fix hbac rule search for non-admin users

hbacrule has it default attributes (which are used in search) attribute 'memberhostgroup'. This attr is not in ACI nor in schema. If the search contains an attribute which can't be read then the search won't return anything. Therefore all searches with filter set fail. https://fedorahosted.org/freeipa/ticket/5130 Reviewed-By: Martin Basti <mbasti@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-07-14 18:04:33 +02:00 · 2015-07-14 18:04:33 +02:00 · 2e80645ef2
commit 2e80645ef2
parent 26dee66d1b
1 changed files with 1 additions and 1 deletions
--- a/ipalib/plugins/hbacrule.py
+++ b/ipalib/plugins/hbacrule.py
@ -124,7 +124,7 @@ class hbacrule(LDAPObject):
        'description', 'usercategory', 'hostcategory',
        'servicecategory', 'ipaenabledflag',
        'memberuser', 'sourcehost', 'memberhost', 'memberservice',
-        'memberhostgroup', 'externalhost',
+        'externalhost',
    ]
    uuid_attribute = 'ipauniqueid'
    rdn_attribute = 'ipauniqueid'