diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-03-18 09:49:41 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-04-13 17:52:22 +0200 |
commit | 1f0959735f9828a09439f17f1468dcd3dfb914db (patch) | |
tree | 45ccb4b78794a07c5d6d890338f8d3c9f7d8c4fa /ipalib/plugins | |
parent | b23ad42269c606f234f4f8c545e3c763e648f551 (diff) | |
download | freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.tar.gz freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.tar.xz freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.zip |
differentiate between limit types when LDAP search exceeds configured limits
When LDAP search fails on exceeded limits, we should raise an specific
exception for the type of limit raised (size, time, administrative) so that
the consumer can distinguish between e.g. searches returning too many entries
and those timing out.
https://fedorahosted.org/freeipa/ticket/5677
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Diffstat (limited to 'ipalib/plugins')
-rw-r--r-- | ipalib/plugins/automount.py | 6 | ||||
-rw-r--r-- | ipalib/plugins/baseldap.py | 14 |
2 files changed, 7 insertions, 13 deletions
diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py index 7dc00224e..c0a55d5da 100644 --- a/ipalib/plugins/automount.py +++ b/ipalib/plugins/automount.py @@ -803,12 +803,10 @@ class automountkey(LDAPObject): ('cn', parent_keys[0]), self.container_dn, api.env.basedn) attrs_list = ['*'] - entries, truncated = ldap.find_entries( - sfilter, attrs_list, basedn, ldap.SCOPE_ONELEVEL) + entries = ldap.get_entries( + basedn, ldap.SCOPE_ONELEVEL, sfilter, attrs_list) if len(entries) > 1: raise errors.NotFound(reason=_('More than one entry with key %(key)s found, use --info to select specific entry.') % dict(key=pkey)) - if truncated: - raise errors.LimitsExceeded() dn = entries[0].dn return dn diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index ffc0008a6..0eae45dbd 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -684,14 +684,12 @@ class LDAPObject(Object): filter = self.backend.combine_filters( ('(member=*)', mo_filter), self.backend.MATCH_ALL) try: - result, truncated = self.backend.find_entries( - base_dn=self.api.env.basedn, + result = self.backend.get_entries( + self.api.env.basedn, filter=filter, attrs_list=['member'], size_limit=-1, # paged search will get everything anyway paged_search=True) - if truncated: - raise errors.LimitsExceeded() except errors.NotFound: result = [] @@ -709,12 +707,10 @@ class LDAPObject(Object): filter = self.backend.make_filter( {'member': dn, 'memberuser': dn, 'memberhost': dn}) try: - result, truncated = self.backend.find_entries( - base_dn=self.api.env.basedn, + result = self.backend.get_entries( + self.api.env.basedn, filter=filter, attrs_list=['']) - if truncated: - raise errors.LimitsExceeded() except errors.NotFound: result = [] @@ -2105,7 +2101,7 @@ class LDAPSearch(BaseLDAPCommand, crud.Search): result = dict( result=entries, count=len(entries), - truncated=truncated, + truncated=bool(truncated), ) if truncated: |