Issue 7460 - MOD_REPLACE on groups/link attributes modifies overlap targets#7461
Open
droideck wants to merge 1 commit into389ds:mainfrom
Open
Issue 7460 - MOD_REPLACE on groups/link attributes modifies overlap targets#7461droideck wants to merge 1 commit into389ds:mainfrom
droideck wants to merge 1 commit into389ds:mainfrom
Conversation
…argets Description: memberof_replace_list and linked_attrs_replace_backpointers sort pre/post with slapi_attr_value_cmp_ext, which returns 0 on match and a negative value or LDAP error code on non-match — not a strict weak ordering. The merge loop's cmp > 0 branch is never taken, so overlap members are deleted and re-added on every MOD_REPLACE, bumping entryUSN. Switch both comparators to slapi_utf8casecmp on raw bv_val. For that to work, normalize DN-syntax values in str2entry_fast (which did not normalize at all — the old code sat under an unset OBSOLETE_DN_SYNTAX_CHECK) and route str2entry_dupcheck through the same helper. Skip the upgradedn path (SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT) in both, preserving raw bytes for the LMDB import. Fix a stray missing comma in the dupcheck strict-fail slapi_log_err. Drop the now-unused qsortConfig plugin global. Add Python regression tests for both memberOf and linkedAttrs cases. Fixes: 389ds#7460 Reviewed by: ?
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Hey - I've left some high level feedback:
- The
denorm()helper is duplicated in bothtest_replace_list_diff_correctnessandtest_replace_list_after_ldif_import; consider factoring this into a shared utility to avoid divergence between the two implementations. - The new memberOf/linkedAttrs tests rely on fixed
time.sleep(delay)calls after operations; polling for the expected state (e.g. memberOf presence or entryUSN change) would make these tests less timing‑sensitive and reduce flakiness on slow or loaded environments. - In
str2entry_fast/str2entry_dupcheck, failures fromvalue_dn_normalize_valueare currently ignored; consider at least logging a warning or surfacing an error in strict modes so unexpected normalization failures are more visible during debugging.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- The `denorm()` helper is duplicated in both `test_replace_list_diff_correctness` and `test_replace_list_after_ldif_import`; consider factoring this into a shared utility to avoid divergence between the two implementations.
- The new memberOf/linkedAttrs tests rely on fixed `time.sleep(delay)` calls after operations; polling for the expected state (e.g. memberOf presence or entryUSN change) would make these tests less timing‑sensitive and reduce flakiness on slow or loaded environments.
- In `str2entry_fast`/`str2entry_dupcheck`, failures from `value_dn_normalize_value` are currently ignored; consider at least logging a warning or surfacing an error in strict modes so unexpected normalization failures are more visible during debugging.Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
|
Congratulations! One of the builds has completed. 🍾 You can install the built RPMs by following these steps:
Please note that the RPMs should be used only in a testing environment. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description: memberof_replace_list and linked_attrs_replace_backpointers sort pre/post with slapi_attr_value_cmp_ext, which returns 0 on match and a negative value or LDAP error code on non-match — not a strict weak ordering. The merge loop's cmp > 0 branch is never taken, so overlap members are deleted and re-added on every MOD_REPLACE, bumping entryUSN.
Switch both comparators to slapi_utf8casecmp on raw bv_val. For that to work, normalize DN-syntax values in str2entry_fast (which did not normalize at all — the old code sat under an unset OBSOLETE_DN_SYNTAX_CHECK) and route str2entry_dupcheck through the same helper. Skip the upgradedn path (SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT) in both, preserving raw bytes for the LMDB import. Fix a stray missing comma in the dupcheck strict-fail slapi_log_err. Drop the now-unused qsortConfig plugin global.
Add Python regression tests for both memberOf and linkedAttrs cases.
Fixes: #7460
Reviewed by: ?
Summary by Sourcery
Ensure DN-valued attributes are normalized consistently so memberOf and linked attributes handle MOD_REPLACE diffs correctly without unnecessarily re-touching overlapping members.
Bug Fixes:
Enhancements:
Tests: