> On Jan 8, 2018, at 8:34 PM, Craig Russell <[email protected]> wrote:
>
>>
>> On Jan 8, 2018, at 7:32 PM, Sam Ruby <[email protected]> wrote:
>>
>> On Mon, Jan 8, 2018 at 7:07 PM, Craig Russell <[email protected]> wrote:
>>> /Users/clr/apache/git/whimsy/lib/whimsy/asf/ldap.rb:260:in `modify': Object
>>> class violation (LDAP::ResultError)
>>>
>>> And error reporting is not great. I guess more checking is needed but
>>> Object class violation is not very informative.
>>
>> Oh, and AGREED!
>>
>> LDAP sucks. You want to add zero members: Object class violation.
>> You want to add somebody who is already a member: Object class
>> violation. You want to remove somebody who is not a member: Object
>> class violation.
>>
>> That's why the action that caused the error is logged. In this case:
>>
>> LDAP_MOD_DELETE
>> {"member"=>[]}>
>> cn=pmc-chairs,ou=groups,ou=services,dc=apache,dc=org
>>
>> Here you are deleting nobody. That apparently is not allowed.
>
> Seems like there is some error checking that could be done in the ldap.rb
> code.
>
> Here is the remove code from lib/whimsy/asf/ldap.rb :
>
> # remove people from this service in LDAP
> def remove(people)
> @members = nil
> people = (Array(people) & members).map(&:dn)
It seems like the above line is supposed to guarantee that people includes only
current members.
There is a similar line of code in the add method:
people = (Array(people) - members).map(&:dn)
This line seems like it should remove current members from people before trying
to add them.
What am I missing here?
Craig
> ASF::LDAP.modify(self.dn, [ASF::Base.mod_delete('member', people)])
> ensure
> @members = nil
> end
>
> Who wrote this code?
>
> Would it be possible for this code to check before calling ASF::LDAP.modify
> that the member actually exists already?
>
> Craig
>
>> - Sam Ruby
>>
>> - Sam Ruby
>
> Craig L Russell
> Secretary, Apache Software Foundation
> [email protected] http://db.apache.org/jdo
Craig L Russell
Secretary, Apache Software Foundation
[email protected] http://db.apache.org/jdo
