Hello, In user life cycle, Active entries are moved to Delete container and Delete entries can be moved back to Staging container. This requires a LDAP modrdn with new superior that is not supported in ldap2.
thanks thierry
From 7206c9dd84402c15d7a6a0a64eb404426c5385b5 Mon Sep 17 00:00:00 2001 From: "Thierry bordaz (tbordaz)" <tbor...@redhat.com> Date: Wed, 1 Apr 2015 16:42:43 +0200 Subject: [PATCH 7/7] User life cycle: allows MODRDN from ldap2 MODRDN allows to move an entry to a new superior. This function is needed from ldap2 class Reviewed By: https://fedorahosted.org/freeipa/ticket/3813 --- ipapython/ipaldap.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/ipapython/ipaldap.py b/ipapython/ipaldap.py index ce07006eb790c80fd42bd6eb611732ce9000db13..a16d0dc839c9e4720cb2b88d2e056be8a7fb9c70 100644 --- a/ipapython/ipaldap.py +++ b/ipapython/ipaldap.py @@ -581,6 +581,9 @@ class IPASimpleLDAPObject(object): dn = str(dn) assert isinstance(newrdn, (DN, RDN)) newrdn = str(newrdn) + if newsuperior: + assert isinstance(newsuperior, DN) + newsuperior = str(newsuperior) return self.conn.rename_s(dn, newrdn, newsuperior, delold) def result(self, msgid=ldap.RES_ANY, all=1, timeout=None): @@ -1610,6 +1613,29 @@ class LDAPClient(object): self.conn.rename_s(dn, new_rdn, delold=int(del_old)) time.sleep(.3) # Give memberOf plugin a chance to work + def move_entry_newsuperior(self, dn, new_rdn, new_superior=None, del_old=True): + """ + Move entry to a new superior and update entry's relative distinguished name. + + Keyword arguments: + new_superior -- superior where the entry is moved + del_old -- delete old RDN value (default True) + + :raises: + errors.NotFound if new_superior doesn't exist + errors.EmptyModlist if no new_superior and RDN is not changed + """ + assert isinstance(dn, DN) + assert isinstance(new_rdn, RDN) + if new_superior: + assert isinstance(new_superior, DN) + self.find_entries(filter=None, attrs_list=['dn'], base_dn=new_superior, scope=self.SCOPE_BASE) + with self.error_handler(): + self.conn.rename_s(dn, new_rdn, newsuperior=new_superior, delold=int(del_old)) + time.sleep(.3) # Give memberOf plugin a chance to work + else: + self.update_entry_rdn(dn, new_rdn, del_old=del_old) + def update_entry(self, entry, entry_attrs=None): """Update entry's attributes. -- 1.7.11.7
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
