Univention Bugzilla – Attachment 7746 Details for
Bug 41207
objectClass is not removed from object when extended attribute wants it
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Fix multiple-alias-names-per-attribute
41207_udm-modlist2.diff (text/plain), 4.95 KB, created by
Philipp Hahn
on 2016-06-15 13:57:06 CEST
(
hide
)
Description:
Fix multiple-alias-names-per-attribute
Filename:
MIME Type:
Creator:
Philipp Hahn
Created:
2016-06-15 13:57:06 CEST
Size:
4.95 KB
patch
obsolete
>diff --git a/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py b/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py >index 1c82abb..b2e903a 100644 >--- a/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py >+++ b/branches/ucs-4.1/ucs-4.1-2/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py >@@ -815,42 +815,50 @@ class simpleLdap(base): > ocs -= set(chain.from_iterable(m.options[option].objectClasses for option in removed_options)) > ocs |= set(chain.from_iterable(m.options[option].objectClasses for option in added_options)) > if set(self.oldattr.get('objectClass', [])) != ocs: >- ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] >+ ml = [x for x in ml if x[0].lower() != 'objectclass'] > ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs))) >+ elif not object_classes_to_remove: >+ return ml >+ >+ # parse LDAP schema >+ schema = self.lo.get_schema() >+ newattr = ldap.cidict.cidict(_MergedAttributes(self, ml).get_attributes()) >+ ocs_afterwards = ocs - object_classes_to_remove >+ >+ # make sure we still have a structural object class >+ if not schema.get_structural_oc(ocs_afterwards): >+ structural_ocs = schema.get_structural_oc(object_classes_to_remove) >+ if structural_ocs: >+ univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'Preventing to remove last structural object class %r' % (structural_ocs,)) >+ object_classes_to_remove -= set(schema.get_obj(ldap.schema.models.ObjectClass, structural_ocs).names) >+ ocs_afterwards = ocs - object_classes_to_remove >+ else: >+ univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'missing structural object class. Modify will fail.') >+ return ml > >- if object_classes_to_remove or set(self.oldattr.get('objectClass', [])) != ocs: >- # parse LDAP schema >- schema = self.lo.get_schema() >- newattr = ldap.cidict.cidict(_MergedAttributes(self, ml).get_attributes()) >- ocs_afterwards = set(newattr.get('objectClass', [])) - object_classes_to_remove >- >- # make sure we still have a structural object class >- if not schema.get_structural_oc(ocs_afterwards): >- structural_ocs = schema.get_structural_oc(object_classes_to_remove) >- if structural_ocs: >- univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'Preventing to remove last structural object class %r' % (structural_ocs,)) >- object_classes_to_remove -= set(schema.get_obj(ldap.schema.models.ObjectClass, structural_ocs).names) >- ocs_afterwards = set(newattr.get('objectClass', [])) - object_classes_to_remove >- else: >- univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'missing structural object class. Modify will fail.') >- >- # validate removal of object classes >- must, may = schema.attribute_types(ocs_afterwards) >- must = ldap.cidict.cidict(dict((x, x) for x in list(chain.from_iterable(x.names for x in must.values())))) >- may = ldap.cidict.cidict(dict((x, x) for x in list(chain.from_iterable(x.names for x in may.values())))) >- for attr in must.keys(): >- if not newattr.get(attr): >- univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r is required by the current object classes.' % (attr,)) >+ # validate removal of object classes >+ must, may = schema.attribute_types(ocs_afterwards) >+ allowed = set(name.lower() for attr in may.values() for name in attr.names) | set(name.lower() for attr in must.values() for name in attr.names) >+ >+ for attr, val in newattr.items(): >+ if not val: >+ continue >+ if attr.lower() not in allowed: >+ univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r is not allowed by any object class.' % (attr,)) >+ # ml.append((attr, val, [])) # TODO: Remove the now invalid attribute instead >+ return ml >+ >+ for attr in must.values(): >+ for name in attr.names: >+ if newattr.get(name): > break > else: >- for attr, val in newattr.items(): >- if val and not must.get(attr) and not may.get(attr): >- univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r is not allowed by any object class.' % (attr,)) >- # ml.append((attr, val, [])) # TODO: Remove the now invalid attribute instead >- break >- else: >- ml = [x for x in ml if x[0].lower() != 'objectclass'] >- ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs - object_classes_to_remove))) >+ univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r is required by the current object classes.' % (attr.names,)) >+ return ml >+ >+ ml = [x for x in ml if x[0].lower() != 'objectclass'] >+ ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs_afterwards))) >+ > return ml > > def _move_in_subordinates(self, olddn):
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7746">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 41207
:
7693
|
7694
| 7746