Don't use camel-case LDAP attributes in ACI and don't clear enrolledBy

We keep LDAP attributes lower-case elsewhere in the API we should do the same with all access controls. There were two ACIs pointing at the manage_host_keytab permission. This isn't allowed in general and we have decided separately to not clear out enrolledBy when a host is unenrolled so dropping it is the obvious thing to do. ticket 597
2025-02-25 18:55:28 -06:00 · 2010-12-17 16:57:28 -05:00
parent 7035ffe49c
commit 34534a026f
8 changed files with 34 additions and 35 deletions
--- a/tests/test_xmlrpc/test_delegation_plugin.py
+++ b/tests/test_xmlrpc/test_delegation_plugin.py
@@ -69,6 +69,8 @@ class test_delegation(Declarative):
        ),


+        # Note that we add postalCode but expect postalcode. This tests
+        # the attrs normalizer.
        dict(
            desc='Create %r' % delegation1,
            command=(
@@ -83,7 +85,7 @@ class test_delegation(Declarative):
                value=delegation1,
                summary=u'Added delegation "%s"' % delegation1,
                result=dict(
-                    attrs=[u'street', u'c', u'l', u'st', u'postalCode'],
+                    attrs=[u'street', u'c', u'l', u'st', u'postalcode'],
                    permissions=[u'write'],
                    aciname=delegation1,
                    group=u'editors',
@@ -115,7 +117,7 @@ class test_delegation(Declarative):
                value=delegation1,
                summary=None,
                result={
-                    'attrs': [u'street', u'c', u'l', u'st', u'postalCode'],
+                    'attrs': [u'street', u'c', u'l', u'st', u'postalcode'],
                    'permissions': [u'write'],
                    'aciname': delegation1,
                    'group': u'editors',
@@ -135,7 +137,7 @@ class test_delegation(Declarative):
                summary=u'1 delegation matched',
                result=[
                    {
-                    'attrs': [u'street', u'c', u'l', u'st', u'postalCode'],
+                    'attrs': [u'street', u'c', u'l', u'st', u'postalcode'],
                    'permissions': [u'write'],
                    'aciname': delegation1,
                    'group': u'editors',
@@ -156,7 +158,7 @@ class test_delegation(Declarative):
                value=delegation1,
                summary=u'Modified delegation "%s"' % delegation1,
                result=dict(
-                    attrs=[u'street', u'c', u'l', u'st', u'postalCode'],
+                    attrs=[u'street', u'c', u'l', u'st', u'postalcode'],
                    permissions=[u'read'],
                    aciname=delegation1,
                    group=u'editors',
@@ -174,7 +176,7 @@ class test_delegation(Declarative):
                value=delegation1,
                summary=None,
                result={
-                    'attrs': [u'street', u'c', u'l', u'st', u'postalCode'],
+                    'attrs': [u'street', u'c', u'l', u'st', u'postalcode'],
                    'permissions': [u'read'],
                    'aciname': delegation1,
                    'group': u'editors',
--- a/tests/test_xmlrpc/test_selfservice_plugin.py
+++ b/tests/test_xmlrpc/test_selfservice_plugin.py
@@ -68,6 +68,8 @@ class test_selfservice(Declarative):
        ),


+        # Note that we add postalCode but expect postalcode. This tests
+        # the attrs normalizer.
        dict(
            desc='Create %r' % selfservice1,
            command=(
@@ -80,7 +82,7 @@ class test_selfservice(Declarative):
                value=selfservice1,
                summary=u'Added selfservice "%s"' % selfservice1,
                result=dict(
-                    attrs=[u'street', u'c', u'l', u'st', u'postalCode'],
+                    attrs=[u'street', u'c', u'l', u'st', u'postalcode'],
                    permissions=[u'write'],
                    selfaci=True,
                    aciname=selfservice1,
@@ -108,7 +110,7 @@ class test_selfservice(Declarative):
                value=selfservice1,
                summary=None,
                result={
-                    'attrs': [u'street', u'c', u'l', u'st', u'postalCode'],
+                    'attrs': [u'street', u'c', u'l', u'st', u'postalcode'],
                    'permissions': [u'write'],
                    'selfaci': True,
                    'aciname': selfservice1,
@@ -126,7 +128,7 @@ class test_selfservice(Declarative):
                summary=u'1 selfservice matched',
                result=[
                    {
-                        'attrs': [u'street', u'c', u'l', u'st', u'postalCode'],
+                        'attrs': [u'street', u'c', u'l', u'st', u'postalcode'],
                        'permissions': [u'write'],
                        'selfaci': True,
                        'aciname': selfservice1,
@@ -145,7 +147,7 @@ class test_selfservice(Declarative):
                value=selfservice1,
                summary=u'Modified selfservice "%s"' % selfservice1,
                result=dict(
-                    attrs=[u'street', u'c', u'l', u'st', u'postalCode'],
+                    attrs=[u'street', u'c', u'l', u'st', u'postalcode'],
                    permissions=[u'read'],
                    selfaci=True,
                    aciname=selfservice1,
@@ -161,7 +163,7 @@ class test_selfservice(Declarative):
                value=selfservice1,
                summary=None,
                result={
-                        'attrs': [u'street', u'c', u'l', u'st', u'postalCode'],
+                        'attrs': [u'street', u'c', u'l', u'st', u'postalcode'],
                        'permissions': [u'read'],
                        'selfaci': True,
                        'aciname': selfservice1,