diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-05-11 16:15:58 -0400 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-05-15 08:54:22 +0200 |
commit | 26ab9a504f504f59cfd3af929dbeac2ddc201ed3 (patch) | |
tree | b9bbc13e62a4e4187433131ad18e5a1cc5743a4a | |
parent | c5689e7fafc688165945e83dd4bf63dd568b3650 (diff) | |
download | freeipa-26ab9a504f504f59cfd3af929dbeac2ddc201ed3.tar.gz freeipa-26ab9a504f504f59cfd3af929dbeac2ddc201ed3.tar.xz freeipa-26ab9a504f504f59cfd3af929dbeac2ddc201ed3.zip |
Implement permission/aci find by subtree
https://fedorahosted.org/freeipa/ticket/2321
-rw-r--r-- | ipalib/plugins/aci.py | 13 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_permission_plugin.py | 41 |
2 files changed, 53 insertions, 1 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index b0be26f5c..f7c6039a9 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -836,7 +836,18 @@ class aci_find(crud.Search): a.target['targetfilter']['expression'] != kw['filter']: results.remove(a) - # TODO: searching by: subtree + if kw.get('subtree'): + for a in acis: + if 'target' in a.target: + target = a.target['target']['expression'] + else: + results.remove(a) + continue + if kw['subtree'].lower() != target.lower(): + try: + results.remove(a) + except ValueError: + pass acis = [] for result in results: diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py index 54d155aca..28db7dc2f 100644 --- a/tests/test_xmlrpc/test_permission_plugin.py +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -510,6 +510,47 @@ class test_permission(Declarative): dict( + desc='Change %r to a subtree type' % permission1_renamed_ucase, + command=( + 'permission_mod', [permission1_renamed_ucase], dict(subtree=u'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn, type=None) + ), + expected=dict( + value=permission1_renamed_ucase, + summary=u'Modified permission "%s"' % permission1_renamed_ucase, + result=dict( + dn=lambda x: DN(x) == permission1_renamed_ucase_dn, + cn=[permission1_renamed_ucase.lower()], + member_privilege=[privilege1], + subtree=u'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn, + permissions=[u'write'], + memberof=u'ipausers', + ), + ), + ), + + + dict( + desc='Search for %r using --subtree' % permission1, + command=('permission_find', [], {'subtree': 'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn}), + expected=dict( + count=1, + truncated=False, + summary=u'1 permission matched', + result=[ + { + 'dn':lambda x: DN(x) == permission1_renamed_ucase_dn, + 'cn':[permission1_renamed_ucase.lower()], + 'member_privilege':[privilege1], + 'subtree':u'ldap:///cn=*,cn=test,cn=accounts,%s' % api.env.basedn, + 'permissions':[u'write'], + 'memberof':u'ipausers', + }, + ], + ), + ), + + + dict( desc='Delete %r' % permission1_renamed_ucase, command=('permission_del', [permission1_renamed_ucase], {}), expected=dict( |