mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
permission plugin: Do not add the ipapermissionv2 for output
As with the flags, the objectclass should be returned as it is on the entry. https://fedorahosted.org/freeipa/ticket/4257 Reviewed-By: Martin Kosek <mkosek@redhat.com>
This commit is contained in:
parent
7872b92050
commit
3dcad00b94
@ -624,7 +624,7 @@ class permission(baseldap.LDAPObject):
|
|||||||
from the ACI corresponding to ``entry``.
|
from the ACI corresponding to ``entry``.
|
||||||
If None, ``entry`` itself is filled
|
If None, ``entry`` itself is filled
|
||||||
:param output_only:
|
:param output_only:
|
||||||
If true, the flags are not updated to V2.
|
If true, the flags & objectclass are not updated to V2.
|
||||||
Used for the -find and -show commands.
|
Used for the -find and -show commands.
|
||||||
:param cached_acientry:
|
:param cached_acientry:
|
||||||
Optional pre-retreived entry that contains the existing ACI.
|
Optional pre-retreived entry that contains the existing ACI.
|
||||||
@ -665,10 +665,9 @@ class permission(baseldap.LDAPObject):
|
|||||||
|
|
||||||
if not output_only:
|
if not output_only:
|
||||||
target_entry['ipapermissiontype'] = ['SYSTEM', 'V2']
|
target_entry['ipapermissiontype'] = ['SYSTEM', 'V2']
|
||||||
|
if 'ipapermissionv2' not in entry['objectclass']:
|
||||||
if 'ipapermissionv2' not in entry['objectclass']:
|
target_entry['objectclass'] = list(entry['objectclass']) + [
|
||||||
target_entry['objectclass'] = list(entry['objectclass']) + [
|
u'ipapermissionv2']
|
||||||
u'ipapermissionv2']
|
|
||||||
|
|
||||||
target_entry['ipapermlocation'] = [self.api.env.basedn]
|
target_entry['ipapermlocation'] = [self.api.env.basedn]
|
||||||
|
|
||||||
|
@ -806,7 +806,7 @@ class test_old_permission(Declarative):
|
|||||||
'dn': DN(('cn','Add user to default group'),
|
'dn': DN(('cn','Add user to default group'),
|
||||||
api.env.container_permission, api.env.basedn),
|
api.env.container_permission, api.env.basedn),
|
||||||
'cn': [u'Add user to default group'],
|
'cn': [u'Add user to default group'],
|
||||||
'objectclass': objectclasses.permission,
|
'objectclass': objectclasses.system_permission,
|
||||||
'member_privilege': [u'User Administrators'],
|
'member_privilege': [u'User Administrators'],
|
||||||
'attrs': [u'member'],
|
'attrs': [u'member'],
|
||||||
'targetgroup': u'ipausers',
|
'targetgroup': u'ipausers',
|
||||||
|
@ -1163,7 +1163,7 @@ class test_permission(Declarative):
|
|||||||
'dn': DN(('cn','Add user to default group'),
|
'dn': DN(('cn','Add user to default group'),
|
||||||
api.env.container_permission, api.env.basedn),
|
api.env.container_permission, api.env.basedn),
|
||||||
'cn': [u'Add user to default group'],
|
'cn': [u'Add user to default group'],
|
||||||
'objectclass': objectclasses.permission,
|
'objectclass': objectclasses.system_permission,
|
||||||
'member_privilege': [u'User Administrators'],
|
'member_privilege': [u'User Administrators'],
|
||||||
'attrs': [u'member'],
|
'attrs': [u'member'],
|
||||||
'targetgroup': [u'ipausers'],
|
'targetgroup': [u'ipausers'],
|
||||||
|
Loading…
Reference in New Issue
Block a user