diff --git a/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py b/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py index 7b2bf8f426..e8c57ffa08 100644 --- a/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py +++ b/services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py @@ -1516,14 +1516,15 @@ class s4(univention.s4connector.ucs): self.__group_cache_ucs_append_member(groupDN, object_ucs['dn']) def __group_cache_ucs_append_member(self, group, member): - group_lower = group.lower() member_lower = member.lower() - ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %s to UCS group member cache of %s" % (member_lower, group_lower)) - members = self.group_members_cache_ucs.get(group_lower) - if not members: - self.group_members_cache_ucs[group_lower] = [member_lower] - else: - members.append(member_lower) + group_lower = group.lower() + group_members_lower = self.group_members_cache_ucs.get(group_lower, []) + if member_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "__group_cache_ucs_append_member: Append user %s to UCS group member cache of %s" % (member_lower, group_lower)) + if group_members_lower: + group_members_lower.append(member_lower) + else: + self.group_members_cache_ucs[group_lower] = [member_lower] def group_members_sync_from_ucs(self, key, object): # object mit s4-dn """ @@ -1728,12 +1729,17 @@ class s4(univention.s4connector.ucs): if ldap_object_ucs: self.one_group_member_sync_to_ucs(ucs_group_object, object) - if not self.group_members_cache_con.get(groupDN.lower()): - self.group_members_cache_con[groupDN.lower()] = [] dn = object['attributes'].get('distinguishedName', [None])[0] if dn: - ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to S4 group member cache of %s" % (dn.lower(), groupDN.lower())) - self.group_members_cache_con[groupDN.lower()].append(dn.lower()) + dn_lower = dn.lower() + groupDN_lower = groupDN.lower() + group_members_lower = self.group_members_cache_con.get(groupDN_lower, []) + if dn_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Append user %s to S4 group member cache of %s" % (dn_lower, groupDN_lower)) + if group_members_lower: + group_members_lower.append(dn_lower) + else: + self.group_members_cache_con[groupDN_lower] = [dn_lower] else: ud.debug(ud.LDAP, ud.INFO, "object_memberships_sync_to_ucs: Failed to append user %s to S4 group member cache of %s" % (object['dn'].lower(), groupDN.lower())) @@ -1790,20 +1796,26 @@ class s4(univention.s4connector.ucs): ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: User is already member of the group: %s modlist: %s" % (s4_group_object['dn'], ml)) # The user has been removed from the cache. He must be added in any case - ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to S4 group member cache of %s" % (object['dn'].lower(), s4_group_object['dn'].lower())) - if not self.group_members_cache_con.get(s4_group_object['dn'].lower()): - self.group_members_cache_con[s4_group_object['dn'].lower()] = [] - self.group_members_cache_con[s4_group_object['dn'].lower()].append(object['dn'].lower()) + s4_group_object_dn_lower = s4_group_object['dn'].lower() + group_members_lower = self.group_members_cache_con.get(s4_group_object_dn_lower, []) + object_dn_lower = object['dn'].lower() + if object_dn_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "one_group_member_sync_from_ucs: Append user %s to S4 group member cache of %s" % (object_dn_lower, s4_group_object_dn_lower)) + if group_members_lower: + group_members_lower.append(object_dn_lower) + else: + self.group_members_cache_con[s4_group_object_dn_lower] = [object_dn_lower] def __group_cache_con_append_member(self, group, member): - group_lower = group.lower() member_lower = member.lower() - ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to S4 group member cache of %s" % (member_lower, group_lower)) - members = self.group_members_cache_con.get(group_lower) - if not members: - self.group_members_cache_con[group_lower] = [member_lower] - else: - members.append(member_lower) + group_lower = group.lower() + group_members_lower = self.group_members_cache_con.get(group_lower, []) + if member_lower not in group_members_lower: + ud.debug(ud.LDAP, ud.INFO, "__group_cache_con_append_member: Append user %s to S4 group member cache of %s" % (member_lower, group_lower)) + if group_members_lower: + group_members_lower.append(member_lower) + else: + self.group_members_cache_con[group_lower] = [member_lower] def group_members_sync_to_ucs(self, key, object): """