|
Lines 826-838
def _modify(self, modify_childs=1, ignore_license=0):
Link Here
|
| 826 |
added_options = options - old_options - unavailable_options |
826 |
added_options = options - old_options - unavailable_options |
| 827 |
removed_options = old_options - options - unavailable_options |
827 |
removed_options = old_options - options - unavailable_options |
| 828 |
|
828 |
|
| 829 |
# ocs -= object_classes_to_remove # FIXME: Bug #41207; check which attributes still need it |
|
|
| 830 |
ocs -= set(chain.from_iterable(m.options[option].objectClasses for option in removed_options)) |
829 |
ocs -= set(chain.from_iterable(m.options[option].objectClasses for option in removed_options)) |
| 831 |
ocs |= set(chain.from_iterable(m.options[option].objectClasses for option in added_options)) |
830 |
ocs |= set(chain.from_iterable(m.options[option].objectClasses for option in added_options)) |
| 832 |
if set(self.oldattr.get('objectClass', [])) != ocs: |
831 |
if set(self.oldattr.get('objectClass', [])) != ocs: |
| 833 |
ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] |
832 |
ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] |
| 834 |
ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs))) |
833 |
ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs))) |
| 835 |
|
834 |
|
|
|
835 |
# parse LDAP schema |
| 836 |
schema = ldap.schema.SubSchema(self.lo.lo.lo.read_subschemasubentry_s(self.lo.lo.lo.search_subschemasubentry_s()), 0) |
| 837 |
newattr = ldap.cidict.cidict(_MergedAttributes(self, ml).get_attributes()) |
| 838 |
ocs_afterwards = set(newattr.get('objectClass', [])) - object_classes_to_remove |
| 839 |
|
| 840 |
# make sure we still have a structural object class |
| 841 |
if not schema.get_structural_oc(ocs_afterwards): |
| 842 |
structural_ocs = schema.get_structural_oc(object_classes_to_remove) |
| 843 |
if structural_ocs: |
| 844 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'Preventing to remove last structural object class %r' % (structural_ocs,)) |
| 845 |
object_classes_to_remove -= set(schema.get_obj(ldap.schema.models.ObjectClass, structural_ocs).names) |
| 846 |
ocs_afterwards = set(newattr.get('objectClass', [])) - object_classes_to_remove |
| 847 |
else: |
| 848 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'missing structural object class. Modify will fail.') |
| 849 |
|
| 850 |
# validate removal of object classes |
| 851 |
do_removal = True |
| 852 |
must, may = schema.attribute_types(ocs_afterwards) |
| 853 |
must = ldap.cidict.cidict(dict((x, x) for x in list(chain.from_iterable(x.names for x in must.values())))) |
| 854 |
may = ldap.cidict.cidict(dict((x, x) for x in list(chain.from_iterable(x.names for x in may.values())))) |
| 855 |
for attr in must.keys(): |
| 856 |
if not newattr.get(attr): |
| 857 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r is required in the current object classes.' % (attr,)) |
| 858 |
do_removal = False |
| 859 |
for attr, val in newattr.items(): |
| 860 |
if val and not must.get(attr) and not may.get(attr): |
| 861 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r has is now known by any object class.' % (attr,)) |
| 862 |
do_removal = False |
| 863 |
if do_removal: |
| 864 |
ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] |
| 865 |
ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs - object_classes_to_remove))) |
| 866 |
|
| 836 |
ml = self.call_udm_property_hook('hook_ldap_modlist', self, ml) |
867 |
ml = self.call_udm_property_hook('hook_ldap_modlist', self, ml) |
| 837 |
|
868 |
|
| 838 |
#FIXME: timeout without exception if objectClass of Object is not exsistant !! |
869 |
#FIXME: timeout without exception if objectClass of Object is not exsistant !! |