Use ACI class set_permissions() method to set permissions

This will ensure uniqueuess and that the ACI has the right
datatype without the caller worrying about it.

https://pagure.io/freeipa/issue/8443

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

ipaserver/plugins/aci.py

@@ -271,7 +271,7 @@ def _make_aci(ldap, current, aciname, kw):
     try:
         a = ACI(current)
         a.name = _make_aci_name(kw['aciprefix'], aciname)
-        a.permissions = kw['permissions']
+        a.set_permissions(kw['permissions'])
         if 'selfaci' in kw and kw['selfaci']:
             a.set_bindrule('userdn = "ldap:///self"')
         else: