diff options
| author | Ondrej Hamada <ohamada@redhat.com> | 2012-05-16 13:36:35 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-05-17 10:12:10 +0200 |
| commit | 677ea8cbfab8aadbd89ca479ed4453776f65fd30 (patch) | |
| tree | 8665e24b6ab8dd5959126c4dc305cc1f08062871 /ipalib/plugins/permission.py | |
| parent | 13b51f3011bfb5c5c265e08c6f207f769dbde807 (diff) | |
| download | freeipa-677ea8cbfab8aadbd89ca479ed4453776f65fd30.tar.gz freeipa-677ea8cbfab8aadbd89ca479ed4453776f65fd30.tar.xz freeipa-677ea8cbfab8aadbd89ca479ed4453776f65fd30.zip | |
permission-mod prompts for all parameters
ipa permission-mod was prompting for all parameters because they had
specified flag 'ask_update'. The flag was removed. Additionally the
exec_callback for permission-mod was updated to unify the behaviour with
other ipa commands (raise exception when no modification was specified).
https://fedorahosted.org/freeipa/ticket/2280
Diffstat (limited to 'ipalib/plugins/permission.py')
| -rw-r--r-- | ipalib/plugins/permission.py | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index ff38f852d..18fdcdddf 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -133,38 +133,38 @@ class permission(LDAPObject): doc=_('Comma-separated list of attributes'), csv=True, normalizer=lambda value: value.lower(), - flags=('ask_create', 'ask_update'), + flags=('ask_create'), ), StrEnum('type?', cli_name='type', label=_('Type'), doc=_('Type of IPA object (user, group, host, hostgroup, service, netgroup, dns)'), values=(u'user', u'group', u'host', u'service', u'hostgroup', u'netgroup', u'dnsrecord',), - flags=('ask_create', 'ask_update'), + flags=('ask_create'), ), Str('memberof?', cli_name='memberof', label=_('Member of group'), # FIXME: Does this label make sense? doc=_('Target members of a group'), - flags=('ask_create', 'ask_update'), + flags=('ask_create'), ), Str('filter?', cli_name='filter', label=_('Filter'), doc=_('Legal LDAP filter (e.g. ou=Engineering)'), - flags=('ask_create', 'ask_update'), + flags=('ask_create'), ), Str('subtree?', cli_name='subtree', label=_('Subtree'), doc=_('Subtree to apply permissions to'), - flags=('ask_create', 'ask_update'), + flags=('ask_create'), ), Str('targetgroup?', cli_name='targetgroup', label=_('Target group'), doc=_('User group to apply permissions to'), - flags=('ask_create', 'ask_update'), + flags=('ask_create'), ), ) @@ -314,14 +314,7 @@ class permission_mod(LDAPUpdate): if call_func.func_name == 'update_entry': if isinstance(exc, errors.EmptyModlist): aciupdate = getattr(context, 'aciupdate') - opts = copy.copy(options) - # Clear the aci attributes out of the permission entry - for o in self.obj.aci_attributes + ['all', 'raw', 'rights']: - try: - del opts[o] - except: - pass - if len(opts) == 0 or aciupdate: + if aciupdate: return raise exc |