From c987d4d741a19c8ce88495ebcb7fc7b15e434874 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Fri, 1 Jul 2016 19:46:27 +0000 Subject: [PATCH] Refactor: [ldap] suffix should not be an instance attribute In investigating the usage of the [ldap] suffix option, I noticed that it's only used once, and there was no reason for it to become an instance attribute. This tiny refactor clarifies exactly where and how it's used. I'd further recommend that this entire configuration option be deprecated in favor of the [ldap] user_tree_dn and [ldap] group_tree_dn options. Change-Id: I7c7dacbc65aa876d85af292e916125e7fc6964b9 --- keystone/identity/backends/ldap/common.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/keystone/identity/backends/ldap/common.py b/keystone/identity/backends/ldap/common.py index 78e2b6f594..bf6bad61a6 100644 --- a/keystone/identity/backends/ldap/common.py +++ b/keystone/identity/backends/ldap/common.py @@ -1167,10 +1167,9 @@ class BaseLdap(object): self.auth_pool_conn_lifetime = conf.ldap.auth_pool_connection_lifetime if self.options_name is not None: - self.suffix = conf.ldap.suffix - dn = '%s_tree_dn' % self.options_name - self.tree_dn = (getattr(conf.ldap, dn) - or '%s,%s' % (self.DEFAULT_OU, self.suffix)) + self.tree_dn = ( + getattr(conf.ldap, '%s_tree_dn' % self.options_name) + or '%s,%s' % (self.DEFAULT_OU, conf.ldap.suffix)) idatt = '%s_id_attribute' % self.options_name self.id_attr = getattr(conf.ldap, idatt) or self.DEFAULT_ID_ATTR