diff options
| author | Pavel Zuna <pzuna@redhat.com> | 2009-08-27 17:09:38 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2009-08-28 13:18:21 -0400 |
| commit | 91d01a532af3c4668eabcb1a27d3d3f36b0e6207 (patch) | |
| tree | 9dd32223af3e54c0cd28dd1b7655beac83692948 | |
| parent | aafdb755a3dd0e7b18cf5ccf250e4da7e4743b44 (diff) | |
| download | freeipa-91d01a532af3c4668eabcb1a27d3d3f36b0e6207.tar.gz freeipa-91d01a532af3c4668eabcb1a27d3d3f36b0e6207.tar.xz freeipa-91d01a532af3c4668eabcb1a27d3d3f36b0e6207.zip | |
Introduce a list of attributes for which only MOD_REPLACE operations are generated.
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 6e3c8694..f2eef9d3 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -144,6 +144,10 @@ def _get_syntax(attr, value): # ldap backend class class ldap2(CrudBackend, Encoder): + # attributes in this list cannot be deleted by update_entry + # only MOD_REPLACE operations are generated for them + force_replace_on_update_attrs = ['uidnumber', 'gidnumber'] + # rules for generating filters from entries MATCH_ANY = '|' # (|(filter1)(filter2)) MATCH_ALL = '&' # (&(filter1)(filter2)) @@ -512,10 +516,14 @@ class ldap2(CrudBackend, Encoder): adds = list(v.difference(old_v)) if adds: - modlist.append((_ldap.MOD_ADD, k, adds)) + if k in self.force_replace_on_update_attrs: + modlist.append((_ldap.MOD_REPLACE, k, adds)) + else: + modlist.append((_ldap.MOD_ADD, k, adds)) rems = list(old_v.difference(v)) if rems: - modlist.append((_ldap.MOD_DELETE, k, rems)) + if k not in self.force_replace_on_update_attrs: + modlist.append((_ldap.MOD_DELETE, k, rems)) return modlist |