prevent search for RADIUS proxy servers by secret

radiusproxy-find should not allow search by proxy secret even for privileged
users so we should hide it from CLI.

https://fedorahosted.org/freeipa/ticket/6078

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Martin Babinsky 2016-07-21 09:42:01 +02:00 committed by Jan Cholasta
parent 447feb7f37
commit 66da084453

View File

@ -169,6 +169,14 @@ class radiusproxy_find(LDAPSearch):
'%(count)d RADIUS proxy server matched', '%(count)d RADIUS proxy servers matched', 0
)
def get_options(self):
for option in super(radiusproxy_find, self).get_options():
if option.name == 'ipatokenradiussecret':
option = option.clone(flags={'no_option'})
yield option
@register()
class radiusproxy_show(LDAPRetrieve):
__doc__ = _('Display information about a RADIUS proxy server.')