permission plugin: Do not add the ipapermissionv2 for output

As with the flags, the objectclass should be returned as it is on the entry. https://fedorahosted.org/freeipa/ticket/4257 Reviewed-By: Martin Kosek <mkosek@redhat.com>
2024-12-23 07:33:27 -06:00 · 2014-03-17 15:53:06 +01:00 · 2014-03-17 15:53:06 +01:00 · 3dcad00b94
commit 3dcad00b94
parent 7872b92050
3 changed files with 6 additions and 7 deletions
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@ -624,7 +624,7 @@ class permission(baseldap.LDAPObject):
            from the ACI corresponding to ``entry``.
            If None, ``entry`` itself is filled
        :param output_only:
-            If true, the flags are not updated to V2.
+            If true, the flags & objectclass are not updated to V2.
            Used for the -find and -show commands.
        :param cached_acientry:
            Optional pre-retreived entry that contains the existing ACI.
@ -665,10 +665,9 @@ class permission(baseldap.LDAPObject):

        if not output_only:
            target_entry['ipapermissiontype'] = ['SYSTEM', 'V2']
-
-        if 'ipapermissionv2' not in entry['objectclass']:
-            target_entry['objectclass'] = list(entry['objectclass']) + [
-                u'ipapermissionv2']
+            if 'ipapermissionv2' not in entry['objectclass']:
+                target_entry['objectclass'] = list(entry['objectclass']) + [
+                    u'ipapermissionv2']

        target_entry['ipapermlocation'] = [self.api.env.basedn]

--- a/ipatests/test_xmlrpc/test_old_permission_plugin.py
+++ b/ipatests/test_xmlrpc/test_old_permission_plugin.py
@ -806,7 +806,7 @@ class test_old_permission(Declarative):
                        'dn': DN(('cn','Add user to default group'),
                                 api.env.container_permission, api.env.basedn),
                        'cn': [u'Add user to default group'],
-                        'objectclass': objectclasses.permission,
+                        'objectclass': objectclasses.system_permission,
                        'member_privilege': [u'User Administrators'],
                        'attrs': [u'member'],
                        'targetgroup': u'ipausers',
--- a/ipatests/test_xmlrpc/test_permission_plugin.py
+++ b/ipatests/test_xmlrpc/test_permission_plugin.py
@ -1163,7 +1163,7 @@ class test_permission(Declarative):
                        'dn': DN(('cn','Add user to default group'),
                                 api.env.container_permission, api.env.basedn),
                        'cn': [u'Add user to default group'],
-                        'objectclass': objectclasses.permission,
+                        'objectclass': objectclasses.system_permission,
                        'member_privilege': [u'User Administrators'],
                        'attrs': [u'member'],
                        'targetgroup': [u'ipausers'],