Lookup based on --filter wasn't implemented at all. It did't show until now, because of bug sitting on top of it which was resulting in internal error. This patch fixes the bug and adds the filtering functionality.
https://fedorahosted.org/freeipa/ticket/818 -- Thank you Jan Zeleny Red Hat Software Engineer Brno, Czech Republic
From 4e5cea38d40d75dea0042701a28d235ec60c878b Mon Sep 17 00:00:00 2001 From: Jan Zeleny <jzel...@redhat.com> Date: Thu, 27 Jan 2011 05:11:28 -0500 Subject: [PATCH] Fixed permission lookup Lookup based on --filter wasn't implemented at all. It did't show until now, because of bug sitting on top of it which was resulting in internal error. This patch fixes the bug and adds the filtering functionality. https://fedorahosted.org/freeipa/ticket/818 --- ipalib/plugins/baseldap.py | 10 ++++------ ipalib/plugins/permission.py | 22 ++++++++++------------ 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index b20d96012e0dc7f91209a3623d8ad90cd023e006..6d58eb97742a29a584d97913fc26c4ccf5d4c349 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -1372,11 +1372,9 @@ class LDAPSearch(CallbackInterface, crud.Search): for callback in self.POST_CALLBACKS: if hasattr(callback, 'im_self'): - more = callback(ldap, entries, truncated, *args, **options) + callback(ldap, entries, truncated, *args, **options) else: - more = callback(self, ldap, entries, truncated, *args, **options) - if more: - entries = entries + more + callback(self, ldap, entries, truncated, *args, **options) if not options.get('raw', False): for e in entries: @@ -1392,8 +1390,8 @@ class LDAPSearch(CallbackInterface, crud.Search): truncated=truncated, ) - def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options): - return (filter, base_dn, scope) + def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options): + return (filters, base_dn, scope) def post_callback(self, ldap, entries, truncated, *args, **options): return [] diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index 0c2855ff5c181a56455bb9b180b6f22472ce8fa4..1cbdd449763d8fafee0c5bd94669f5a7bb11f3bb 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -319,33 +319,33 @@ class permission_find(LDAPSearch): ) def post_callback(self, ldap, entries, truncated, *args, **options): - newentries = [] for entry in entries: (dn, attrs) = entry try: - aci = self.api.Command.aci_show(attrs['cn'][0], aciprefix=ACI_PREFIX)['result'] - - # copy information from respective ACI to permission entry + aci = self.api.Command.aci_show(attrs['description'][0])['result'] for attr in self.obj.aci_attributes: if attr in aci: attrs[attr] = aci[attr] except errors.NotFound: - self.debug('ACI not found for %s' % attrs['cn'][0]) + self.debug('ACI not found for %s' % attrs['description'][0]) # Now find all the ACIs that match. Once we find them, add any that # aren't already in the list along with their permission info. - options['aciprefix'] = ACI_PREFIX - aciresults = self.api.Command.aci_find(*args, **options) truncated = truncated or aciresults['truncated'] results = aciresults['result'] - + if 'filter' in options and not options['filter'].startswith('('): + options['filter'] = unicode('('+options['filter']+')') for aci in results: + if 'filter' in options: + if 'filter' not in aci or not aci['filter'] or\ + aci['filter'] != options['filter']: + continue found = False if 'permission' in aci: for entry in entries: (dn, attrs) = entry - if aci['permission'] == attrs['cn'][0]: + if aci['permission'] == attrs['cn']: found = True break if not found: @@ -357,9 +357,7 @@ class permission_find(LDAPSearch): dn = attrs['dn'] del attrs['dn'] if (dn, attrs) not in entries: - newentries.append((dn, attrs)) - - return newentries + entries.append((dn, attrs)) api.register(permission_find) -- 1.7.3.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
