From 72877dd13e070147c52c36eb9e0b0e78bed436b1 Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Wed, 3 May 2023 11:33:19 +0200 Subject: [PATCH] LdapClient.get_changes(): properly handle attributes with empty value --- mylib/ldap.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/mylib/ldap.py b/mylib/ldap.py index cee9197..122ba8d 100644 --- a/mylib/ldap.py +++ b/mylib/ldap.py @@ -782,21 +782,23 @@ class LdapClient: protected_attrs = [a.lower() for a in protected_attrs or []] protected_attrs.append("dn") # New/updated attributes - for attr in attrs: + for attr, values in attrs.items(): if protected_attrs and attr.lower() in protected_attrs: continue if attr in ldap_obj and ldap_obj[attr]: - if sorted(ldap_obj[attr]) == sorted(attrs[attr]): + if sorted(ldap_obj[attr]) == sorted(values): continue old[attr] = self.encode(ldap_obj[attr]) - new[attr] = self.encode(attrs[attr]) + elif not values: + continue + new[attr] = self.encode(values) # Deleted attributes for attr in ldap_obj: if ( (not protected_attrs or attr.lower() not in protected_attrs) and ldap_obj[attr] - and attr not in attrs + and not attrs.get(attr) ): old[attr] = self.encode(ldap_obj[attr]) if old == new: