[Freeipa-devel] [PATCH] 346 permission-find no longer crashes with --targetgroup

Martin Kosek Thu, 10 Jan 2013 03:21:16 -0800

Target Group parameter was not processed correctly which caused
permission-find to always crash when this search parameter was used.
Fix the crash and create a unit test case to avoid future regression.


https://fedorahosted.org/freeipa/ticket/3335

From 461a2096c3b18331cd5fabdc8c56525b66f54c7d Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Thu, 10 Jan 2013 12:13:39 +0100
Subject: [PATCH] permission-find no longer crashes with --targetgroup

Target Group parameter was not processed correctly which caused
permission-find to always crash when this search parameter was used.
Fix the crash and create a unit test case to avoid future regression.

https://fedorahosted.org/freeipa/ticket/3335
---
 ipalib/plugins/aci.py                       |  5 +++--
 tests/test_xmlrpc/test_permission_plugin.py | 23 +++++++++++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py
index 702ae010160984636603c75872ddbdddd79bd52c..24be17458c4738b91dba60d7f05a0f544cb1af02 100644
--- a/ipalib/plugins/aci.py
+++ b/ipalib/plugins/aci.py
@@ -815,8 +815,9 @@ class aci_find(crud.Search):
                 found = False
                 if 'target' in a.target:
                     target = a.target['target']['expression']
-                    if api.env.container_group in target:
-                        targetdn = DN(target.replace('ldap:///',''))
+                    targetdn = DN(target.replace('ldap:///',''))
+                    group_container_dn = DN(api.env.container_group, api.env.basedn)
+                    if targetdn.endswith(group_container_dn):
                         try:
                             cn = targetdn[0]['cn']
                         except (IndexError, KeyError):
diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py
index 4fe1eef4766f5eb558fadd3da75a312bd9ef2771..4a81f97465739942984cc213da3c6b571310bf4f 100644
--- a/tests/test_xmlrpc/test_permission_plugin.py
+++ b/tests/test_xmlrpc/test_permission_plugin.py
@@ -698,6 +698,29 @@ class test_permission(Declarative):
 
 
         dict(
+            desc='Search using --targetgroup',
+            command=('permission_find', [], {'targetgroup': u'ipausers'}),
+            expected=dict(
+                count=1,
+                truncated=False,
+                summary=u'1 permission matched',
+                result=[
+                    {
+                        'dn': DN(('cn','Add user to default group'),
+                                 api.env.container_permission, api.env.basedn),
+                        'cn': [u'Add user to default group'],
+                        'member_privilege': [u'User Administrators'],
+                        'attrs': [u'member'],
+                        'targetgroup': u'ipausers',
+                        'memberindirect_role': [u'User Administrator'],
+                        'permissions': [u'write']
+                    }
+                ],
+            ),
+        ),
+
+
+        dict(
             desc='Delete %r' % permission1_renamed_ucase,
             command=('permission_del', [permission1_renamed_ucase], {}),
             expected=dict(
-- 
1.7.11.7

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 346 permission-find no longer crashes with --targetgroup

Reply via email to