Attachment #10274 for bug #50644




					continue

				s4_group_dn, s4_group_attrs = s4_group
				self.group_members_cache_con[s4_group_dn.lower()] = set()
				if s4_group_attrs:
					s4_members = self.get_s4_members(s4_group_dn, s4_group_attrs)
					group_cache = self.group_members_cache_con[s4_group_dn.lower()]
					group_cache.update(m.lower() for m in s4_members)

			ud.debug(ud.LDAP, ud.ALL, "__init__: self.group_members_cache_con: %s" % self.group_members_cache_con)


			self.__group_cache_ucs_append_member(groupDN, object_ucs['dn'])

	def __group_cache_ucs_append_member(self, group, member):
		member_cache = self.group_members_cache_ucs.setdefault(group.lower(), set())
		if member.lower() not in member_cache:
			ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %r to UCS group member cache of %r" % (member, group))
		member_cache.add(member.lower())
		if not members:
			self.group_members_cache_ucs[group_lower] = [member_lower]
		else:
			members.append(member_lower)

	def group_members_sync_from_ucs(self, key, object):  # object mit s4-dn
		"""

		ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: clean ucs_members: %s" % ucs_members)

		# all dn's need to be lower-case so we can compare them later and put them in the UCS group member cache:
		self.group_members_cache_ucs[object_ucs_dn.lower()] = set()
		ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: UCS group member cache reset")

		# lookup all current members of S4 group

			else:
				if object['modtype'] == 'add':
					ud.debug(ud.LDAP, ud.PROCESS, "group_members_sync_from_ucs: %s is newly added. For this case don't remove current S4 members." % (object['dn'].lower()))
				elif (member_dn_lower in self.group_members_cache_con.get(object['dn'].lower(), set())) or (self.property.get('group') and self.property['group'].sync_mode in ['write', 'none']):
					# FIXME: Should this really also be done if sync_mode for group is 'none'?
					# remove member only if he was in the cache on S4 side
					# otherwise it is possible that the user was just created on S4 and we are on the way back

					if ldap_object_ucs:
						self.one_group_member_sync_to_ucs(ucs_group_object, object)

				if not self.group_members_cache_con.get(groupDN.lower()):
					self.group_members_cache_con[groupDN.lower()] = []
				dn = object['attributes'].get('distinguishedName', [None])[0]
				if dn:
					ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to S4 group member cache of %s" % (dn.lower(), groupDN.lower()))
					self.group_members_cache_con.setdefault(groupDN.lower(), set()).add(dn.lower())
				else:
					ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Failed to append user %s to S4 group member cache of %s" % (object['dn'].lower(), groupDN.lower()))



		# The user has been removed from the cache. He must be added in any case
		ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to S4 group member cache of %s" % (object['dn'].lower(), s4_group_object['dn'].lower()))
		self.group_members_cache_con.setdefault(s4_group_object['dn'].lower(), set()).add(object['dn'].lower())
			self.group_members_cache_con[s4_group_object['dn'].lower()] = []
		self.group_members_cache_con[s4_group_object['dn'].lower()].append(object['dn'].lower())

	def __group_cache_con_append_member(self, group, member):
		group_lower = group.lower()
		member_lower = member.lower()
		ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to S4 group member cache of %s" % (member_lower, group_lower))
		self.group_members_cache_con.setdefault(group_lower, set()).add(member_lower)
		if not members:
			self.group_members_cache_con[group_lower] = [member_lower]
		else:
			members.append(member_lower)

	def group_members_sync_to_ucs(self, key, object):
		"""

				s4_members.append(prim_dn)
		ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: clean s4_members %s" % s4_members)

		self.group_members_cache_con[s4_object_dn.lower()] = set()
		ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: S4 group member cache reset")

		# lookup all current members of UCS group

				# remove member only if he was in the cache
				# otherwise it is possible that the user was just created on UCS

				if (member_dn_lower in self.group_members_cache_ucs.get(object['dn'].lower(), set())) or (self.property.get('group') and self.property['group'].sync_mode in ['read', 'none']):
					# FIXME: Should this really also be done if sync_mode for group is 'none'?
					ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: %s was found in UCS group member cache of %s" % (member_dn_lower, object['dn'].lower()))
					ucs_object_attr = cache.get(member_dn)

					raise

				if property_type == 'group':
					self.group_members_cache_con[object['dn'].lower()] = set()
					ud.debug(ud.LDAP, ud.INFO, "group_members_cache_con[%s]: []" % (object['dn'].lower()))

				if hasattr(self.property[property_type], "post_con_create_functions"):

Return to bug 50644

Lines 824-834 class s4(univention.s4connector.ucs): Link Here

(-)services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py (-26 / +14 lines)
824	continue	824	continue
825		825
826	s4_group_dn, s4_group_attrs = s4_group	826	s4_group_dn, s4_group_attrs = s4_group
827	self.group_members_cache_con[s4_group_dn.lower()] = []	827	self.group_members_cache_con[s4_group_dn.lower()] = set()
828	if s4_group_attrs:	828	if s4_group_attrs:
829	s4_members = self.get_s4_members(s4_group_dn, s4_group_attrs)	829	s4_members = self.get_s4_members(s4_group_dn, s4_group_attrs)
830	group_cache = self.group_members_cache_con[s4_group_dn.lower()]	830	group_cache = self.group_members_cache_con[s4_group_dn.lower()]
831	group_cache.extend(m.lower() for m in s4_members)	831	group_cache.update(m.lower() for m in s4_members)
832		832
833	ud.debug(ud.LDAP, ud.ALL, "__init__: self.group_members_cache_con: %s" % self.group_members_cache_con)	833	ud.debug(ud.LDAP, ud.ALL, "__init__: self.group_members_cache_con: %s" % self.group_members_cache_con)
834		834
Lines 1516-1529 class s4(univention.s4connector.ucs): Link Here
1516	self.__group_cache_ucs_append_member(groupDN, object_ucs['dn'])	1516	self.__group_cache_ucs_append_member(groupDN, object_ucs['dn'])
1517		1517
1518	def __group_cache_ucs_append_member(self, group, member):	1518	def __group_cache_ucs_append_member(self, group, member):
1519	group_lower = group.lower()	1519	member_cache = self.group_members_cache_ucs.setdefault(group.lower(), set())
1520	member_lower = member.lower()	1520	if member.lower() not in member_cache:
1521	ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %s to UCS group member cache of %s" % (member_lower, group_lower))	1521	ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %r to UCS group member cache of %r" % (member, group))
1522	members = self.group_members_cache_ucs.get(group_lower)	1522	member_cache.add(member.lower())
1523	if not members:
1524	self.group_members_cache_ucs[group_lower] = [member_lower]
1525	else:
1526	members.append(member_lower)
1527		1523
1528	def group_members_sync_from_ucs(self, key, object): # object mit s4-dn	1524	def group_members_sync_from_ucs(self, key, object): # object mit s4-dn
1529	"""	1525	"""
Lines 1558-1564 class s4(univention.s4connector.ucs): Link Here
1558	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: clean ucs_members: %s" % ucs_members)	1554	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: clean ucs_members: %s" % ucs_members)
1559		1555
1560	# all dn's need to be lower-case so we can compare them later and put them in the UCS group member cache:	1556	# all dn's need to be lower-case so we can compare them later and put them in the UCS group member cache:
1561	self.group_members_cache_ucs[object_ucs_dn.lower()] = []	1557	self.group_members_cache_ucs[object_ucs_dn.lower()] = set()
1562	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: UCS group member cache reset")	1558	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_from_ucs: UCS group member cache reset")
1563		1559
1564	# lookup all current members of S4 group	1560	# lookup all current members of S4 group
Lines 1673-1679 class s4(univention.s4connector.ucs): Link Here
1673	else:	1669	else:
1674	if object['modtype'] == 'add':	1670	if object['modtype'] == 'add':
1675	ud.debug(ud.LDAP, ud.PROCESS, "group_members_sync_from_ucs: %s is newly added. For this case don't remove current S4 members." % (object['dn'].lower()))	1671	ud.debug(ud.LDAP, ud.PROCESS, "group_members_sync_from_ucs: %s is newly added. For this case don't remove current S4 members." % (object['dn'].lower()))
1676	elif (member_dn_lower in self.group_members_cache_con.get(object['dn'].lower(), [])) or (self.property.get('group') and self.property['group'].sync_mode in ['write', 'none']):	1672	elif (member_dn_lower in self.group_members_cache_con.get(object['dn'].lower(), set())) or (self.property.get('group') and self.property['group'].sync_mode in ['write', 'none']):
1677	# FIXME: Should this really also be done if sync_mode for group is 'none'?	1673	# FIXME: Should this really also be done if sync_mode for group is 'none'?
1678	# remove member only if he was in the cache on S4 side	1674	# remove member only if he was in the cache on S4 side
1679	# otherwise it is possible that the user was just created on S4 and we are on the way back	1675	# otherwise it is possible that the user was just created on S4 and we are on the way back
Lines 1728-1739 class s4(univention.s4connector.ucs): Link Here
1728	if ldap_object_ucs:	1724	if ldap_object_ucs:
1729	self.one_group_member_sync_to_ucs(ucs_group_object, object)	1725	self.one_group_member_sync_to_ucs(ucs_group_object, object)
1730		1726
1731	if not self.group_members_cache_con.get(groupDN.lower()):
1732	self.group_members_cache_con[groupDN.lower()] = []
1733	dn = object['attributes'].get('distinguishedName', [None])[0]	1727	dn = object['attributes'].get('distinguishedName', [None])[0]
1734	if dn:	1728	if dn:
1735	ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to S4 group member cache of %s" % (dn.lower(), groupDN.lower()))	1729	ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to S4 group member cache of %s" % (dn.lower(), groupDN.lower()))
1736	self.group_members_cache_con[groupDN.lower()].append(dn.lower())	1730	self.group_members_cache_con.setdefault(groupDN.lower(), set()).add(dn.lower())
1737	else:	1731	else:
1738	ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Failed to append user %s to S4 group member cache of %s" % (object['dn'].lower(), groupDN.lower()))	1732	ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Failed to append user %s to S4 group member cache of %s" % (object['dn'].lower(), groupDN.lower()))
1739		1733
Lines 1791-1809 class s4(univention.s4connector.ucs): Link Here
1791		1785
1792	# The user has been removed from the cache. He must be added in any case	1786	# The user has been removed from the cache. He must be added in any case
1793	ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to S4 group member cache of %s" % (object['dn'].lower(), s4_group_object['dn'].lower()))	1787	ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to S4 group member cache of %s" % (object['dn'].lower(), s4_group_object['dn'].lower()))
1794	if not self.group_members_cache_con.get(s4_group_object['dn'].lower()):	1788	self.group_members_cache_con.setdefault(s4_group_object['dn'].lower(), set()).add(object['dn'].lower())
1795	self.group_members_cache_con[s4_group_object['dn'].lower()] = []
1796	self.group_members_cache_con[s4_group_object['dn'].lower()].append(object['dn'].lower())
1797		1789
1798	def __group_cache_con_append_member(self, group, member):	1790	def __group_cache_con_append_member(self, group, member):
1799	group_lower = group.lower()	1791	group_lower = group.lower()
1800	member_lower = member.lower()	1792	member_lower = member.lower()
1801	ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to S4 group member cache of %s" % (member_lower, group_lower))	1793	ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to S4 group member cache of %s" % (member_lower, group_lower))
1802	members = self.group_members_cache_con.get(group_lower)	1794	self.group_members_cache_con.setdefault(group_lower, set()).add(member_lower)
1803	if not members:
1804	self.group_members_cache_con[group_lower] = [member_lower]
1805	else:
1806	members.append(member_lower)
1807		1795
1808	def group_members_sync_to_ucs(self, key, object):	1796	def group_members_sync_to_ucs(self, key, object):
1809	"""	1797	"""
Lines 1836-1842 class s4(univention.s4connector.ucs): Link Here
1836	s4_members.append(prim_dn)	1824	s4_members.append(prim_dn)
1837	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: clean s4_members %s" % s4_members)	1825	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: clean s4_members %s" % s4_members)
1838		1826
1839	self.group_members_cache_con[s4_object_dn.lower()] = []	1827	self.group_members_cache_con[s4_object_dn.lower()] = set()
1840	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: S4 group member cache reset")	1828	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: S4 group member cache reset")
1841		1829
1842	# lookup all current members of UCS group	1830	# lookup all current members of UCS group
Lines 1934-1940 class s4(univention.s4connector.ucs): Link Here
1934	# remove member only if he was in the cache	1922	# remove member only if he was in the cache
1935	# otherwise it is possible that the user was just created on UCS	1923	# otherwise it is possible that the user was just created on UCS
1936		1924
1937	if (member_dn_lower in self.group_members_cache_ucs.get(object['dn'].lower(), [])) or (self.property.get('group') and self.property['group'].sync_mode in ['read', 'none']):	1925	if (member_dn_lower in self.group_members_cache_ucs.get(object['dn'].lower(), set())) or (self.property.get('group') and self.property['group'].sync_mode in ['read', 'none']):
1938	# FIXME: Should this really also be done if sync_mode for group is 'none'?	1926	# FIXME: Should this really also be done if sync_mode for group is 'none'?
1939	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: %s was found in UCS group member cache of %s" % (member_dn_lower, object['dn'].lower()))	1927	ud.debug(ud.LDAP, ud.INFO, "group_members_sync_to_ucs: %s was found in UCS group member cache of %s" % (member_dn_lower, object['dn'].lower()))
1940	ucs_object_attr = cache.get(member_dn)	1928	ucs_object_attr = cache.get(member_dn)
Lines 2433-2439 class s4(univention.s4connector.ucs): Link Here
2433	raise	2421	raise
2434		2422
2435	if property_type == 'group':	2423	if property_type == 'group':
2436	self.group_members_cache_con[object['dn'].lower()] = []	2424	self.group_members_cache_con[object['dn'].lower()] = set()
2437	ud.debug(ud.LDAP, ud.INFO, "group_members_cache_con[%s]: []" % (object['dn'].lower()))	2425	ud.debug(ud.LDAP, ud.INFO, "group_members_cache_con[%s]: []" % (object['dn'].lower()))
2438		2426
2439	if hasattr(self.property[property_type], "post_con_create_functions"):	2427	if hasattr(self.property[property_type], "post_con_create_functions"):