[python-ldap] modifyModlist : are old and new values get compared somehow ?

[Benjamin Dauvergne]

Le 11/30, Michael Ströder a écrit :
> > As LDAP is a multivalued database i.e. each attribute can have multiple values, what's computed by
> > modifyModlist is a "diff": remove old values, add new values. If you want to keep some old
> > values because for example the schema forbid a value to be missing (and between the DELETE and the
> > ADD there will be a time where no value is defined) you have create your modlist yourself such as:
> 
> This is not correct or at least misleading.
> 
> 1. ldap.modlist.modifyModlist() will always MOD_ADD all new values.
> 
> 2. The LDAP server will always process the whole modification list at once and
> check schema afterwards. Note that a single LDAP write operation is always
> guaranteed to be atomic.

I agree it's atomic and my remark on this point was misleading but I remember having problems with
OpenLDAP slapo-constraint and DELETE/ADD in a single modlist, I had to use REPLACE in this case. I
don't want to make FUD but if you know you want to replace all the values, REPLACE seems to be the
best option, and at the level of the source code intentions are clearer.

-- 
Benjamin Dauvergne - Tel Entrouvert: 01 43 35 01 35 - Tel perso: 01 84 16 24 53