We Keep Coding

DBT dynamic config

I have a generic test and need it to be always saved under a particular name for the given table it is running on, e.g. on table report_revenue the generated generic test name will always be diff_check_report_revenue. Right now the default dbt naming behavior for generic tests is kinda messy (it sets the test name based on the test config, which is a great idea for most cases, but unfortunately not for my particular one).
According to the docs it looks like the [alias]https://docs.getdbt.com/reference/resource-configs/alias is exactly what I need. However, I also need to set the name dynamically based on the table that is tested. I know it can be set in the yml config by setting the field alias, but I hope there might be a more elegant solution.
When I try the following:
{{
config({
"severity": 'warn',
"tags": ["diff_check"],
"alias": 'diff_check_' + {{ model | replace("XXXXXXX") | trim }}
})
}}
It just doesn't work and dbt completely ignores the alias property. model is the relation on which the test is running. It's probably just my own wrong syntax, but I'm stuck and humbly asking for advice. Thanks a lot in advance!

The docs are super confusing on test config, since they group together generic tests and singular tests, and the behavior is different.
You can use a config() block inside the definition for a generic test to configure it, and some keys (e.g., severity) work fine, but alias is not one of them.
I think alias is meant for singular tests only. To give generic tests a unique identifier (only possible since v1.1), you are supposed to use the name property (not config). Docs. Does this make sense? No. Does it make it easy for you to do what you want to do? Also no.
I'll point out that the default naming convention for a generic test includes the name of the test followed by the name of the model, but assuming that isn't good enough, your only option will be to add a name property to every test, where you define the test in the properties (fka schema.yml) file. And it looks like the name property doesn't jinja-template its value (so you can't use jinja to populate the test name). So you'll have to do a lot of this:
models:
- name: my_model
tests:
- diff_check:
name: diff_check_my_model
You could fork dbt-core. The relevant code is here.

Change value of a single attribute for multiple UID's at once in LDAP

I have a list of uid's of several users present in LDAP and I need to replace the value of one attribute for all those uid's to a new value. Is there a way to accomplish this via Apache Directory Studio at once without editing each entry manually. I am very new to this and this is not my area of expertise. Also, I am aware of only Apache Directory Studio to play around with LDAP values. If someone can provide their inputs with the same, it would be great.

In Apache Directory Studio, you can right-click a connection and select "Import" then "LDIF Import". The file would look something like this
dn: cn=user1FQDN,ou=OrgUnit,o=MyOrg
changetype: modify
replace: TheAttribute
TheAttribute: NewValue
-
dn: cn=user2FQDN,ou=OrgUnit,o=MyOrg
changetype: modify
replace: TheAttribute
TheAttribute: NewValue
-
dn: cn=user3FQDN,ou=OrgUnit,o=MyOrg
changetype: modify
replace: TheAttribute
TheAttribute: NewValue
-
When I'm trying to set the same value on a lot of accounts, I'll put together a quick script to grab the list of user DNs and write the rest of the LDIF content.
Where the "dn" value is each user's fully qualified DN, TheAttribute is the name of the attribute you want to update, and NewValue is the value you want to write into TheAttribute.
Use care when using LDIF to import changes -- you can pull in a lot of changes quite quickly, but you can also screw up a lot of accounts quite quickly. You need to understand the difference between "changetype: modify" which updates an attribute (the update could be to remove the attribute, but the changetype is still modify) and "changetype: delete" which deletes the object. You'll also want to understand how modify/delete operations. Using "changetype: modify" with just "delete: TheAttribute" would delete everything in the attribute:
dn: cn=user1FQDN,ou=OrgUnit,o=MyOrg
changetype: modify
delete: TheAttribute
-
If you want to delete a single value of a multi-value attribute, you need to use:
dn: cn=user1FQDN,ou=OrgUnit,o=MyOrg
changetype: modify
delete: TheAttribute
TheAttribute: ValueToDelete
-
To specify which TheAttribute you want to delete.

Delete Sun ONE ldap account with dn encoded in base64

I have a Sun ONE ldap account the dn of which accidentally became base64-encoded after an rdn change. I have tried various ways to delete this account to no avail. I hope there are people here who know a solution and able help me out.
On the Sun ONE ldap server all attributes are encoded in ascii. The attribute used as rdn is uid. The format of uid for user accounts is FIRSTNAME.LASTNAME.
The uid of the account in question was YAZAIRA.DAZ. A utility written in unix shell was used to change the rdn of the account from YAZAIRA.DAZ to YAZAIRA.DIAZ. The utility prompts for both the old uid and the new uid, and takes care of everything else under the hood to get the rdn changed. At the time, the new uid was copied from another system and pasted at the prompt to the utility, which contained a non-ascii character: YAZAIRA.DÍAZ (notice the ' on top of I).
Therefore, under the hood, the ldif was
dn: uid=YAZAIRA.DAZ,OU=People,dc=company,dc=com
change-type: modrdn
newrdn: uid=YAZAIRA.DÍAZ
deleteoldrdn: 1
After the ldif was run, ldapsearch was not able to find the account. Luckily, after many tries, the account entry was eventually returned as one of several when uid=YAZAIRA.* was entered as search criteria. However, its dn is:
dn:: dWlkPVlBWkFJUkEuRM1BWixvdT1QZW9wbGUsZGM9Y29tcGFueSxkYz1jb20=
and all the attributes that contains the new last name are base64 encoded too.
I want to delete this account using ldapdelete with the accompanying file containing the dn. So far I have tried the following dn, but none has worked:
dWlkPVlBWkFJUkEuRM1BWixvdT1QZW9wbGUsZGM9Y29tcGFueSxkYz1jb20=
uid=YAZAIRA.DIAZ,OU=People,dc=company,dc=com
uid=YAZAIRA.DÍAZ,OU=People,dc=company,dc=com
uid=cWUFaQUlSQS5EzUFa,OU=People,dc=company,dc=com
uid=YAZAIRA.RM1BWg==,OU=People,dc=company,dc=com
uid=YAZAIRA.*,OU=People,dc=company,dc=com
Would appreciate it very much if someone knows how to specify the dn to ldapdelete. Or if there are some alternative ways to delete an account by uniquely identifying the account using attributes other than the dn. Or whatever means to get this account deleted.

Have you tried ldapdelete with the following LDIF?
dn:: dWlkPVlBWkFJUkEuRM1BWixvdT1QZW9wbGUsZGM9Y29tcGFueSxkYz1jb20=
changetype: delete
-

how to show button if there are two roles Lotus Formula script

I have a Page in Lotus, which has an action button.
This button must be not visible when user is not part of role Admin or Supervisor.
The way i did this is by adding this formula:
#IsNotMember("[Admin]"; #UserRoles) | #IsNotMember("[Supervisor]"; #UserRoles)
But it does not work..
If I have only 1, like: #IsNotMember("[Admin]"; #UserRoles) And the role Admin, then as admin I can see it.
But I also would like to have that if user is from role Supervisor and not Admin that he still can see the button.
What to do?

Knut's answer is correct. My answer shows why, and gives an approach to hide-whens that almost always makes them easier to figure out.
Notes has been using hide-when formulas forever, but people really tend to think in terms of see-when in their requirements! We know when we want to see things (when we're Supervisors or Admins in this case). And we're really bad at turning those see-when requirements into hide-when formulas because we're really bad at remembering DeMorgan's Law, which says things like: ^(P & Q) == (^P | ^Q)
So if we state the requirement this way:
Hide when the user isn't a Supervisor or an Admin
we tend to have trouble turning it into the correct formula with two #IsNotMember calls (which are implicitly logical Nots), because we forget that Ors have to turn into Ands in order to get it right. But if we think of it this way:
See when the user is an Admin or the user is an Supervisor
It's easy to see how to express it:
#IsMember("[Supervisor]"; #UserRoles) | #IsMember("[Admin]"; #UserRoles);
Or using the power of formula language lists, we can shorten that to this :
#IsMember("[Supervisor]": "[Admin]" ; #UserRoles);
To turn that into the equivalent hide-when, all you need to do is put a logical Not around it like this:
! (#IsMember("[Supervisor]": "[Admin]" ; #UserRoles));
You can do that with any see-when formula - just surround it with parenthesis and put a ! in front of it, but in the special case of a formula that just uses #IsMember, you can just change it to #IsNotMember, which brings it back to Knut's solution.

Formula
#IsNotMember("[Admin]" : "[Supervisor]"; #UserRoles)
returns #True if user has neither role "[Admin]" nor "[Supervisor]". Use this as hide-when formula for your button. Only Admins and Supervisors will see the button then.

LDAP modify replace attribute with NULL value

im suppose to try to replace some attribute value of LDAP data into NULL value, but I cant seem to get it to work using LDIF format.
I tried various format.. all seems to return me an error.
Here are those format:
dn: some..RDN
changeType: modify
replace: data
data:
or
dn: some..RDN
changeType: modify
replace: data
Can anyone advise me how to replace data attribute value to NULL.

Try this:
dn: some..RDN
changeType: modify
replace: data
-
That is; a line with just a -.

Beware that MS LDAP API (wldap32.dll) has an old bug with empty values which makes it hardly possible to wort with with empty values. AFAIK, is not fixed yet. So even if LDIF is ok, there might be a problem at API level.
What LDIF tool you use?