From 03ba48cf78ad0462e0f977d7193399de4261fa58 Mon Sep 17 00:00:00 2001
From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com>
Date: Tue, 25 Oct 2022 08:11:54 +0200
Subject: [PATCH] ldap_attrs: search_s based _is_value_present (#5385) (#5422)

* search_s based _is_value_present

* Fix formatted string and ldap import

* Add changelog fragment

* Remove superfluous import ldap

* Improve fragment

* Code format {x} prefix

* Lower-case fixes

* Fix suggestions to changelog

* Break with the past and let bools be bools

* Let ldap_attrs break on invalid DN's

(cherry picked from commit 091bdc77c3513fb8e69cae5df52074add285dcdf)

Co-authored-by: Martin <github@mrvanes.com>
---
 .../fragments/5385-search_s-based-_is_value_present.yaml  | 2 ++
 plugins/modules/net_tools/ldap/ldap_attrs.py              | 8 +++++---
 2 files changed, 7 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/fragments/5385-search_s-based-_is_value_present.yaml

diff --git a/changelogs/fragments/5385-search_s-based-_is_value_present.yaml b/changelogs/fragments/5385-search_s-based-_is_value_present.yaml
new file mode 100644
index 0000000000..a3a3ba047c
--- /dev/null
+++ b/changelogs/fragments/5385-search_s-based-_is_value_present.yaml
@@ -0,0 +1,2 @@
+bugfixes:
+  - ldap_attrs - fix ordering issue by ignoring the ``{x}`` prefix on attribute values (https://github.com/ansible-collections/community.general/issues/977, https://github.com/ansible-collections/community.general/pull/5385).
diff --git a/plugins/modules/net_tools/ldap/ldap_attrs.py b/plugins/modules/net_tools/ldap/ldap_attrs.py
index c357a83087..9ac1421d3a 100644
--- a/plugins/modules/net_tools/ldap/ldap_attrs.py
+++ b/plugins/modules/net_tools/ldap/ldap_attrs.py
@@ -168,6 +168,7 @@ import traceback
 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 from ansible.module_utils.common.text.converters import to_native, to_bytes
 from ansible_collections.community.general.plugins.module_utils.ldap import LdapGeneric, gen_specs
+
 import re
 
 LDAP_IMP_ERR = None
@@ -261,9 +262,10 @@ class LdapAttrs(LdapGeneric):
     def _is_value_present(self, name, value):
         """ True if the target attribute has the given value. """
         try:
-            is_present = bool(
-                self.connection.compare_s(self.dn, name, value))
-        except ldap.NO_SUCH_ATTRIBUTE:
+            filterstr = "(%s=%s)" % (name, value.decode())
+            dns = self.connection.search_s(self.dn, ldap.SCOPE_BASE, filterstr)
+            is_present = len(dns) == 1
+        except ldap.NO_SUCH_OBJECT:
             is_present = False
 
         return is_present