401294da9a
Many LDAP based calls are looking up user and group entries multiple times when it is not necessary. Converting from a user or group object to a DN requires a lookup which is wasteful. Instead, we add the DN to the object and filter it off before returning it to the end user. There were also search operations being performed before issuing modify operations in an attempt to check if the entry exists. The modify operations can just be attempted and we can check for an LDAP NO_SUCH_OBJECT exception instead. This reduces the number of search operations that we need to perform. The remove_user_from_group method in the SQL identity driver did not match the other drivers with regards to the exceptions it returns when the user or group does not exist. Since new tests were added to check these exceptions, the SQL driver was modified to match the behavior of the other drivers. The LDAP version of test_attribute_update is skipped as part of this patch as it was causing failures in the live_tests. It tests Blank values in a required field which is an error in LDAP. Closes-Bug: 1230260 Co-Authored By: Nathan Kinder <nkinder@redhat.com> Change-Id: I2b740412b6ca38dafceb29c6b35556b5869b1658 |
||
---|---|---|
.. | ||
backends | ||
__init__.py | ||
controllers.py | ||
core.py | ||
routers.py |