Change phonebook to only replace ldap attributes which have changed

RESOLVED FIXED

Status

Webtools
Phonebook
RESOLVED FIXED
2 years ago
a year ago

People

(Reporter: gene, Assigned: atoll)

Tracking

Trunk

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

2 years ago
https://github.com/mozilla/phonebook/pull/26

This PR makes phonebook only replace LDAP attributes which have changed. This simplifies the LDIF transaction and audit logs.

I've not tested this change since I don't have a QA phonebook deployment, but the few lines should be easy to read and understand and should be easy to test (if there's a test system).

The driver for this PR is that currently infosec audits changes in LDAP to detect security problems. Those audit records are filled with LDAP attribute changes from phonebook where a user goes into their phonebook entry, changes one value, and phonebook submits an LDAP transaction which changes *all* of the users attributes (most of them being change to the same value that they already have).
(Assignee)

Updated

a year ago
Assignee: nobody → rsoderberg
(Assignee)

Comment 1

a year ago
We ended up deploying pull #28 in CHG0010767, verified in dev/stage to do the right thing in LDAP.
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.