[Freeipa-devel] [PATCH] Add ldap2 method to retrieve allowed attributes for specified objectClasses.

Tue, 25 Jan 2011 07:32:22 -0800 

ldap2.get_allowed_attributes(['posixuser'])
returns a list of unicode all lower case attribute names allowed for the object class 'posixuser' 

You can enter as many object classes as you want.

Pavel

>From 044476963a96136f951ccf8232debc1b1c48513f Mon Sep 17 00:00:00 2001
From: Pavel Zuna <pz...@redhat.com>
Date: Tue, 25 Jan 2011 15:24:03 -0500
Subject: [PATCH 1/2] Add ldap2 method to retrieve allowed attributes for specified objectClasses.

ldap2.get_allowed_attribute(['posixuser'])

returns a list of unicode all lower case attribute names allowed
for the object class 'posixuser'
---
 ipaserver/plugins/ldap2.py |   20 +++++++++++++++++---
 1 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 86ea3f8..7490dfb 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -266,6 +266,16 @@ class ldap2(CrudBackend, Encoder):
         else:
             return None
 
+    def get_allowed_attributes(self, objectclasses):
+        if not self.schema:
+            return []
+        allowed_attributes = []
+        for oc in objectclasses:
+            obj = self.schema.get_obj(_ldap.schema.ObjectClass, oc)
+            if obj is not None:
+                allowed_attributes += obj.must + obj.may
+        return [unicode(a).lower() for a in list(set(allowed_attributes))]
+
     def get_single_value(self, attr):
         """
         Check the schema to see if the attribute is single-valued.
@@ -597,15 +607,19 @@ class ldap2(CrudBackend, Encoder):
         Keyword arguments:
         attrs_list - list of attributes to return, all if None (default None)
         """
-        return self.find_entries(None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit, size_limit=size_limit, normalize=normalize)[0][0]
+        return self.find_entries(
+            None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit,
+            size_limit=size_limit, normalize=normalize
+        )[0][0]
 
     config_defaults = {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]}
-    def get_ipa_config(self):
+    def get_ipa_config(self, attrs_list=None):
         """Returns the IPA configuration entry (dn, entry_attrs)."""
         cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn)
         try:
             (cdn, config_entry) = self.find_entries(
-                base_dn=cdn, scope=self.SCOPE_BASE, time_limit=2, size_limit=10
+                None, attrs_list, base_dn=cdn, scope=self.SCOPE_BASE,
+                time_limit=2, size_limit=10
             )[0][0]
         except errors.NotFound:
             config_entry = {}
-- 
1.7.1.1


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel





















					Reply via email to