[CalendarServer-changes] [9481] CalendarServer/trunk/twistedcaldav/directory
source_changes at macosforge.org
source_changes at macosforge.org
Mon Jul 23 13:44:44 PDT 2012
Revision: 9481
http://trac.macosforge.org/projects/calendarserver/changeset/9481
Author: sagen at apple.com
Date: 2012-07-23 13:44:44 -0700 (Mon, 23 Jul 2012)
Log Message:
-----------
Fix for bogus LDAP filter creation when there is no LDAP attribute mapping for emailAddresses
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2012-07-23 18:51:42 UTC (rev 9480)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2012-07-23 20:44:44 UTC (rev 9481)
@@ -851,7 +851,7 @@
return record
- def queryDirectory(self, recordTypes, indexType, indexKey):
+ def queryDirectory(self, recordTypes, indexType, indexKey, queryMethod=None):
"""
Queries the LDAP directory for the record which has an attribute value
matching the indexType and indexKey parameters.
@@ -864,6 +864,10 @@
Nothing is returned -- the resulting record (if any) is placed in
the cache.
"""
+
+ if queryMethod is None:
+ queryMethod = self.timedSearch
+
self.log_debug("LDAP query for types %s, indexType %s and indexKey %s"
% (recordTypes, indexType, indexKey))
@@ -907,11 +911,19 @@
# emailAddresses can map to multiple LDAP fields
ldapFields = self.rdnSchema[recordType]["mapping"]["emailAddresses"]
if isinstance(ldapFields, str):
- subfilter = "(%s=%s)" % (ldapFields, ldapEsc(email))
+ if ldapFields:
+ subfilter = "(%s=%s)" % (ldapFields, ldapEsc(email))
+ else:
+ continue # No LDAP attribute assigned for emailAddresses
+
else:
subfilter = []
for ldapField in ldapFields:
- subfilter.append("(%s=%s)" % (ldapField, ldapEsc(email)))
+ if ldapField:
+ subfilter.append("(%s=%s)" % (ldapField, ldapEsc(email)))
+ if not subfilter:
+ continue # No LDAP attribute assigned for emailAddresses
+
subfilter = "(|%s)" % ("".join(subfilter))
filterstr = "(&%s%s)" % (filterstr, subfilter)
@@ -921,7 +933,7 @@
# Query the LDAP server
self.log_debug("Retrieving ldap record with base %s and filter %s." %
(ldap.dn.dn2str(base), filterstr))
- result = self.timedSearch(ldap.dn.dn2str(base),
+ result = queryMethod(ldap.dn.dn2str(base),
ldap.SCOPE_SUBTREE, filterstr=filterstr, attrlist=self.attrlist)
if result:
Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2012-07-23 18:51:42 UTC (rev 9480)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2012-07-23 20:44:44 UTC (rev 9481)
@@ -438,7 +438,7 @@
"mapping": { # maps internal record names to LDAP
"recordName": "cn",
"fullName" : "cn",
- "emailAddresses" : ["mail", "emailAliases"],
+ "emailAddresses" : "", # old style, single string
"firstName" : "givenName",
"lastName" : "sn",
},
@@ -453,7 +453,7 @@
"mapping": { # maps internal record names to LDAP
"recordName": "cn",
"fullName" : "cn",
- "emailAddresses" : ["mail", "emailAliases"],
+ "emailAddresses" : [], # new style, array
"firstName" : "givenName",
"lastName" : "sn",
},
@@ -823,3 +823,32 @@
"uid=foo,cn=us ers,dc=exa mple,dc=com"),
):
self.assertEquals(expected, normalizeDNstr(input))
+
+ def test_queryDirectory(self):
+ """
+ Verify queryDirectory skips LDAP queries where there has been no
+ LDAP attribute mapping provided for the given index type.
+ """
+
+ self.history = []
+
+ def stubSearchMethod(base, scope, filterstr="(objectClass=*)",
+ attrlist=None, timeoutSeconds=-1, resultLimit=0):
+ self.history.append((base, scope, filterstr))
+
+ recordTypes = [
+ self.service.recordType_users,
+ self.service.recordType_groups,
+ self.service.recordType_locations,
+ self.service.recordType_resources,
+ ]
+ self.service.queryDirectory(
+ recordTypes,
+ self.service.INDEX_TYPE_CUA,
+ "mailto:test at example.com",
+ queryMethod=stubSearchMethod
+ )
+ self.assertEquals(
+ self.history,
+ [('cn=users,dc=example,dc=com', 2, '(&(!(objectClass=organizationalUnit))(|(mail=test at example.com)(emailAliases=test at example.com)))'), ('cn=groups,dc=example,dc=com', 2, '(&(!(objectClass=organizationalUnit))(|(mail=test at example.com)(emailAliases=test at example.com)))')]
+ )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20120723/6cf6606f/attachment.html>
More information about the calendarserver-changes
mailing list