Attachment #7326 for bug #40129





import re
import types
import ldap.filter
import univention.admin.uexceptions

def escapeForLdapFilter(txt):
	"""Escape LDAP filter value."""
	return ldap.filter.escape_filter_chars(txt)

	>>> escapeForLdapFilter('key=value')
	'key=value'
	>>> escapeForLdapFilter('description=Number (1)')
	'description=Number \\\\281\\\\29'
	"""
	# parenthesis mess up ldap filters - they should be escaped
	return txt.replace('(', '\(').replace(')', '\)').replace('\\', '\\\\')

class conjunction:
	"""LDAP filter conjunction (&) or disjunction (|)."""

Return to bug 40129

Lines 32-50 Link Here

(-)a/management/univention-directory-manager-modules/modules/univention/admin/filter.py (-10 / +3 lines)
32		32
33	import re	33	import re
34	import types	34	import types
		35	import ldap.filter
35	import univention.admin.uexceptions	36	import univention.admin.uexceptions
36		37
37	def escapeForLdapFilter(txt):	38	def escapeForLdapFilter(txt):
38	"""Escape LDAP filter value.	39	"""Escape LDAP filter value."""
39	Bug #19976: According to RFC2254 [*()\\\0] must be \\%02x encoded.	40	return ldap.filter.escape_filter_chars(txt)
40
41	>>> escapeForLdapFilter('key=value')
42	'key=value'
43	>>> escapeForLdapFilter('description=Number (1)')
44	'description=Number \\\\281\\\\29'
45	"""
46	# parenthesis mess up ldap filters - they should be escaped
47	return txt.replace('(', '\(').replace(')', '\)').replace('\\', '\\\\')
48		41
49	class conjunction:	42	class conjunction:
50	"""LDAP filter conjunction (&) or disjunction (\|)."""	43	"""LDAP filter conjunction (&) or disjunction (\|)."""