IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Do not change LDAPObject objectclass list

Browse Source 
__json__ method of LDAPObject may inadvertently append a list of possible
objectclasses to a list of basic objectclasses and thus change a behavior
of all subsequent LDAPSearch command. The command may only return objects
where all "possible" objectclasses are present and thus returning an
incomplete list.

Make sure that the LDAPObject object_class list is not modified during
the __json__ method.

https://fedorahosted.org/freeipa/ticket/2906
This commit is contained in:
Martin Kosek
2012-07-09 14:27:07 +02:00
parent 0ffb2022fe
commit 5ba8eeb970
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ipalib/plugins/baseldap.py
View File

@@ -635,7 +635,7 @@ class LDAPObject(Object):
objectclasses = config.get( objectclasses = config.get(
self.object_class_config, objectclasses self.object_class_config, objectclasses
) )
objectclasses += self.possible_objectclasses objectclasses = objectclasses + self.possible_objectclasses
# Get list of available attributes for this object for use # Get list of available attributes for this object for use
# in the ACI UI. # in the ACI UI.
attrs = self.api.Backend.ldap2.schema.attribute_types(objectclasses) attrs = self.api.Backend.ldap2.schema.attribute_types(objectclasses)