Call the LDAPClient layer when modifying values

For add/remove member and remove_principal the LDAP connection was being used directly, bypassing the LDAPClient overlay. Related: https://pagure.io/freeipa/issue/8798 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Rafael Guterres Jeffman <rjeffman@redhat.com>
2025-02-25 18:55:28 -06:00 · 2021-03-26 17:57:09 -04:00
parent 8dac8ad834
commit d1f3ff5506
1 changed files with 3 additions and 3 deletions
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -425,7 +425,7 @@ class ldap2(CrudBackend, LDAPClient):
            with self.error_handler():
                modlist = [(a, b, self.encode(c))
                           for a, b, c in modlist]
-                self.conn.modify_s(str(group_dn), modlist)
+                self.modify_s(str(group_dn), modlist)
        except errors.DuplicateEntry:
            # TYPE_OR_VALUE_EXISTS
            raise errors.AlreadyGroupMember()
@@ -448,7 +448,7 @@ class ldap2(CrudBackend, LDAPClient):
            with self.error_handler():
                modlist = [(a, b, self.encode(c))
                           for a, b, c in modlist]
-                self.conn.modify_s(str(group_dn), modlist)
+                self.modify_s(str(group_dn), modlist)
        except errors.MidairCollision:
            raise errors.NotGroupMember()

@@ -502,7 +502,7 @@ class ldap2(CrudBackend, LDAPClient):
               (_ldap.MOD_REPLACE, 'krblastpwdchange', None)]

        with self.error_handler():
-            self.conn.modify_s(str(dn), mod)
+            self.modify_s(str(dn), mod)

    # CrudBackend methods