mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Fix overlapping cn param/option issue, pass cn as aciname in find
permission-find --name wasn't working for two reasons. The first was that the cn to search on in options ended up overlapping the primary key name causing the request to fail. The second reason was aci uses aciname, not cn, as its name field. So searching on --name matched everything because it was as if you were searching on nothing. https://fedorahosted.org/freeipa/ticket/2320
This commit is contained in:
parent
472f9fc5aa
commit
95bb8d0f45
@ -387,10 +387,17 @@ class permission_find(LDAPSearch):
|
||||
del opts['raw']
|
||||
except:
|
||||
pass
|
||||
if 'cn' in options:
|
||||
# the attribute for name is difference in acis
|
||||
opts['aciname'] = options['cn']
|
||||
aciresults = self.api.Command.aci_find(*args, **opts)
|
||||
truncated = truncated or aciresults['truncated']
|
||||
results = aciresults['result']
|
||||
|
||||
if 'cn' in options:
|
||||
# there is an option/param overlap if --name is in the
|
||||
# search list, we don't need cn anymore so drop it.
|
||||
options.pop('cn')
|
||||
for aci in results:
|
||||
found = False
|
||||
if 'permission' in aci:
|
||||
|
@ -226,6 +226,38 @@ class test_permission(Declarative):
|
||||
),
|
||||
|
||||
|
||||
dict(
|
||||
desc='Search for %r using --name' % permission1,
|
||||
command=('permission_find', [], {'cn': permission1}),
|
||||
expected=dict(
|
||||
count=1,
|
||||
truncated=False,
|
||||
summary=u'1 permission matched',
|
||||
result=[
|
||||
{
|
||||
'dn': lambda x: DN(x) == permission1_dn,
|
||||
'cn': [permission1],
|
||||
'member_privilege': [privilege1],
|
||||
'type': u'user',
|
||||
'permissions': [u'write'],
|
||||
},
|
||||
],
|
||||
),
|
||||
),
|
||||
|
||||
|
||||
dict(
|
||||
desc='Search for non-existence permission using --name',
|
||||
command=('permission_find', [], {'cn': u'notfound'}),
|
||||
expected=dict(
|
||||
count=0,
|
||||
truncated=False,
|
||||
summary=u'0 permissions matched',
|
||||
result=[],
|
||||
),
|
||||
),
|
||||
|
||||
|
||||
dict(
|
||||
desc='Search for %r' % privilege1,
|
||||
command=('permission_find', [privilege1], {}),
|
||||
|
Loading…
Reference in New Issue
Block a user