diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2014-03-13 17:27:08 +0530 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2014-03-25 14:18:13 +0100 |
| commit | c5e61c85e626da61180f84bc80e294ab0eb3757a (patch) | |
| tree | e16e32a1a66ecbc16e7d5634d7590406399e8379 /ipalib/plugins/permission.py | |
| parent | f4de4a2aa75db990c787b7a8dbc6b3bdd7e01a06 (diff) | |
| download | freeipa-c5e61c85e626da61180f84bc80e294ab0eb3757a.tar.gz freeipa-c5e61c85e626da61180f84bc80e294ab0eb3757a.tar.xz freeipa-c5e61c85e626da61180f84bc80e294ab0eb3757a.zip | |
permission plugin: Add 'top' to the list of object classes
The 'top' objectclass is added by DS if not present. On every
update the managed permission updater compared the object_class
list with the state from LDAP, saw that there's an extra 'top'
value, and tried deleting it.
Add 'top' to the list to match the entry in LDAP.
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Diffstat (limited to 'ipalib/plugins/permission.py')
| -rw-r--r-- | ipalib/plugins/permission.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index 987b9199a..e2f842810 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -167,7 +167,9 @@ class permission(baseldap.LDAPObject): container_dn = api.env.container_permission object_name = _('permission') object_name_plural = _('permissions') - object_class = ['groupofnames', 'ipapermission', 'ipapermissionv2'] + # For use the complete object_class list, including 'top', so + # the updater doesn't try to delete 'top' every time. + object_class = ['top', 'groupofnames', 'ipapermission', 'ipapermissionv2'] default_attributes = ['cn', 'member', 'memberof', 'memberindirect', 'ipapermissiontype', 'objectclass', 'ipapermdefaultattr', 'ipapermincludedattr', 'ipapermexcludedattr', |