summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/baseldap.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipalib/plugins/baseldap.py')
-rw-r--r--ipalib/plugins/baseldap.py36
1 files changed, 14 insertions, 22 deletions
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index cf5d8d20..9562ff98 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -1744,28 +1744,20 @@ class LDAPSearch(BaseLDAPCommand, crud.Search):
relationship = self.obj.relationships.get(
attr, ['member', '', 'no_']
)
- param_name = '%s%s' % (relationship[1], to_cli(ldap_obj_name))
- if param_name in options:
- dns = []
- for pkey in options[param_name]:
- dns.append(ldap_obj.get_dn(pkey))
- flt = ldap.make_filter_from_attr(
- attr, dns, ldap.MATCH_ALL
- )
- filter = ldap.combine_filters(
- (filter, flt), ldap.MATCH_ALL
- )
- param_name = '%s%s' % (relationship[2], to_cli(ldap_obj_name))
- if param_name in options:
- dns = []
- for pkey in options[param_name]:
- dns.append(ldap_obj.get_dn(pkey))
- flt = ldap.make_filter_from_attr(
- attr, dns, ldap.MATCH_NONE
- )
- filter = ldap.combine_filters(
- (filter, flt), ldap.MATCH_ALL
- )
+ # Handle positive (MATCH_ALL) and negative (MATCH_NONE)
+ # searches similarly
+ param_prefixes = relationship[1:] # e.g. ('in_', 'not_in_')
+ rules = ldap.MATCH_ALL, ldap.MATCH_NONE
+ for param_prefix, rule in zip(param_prefixes, rules):
+ param_name = '%s%s' % (param_prefix, to_cli(ldap_obj_name))
+ if options.get(param_name):
+ dns = []
+ for pkey in options[param_name]:
+ dns.append(ldap_obj.get_dn(pkey))
+ flt = ldap.make_filter_from_attr(attr, dns, rule)
+ filter = ldap.combine_filters(
+ (filter, flt), ldap.MATCH_ALL
+ )
return filter
has_output_params = global_output_params
generated by cgit (git 2.34.1) at 2025-08-29 05:10:47 +0000