filter objectclass from sources, keep only known ones

2016-09-05 13:59:41 +02:00 · 2016-09-05 13:59:41 +02:00 · 9c475a9118
parent 43b76b2ab3
commit 9c475a9118
2 changed files with 15 additions and 3 deletions
--- a/src/ldaptools/ldapsync/cmd.py
+++ b/src/ldaptools/ldapsync/cmd.py
@ -66,7 +66,8 @@ Base DN of the source is remapped to another DN in the target directory''')
                        help='bind password for a source LDAP directory')
    parser.add_argument('--source-filter',
                        help='filter to apply to a source LDAP directory')
-
+    parser.add_argument('--source-objectclasses',
+                        help='keep only thoses object classes')
    parser.add_argument('--target-uri',
                        type=source_uri,
                        required=True,
@ -127,9 +128,14 @@ Base DN of the source is remapped to another DN in the target directory''')
        target_conn.sasl_interactive_bind_s("", ldap.sasl.external())
    elif options.target_bind_dn and options.target_bind_dn:
        target_conn.simple_bind_s(options.target_bind_dn, options.target_bind_password)
+    if options.source_objectclasses:
+        source_objectclasses = options.source_objectclasses.split()
+    else:
+        source_objectclasses = [v[0] for v in options.object_class_pivot]
    synchronize = Synchronize(source, options.source_base_dn,
                              target_conn, options.target_base_dn,
                              pivot_attributes=options.object_class_pivot,
+                              objectclasses=source_objectclasses,
                              attributes=attributes,
                              case_insensitive_attribute=options.case_insensitive_attribute)

--- a/src/ldaptools/synchronize.py
+++ b/src/ldaptools/synchronize.py
@ -135,6 +135,7 @@ class Synchronize(object):
        self.logger = logger or logging.getLogger(__name__)
        self.case_insensitive_attribute = map(istr, case_insensitive_attribute
                                              or self.case_insensitive_attribute or [])
+        self.objectclasses = [istr(v) for v in objectclasses or []]
        self.errors = []

    def massage_dn(self, old_dn):
@ -164,8 +165,8 @@ class Synchronize(object):
            # Check base DN exist
            self.target_conn.search_s(self.target_dn, ldap.SCOPE_BASE)
            l = self.target_conn.paged_search_ext_s(self.target_dn, ldap.SCOPE_SUBTREE,
-                                                filterstr=filterstr or self.all_filter,
-                                                attrlist=attributes)
+                                                    filterstr=filterstr or self.all_filter,
+                                                    attrlist=attributes)
            return ((dn, idict(entry)) for dn, entry in l if dn)
        except ldap.NO_SUCH_OBJECT:
            return []
@ -175,6 +176,11 @@ class Synchronize(object):
        renamed_dn = self.renamed_dn
        in_dns = []
        out_filters = []
+        # Ignore some objectclasses
+        if self.objectclasses:
+            for dn, entry in entries:
+                entry['objectclass'] = [v for v in entry['objectclass']
+                                        if istr(v) in self.objectclasses]
        # Transform input entries into filters
        for dn, entry in entries:
            objectclass, attr, value = self.get_pivot_attribute(dn, entry)