[Freeipa-devel] [PATCHES] 213-224 Use old entry state in LDAP mods

Jan Cholasta jcholast at redhat.com
Fri Jan 10 11:43:00 UTC 2014 

On 20.12.2013 13:06, Petr Viktorin wrote:
> I now have a failing test in test_permission_rollback. Let's think about
> this case for a moment:
>
> The permission system has "rollback": if an ACI update fails, the entry
> is rolled back. Currently it works (for ipapermlocation changes) like this:
>
> - The old entry is retreived
> - A new entry is populated (NB, the framework's mod operation does not
> retrieve the entry it modifies; rather it builds an entirely new entry
> with *only* the data that's changed, and relies on generate_modlist
> doing MOD_REPLACE when orig data is missing).
> - update is called on the new entry
> - The ACI is updated, and this fails (e.g. with SyntaxError)
> - update is called on the *old* entry retreived in the first step. Up to
> now this had restored the entry (since existing state was looked up
> before each mod), but with these patches it raises EmptyModlist since
> the object has not changed relative to its orig data.
>
> Obviously this approach is wrong given how entry is supposed to work
> now, and I'll be happy to change it it. But it's not clear what's the
> right way to do such rollback.

I have added an optional argument to reset_modlist, which you can use to 
specify on which entry to base the modlist, see patch 214.

Updated patches attached.

-- 
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-213.2-Rename-LDAPEntry-method-commit-to-reset_modlist.patch
Type: text/x-patch
Size: 1237 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-214.2-Use-old-entry-state-in-LDAPClient.update_entry.patch
Type: text/x-patch
Size: 5896 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-215.2-Move-LDAPClient-method-get_single_value-to-IPASimple.patch
Type: text/x-patch
Size: 3089 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-216.2-Make-IPASimpleLDAPObject.get_single_value-result-ove.patch
Type: text/x-patch
Size: 1969 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-217.2-Use-LDAPClient.update_entry-for-LDAP-mods-in-ldapupd.patch
Type: text/x-patch
Size: 4389 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-218.2-Reduce-amount-of-LDAPEntry.reset_modlist-calls-in-ld.patch
Type: text/x-patch
Size: 1976 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0005.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-219.2-Add-LDAPEntry-method-generate_modlist.patch
Type: text/x-patch
Size: 5983 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0006.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-220.2-Remove-unused-LDAPClient-methods-get_syntax-and-get_.patch
Type: text/x-patch
Size: 1415 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0007.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-221.2-Remove-legacy-LDAPEntry-properties-data-and-orig_dat.patch
Type: text/x-patch
Size: 4015 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0008.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-222.2-Store-old-entry-state-in-dict-rather-than-LDAPEntry.patch
Type: text/x-patch
Size: 4731 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0009.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-223.2-Do-not-crash-on-bad-LDAP-data-when-formatting-decode.patch
Type: text/x-patch
Size: 1003 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0010.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-224.2-Use-raw-LDAP-data-in-ldapupdate.patch
Type: text/x-patch
Size: 3242 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140110/623f9c19/attachment-0011.bin>

More information about the Freeipa-devel mailing list