Allow specifying search scope in {ldap,servercore}.search

2025-02-25 18:55:28 -06:00 · 2009-02-06 17:00:23 +01:00 · 2009-02-06 17:00:23 +01:00 · 58ae191a5a
commit 58ae191a5a
parent 412104e34c
2 changed files with 15 additions and 4 deletions
--- a/ipaserver/plugins/b_ldap.py
+++ b/ipaserver/plugins/b_ldap.py
@ -199,6 +199,12 @@ class ldap(CrudBackend):

        return (exact_match_filter, partial_match_filter)

+    def _get_scope(self, scope_str):
+        scope_dict = {'one'     : _ldap.SCOPE_ONELEVEL,
+                      'subtree' : _ldap.SCOPE_SUBTREE,
+                      'base'    : _ldap.SCOPE_BASE }
+        return scope_dict.get(scope_str, _ldap.SCOPE_BASE)
+
    def modify_password(self, dn, **kw):
        return servercore.modify_password(dn, kw.get('oldpass'), kw.get('newpass'))

@ -286,6 +292,7 @@ class ldap(CrudBackend):
        sfilter = kw.get('filter')
        attributes = kw.get('attributes')
        base = kw.get('base')
+        scope = kw.get('scope')
        if attributes:
            del kw['attributes']
        else:
@ -296,6 +303,8 @@ class ldap(CrudBackend):
            del kw['base']
        if sfilter:
            del kw['filter']
+        if scope:
+            del kw['scope']
        (exact_match_filter, partial_match_filter) = self._generate_search_filters(**kw)
        if objectclass:
            exact_match_filter = "(&(objectClass=%s)%s)" % (objectclass, exact_match_filter)
@ -304,19 +313,21 @@ class ldap(CrudBackend):
            exact_match_filter = "(%s%s)" % (sfilter, exact_match_filter)
            partial_match_filter = "(%s%s)" % (sfilter, partial_match_filter)

+        search_scope = self._get_scope(scope)
+
        if not base:
            base = self.api.env.container_accounts

        search_base = "%s, %s" % (base, self.api.env.basedn)
        try:
            exact_results = servercore.search(search_base,
-                    exact_match_filter, attributes)
+                    exact_match_filter, attributes, scope=search_scope)
        except errors2.NotFound:
            exact_results = [0]

        try:
            partial_results = servercore.search(search_base,
-                    partial_match_filter, attributes)
+                    partial_match_filter, attributes, scope=search_scope)
        except errors2.NotFound:
            partial_results = [0]

--- a/ipaserver/servercore.py
+++ b/ipaserver/servercore.py
@ -263,11 +263,11 @@ def delete_entry(dn):
    return context.ldap.conn.deleteEntry(dn)

 # FIXME, get time and search limit from cn=ipaconfig
-def search(base, filter, attributes, timelimit=1, sizelimit=3000):
+def search(base, filter, attributes, timelimit=1, sizelimit=3000, scope=ldap.SCOPE_SUBTREE):
    """Perform an LDAP query"""
    try:
        timelimit = float(timelimit)
-        results = context.ldap.conn.getListAsync(base, ldap.SCOPE_SUBTREE,
+        results = context.ldap.conn.getListAsync(base, scope,
            filter, attributes, 0, None, None, timelimit, sizelimit)
    except ldap.NO_SUCH_OBJECT:
        raise errors2.NotFound()