|" + sub_pattern + ")" - - return (exact_match_filter, partial_match_filter) - - def _get_scope(self, scope_str): - scope_dict = {'one' : _ldap.SCOPE_ONELEVEL, - 'subtree' : _ldap.SCOPE_SUBTREE, - 'base' : _ldap.SCOPE_BASE } - return scope_dict.get(scope_str, _ldap.SCOPE_SUBTREE) - - def modify_password(self, dn, **kw): - return servercore.modify_password(dn, kw.get('oldpass'), kw.get('newpass')) - - def add_member_to_group(self, memberdn, groupdn, memberattr='member'): - """ - Add a new member to a group. - - :param memberdn: the DN of the member to add - :param groupdn: the DN of the group to add a member to - """ - return servercore.add_member_to_group(memberdn, groupdn, memberattr) - - def remove_member_from_group(self, memberdn, groupdn, memberattr='member'): - """ - Remove a new member from a group. - - :param memberdn: the DN of the member to remove - :param groupdn: the DN of the group to remove a member from - """ - return servercore.remove_member_from_group(memberdn, groupdn, memberattr) - - # The CRUD operations - - def strip_none(self, kw): - """ - Remove any None values present in the LDAP attribute dict. - """ - for (key, value) in kw.iteritems(): - if value is None: - continue - if type(value) in (list, tuple): - value = filter( - lambda v: type(v) in (str, unicode, bool, int, float), - value - ) - if len(value) > 0: - yield (key, value) - else: - assert type(value) in (str, unicode, bool, int, float) - yield (key, value) - - def create(self, **kw): - if servercore.entry_exists(kw['dn']): - raise errors2.DuplicateEntry - kw = dict(self.strip_none(kw)) - - entry = ipaldap.Entry(kw['dn']) - - # dn isn't allowed to be in the entry itself - del kw['dn'] - - # Fill in our new entry - for k in kw: - entry.setValues(k, kw[k]) - - servercore.add_entry(entry) - return self.retrieve(entry.dn) - - def retrieve(self, dn, attributes=None): - return servercore.get_entry_by_dn(dn, attributes) - - def update(self, dn, **kw): - result = self.retrieve(dn, ["*"] + kw.keys()) - - entry = ipaldap.Entry((dn, servercore.convert_scalar_values(result))) - start_keys = kw.keys() - kw = dict(self.strip_none(kw)) - end_keys = kw.keys() - removed_keys = list(set(start_keys) - set(end_keys)) - for k in kw: - entry.setValues(k, kw[k]) - - for k in removed_keys: - entry.delAttr(k) - - servercore.update_entry(entry.toDict(), removed_keys) - - return self.retrieve(dn) - - def delete(self, dn): - return servercore.delete_entry(dn) - - def search(self, **kw): - objectclass = kw.get('objectclass') - sfilter = kw.get('filter') - attributes = kw.get('attributes') - base = kw.get('base') - scope = kw.get('scope') - exactonly = kw.get('exactonly', None) - if attributes: - del kw['attributes'] - else: - attributes = ['*'] - if objectclass: - del kw['objectclass'] - if base: - del kw['base'] - if sfilter: - del kw['filter'] - if scope: - del kw['scope'] - if exactonly is not None: - del kw['exactonly'] - (exact_match_filter, partial_match_filter) = self._generate_search_filters(**kw) - if objectclass: - exact_match_filter = "(&(objectClass=%s)%s)" % (objectclass, exact_match_filter) - partial_match_filter = "(&(objectClass=%s)%s)" % (objectclass, partial_match_filter) - if sfilter: - exact_match_filter = "(%s%s)" % (sfilter, exact_match_filter) - partial_match_filter = "(%s%s)" % (sfilter, partial_match_filter) - - search_scope = self._get_scope(scope) - - if not base: - base = self.api.env.container_accounts - - search_base = "%s, %s" % (base, self.api.env.basedn) - try: - exact_results = servercore.search(search_base, - exact_match_filter, attributes, scope=search_scope) - except errors2.NotFound: - exact_results = [0] - - if not exactonly: - try: - partial_results = servercore.search(search_base, - partial_match_filter, attributes, scope=search_scope) - except errors2.NotFound: - partial_results = [0] - else: - partial_results = [0] - - exact_counter = exact_results[0] - partial_counter = partial_results[0] - - exact_results = exact_results[1:] - partial_results = partial_results[1:] - - # Remove exact matches from the partial_match list - exact_dns = set(map(lambda e: e.get('dn'), exact_results)) - partial_results = filter(lambda e: e.get('dn') not in exact_dns, - partial_results) - - if (exact_counter == -1) or (partial_counter == -1): - counter = -1 - else: - counter = len(exact_results) + len(partial_results) - - results = [counter] - for r in exact_results + partial_results: - results.append(r) - - return results - -api.register(ldap) diff --git a/ipaserver/plugins/ldap.py b/ipaserver/plugins/ldap.py new file mode 100644 index 000000000..7c132153e --- /dev/null +++ b/ipaserver/plugins/ldap.py @@ -0,0 +1,440 @@ +# Authors: +# Rob Crittenden +# Jason Gerard DeRose +# +# Copyright (C) 2008 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +""" +Backend plugin for LDAP. + +This wraps the python-ldap bindings. +""" + +import ldap as _ldap +import ldap.dn +from ipalib import api +from ipalib import errors2 +from ipalib.crud import CrudBackend +from ipaserver import servercore, ipaldap +import krbV + + +class ldap(CrudBackend): + """ + LDAP backend plugin. + """ + + def __init__(self): + self.dn = _ldap.dn + super(ldap, self).__init__() + + def create_connection(self, ccache): + if ccache is None: + raise errors2.CCacheError() + conn = ipaldap.IPAdmin(self.env.ldap_host, self.env.ldap_port) + principle = krbV.CCache( + name=ccache, context=krbV.default_context() + ).principal().name + conn.set_krbccache(ccache, principle) + return conn + + def destroy_connection(self): + self.conn.unbind_s() + + def make_user_dn(self, uid): + """ + Construct user dn from uid. + """ + return 'uid=%s,%s,%s' % ( + self.dn.escape_dn_chars(uid), + self.api.env.container_user, + self.api.env.basedn, + ) + + def make_group_dn(self, cn): + """ + Construct group dn from cn. + """ + return 'cn=%s,%s,%s' % ( + self.dn.escape_dn_chars(cn), + self.api.env.container_group, + self.api.env.basedn, + ) + + def make_hostgroup_dn(self, cn): + """ + Construct group of hosts dn from cn. + """ + return 'cn=%s,%s,%s' % ( + self.dn.escape_dn_chars(cn), + self.api.env.container_hostgroup, + self.api.env.basedn, + ) + + def make_taskgroup_dn(self, cn): + """ + Construct group of tasks dn from cn. + """ + return 'cn=%s,%s,%s' % ( + self.dn.escape_dn_chars(cn), + self.api.env.container_taskgroup, + self.api.env.basedn, + ) + + def make_service_dn(self, principal): + """ + Construct service principal dn from principal name + """ + return 'krbprincipalname=%s,%s,%s' % ( + self.dn.escape_dn_chars(principal), + self.api.env.container_service, + self.api.env.basedn, + ) + + def make_host_dn(self, hostname): + """ + Construct host dn from hostname + """ + return 'cn=%s,%s,%s' % ( + self.dn.escape_dn_chars(hostname), + self.api.env.container_host, + self.api.env.basedn, + ) + + def make_application_dn(self, appname): + """ + Construct application dn from cn. + """ + return 'cn=%s,%s,%s' % ( + self.dn.escape_dn_chars(appname), + self.api.env.container_applications, + self.api.env.basedn, + ) + + def make_policytemplate_dn(self, appname, uuid): + """ + Construct policytemplate dn from appname + """ + return 'ipaUniqueID=%s,%s' % ( + self.dn.escape_dn_chars(uuid), + self.make_application_dn(appname), + ) + + def make_role_application_dn(self, appname): + """ + Construct application role container from appname + """ + return 'cn=%s,%s,%s' % ( + self.dn.escape_dn_chars(appname), + self.api.env.container_roles, + self.api.env.basedn, + ) + + def make_role_policytemplate_dn(self, appname, uuid): + """ + Construct policytemplate dn from uuid and appname + """ + return 'ipaUniqueID=%s,cn=templates,%s' % ( + self.dn.escape_dn_chars(uuid), + self.make_role_application_dn(appname), + ) + + def make_policygroup_dn(self, uuid): + """ + Construct policygroup dn from uuid + """ + return 'ipaUniqueID=%s,%s,%s' % ( + self.dn.escape_dn_chars(uuid), + self.api.env.container_policygroups, + self.api.env.basedn, + ) + + def make_policy_dn(self, uuid, polgroup_uuid): + """ + Construct policy dn from uuid of policy and its policygroup + """ + return 'ipaUniqueID=%s,%s' % ( + self.dn.escape_dn_chars(uuid), + self.make_policygroup_dn(polgroup_uuid), + ) + + def make_policy_blob_dn(self, blob_uuid, policy_uuid, polgroup_uuid): + """ + Construct policy blob dn from uuids of its policy and policygroup + objects + """ + return 'ipaUniqueID=%s,%s' % ( + self.dn.escape_dn_chars(blob_uuid), + self.make_policy_dn(policy_uuid, polgroup_uuid), + ) + + def make_policylink_dn(self, uuid): + """ + Construct policy link dn from uuid + """ + return 'ipaUniqueID=%s,%s,%s' % ( + self.dn.escape_dn_chars(uuid), + self.api.env.container_policylinks, + self.api.env.basedn, + ) + + def get_object_type(self, attribute): + """ + Based on attribute, make an educated guess as to the type of + object we're looking for. + """ + attribute = attribute.lower() + object_type = None + if attribute == "uid": # User + object_type = "posixAccount" + elif attribute == "cn": # Group + object_type = "ipaUserGroup" + elif attribute == "krbprincipalname": # Service + object_type = "krbPrincipal" + + return object_type + + def find_entry_dn(self, key_attribute, primary_key, object_type=None, base=None): + """ + Find an existing entry's dn from an attribute + """ + key_attribute = key_attribute.lower() + if not object_type: + object_type = self.get_object_type(key_attribute) + if not object_type: + return None + + search_filter = "(&(objectclass=%s)(%s=%s))" % ( + object_type, + key_attribute, + self.dn.escape_dn_chars(primary_key) + ) + + if not base: + base = self.api.env.container_accounts + + search_base = "%s, %s" % (base, self.api.env.basedn) + + entry = servercore.get_sub_entry(search_base, search_filter, ['dn', 'objectclass']) + + return entry.get('dn') + + def get_base_entry(self, searchbase, searchfilter, attrs): + return servercore.get_base_entry(searchbase, searchfilter, attrs) + + def get_sub_entry(self, searchbase, searchfilter, attrs): + return servercore.get_sub_entry(searchbase, searchfilter, attrs) + + def get_one_entry(self, searchbase, searchfilter, attrs): + return servercore.get_one_entry(searchbase, searchfilter, attrs) + + def get_ipa_config(self): + """Return a dictionary of the IPA configuration""" + return servercore.get_ipa_config() + + def mark_entry_active(self, dn): + return servercore.mark_entry_active(dn) + + def mark_entry_inactive(self, dn): + return servercore.mark_entry_inactive(dn) + + def _generate_search_filters(self, **kw): + """Generates a search filter based on a list of words and a list + of fields to search against. + + Returns a tuple of two filters: (exact_match, partial_match) + """ + + # construct search pattern for a single word + # (|(f1=word)(f2=word)...) + exact_pattern = "(|" + for field in kw.keys(): + exact_pattern += "(%s=%s)" % (field, kw[field]) + exact_pattern += ")" + + sub_pattern = "(|" + for field in kw.keys(): + sub_pattern += "(%s=*%s*)" % (field, kw[field]) + sub_pattern += ")" + + # construct the giant match for all words + exact_match_filter = "(&" + exact_pattern + ")" + partial_match_filter = "(|" + sub_pattern + ")" + + return (exact_match_filter, partial_match_filter) + + def _get_scope(self, scope_str): + scope_dict = {'one' : _ldap.SCOPE_ONELEVEL, + 'subtree' : _ldap.SCOPE_SUBTREE, + 'base' : _ldap.SCOPE_BASE } + return scope_dict.get(scope_str, _ldap.SCOPE_SUBTREE) + + def modify_password(self, dn, **kw): + return servercore.modify_password(dn, kw.get('oldpass'), kw.get('newpass')) + + def add_member_to_group(self, memberdn, groupdn, memberattr='member'): + """ + Add a new member to a group. + + :param memberdn: the DN of the member to add + :param groupdn: the DN of the group to add a member to + """ + return servercore.add_member_to_group(memberdn, groupdn, memberattr) + + def remove_member_from_group(self, memberdn, groupdn, memberattr='member'): + """ + Remove a new member from a group. + + :param memberdn: the DN of the member to remove + :param groupdn: the DN of the group to remove a member from + """ + return servercore.remove_member_from_group(memberdn, groupdn, memberattr) + + # The CRUD operations + + def strip_none(self, kw): + """ + Remove any None values present in the LDAP attribute dict. + """ + for (key, value) in kw.iteritems(): + if value is None: + continue + if type(value) in (list, tuple): + value = filter( + lambda v: type(v) in (str, unicode, bool, int, float), + value + ) + if len(value) > 0: + yield (key, value) + else: + assert type(value) in (str, unicode, bool, int, float) + yield (key, value) + + def create(self, **kw): + if servercore.entry_exists(kw['dn']): + raise errors2.DuplicateEntry + kw = dict(self.strip_none(kw)) + + entry = ipaldap.Entry(kw['dn']) + + # dn isn't allowed to be in the entry itself + del kw['dn'] + + # Fill in our new entry + for k in kw: + entry.setValues(k, kw[k]) + + servercore.add_entry(entry) + return self.retrieve(entry.dn) + + def retrieve(self, dn, attributes=None): + return servercore.get_entry_by_dn(dn, attributes) + + def update(self, dn, **kw): + result = self.retrieve(dn, ["*"] + kw.keys()) + + entry = ipaldap.Entry((dn, servercore.convert_scalar_values(result))) + start_keys = kw.keys() + kw = dict(self.strip_none(kw)) + end_keys = kw.keys() + removed_keys = list(set(start_keys) - set(end_keys)) + for k in kw: + entry.setValues(k, kw[k]) + + for k in removed_keys: + entry.delAttr(k) + + servercore.update_entry(entry.toDict(), removed_keys) + + return self.retrieve(dn) + + def delete(self, dn): + return servercore.delete_entry(dn) + + def search(self, **kw): + objectclass = kw.get('objectclass') + sfilter = kw.get('filter') + attributes = kw.get('attributes') + base = kw.get('base') + scope = kw.get('scope') + exactonly = kw.get('exactonly', None) + if attributes: + del kw['attributes'] + else: + attributes = ['*'] + if objectclass: + del kw['objectclass'] + if base: + del kw['base'] + if sfilter: + del kw['filter'] + if scope: + del kw['scope'] + if exactonly is not None: + del kw['exactonly'] + (exact_match_filter, partial_match_filter) = self._generate_search_filters(**kw) + if objectclass: + exact_match_filter = "(&(objectClass=%s)%s)" % (objectclass, exact_match_filter) + partial_match_filter = "(&(objectClass=%s)%s)" % (objectclass, partial_match_filter) + if sfilter: + exact_match_filter = "(%s%s)" % (sfilter, exact_match_filter) + partial_match_filter = "(%s%s)" % (sfilter, partial_match_filter) + + search_scope = self._get_scope(scope) + + if not base: + base = self.api.env.container_accounts + + search_base = "%s, %s" % (base, self.api.env.basedn) + try: + exact_results = servercore.search(search_base, + exact_match_filter, attributes, scope=search_scope) + except errors2.NotFound: + exact_results = [0] + + if not exactonly: + try: + partial_results = servercore.search(search_base, + partial_match_filter, attributes, scope=search_scope) + except errors2.NotFound: + partial_results = [0] + else: + partial_results = [0] + + exact_counter = exact_results[0] + partial_counter = partial_results[0] + + exact_results = exact_results[1:] + partial_results = partial_results[1:] + + # Remove exact matches from the partial_match list + exact_dns = set(map(lambda e: e.get('dn'), exact_results)) + partial_results = filter(lambda e: e.get('dn') not in exact_dns, + partial_results) + + if (exact_counter == -1) or (partial_counter == -1): + counter = -1 + else: + counter = len(exact_results) + len(partial_results) + + results = [counter] + for r in exact_results + partial_results: + results.append(r) + + return results + +api.register(ldap) -- cgit