Unable to rename permission object

The update was failing because of the case insensitivity of permission object DN. Unit-tests added. https://fedorahosted.org/freeipa/ticket/2571
2025-02-25 18:55:28 -06:00 · 2012-04-11 09:37:15 +02:00
parent fca43ccd47
commit 2584e9be67
2 changed files with 52 additions and 12 deletions
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@@ -335,14 +335,17 @@ class permission_mod(LDAPUpdate):
        # when renaming permission, check if the target permission does not
        # exists already. Then, make changes to underlying ACI
        if 'rename' in options:
-            try:
-                new_dn = dn.replace(keys[-1], options['rename'], 1)
-                (new_dn, attrs) = ldap.get_entry(
-                    new_dn, attrs_list, normalize=self.obj.normalize_dn
-                )
-                raise errors.DuplicateEntry()
-            except errors.NotFound:
-                pass    # permission may be renamed, continue
+            if options['rename']:
+                try:
+                    new_dn = dn.replace(keys[-1].lower(), options['rename'], 1)
+                    (new_dn, attrs) = ldap.get_entry(
+                        new_dn, attrs_list, normalize=self.obj.normalize_dn
+                    )
+                    raise errors.DuplicateEntry()
+                except errors.NotFound:
+                    pass    # permission may be renamed, continue
+            else:
+                raise errors.ValidationError(name='rename',error=_('New name can not be empty'))

        opts = copy.copy(options)
        for o in ['all', 'raw', 'rights', 'rename']: