[Freeipa-devel] 0165-0174 LDAP code refactoring (Part 5)
Jan Cholasta
jcholast at redhat.com
Wed Feb 27 15:00:22 UTC 2013
On 31.1.2013 11:03, Petr Viktorin wrote:
> And hee is another batch of patches. This one is about converting the
> legacy IPAdmin and raw python-ldap calls to the new wrappers.
>
Patch 165:
I have noticed two things that are not really related to your work, but
here they are nonetheless:
+ if self.admin_conn.get_entries(
+ DN(api.env.container_ranges, self.suffix),
+ ldap.SCOPE_ONELEVEL,
+ "objectclass=ipaDomainIDRange"):
Is that a valid filter?
+ if self.admin_conn.get_entries("cn=accounts," + self.suffix,
+ ldap.SCOPE_SUBTREE, id_filter):
This doesn't seem right as well, why is the DN class not used here?
Patch 167:
- conn.sasl_interactive_bind_s(None, sasl_auth)
+ conn.do_sasl_gssapi_bind()
sasl_auth is unused after this change, can you please remove it as well
(and cb_info too)?
- self.sasl_interactive_bind_s, timeout, None, SASL_AUTH)
+ self.conn.sasl_interactive_bind_s, timeout, None, SASL_AUTH)
Again, this is not related to your work, but can we please rename
SASL_AUTH to SASL_GSSAPI?
Patch 173:
- res = con.search_st(str(base),
- ldap.SCOPE_SUBTREE,
- filterstr=srcfilter,
- attrlist=attrs,
- timeout=10)
+ res = con.get_entries(base, con.SCOPE_SUBTREE, srcfilter, attrs)
I assume the timeout is there for a reason, can you please keep it?
Patch 174:
- conn.modify_s(
- def_dn,
- [(ldap.MOD_REPLACE,
- 'originfilter',
- disable_attr)]
- )
+ entry['originfilter'] = [disable_attr]
I think you forgot to call update_entry here.
Honza
--
Jan Cholasta
More information about the Freeipa-devel
mailing list