From 091bdc77c3513fb8e69cae5df52074add285dcdf Mon Sep 17 00:00:00 2001
From: Martin <github@mrvanes.com>
Date: Tue, 25 Oct 2022 08:01:57 +0200
Subject: [PATCH] ldap_attrs: search_s based _is_value_present (#5385)

* search_s based _is_value_present

* Fix formatted string and ldap import

* Add changelog fragment

* Remove superfluous import ldap

* Improve fragment

* Code format {x} prefix

* Lower-case fixes

* Fix suggestions to changelog

* Break with the past and let bools be bools

* Let ldap_attrs break on invalid DN's
---
 .../fragments/5385-search_s-based-_is_value_present.yaml  | 2 ++
 plugins/modules/net_tools/ldap/ldap_attrs.py              | 8 +++++---
 2 files changed, 7 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/fragments/5385-search_s-based-_is_value_present.yaml

diff --git a/changelogs/fragments/5385-search_s-based-_is_value_present.yaml b/changelogs/fragments/5385-search_s-based-_is_value_present.yaml
new file mode 100644
index 0000000000..a3a3ba047c
--- /dev/null
+++ b/changelogs/fragments/5385-search_s-based-_is_value_present.yaml
@@ -0,0 +1,2 @@
+bugfixes:
+  - ldap_attrs - fix ordering issue by ignoring the ``{x}`` prefix on attribute values (https://github.com/ansible-collections/community.general/issues/977, https://github.com/ansible-collections/community.general/pull/5385).
diff --git a/plugins/modules/net_tools/ldap/ldap_attrs.py b/plugins/modules/net_tools/ldap/ldap_attrs.py
index df61233ab1..97275c45d5 100644
--- a/plugins/modules/net_tools/ldap/ldap_attrs.py
+++ b/plugins/modules/net_tools/ldap/ldap_attrs.py
@@ -170,6 +170,7 @@ import traceback
 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.common.text.converters import to_native, to_bytes
 from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs
+
 import re
 
 LDAP_IMP_ERR = None
@@ -263,9 +264,10 @@ class LdapAttrs(LdapGeneric):
     def _is_value_present(self, name, value):
         """ True if the target attribute has the given value. """
         try:
-            is_present = bool(
-                self.connection.compare_s(self.dn, name, value))
-        except ldap.NO_SUCH_ATTRIBUTE:
+            filterstr = "(%s=%s)" % (name, value.decode())
+            dns = self.connection.search_s(self.dn, ldap.SCOPE_BASE, filterstr)
+            is_present = len(dns) == 1
+        except ldap.NO_SUCH_OBJECT:
             is_present = False
 
         return is_present