Target Group parameter was not processed correctly which caused permission-find to always crash when this search parameter was used. Fix the crash and create a unit test case to avoid future regression.
https://fedorahosted.org/freeipa/ticket/3335
From 461a2096c3b18331cd5fabdc8c56525b66f54c7d Mon Sep 17 00:00:00 2001 From: Martin Kosek <mko...@redhat.com> Date: Thu, 10 Jan 2013 12:13:39 +0100 Subject: [PATCH] permission-find no longer crashes with --targetgroup Target Group parameter was not processed correctly which caused permission-find to always crash when this search parameter was used. Fix the crash and create a unit test case to avoid future regression. https://fedorahosted.org/freeipa/ticket/3335 --- ipalib/plugins/aci.py | 5 +++-- tests/test_xmlrpc/test_permission_plugin.py | 23 +++++++++++++++++++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index 702ae010160984636603c75872ddbdddd79bd52c..24be17458c4738b91dba60d7f05a0f544cb1af02 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -815,8 +815,9 @@ class aci_find(crud.Search): found = False if 'target' in a.target: target = a.target['target']['expression'] - if api.env.container_group in target: - targetdn = DN(target.replace('ldap:///','')) + targetdn = DN(target.replace('ldap:///','')) + group_container_dn = DN(api.env.container_group, api.env.basedn) + if targetdn.endswith(group_container_dn): try: cn = targetdn[0]['cn'] except (IndexError, KeyError): diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py index 4fe1eef4766f5eb558fadd3da75a312bd9ef2771..4a81f97465739942984cc213da3c6b571310bf4f 100644 --- a/tests/test_xmlrpc/test_permission_plugin.py +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -698,6 +698,29 @@ class test_permission(Declarative): dict( + desc='Search using --targetgroup', + command=('permission_find', [], {'targetgroup': u'ipausers'}), + expected=dict( + count=1, + truncated=False, + summary=u'1 permission matched', + result=[ + { + 'dn': DN(('cn','Add user to default group'), + api.env.container_permission, api.env.basedn), + 'cn': [u'Add user to default group'], + 'member_privilege': [u'User Administrators'], + 'attrs': [u'member'], + 'targetgroup': u'ipausers', + 'memberindirect_role': [u'User Administrator'], + 'permissions': [u'write'] + } + ], + ), + ), + + + dict( desc='Delete %r' % permission1_renamed_ucase, command=('permission_del', [permission1_renamed_ucase], {}), expected=dict( -- 1.7.11.7
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel