ldap2.find_entries: Do not modify attrs_list in-place

dap2.find_entries modified the passed in attrs_list to remove
the virtual attributes memberindirect and memberofindirect
before passing the list to LDAP. This means that a call like
    ldap2.get_entry(dn, attrs_list=some_framework_object.default_attributes)
would permanently remove the virtual attributes from
some_framework_object's definition.

Create a copy of the list instead.

https://fedorahosted.org/freeipa/ticket/4349

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Petr Viktorin 2014-05-16 13:18:36 +02:00
parent 193ced0bd7
commit 988b2cebf4

View File

@ -186,12 +186,15 @@ class ldap2(LDAPClient, CrudBackend):
has_memberindirect = False has_memberindirect = False
has_memberofindirect = False has_memberofindirect = False
if attrs_list: if attrs_list:
if 'memberindirect' in attrs_list: new_attrs_list = []
has_memberindirect = True for attr_name in attrs_list:
attrs_list.remove('memberindirect') if attr_name == 'memberindirect':
if 'memberofindirect' in attrs_list: has_memberindirect = True
has_memberofindirect = True elif attr_name == 'memberofindirect':
attrs_list.remove('memberofindirect') has_memberofindirect = True
else:
new_attrs_list.append(attr_name)
attrs_list = new_attrs_list
res, truncated = super(ldap2, self).find_entries( res, truncated = super(ldap2, self).find_entries(
filter=filter, attrs_list=attrs_list, base_dn=base_dn, scope=scope, filter=filter, attrs_list=attrs_list, base_dn=base_dn, scope=scope,