diff options
author | Rob Crittenden <rcritten@redhat.com> | 2008-02-27 15:14:52 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2008-02-27 15:14:52 -0500 |
commit | 999bd4fb1e4f601759b9eb7d40c27ec983c99329 (patch) | |
tree | 57e792bcca31472414f9e9e771834d53afce6769 /ipa-server/xmlrpc-server | |
parent | ad8096b51f1f8de2c05a5c53952fcb2cb5bbd116 (diff) | |
download | freeipa-999bd4fb1e4f601759b9eb7d40c27ec983c99329.tar.gz freeipa-999bd4fb1e4f601759b9eb7d40c27ec983c99329.tar.xz freeipa-999bd4fb1e4f601759b9eb7d40c27ec983c99329.zip |
In the UI we don't want to display Edit links unless someone can actually
edit things. We use the 'editors' group for this. This group itself grants
no permission other than displaying certain things in the UI.
In order to be in the editors group a user must be a member of a group that
is the source group in a delegation. The memberof plugin will do all the
hard work to be sure that a user's memberof contains cn=editors if they
are in a delegated group.
432874
Diffstat (limited to 'ipa-server/xmlrpc-server')
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index 6bd404012..d4cbb3ef4 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -1123,7 +1123,14 @@ class IPAServer: return True def get_groups_by_member (self, member_dn, sattrs, opts=None): - """Get a specific group's entry. Return as a dict of values. + """Get all of the groups an object is explicitly a member of. + + This does not include groups an entry may be a member of as a + result of recursion (being a group that is a member of another + group). In other words, this searches on 'member' and not + 'memberof'. + + Return as a dict of values. Multi-valued fields are represented as lists. """ if not member_dn: |