Implement permission/aci find by subtree

https://fedorahosted.org/freeipa/ticket/2321
This commit is contained in:
Rob Crittenden 2012-05-11 16:15:58 -04:00 committed by Martin Kosek
parent c5689e7faf
commit 26ab9a504f
2 changed files with 53 additions and 1 deletions

View File

@ -836,7 +836,18 @@ class aci_find(crud.Search):
a.target['targetfilter']['expression'] != kw['filter']:
results.remove(a)
# TODO: searching by: subtree
if kw.get('subtree'):
for a in acis:
if 'target' in a.target:
target = a.target['target']['expression']
else:
results.remove(a)
continue
if kw['subtree'].lower() != target.lower():
try:
results.remove(a)
except ValueError:
pass
acis = []
for result in results:

View File

@ -509,6 +509,47 @@ class test_permission(Declarative):
),
dict(
desc='Change %r to a subtree type' % permission1_renamed_ucase,
command=(
'permission_mod', [permission1_renamed_ucase], dict(subtree=u'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn, type=None)
),
expected=dict(
value=permission1_renamed_ucase,
summary=u'Modified permission "%s"' % permission1_renamed_ucase,
result=dict(
dn=lambda x: DN(x) == permission1_renamed_ucase_dn,
cn=[permission1_renamed_ucase.lower()],
member_privilege=[privilege1],
subtree=u'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn,
permissions=[u'write'],
memberof=u'ipausers',
),
),
),
dict(
desc='Search for %r using --subtree' % permission1,
command=('permission_find', [], {'subtree': 'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn}),
expected=dict(
count=1,
truncated=False,
summary=u'1 permission matched',
result=[
{
'dn':lambda x: DN(x) == permission1_renamed_ucase_dn,
'cn':[permission1_renamed_ucase.lower()],
'member_privilege':[privilege1],
'subtree':u'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn,
'permissions':[u'write'],
'memberof':u'ipausers',
},
],
),
),
dict(
desc='Delete %r' % permission1_renamed_ucase,
command=('permission_del', [permission1_renamed_ucase], {}),