pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 5 years ago
Clone

Blame SOURCES/0041-Migration-does-not-add-users-to-default-group.patch

9991ea
From 8b7a17d19428fa13dcd76893d758863adb9f515e Mon Sep 17 00:00:00 2001
9991ea
From: Martin Kosek <mkosek@redhat.com>
9991ea
Date: Mon, 27 Jan 2014 12:28:12 +0100
9991ea
Subject: [PATCH] Migration does not add users to default group
9991ea
9991ea
When users with missing default group were searched, IPA suffix was
9991ea
not passed so these users were searched in a wrong base DN. Thus,
9991ea
no user was detected and added to default group.
9991ea
9991ea
https://fedorahosted.org/freeipa/ticket/4141
9991ea
---
9991ea
 ipalib/plugins/migration.py | 17 ++++++++++-------
9991ea
 1 file changed, 10 insertions(+), 7 deletions(-)
9991ea
9991ea
diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py
9991ea
index 83bf40dbfa4cf2310b2501c28cf095299711331d..0ed65f7015f458aa1cf96efb0e36e28c5019cbd2 100644
9991ea
--- a/ipalib/plugins/migration.py
9991ea
+++ b/ipalib/plugins/migration.py
9991ea
@@ -286,19 +286,21 @@ def _update_default_group(ldap, pkey, config, ctx, force):
9991ea
         searchfilter = "(&(objectclass=posixAccount)(!(memberof=%s)))" % group_dn
9991ea
         try:
9991ea
             (result, truncated) = ldap.find_entries(searchfilter,
9991ea
-                [''], api.env.container_user, scope=ldap.SCOPE_SUBTREE,
9991ea
-                time_limit = -1)
9991ea
+                [''], DN(api.env.container_user, api.env.basedn),
9991ea
+                scope=ldap.SCOPE_SUBTREE, time_limit = -1)
9991ea
         except errors.NotFound:
9991ea
+            api.log.debug('All users have default group set')
9991ea
             return
9991ea
         new_members = []
9991ea
         (group_dn, group_entry_attrs) = ldap.get_entry(group_dn, ['member'])
9991ea
+        existing_members = set(group_entry_attrs.get('member', []))
9991ea
         for m in result:
9991ea
-            if m[0] not in group_entry_attrs.get('member', []):
9991ea
+            if m[0] not in existing_members:
9991ea
                 new_members.append(m[0])
9991ea
-        if len(new_members) > 0:
9991ea
-            members = group_entry_attrs.get('member', [])
9991ea
+
9991ea
+        if new_members:
9991ea
+            members = group_entry_attrs.setdefault('member', [])
9991ea
             members.extend(new_members)
9991ea
-            group_entry_attrs['member'] = members
9991ea
 
9991ea
             try:
9991ea
                 ldap.update_entry(group_dn, group_entry_attrs)
9991ea
@@ -308,7 +310,8 @@ def _update_default_group(ldap, pkey, config, ctx, force):
9991ea
         e = datetime.datetime.now()
9991ea
         d = e - s
9991ea
         mode = " (forced)" if force else ""
9991ea
-        api.log.debug('Adding %d users to group%s duration %s' % (len(new_members), mode, d))
9991ea
+        api.log.debug('Adding %d users to group%s duration %s',
9991ea
+                len(new_members), mode, d)
9991ea
 
9991ea
 # GROUP MIGRATION CALLBACKS AND VARS
9991ea
 
9991ea
-- 
9991ea
1.8.5.3
9991ea