diff --git a/services/univention-ad-connector/modules/univention/connector/ad/__init__.py b/services/univention-ad-connector/modules/univention/connector/ad/__init__.py index b94c391f98..bc4d9082ff 100644 --- a/services/univention-ad-connector/modules/univention/connector/ad/__init__.py +++ b/services/univention-ad-connector/modules/univention/connector/ad/__init__.py @@ -1635,10 +1635,15 @@ class ad(univention.connector.ucs): self.__group_cache_ucs_append_member(groupDN, object_ucs['dn']) def __group_cache_ucs_append_member(self, group, member): - if not self.group_members_cache_ucs.get(group.lower()): - self.group_members_cache_ucs[group.lower()] = [] - ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %s to group ucs cache of %s" % (member.lower(), group.lower())) - self.group_members_cache_ucs[group.lower()].append(member.lower()) + member_lower = member.lower() + group_lower = group.lower() + group_members_lower = self.group_members_cache_ucs.get(group_lower, []) + if member_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %s to group ucs cache of %s" % (member_lower, group_lower)) + if group_members_lower: + group_members_lower.append(member_lower) + else: + self.group_members_cache_ucs[group_lower] = [member_lower] def group_members_sync_from_ucs(self, key, object): # object mit ad-dn """ @@ -1846,12 +1851,17 @@ class ad(univention.connector.ucs): if ldap_object_ucs: self.one_group_member_sync_to_ucs(ucs_group_object, object) - if not self.group_members_cache_con.get(groupDN.lower()): - self.group_members_cache_con[groupDN.lower()] = [] dn = object['attributes'].get('distinguishedName', [None])[0] if dn: - ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to group con cache of %s" % (dn.lower(), groupDN.lower())) - self.group_members_cache_con[groupDN.lower()].append(dn.lower()) + dn_lower = dn.lower() + groupDN_lower = groupDN.lower() + group_members_lower = self.group_members_cache_con.get(groupDN_lower, []) + if dn_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to group con cache of %s" % (dn_lower, groupDN_lower)) + if group_members_lower: + group_members_lower.append(dn_lower) + else: + self.group_members_cache_con[groupDN_lower] = [dn_lower] else: ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Failed to append user %s to group con cache of %s" % (object['dn'].lower(), groupDN.lower())) @@ -1906,16 +1916,26 @@ class ad(univention.connector.ucs): ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: User is already member of the group: %s modlist: %s" % (ad_group_object['dn'], ml)) # The user has been removed from the cache. He must be added in any case - ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to group con cache of %s" % (object['dn'].lower(), ad_group_object['dn'].lower())) - if not self.group_members_cache_con.get(ad_group_object['dn'].lower()): - self.group_members_cache_con[ad_group_object['dn'].lower()] = [] - self.group_members_cache_con[ad_group_object['dn'].lower()].append(object['dn'].lower()) + ad_group_object_dn_lower = ad_group_object['dn'].lower() + group_members_lower = self.group_members_cache_con.get(ad_group_object_dn_lower, []) + object_dn_lower = object['dn'].lower() + if object_dn_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to group con cache of %s" % (object_dn_lower, ad_group_object_dn_lower)) + if group_members_lower: + group_members_lower.append(object_dn_lower) + else: + self.group_members_cache_con[ad_group_object_dn_lower] = [object_dn_lower] def __group_cache_con_append_member(self, group, member): - if not self.group_members_cache_con.get(group.lower()): - self.group_members_cache_con[group.lower()] = [] - ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to group con cache of %s" % (member.lower(), group.lower())) - self.group_members_cache_con[group.lower()].append(member.lower()) + member_lower = member.lower() + group_lower = group.lower() + group_members_lower = self.group_members_cache_con.get(group_lower, []) + if member_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to group con cache of %s" % (member_lower, group_lower)) + if group_members_lower: + group_members_lower.append(member_lower) + else: + self.group_members_cache_con[group_lower] = [member_lower] def group_members_sync_to_ucs(self, key, object): """