[Freeipa-devel] [PATCH] 0004 User life cycle: support of MODRDN to a new superior
thierry bordaz
tbordaz at redhat.com
Thu Apr 9 10:42:43 UTC 2015
On 04/08/2015 03:33 PM, Jan Cholasta wrote:
> Dne 8.4.2015 v 15:00 thierry bordaz napsal(a):
>> On 04/08/2015 08:34 AM, Jan Cholasta wrote:
>>> Hi,
>>>
>>> Dne 1.4.2015 v 17:40 thierry bordaz napsal(a):
>>>> Hello,
>>>>
>>>> In user life cycle, Active entries are moved to Delete
>>>> container and
>>>> Delete entries can be moved back to Staging container.
>>>> This requires a LDAP modrdn with new superior that is not
>>>> supported
>>>> in ldap2.
>>>
>>> Since update_entry_rdn() is used only in one spot in baseldap, I think
>>> we can merge it and move_entry_newsuperior() into a single method
>>> move_entry():
>>>
>>> def move_entry(self, dn, new_dn, del_old=True):
>>>
>>> We can easily detect whether the superior needs to be updated by
>>> comparing dn[1:] and new_dn[1:].
>>
>> Hello Jan,
>>
>> Yes that is a good idea to merge those two methods. They both rely on
>> modrdn and a single method is enough.
>
> Well, I had something like this in mind:
>
> def move_entry(self, dn, new_dn, del_old=True):
> assert isinstance(dn, DN)
> assert isinstance(new_dn, DN)
>
> if new_dn == dn:
> raise errors.EmptyModlist()
>
> new_rdn = new_dn[0]
> if new_rdn == dn[0]:
> new_rdn = None
>
> new_superior = new_dn[1:]
> if new_superior == dn[1:]:
> new_superior = None
>
> with self.error_handler():
> self.conn.rename_s(dn, new_rdn, new_superior, int(del_old))
> time.sleep(.3) # Give memberOf plugin a chance to work
>
> so that you don't have to care if you should change the RDN or the
> superior and it just does the right thing.
>
>>
>>>
>>> Maybe we can also get rid of del_old, if it's always gonna be True in
>>> our code?
>>
>> I think it is better to get this interface as close as possible as the
>> MODRDN call, so that del_old option will be already available for future
>> usage.
>> I agree that currently del_old is always true in case of IPA but it
>> could be the default value.
>
> OK, it's not a big piece of code, so I guess we can leave it.
>
Thank for the reviews and the help. Here is a new patch.
thierry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150409/fcfc77d5/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-tbordaz-0004-3-User-life-cycle-allows-MODRDN-from-ldap2.patch
Type: text/x-patch
Size: 3660 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150409/fcfc77d5/attachment.bin>
More information about the Freeipa-devel
mailing list