From 3dcad00b946e72733cccf279ec00b426d902c867 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Mon, 17 Mar 2014 15:53:06 +0100 Subject: [PATCH] permission plugin: Do not add the ipapermissionv2 for output As with the flags, the objectclass should be returned as it is on the entry. https://fedorahosted.org/freeipa/ticket/4257 Reviewed-By: Martin Kosek --- ipalib/plugins/permission.py | 9 ++++----- ipatests/test_xmlrpc/test_old_permission_plugin.py | 2 +- ipatests/test_xmlrpc/test_permission_plugin.py | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index cc842a68b..1697311d8 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -624,7 +624,7 @@ class permission(baseldap.LDAPObject): from the ACI corresponding to ``entry``. If None, ``entry`` itself is filled :param output_only: - If true, the flags are not updated to V2. + If true, the flags & objectclass are not updated to V2. Used for the -find and -show commands. :param cached_acientry: Optional pre-retreived entry that contains the existing ACI. @@ -665,10 +665,9 @@ class permission(baseldap.LDAPObject): if not output_only: target_entry['ipapermissiontype'] = ['SYSTEM', 'V2'] - - if 'ipapermissionv2' not in entry['objectclass']: - target_entry['objectclass'] = list(entry['objectclass']) + [ - u'ipapermissionv2'] + if 'ipapermissionv2' not in entry['objectclass']: + target_entry['objectclass'] = list(entry['objectclass']) + [ + u'ipapermissionv2'] target_entry['ipapermlocation'] = [self.api.env.basedn] diff --git a/ipatests/test_xmlrpc/test_old_permission_plugin.py b/ipatests/test_xmlrpc/test_old_permission_plugin.py index c4fa982c8..67c0a1c3f 100644 --- a/ipatests/test_xmlrpc/test_old_permission_plugin.py +++ b/ipatests/test_xmlrpc/test_old_permission_plugin.py @@ -806,7 +806,7 @@ class test_old_permission(Declarative): 'dn': DN(('cn','Add user to default group'), api.env.container_permission, api.env.basedn), 'cn': [u'Add user to default group'], - 'objectclass': objectclasses.permission, + 'objectclass': objectclasses.system_permission, 'member_privilege': [u'User Administrators'], 'attrs': [u'member'], 'targetgroup': u'ipausers', diff --git a/ipatests/test_xmlrpc/test_permission_plugin.py b/ipatests/test_xmlrpc/test_permission_plugin.py index 678f9f918..251305e80 100644 --- a/ipatests/test_xmlrpc/test_permission_plugin.py +++ b/ipatests/test_xmlrpc/test_permission_plugin.py @@ -1163,7 +1163,7 @@ class test_permission(Declarative): 'dn': DN(('cn','Add user to default group'), api.env.container_permission, api.env.basedn), 'cn': [u'Add user to default group'], - 'objectclass': objectclasses.permission, + 'objectclass': objectclasses.system_permission, 'member_privilege': [u'User Administrators'], 'attrs': [u'member'], 'targetgroup': [u'ipausers'],