diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-12-08 13:33:40 -0500 |
|---|---|---|
| committer | Adam Young <ayoung@redhat.com> | 2010-12-08 13:51:10 -0500 |
| commit | 4c09809ea87f137bb8424743de4e6d7b62bb1254 (patch) | |
| tree | 800d9c1520e0c1a5d902b939838fdafeff6d2c94 /ipalib/plugins/aci.py | |
| parent | 751ee81771aca741e6b79ddb97c0e1813d6ba047 (diff) | |
| download | freeipa-4c09809ea87f137bb8424743de4e6d7b62bb1254.tar.gz freeipa-4c09809ea87f137bb8424743de4e6d7b62bb1254.tar.xz freeipa-4c09809ea87f137bb8424743de4e6d7b62bb1254.zip | |
Add plugin for manage self-service ACIs
This is just a thin wrapper around the aci plugin, controlling what
types of ACIs can be added.
Right now only ACIs in the basedn can be managed with this plugin.
ticket 531
Diffstat (limited to 'ipalib/plugins/aci.py')
| -rw-r--r-- | ipalib/plugins/aci.py | 37 |
1 files changed, 23 insertions, 14 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index 3636dddca..d5f7d996f 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -656,21 +656,30 @@ class aci_find(crud.Search): # acis = list(results) for a in acis: - if 'target' in a.target: - target = a.target['target']['expression'] - else: - results.remove(a) - continue - found = False - for k in _type_map.keys(): - if _type_map[k] == target and 'type' in kw and kw['type'] == k: - found = True - break; - if not found: - try: + if 'type' in kw: + if 'target' in a.target: + target = a.target['target']['expression'] + else: results.remove(a) - except ValueError: - pass + continue + found = False + for k in _type_map.keys(): + if _type_map[k] == target and kw['type'] == k: + found = True + break; + if not found: + try: + results.remove(a) + except ValueError: + pass + + if 'selfaci' in kw and kw['selfaci'] == True: + for a in acis: + if a.bindrule['expression'] != u'ldap:///self': + try: + results.remove(a) + except ValueError: + pass # TODO: searching by: filter, subtree |