IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 08:51:50 -06:00
Code Issues Packages Projects Releases Wiki Activity

permission plugin: Add 'top' to the list of object classes

Browse Source 
The 'top' objectclass is added by DS if not present. On every
update the managed permission updater compared the object_class
list with the state from LDAP, saw that there's an extra 'top'
value, and tried deleting it.

Add 'top' to the list to match the entry in LDAP.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
This commit is contained in:
Petr Viktorin 2014-03-13 17:27:08 +05:30
parent f4de4a2aa7
commit c5e61c85e6
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ipalib/plugins/permission.py
View File

@ -167,7 +167,9 @@ class permission(baseldap.LDAPObject):
container_dn = api.env.container_permission
object_name = _('permission')
object_name_plural = _('permissions')
object_class = ['groupofnames', 'ipapermission', 'ipapermissionv2']
# For use the complete object_class list, including 'top', so
# the updater doesn't try to delete 'top' every time.
object_class = ['top', 'groupofnames', 'ipapermission', 'ipapermissionv2']
default_attributes = ['cn', 'member', 'memberof',
'memberindirect', 'ipapermissiontype', 'objectclass',
'ipapermdefaultattr', 'ipapermincludedattr', 'ipapermexcludedattr',