diff --git a/ucs-school-lib/python/schoolldap.py b/ucs-school-lib/python/schoolldap.py index b770e23..8358170 100644 --- a/ucs-school-lib/python/schoolldap.py +++ b/ucs-school-lib/python/schoolldap.py @@ -45,7 +45,7 @@ from univention.lib.i18n import Translation from functools import wraps import re import inspect -from ldap.filter import escape_filter_chars, filter_format +from ldap.filter import escape_filter_chars, filter_format, escape_dn_chars from univention.management.console.config import ucr from univention.management.console.log import MODULE @@ -232,39 +232,39 @@ class SchoolSearchBase(object): @property def workgroups(self): - return "cn=%s,cn=groups,%s" % (self._containerStudents, self.schoolDN) + return "cn=%s,cn=groups,%s" % (escape_dn_chars(self._containerStudents), self.schoolDN) @property def classes(self): - return "cn=%s,cn=%s,cn=groups,%s" % (self._containerClass, self._containerStudents, self.schoolDN) + return "cn=%s,cn=%s,cn=groups,%s" % (escape_dn_chars(self._containerClass), escape_dn_chars(self._containerStudents), self.schoolDN) @property def rooms(self): - return "cn=%s,cn=groups,%s" % (self._containerRooms, self.schoolDN) + return "cn=%s,cn=groups,%s" % (escape_dn_chars(self._containerRooms), self.schoolDN) @property def students(self): - return "cn=%s,cn=users,%s" % (self._containerStudents, self.schoolDN) + return "cn=%s,cn=users,%s" % (escape_dn_chars(self._containerStudents), self.schoolDN) @property def teachers(self): - return "cn=%s,cn=users,%s" % (self._containerTeachers, self.schoolDN) + return "cn=%s,cn=users,%s" % (escape_dn_chars(self._containerTeachers), self.schoolDN) @property def teachersAndStaff(self): - return "cn=%s,cn=users,%s" % (self._containerTeachersAndStaff, self.schoolDN) + return "cn=%s,cn=users,%s" % (escape_dn_chars(self._containerTeachersAndStaff), self.schoolDN) @property def staff(self): - return "cn=%s,cn=users,%s" % (self._containerStaff, self.schoolDN) + return "cn=%s,cn=users,%s" % (escape_dn_chars(self._containerStaff), self.schoolDN) @property def admins(self): - return "cn=%s,cn=users,%s" % (self._containerAdmins, self.schoolDN) + return "cn=%s,cn=users,%s" % (escape_dn_chars(self._containerAdmins), self.schoolDN) @property def classShares(self): - return "cn=%s,cn=shares,%s" % (self._containerClass, self.schoolDN) + return "cn=%s,cn=shares,%s" % (escape_dn_chars(self._containerClass), self.schoolDN) @property def shares(self): @@ -280,7 +280,7 @@ class SchoolSearchBase(object): @property def examUsers(self): - return "cn=%s,%s" % (self._examUserContainerName, self.schoolDN) + return "cn=%s,%s" % (escape_dn_chars(self._examUserContainerName), self.schoolDN) @property def globalGroupContainer(self): @@ -288,19 +288,19 @@ class SchoolSearchBase(object): @property def educationalDCGroup(self): - return "cn=OU%s-DC-Edukativnetz,cn=ucsschool,cn=groups,%s" % (self.school, self._ldapBase) + return "cn=OU%s-DC-Edukativnetz,cn=ucsschool,cn=groups,%s" % (escape_dn_chars(self.school), self._ldapBase) @property def educationalMemberGroup(self): - return "cn=OU%s-Member-Edukativnetz,cn=ucsschool,cn=groups,%s" % (self.school, self._ldapBase) + return "cn=OU%s-Member-Edukativnetz,cn=ucsschool,cn=groups,%s" % (escape_dn_chars(self.school), self._ldapBase) @property def administrativeDCGroup(self): - return "cn=OU%s-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s" % (self.school, self._ldapBase) + return "cn=OU%s-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s" % (escape_dn_chars(self.school), self._ldapBase) @property def administrativeMemberGroup(self): - return "cn=OU%s-Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s" % (self.school, self._ldapBase) + return "cn=OU%s-Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s" % (escape_dn_chars(self.school), self._ldapBase) @property def examGroupName(self): @@ -310,7 +310,7 @@ class SchoolSearchBase(object): @property def examGroup(self): - return "cn=%s,cn=ucsschool,cn=groups,%s" % (self.examGroupName, self._ldapBase) + return "cn=%s,cn=ucsschool,cn=groups,%s" % (escape_dn_chars(self.examGroupName), self._ldapBase) def isWorkgroup(self, groupDN): # a workgroup cannot lie in a sub directory