Univention Bugzilla – Bug 41857
ucs-school-import: emit warning when storing a ucsschool.lib mapped attribute in udm_properties
Last modified: 2016-10-04 13:24:43 CEST
ucs-school-import: emit warning when storing a ucsschool.lib mapped attribute in ImportUser.udm_properties Storing a ucsschool.lib mapped attribute in ImportUser.udm_properties, will in all likelihood produce problems. I would rather not create an error, aborting the user import, as it can be done safely in pre-create-hooks (but not in pre-modify-hooks). I'd leave it to the user (programmer/administrator) to read the documentation (see Bug #41856) and decide for himself.
Turns out, that setting 'lastname' in udm_properties is simply ignored and even worse setting 'username' leads to krb5PrincipalName changing, but nothing else. Also: changing 'school' does not lead to a school change. So I have changed this from emitting a warning to creating an error, that will abort the current users import (non-fatal UcsSchoolImportError). Code: 71246 Advisory: 71247
r72340: removed 'email' from the blacklisted key names for UDM properties, as it is an actual LDAP attribute, that cannot be set otherwise. It will now only emit a warning (not raise an exception).
The code contains the following hardcoded blacklist: "birthday", "disabled", "firstname", "lastname", "mailPrimaryAddress", "name", "password", "school", "schools", "school_classes", "sn", "uid", "username" Can you please explain why it contain UDM property names AND ldap attribute names? (e.g. "lastname" and "sn") I don't see the reason why "sn" is necessary here.
The list contains the the names of attributes and properties that are (most probably) used better differently: "birthday": 1 "disabled": 1 "firstname": 1 "lastname": 1 "mailPrimaryAddress": 2 "name": 1 "password": 1 "school": 1 "schools": 1 "school_classes": 1 "sn": 2 "uid": 2 "username": 2 1: shouldn't be used in udm_properties, but as User attribute 2: there is a User attribute mapping for this UDM property / LDAP attribute
I still don't understand why attribute names are necessary as they can't be set neither via UDM nor via the ucs-school-lib-models, right?
1. the property names are hardcoded and not complete. It's better to use the full list of all model-attributes: set(x.udm_name for x in self._attributes.values()) 2. Wrong: the UDM property is "e-mail" and not "email" 3. It is not necessary to include LDAP attribute names. * They are catched by other code which show already a exception that the property doesn't exist * It would prevent to have extended attributes with the name 'sn', 'uid', … 4. The warning about email is unreachable code because the scheme requires email and the check applies only if no email is set which is impossible then Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/ucsschool/importer/frontend/cmdline.py", line 116, in main self.do_import() File "/usr/lib/pymodules/python2.7/ucsschool/importer/frontend/cmdline.py", line 94, in do_import importer.mass_import() File "/usr/lib/pymodules/python2.7/ucsschool/importer/mass_import/mass_import.py", line 69, in mass_import self.import_users() File "/usr/lib/pymodules/python2.7/ucsschool/importer/mass_import/mass_import.py", line 98, in import_users user_import.create_and_modify_users(imported_users) File "/usr/lib/pymodules/python2.7/ucsschool/importer/mass_import/user_import.py", line 106, in create_and_modify_users user = self.determine_add_modify_action(imported_user) File "/usr/lib/pymodules/python2.7/ucsschool/importer/mass_import/user_import.py", line 183, in determine_add_modify_action imported_user.prepare_all(new_user=False) File "/usr/lib/pymodules/python2.7/ucsschool/importer/models/import_user.py", line 227, in prepare_all self.prepare_attributes(new_user) File "/usr/lib/pymodules/python2.7/ucsschool/importer/models/import_user.py", line 249, in prepare_attributes self.make_email() File "/usr/lib/pymodules/python2.7/ucsschool/importer/models/import_user.py", line 382, in make_email self.email = self.format_from_scheme("email", self.config["scheme"]["email"], maildomain=maildomain).lower() KeyError: 'email' InitialisationError: InitialisationError("Error in configuration file '/usr/share/ucs-school-import/configs/user_import_defaults.json': Expecting property name: line 19 column 1 (char 365).",) Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/ucsschool/importer/frontend/cmdline.py", line 106, in main self.setup_config() File "/usr/lib/pymodules/python2.7/ucsschool/importer/frontend/cmdline.py", line 72, in setup_config self.config = setup_configuration(configs, **self.args.settings) File "/usr/lib/pymodules/python2.7/ucsschool/importer/configuration.py", line 42, in setup_configuration config = Configuration(conffiles) File "/usr/lib/pymodules/python2.7/ucsschool/importer/configuration.py", line 135, in __new__ cls._instance = cls.__SingleConf(filename) File "/usr/lib/pymodules/python2.7/ucsschool/importer/configuration.py", line 126, in __init__ raise InitialisationError("Error in configuration file '{}': {}.".format(filename, ve)) InitialisationError: Error in configuration file '/usr/share/ucs-school-import/configs/user_import_defaults.json': Expecting property name: line 19 column 1 (char 365).
I could set an empty email by defining the scheme: "email": "<description>" and leave description empty. but the warning did not appear.
(In reply to Florian Best from comment #6) > InitialisationError: InitialisationError("Error in configuration file > '/usr/share/ucs-school-import/configs/user_import_defaults.json': Expecting > property name: line 19 column 1 (char 365).",) This second traceback can be ignored because it was a typo in the config file.
(In reply to Florian Best from comment #6) > 1. the property names are hardcoded and not complete. It's better to use the > full list of all model-attributes: > set(x.udm_name for x in self._attributes.values()) fixed in r72901. > 2. Wrong: the UDM property is "e-mail" and not "email" fixed in r72901. > 4. The warning about email is unreachable code because the scheme requires > email and the check applies only if no email is set which is impossible then * It can be set by a pyhook. * make_email() did not necessary run, when calling create() or modify(), so email can be unset, but udm_property["e-mail"] can be set. (In reply to Florian Best from comment #7) > I could set an empty email by defining the scheme: > "email": "<description>" > and leave description empty. > > but the warning did not appear. That did set the User.email attribute directly (not through User.udm_properties) so all is fine.
r72902: partial revert of r72901 (14.0.16-26): * do not interpret "mailPrimaryAddress", "recordUID" and "username" from self.config["scheme"], as they are used separately in make_*() * keep udm_obj.info.update() for now, will be fixed in separate Bug #42513
OK: YAML OK: last two commits The email warning is btw only shown in the logfiles as warning. not via --set verbose=false.
UCS@school 4.1 R2 v5 has been released. http://docs.software-univention.de/changelog-ucsschool-4.1R2v5-de.html If this error occurs again, please clone this bug.