martbab's pull request #68: "netgroup: avoid extraneous LDAP search when 
retrieving primary key from DN" was opened

PR body:
"""
Fixes https://fedorahosted.org/freeipa/ticket/5855

Please note that the parent method does not correctly handle cases when the
attribute considered as primary ked is contained in multiple RDNs: 

>>> LDAPObject.get_primary_key_from_dn(
...     DN('ipauniqueid=yadda-yadda,cn=ng,cn=alt,dc=ipa,dc=test'))
u'ng'

That's why I had to completely override parent method.
"""

See the full pull-request at https://github.com/freeipa/freeipa/pull/68
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/68/head:pr68
git checkout pr68
From 37df489287887ad99ffa26a00a43b558535b2ea5 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Thu, 8 Sep 2016 16:30:33 +0200
Subject: [PATCH] netgroup: avoid extraneous LDAP search when retrieving
 primary key from DN

DNs for netgroup entries can contain either 'cn' or 'ipauniqueid' attribute in
their leaf RDN depending on their origin. Since 'cn' is the primary key, we
can return it in `get_primary_key_from_dn` right away and avoid any extraneous
LDAP search.

https://fedorahosted.org/freeipa/ticket/5855
---
 ipaserver/plugins/netgroup.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/ipaserver/plugins/netgroup.py b/ipaserver/plugins/netgroup.py
index f76a0ba..3a24a38 100644
--- a/ipaserver/plugins/netgroup.py
+++ b/ipaserver/plugins/netgroup.py
@@ -237,6 +237,22 @@ class netgroup(LDAPObject):
         external_host_param,
     )
 
+    def get_primary_key_from_dn(self, dn):
+        first_ava = dn.rdns[0][0]
+        if first_ava[0] == self.primary_key.name:
+            return unicode(first_ava[1])
+
+        try:
+            entry_attrs = self.backend.get_entry(
+                dn, [self.primary_key.name]
+            )
+            try:
+                return entry_attrs[self.primary_key.name][0]
+            except (KeyError, IndexError):
+                return ''
+        except errors.NotFound:
+            return unicode(dn)
+
 
 @register()
 class netgroup_add(LDAPCreate):
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to