diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-03-23 14:03:26 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-03-23 14:03:26 -0400 |
| commit | 9922f47ecbf4d7eb41d09232b01ebdbd80804497 (patch) | |
| tree | e745caf0cf2dfa4d21e1bd880e1708e627e27a94 /ipalib | |
| parent | 04cb57eeb6f05085e6bb476305e07e5de2c4ae4b (diff) | |
| download | freeipa-9922f47ecbf4d7eb41d09232b01ebdbd80804497.tar.gz freeipa-9922f47ecbf4d7eb41d09232b01ebdbd80804497.tar.xz freeipa-9922f47ecbf4d7eb41d09232b01ebdbd80804497.zip | |
Do a better query so we can optimize seeing if a cospriority is unique
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/pwpolicy.py | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 483fa955..6f864386 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -140,13 +140,17 @@ def unique_priority(ldap, priority): This isn't done as a validation on the attribute since we want it done only on the server side. """ - (entries, truncated) = find_group_policy(ldap) - for e in entries: - groupdn = find_group_dn(e[1]['cn'][0]) - cos_dn = 'cn="%s", cn=cosTemplates, cn=accounts, %s' % (groupdn, api.env.basedn) - (dn, cos_attrs) = ldap.get_entry(cos_dn, normalize=False) - if priority == int(cos_attrs['cospriority'][0]): - return False + attrs = ('cospriority',) + + attr_filter = ldap.make_filter({'objectclass':'krbcontainer', 'cospriority': + + try: + (entries, truncated) = ldap.find_entries( + attr_filter, attrs, 'cn=cosTemplates,%s' % (api.env.container_accoun + ) + return False + except errors.NotFound: + return True return True |