diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-10-18 14:53:32 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2010-10-28 08:39:10 -0400 |
| commit | 70a57924c8e265df1e97b7f0be1adf8da802fbfd (patch) | |
| tree | 40731984730ee48d8161e0cca67c34581e55d246 /ipalib/plugins/baseldap.py | |
| parent | 93290c8a72bcd5c4ab34eedf0ec443469b36f8c1 (diff) | |
| download | freeipa-70a57924c8e265df1e97b7f0be1adf8da802fbfd.tar.gz freeipa-70a57924c8e265df1e97b7f0be1adf8da802fbfd.tar.xz freeipa-70a57924c8e265df1e97b7f0be1adf8da802fbfd.zip | |
Allow RDN changes for users, groups, rolegroups and taskgroups.
To do a change right now you have to perform a setattr like:
ipa user-mod --setattr uid=newuser olduser
The RDN change is performed before the rest of the mods. If the RDN
change is the only change done then the EmptyModlist that update_entry()
throws is ignored.
ticket 323
Diffstat (limited to 'ipalib/plugins/baseldap.py')
| -rw-r--r-- | ipalib/plugins/baseldap.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index 40f9d6a5..78ce8e02 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -77,6 +77,7 @@ class LDAPObject(Object): rdn_attribute = '' uuid_attribute = '' attribute_members = {} + rdnattr = None container_not_found_msg = _('container entry (%(container)s) not found') parent_not_found_msg = _('%(parent)s: %(oname)s not found') @@ -541,14 +542,31 @@ class LDAPUpdate(LDAPQuery, crud.Update): _check_single_value_attrs(self.params, entry_attrs) + rdnupdate = False try: + if self.obj.rdnattr and self.obj.rdnattr in entry_attrs: + # RDN change + ldap.update_entry_rdn(dn, unicode('%s=%s' % (self.obj.rdnattr, + entry_attrs[self.obj.rdnattr]))) + dn = self.obj.get_dn(entry_attrs[self.obj.rdnattr]) + del entry_attrs[self.obj.rdnattr] + options['rdnupdate'] = True + rdnupdate = True + ldap.update_entry(dn, entry_attrs, normalize=self.obj.normalize_dn) except errors.ExecutionError, e: + # Exception callbacks will need to test for options['rdnupdate'] + # to decide what to do. An EmptyModlist in this context doesn't + # mean an error occurred, just that there were no other updates to + # perform. try: self._call_exc_callbacks( keys, options, e, ldap.update_entry, dn, entry_attrs, normalize=self.obj.normalize_dn ) + except errors.EmptyModlist, e: + if not rdnupdate: + raise e except errors.NotFound: self.obj.handle_not_found(*keys) |