Use the dn attribute of LDAPEntry to set/get DNs of entries.

Convert all code that uses the 'dn' key of LDAPEntry for this to use the dn attribute instead.
2025-02-25 18:55:28 -06:00 · 2013-01-31 11:19:13 +01:00 · 2013-01-31 11:19:13 +01:00 · bb36683c84
commit bb36683c84
parent 982b782777
11 changed files with 74 additions and 44 deletions
--- a/install/tools/ipa-compliance
+++ b/install/tools/ipa-compliance
@ -116,7 +116,7 @@ def check_compliance(tmpdir, debug=False):
    hostcount = 0
    # Get the hosts first
    try:
-        (entries, truncated) = conn.find_entries('(krblastpwdchange=*)', ['dn'],
+        (entries, truncated) = conn.find_entries('(krblastpwdchange=*)', [],
            DN(api.env.container_host, api.env.basedn),
            conn.SCOPE_ONELEVEL,
            size_limit = -1)
@ -136,10 +136,10 @@ def check_compliance(tmpdir, debug=False):
    available = 0
    try:
        (entries, truncated) = conn.find_entries('(objectclass=ipaentitlement)',
-        ['dn', 'userCertificate'],
-        DN(api.env.container_entitlements, api.env.basedn),
-        conn.SCOPE_ONELEVEL,
-        size_limit = -1)
+            ['userCertificate'],
+            DN(api.env.container_entitlements, api.env.basedn),
+            conn.SCOPE_ONELEVEL,
+            size_limit = -1)

        for entry in entries:
            (dn, attrs) = entry
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@ -572,7 +572,7 @@ def main():
                                     config.dirman_password)
        found = False
        try:
-            entry = conn.find_entries(u'fqdn=%s' % host, ['dn', 'fqdn'], DN(api.env.container_host, api.env.basedn))
+            entry = conn.find_entries(u'fqdn=%s' % host, ['fqdn'], DN(api.env.container_host, api.env.basedn))
            print "The host %s already exists on the master server.\nYou should remove it before proceeding:" % host
            print "    %% ipa host-del %s" % host
            found = True
--- a/ipalib/plugins/automember.py
+++ b/ipalib/plugins/automember.py
@ -316,10 +316,12 @@ class automember_add_condition(LDAPUpdate):
                except errors.NotFound:
                    failed['failed'][attr].append(regex)

+        entry_attrs = entry_to_dict(entry_attrs, **options)
+
        # Set failed and completed to they can be harvested in the execute super
        setattr(context, 'failed', failed)
        setattr(context, 'completed', completed)
-        setattr(context, 'entry_attrs', dict(entry_attrs))
+        setattr(context, 'entry_attrs', entry_attrs)

        # Make sure to returned the failed results if there is nothing to remove
        if completed == 0:
@ -406,10 +408,13 @@ class automember_remove_condition(LDAPUpdate):
                    else:
                        failed['failed'][attr].append(regex)
                entry_attrs[attr] = old_entry
+
+        entry_attrs = entry_to_dict(entry_attrs, **options)
+
        # Set failed and completed to they can be harvested in the execute super
        setattr(context, 'failed', failed)
        setattr(context, 'completed', completed)
-        setattr(context, 'entry_attrs', dict(entry_attrs))
+        setattr(context, 'entry_attrs', entry_attrs)

        # Make sure to returned the failed results if there is nothing to remove
        if completed == 0:
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@ -229,6 +229,12 @@ def entry_from_entry(entry, newentry):
    for e in newentry.keys():
        entry[e] = newentry[e]

+def entry_to_dict(entry, **options):
+    result = dict(entry)
+    if options.get('all', False):
+        result['dn'] = entry.dn
+    return result
+
 def wait_for_value(ldap, dn, attr, value):
    """
    389-ds postoperation plugins are executed after the data has been
@ -978,6 +984,7 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
        ldap = self.obj.backend

        entry_attrs = self.args_options_2_entry(*keys, **options)
+        entry_attrs = ldap.make_entry(DN(), entry_attrs)

        self.process_attr_options(entry_attrs, None, keys, options)

@ -1063,13 +1070,15 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
        for callback in self.get_callbacks('post'):
            dn = callback(self, ldap, dn, entry_attrs, *keys, **options)

+        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
+
        assert isinstance(dn, DN)
+        entry_attrs = entry_to_dict(entry_attrs, **options)
        entry_attrs['dn'] = dn

-        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
        if self.obj.primary_key and keys[-1] is not None:
-            return dict(result=dict(entry_attrs), value=keys[-1])
-        return dict(result=dict(entry_attrs), value=u'')
+            return dict(result=entry_attrs, value=keys[-1])
+        return dict(result=entry_attrs, value=u'')

    def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
        assert isinstance(dn, DN)
@ -1190,11 +1199,14 @@ class LDAPRetrieve(LDAPQuery):
            assert isinstance(dn, DN)

        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
+
        assert isinstance(dn, DN)
+        entry_attrs = entry_to_dict(entry_attrs, **options)
        entry_attrs['dn'] = dn
+
        if self.obj.primary_key and keys[-1] is not None:
-            return dict(result=dict(entry_attrs), value=keys[-1])
-        return dict(result=dict(entry_attrs), value=u'')
+            return dict(result=entry_attrs, value=keys[-1])
+        return dict(result=entry_attrs, value=u'')

    def pre_callback(self, ldap, dn, attrs_list, *keys, **options):
        assert isinstance(dn, DN)
@ -1253,6 +1265,7 @@ class LDAPUpdate(LDAPQuery, crud.Update):
        assert isinstance(dn, DN)

        entry_attrs = self.args_options_2_entry(**options)
+        entry_attrs = ldap.make_entry(dn, entry_attrs)

        self.process_attr_options(entry_attrs, dn, keys, options)

@ -1321,9 +1334,12 @@ class LDAPUpdate(LDAPQuery, crud.Update):
            assert isinstance(dn, DN)

        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
+
+        entry_attrs = entry_to_dict(entry_attrs, **options)
+
        if self.obj.primary_key and keys[-1] is not None:
-            return dict(result=dict(entry_attrs), value=keys[-1])
-        return dict(result=dict(entry_attrs), value=u'')
+            return dict(result=entry_attrs, value=keys[-1])
+        return dict(result=entry_attrs, value=u'')

    def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
        assert isinstance(dn, DN)
@ -1544,13 +1560,16 @@ class LDAPAddMember(LDAPModMember):
                **options)
            assert isinstance(dn, DN)

-        assert isinstance(dn, DN)
-        entry_attrs['dn'] = dn
        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
+
+        assert isinstance(dn, DN)
+        entry_attrs = entry_to_dict(entry_attrs, **options)
+        entry_attrs['dn'] = dn
+
        return dict(
            completed=completed,
            failed=failed,
-            result=dict(entry_attrs),
+            result=entry_attrs,
        )

    def pre_callback(self, ldap, dn, found, not_found, *keys, **options):
@ -1642,14 +1661,16 @@ class LDAPRemoveMember(LDAPModMember):
                **options)
            assert isinstance(dn, DN)

+        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
+
        assert isinstance(dn, DN)
+        entry_attrs = entry_to_dict(entry_attrs, **options)
        entry_attrs['dn'] = dn

-        self.obj.convert_attribute_members(entry_attrs, *keys, **options)
        return dict(
            completed=completed,
            failed=failed,
-            result=dict(entry_attrs),
+            result=entry_attrs,
        )

    def pre_callback(self, ldap, dn, found, not_found, *keys, **options):
@ -1856,10 +1877,9 @@ class LDAPSearch(BaseLDAPCommand, crud.Search):
            for e in entries:
                self.obj.convert_attribute_members(e[1], *args, **options)

-        for e in entries:
-            assert isinstance(e[0], DN)
-            e[1]['dn'] = e[0]
-        entries = [dict(e) for (dn, e) in entries]
+        for (i, e) in enumerate(entries):
+            entries[i] = entry_to_dict(e, **options)
+            entries[i]['dn'] = e.dn

        return dict(
            result=entries,
@ -1994,11 +2014,13 @@ class LDAPAddReverseMember(LDAPModReverseMember):
            assert isinstance(dn, DN)

        assert isinstance(dn, DN)
+        entry_attrs = entry_to_dict(entry_attrs, **options)
        entry_attrs['dn'] = dn
+
        return dict(
            completed=completed,
            failed=failed,
-            result=dict(entry_attrs),
+            result=entry_attrs,
        )

    def pre_callback(self, ldap, dn, *keys, **options):
@ -2094,11 +2116,13 @@ class LDAPRemoveReverseMember(LDAPModReverseMember):
            assert isinstance(dn, DN)

        assert isinstance(dn, DN)
+        entry_attrs = entry_to_dict(entry_attrs, **options)
        entry_attrs['dn'] = dn
+
        return dict(
            completed=completed,
            failed=failed,
-            result=dict(entry_attrs),
+            result=entry_attrs,
        )

    def pre_callback(self, ldap, dn, *keys, **options):
--- a/ipalib/plugins/krbtpolicy.py
+++ b/ipalib/plugins/krbtpolicy.py
@ -176,8 +176,10 @@ class krbtpolicy_reset(LDAPQuery):
            dn = self.obj.get_dn(None)
        (dn, entry_attrs) = ldap.get_entry(dn, self.obj.default_attributes)

+        entry_attrs = entry_to_dict(entry_attrs, **options)
+
        if keys[-1] is not None:
-            return dict(result=dict(entry_attrs), value=keys[-1])
-        return dict(result=dict(entry_attrs), value=u'')
+            return dict(result=entry_attrs, value=keys[-1])
+        return dict(result=entry_attrs, value=u'')

 api.register(krbtpolicy_reset)
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@ -474,10 +474,10 @@ class permission_find(LDAPSearch):
                    dn = permission['dn']
                    del permission['dn']
                    if pkey_only:
-                        new_entry = (dn, {self.obj.primary_key.name: \
-                                          permission[self.obj.primary_key.name]})
+                        pk = self.obj.primary_key.name
+                        new_entry = ldap.make_entry(dn, {pk: permission[pk]})
                    else:
-                        new_entry = (dn, permission)
+                        new_entry = ldap.make_entry(dn, permission)

                    if (dn, permission) not in entries:
                       if len(entries) < max_entries:
--- a/ipalib/plugins/sudorule.py
+++ b/ipalib/plugins/sudorule.py
@ -642,7 +642,9 @@ class sudorule_add_option(LDAPQuery):
            dn, attrs_list, normalize=self.obj.normalize_dn
            )

-        return dict(result=dict(entry_attrs))
+        entry_attrs = entry_to_dict(entry_attrs, **options)
+
+        return dict(result=entry_attrs)

    def output_for_cli(self, textui, result, cn, **options):
        textui.print_dashed(_('Added option "%(option)s" to Sudo Rule "%(rule)s"') % \
@ -697,7 +699,9 @@ class sudorule_remove_option(LDAPQuery):
            dn, attrs_list, normalize=self.obj.normalize_dn
            )

-        return dict(result=dict(entry_attrs))
+        entry_attrs = entry_to_dict(entry_attrs, **options)
+
+        return dict(result=entry_attrs)

    def output_for_cli(self, textui, result, cn, **options):
        textui.print_dashed(_('Removed option "%(option)s" from Sudo Rule "%(rule)s"') % \
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@ -311,7 +311,7 @@ sides.
                         base_dn = DN(api.env.container_trusts, api.env.basedn),
                         filter = trust_filter)

-        result['result'] = dict(trusts[0][1])
+        result['result'] = entry_to_dict(trusts[0][1], **options)
        result['result']['trusttype'] = [trust_type_string(result['result']['ipanttrusttype'][0])]
        result['result']['trustdirection'] = [trust_direction_string(result['result']['ipanttrustdirection'][0])]
        result['result']['truststatus'] = [trust_status_string(result['verified'])]
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@ -838,15 +838,14 @@ class user_status(LDAPQuery):
                    other_ldap.connect(ccache=os.environ['KRB5CCNAME'])
                except Exception, e:
                    self.error("user_status: Connecting to %s failed with %s" % (host, str(e)))
-                    newresult = dict()
-                    newresult['dn'] = dn
+                    newresult = ldap.make_entry(dn)
                    newresult['server'] = _("%(host)s failed: %(error)s") % dict(host=host, error=str(e))
                    entries.append(newresult)
                    count += 1
                    continue
            try:
                entry = other_ldap.get_entry(dn, attr_list)
-                newresult = dict()
+                newresult = ldap.make_entry(dn)
                for attr in ['krblastsuccessfulauth', 'krblastfailedauth']:
                    newresult[attr] = entry[1].get(attr, [u'N/A'])
                newresult['krbloginfailedcount'] = entry[1].get('krbloginfailedcount', u'0')
@ -860,7 +859,6 @@ class user_status(LDAPQuery):
                        except Exception, e:
                            self.debug("time conversion failed with %s" % str(e))
                            pass
-                newresult['dn'] = dn
                newresult['server'] = host
                if options.get('raw', False):
                    time_format = '%Y%m%d%H%M%SZ'
@ -876,8 +874,7 @@ class user_status(LDAPQuery):
                self.obj.handle_not_found(*keys)
            except Exception, e:
                self.error("user_status: Retrieving status for %s failed with %s" % (dn, str(e)))
-                newresult = dict()
-                newresult['dn'] = dn
+                newresult = ldap.make_entry(dn)
                newresult['server'] = _("%(host)s failed") % dict(host=host)
                entries.append(newresult)
                count += 1
--- a/ipaserver/ipaldap.py
+++ b/ipaserver/ipaldap.py
@ -1244,7 +1244,7 @@ class LDAPClient(object):
            return ([], [])

        search_entry_dn = ldap.filter.escape_filter_chars(str(entry_dn))
-        attr_list = ["dn", "memberof"]
+        attr_list = ["memberof"]
        searchfilter = "(|(member=%s)(memberhost=%s)(memberuser=%s))" % (
            search_entry_dn, search_entry_dn, search_entry_dn)

@ -1358,7 +1358,7 @@ class LDAPClient(object):
            return entries

        dn, group = self.get_entry(
-            group_dn, ['dn', 'member'],
+            group_dn, ['member'],
            size_limit=size_limit, time_limit=time_limit)
        real_members = group.get('member', [])

--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@ -476,7 +476,6 @@ class ldap2(LDAPClient, CrudBackend):
        assert isinstance(dn, DN)

        (dn, entry_attrs) = self.get_entry(dn, attrs_list)
-        entry_attrs['dn'] = dn
        return entry_attrs

    def create(self, **kw):
@ -552,7 +551,6 @@ class ldap2(LDAPClient, CrudBackend):
            filter, attrs_list, base_dn, scope
        )
        for (dn, entry_attrs) in entries:
-            entry_attrs['dn'] = [dn]
            output.append(entry_attrs)

        if truncated: