[CalendarServer-changes] [7832] CalendarServer/trunk/twistedcaldav/directory
source_changes at macosforge.org
source_changes at macosforge.org
Mon Aug 1 10:16:20 PDT 2011
Revision: 7832
http://trac.macosforge.org/projects/calendarserver/changeset/7832
Author: sagen at apple.com
Date: 2011-08-01 10:16:18 -0700 (Mon, 01 Aug 2011)
Log Message:
-----------
If guidAttr is specified in plist, it's required to be in LDAP.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2011-07-28 19:05:19 UTC (rev 7831)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2011-08-01 17:16:18 UTC (rev 7832)
@@ -309,6 +309,8 @@
record = self._ldapResultToRecord(dn, attrs, recordType)
# self.log_debug("Got LDAP record %s" % (record,))
+ if record is None:
+ continue
if not unrestricted:
self.log_debug("%s is not enabled because it's not a member of group: %s" % (guid, self.restrictToGroup))
@@ -535,6 +537,10 @@
guidAttr = self.rdnSchema["guidAttr"]
if guidAttr:
guid = self._getUniqueLdapAttribute(attrs, guidAttr)
+ if not guid:
+ self.log_error("LDAP data missing required GUID attribute: %s" %
+ (guidAttr,))
+ return None
# Find or build email
emailAddresses = self._getMultipleLdapAttributes(attrs, self.rdnSchema[recordType]["mapping"]["emailAddresses"])
@@ -764,17 +770,19 @@
record = self._ldapResultToRecord(dn, attrs, recordType)
self.log_debug("Got LDAP record %s" % (record,))
- self.recordCacheForType(recordType).addRecord(record,
- indexType, indexKey
- )
- if not unrestricted:
- self.log_debug("%s is not enabled because it's not a member of group: %s" % (guid, self.restrictToGroup))
- record.enabledForCalendaring = False
- record.enabledForAddressBooks = False
+ if record is not None:
+ self.recordCacheForType(recordType).addRecord(record,
+ indexType, indexKey
+ )
- record.applySACLs()
+ if not unrestricted:
+ self.log_debug("%s is not enabled because it's not a member of group: %s" % (guid, self.restrictToGroup))
+ record.enabledForCalendaring = False
+ record.enabledForAddressBooks = False
+ record.applySACLs()
+
def recordsMatchingFields(self, fields, operand="or", recordType=None):
"""
Carries out the work of a principal-property-search against LDAP
@@ -810,6 +818,8 @@
continue
record = self._ldapResultToRecord(dn, attrs, recordType)
+ if record is None:
+ continue
# For non-group records, if not enabled for calendaring do
# not include in principal property search results
Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2011-07-28 19:05:19 UTC (rev 7831)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2011-08-01 17:16:18 UTC (rev 7832)
@@ -276,6 +276,18 @@
self.assertEquals(record.serverID, "test-server-id")
self.assertEquals(record.partitionID, "test-partition-id")
+ # User missing guidAttr
+
+ dn = "uid=odtestamanda,cn=users,dc=example,dc=com"
+ attrs = {
+ 'uid': ['odtestamanda'],
+ 'cn': ['Amanda Test'],
+ }
+
+ record = self.service._ldapResultToRecord(dn, attrs,
+ self.service.recordType_users)
+ self.assertEquals(record, None)
+
# Group with direct user members and nested group
dn = "cn=odtestgrouptop,cn=groups,dc=example,dc=com"
@@ -422,10 +434,21 @@
'cn': ['Betty Test']
}
),
+ (
+ "uid=odtestcarlene,cn=users,dc=example,dc=com",
+ {
+ 'uid': ['odtestcarlene'],
+ # Note: no guid here, to test this record is skipped
+ 'sn': ['Test'],
+ 'mail': ['odtestcarlene at example.com'],
+ 'givenName': ['Carlene'],
+ 'cn': ['Carlene Test']
+ }
+ ),
])
records = self.service.listRecords(self.service.recordType_users)
self.assertEquals(len(records), 2)
self.assertEquals(
set([r.firstName for r in records]),
- set(["Amanda", "Betty"])
+ set(["Amanda", "Betty"]) # Carlene is skipped because no guid in LDAP
)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20110801/05f56248/attachment.html>
More information about the calendarserver-changes
mailing list