Use LDAP search instead of *group_show to check for a group objectclass.

https://fedorahosted.org/freeipa/ticket/3706
author: Jan Cholasta <jcholast@redhat.com> 2013-06-25 13:08:18 +0000
committer: Alexander Bokovoy <abokovoy@redhat.com> 2013-07-11 12:39:26 +0300
commit: 55da8328674877801bcb17bbe8c9e9bec3fb9022 (patch)
tree: 6e44555fa731ad674ee8c8919784f11e5920a78f /ipalib/plugins/pwpolicy.py
parent: 100f13d95b51ab5b8a2a4b7dfb04c5f3b58015d4 (diff)
download: freeipa-55da8328674877801bcb17bbe8c9e9bec3fb9022.tar.gz
freeipa-55da8328674877801bcb17bbe8c9e9bec3fb9022.tar.xz
freeipa-55da8328674877801bcb17bbe8c9e9bec3fb9022.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py
index c92b268b5..9bbecf7cb 100644
--- a/ipalib/plugins/pwpolicy.py
+++ b/ipalib/plugins/pwpolicy.py
@@ -121,7 +121,8 @@ class cosentry_add(LDAPCreate):
     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
         assert isinstance(dn, DN)
         # check for existence of the group
-        result = self.api.Command.group_show(keys[-1], all=True)['result']
+        group_dn = self.api.Object.group.get_dn(keys[-1])
+        result = ldap.get_entry(group_dn, ['objectclass'])
         oc = map(lambda x:x.lower(),result['objectclass'])
         if 'mepmanagedentry' in oc:
             raise errors.ManagedPolicyError()
author	Jan Cholasta <jcholast@redhat.com>	2013-06-25 13:08:18 +0000
committer	Alexander Bokovoy <abokovoy@redhat.com>	2013-07-11 12:39:26 +0300
commit	55da8328674877801bcb17bbe8c9e9bec3fb9022 (patch)
tree	6e44555fa731ad674ee8c8919784f11e5920a78f /ipalib/plugins/pwpolicy.py
parent	100f13d95b51ab5b8a2a4b7dfb04c5f3b58015d4 (diff)
download	freeipa-55da8328674877801bcb17bbe8c9e9bec3fb9022.tar.gz freeipa-55da8328674877801bcb17bbe8c9e9bec3fb9022.tar.xz freeipa-55da8328674877801bcb17bbe8c9e9bec3fb9022.zip