Lines 826-838
def _modify(self, modify_childs=1, ignore_license=0):
|
Link Here
|
---|
|
826 |
added_options = options - old_options - unavailable_options |
826 |
added_options = options - old_options - unavailable_options |
827 |
removed_options = old_options - options - unavailable_options |
827 |
removed_options = old_options - options - unavailable_options |
828 |
|
828 |
|
829 |
# ocs -= object_classes_to_remove # FIXME: Bug #41207; check which attributes still need it |
|
|
830 |
ocs -= set(chain.from_iterable(m.options[option].objectClasses for option in removed_options)) |
829 |
ocs -= set(chain.from_iterable(m.options[option].objectClasses for option in removed_options)) |
831 |
ocs |= set(chain.from_iterable(m.options[option].objectClasses for option in added_options)) |
830 |
ocs |= set(chain.from_iterable(m.options[option].objectClasses for option in added_options)) |
832 |
if set(self.oldattr.get('objectClass', [])) != ocs: |
831 |
if set(self.oldattr.get('objectClass', [])) != ocs: |
833 |
ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] |
832 |
ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] |
834 |
ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs))) |
833 |
ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs))) |
835 |
|
834 |
|
|
|
835 |
# parse LDAP schema |
836 |
schema = ldap.schema.SubSchema(self.lo.lo.lo.read_subschemasubentry_s(self.lo.lo.lo.search_subschemasubentry_s()), 0) |
837 |
newattr = ldap.cidict.cidict(_MergedAttributes(self, ml).get_attributes()) |
838 |
ocs_afterwards = set(newattr.get('objectClass', [])) - object_classes_to_remove |
839 |
|
840 |
# make sure we still have a structural object class |
841 |
if not schema.get_structural_oc(ocs_afterwards): |
842 |
structural_ocs = schema.get_structural_oc(object_classes_to_remove) |
843 |
if structural_ocs: |
844 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'Preventing to remove last structural object class %r' % (structural_ocs,)) |
845 |
object_classes_to_remove -= set(schema.get_obj(ldap.schema.models.ObjectClass, structural_ocs).names) |
846 |
ocs_afterwards = set(newattr.get('objectClass', [])) - object_classes_to_remove |
847 |
else: |
848 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'missing structural object class. Modify will fail.') |
849 |
|
850 |
# validate removal of object classes |
851 |
do_removal = True |
852 |
must, may = schema.attribute_types(ocs_afterwards) |
853 |
must = ldap.cidict.cidict(dict((x, x) for x in list(chain.from_iterable(x.names for x in must.values())))) |
854 |
may = ldap.cidict.cidict(dict((x, x) for x in list(chain.from_iterable(x.names for x in may.values())))) |
855 |
for attr in must.keys(): |
856 |
if not newattr.get(attr): |
857 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r is required in the current object classes.' % (attr,)) |
858 |
do_removal = False |
859 |
for attr, val in newattr.items(): |
860 |
if val and not must.get(attr) and not may.get(attr): |
861 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'The attribute %r has is now known by any object class.' % (attr,)) |
862 |
do_removal = False |
863 |
if do_removal: |
864 |
ml = [x for x in ml if x[0].lower() != 'objectClass'.lower()] |
865 |
ml.append(('objectClass', self.oldattr.get('objectClass', []), list(ocs - object_classes_to_remove))) |
866 |
|
836 |
ml = self.call_udm_property_hook('hook_ldap_modlist', self, ml) |
867 |
ml = self.call_udm_property_hook('hook_ldap_modlist', self, ml) |
837 |
|
868 |
|
838 |
#FIXME: timeout without exception if objectClass of Object is not exsistant !! |
869 |
#FIXME: timeout without exception if objectClass of Object is not exsistant !! |