Add Modify Realm Domains permission

The permission is required for DNS Administrators as realm domains object is updated when a master zone is added. https://fedorahosted.org/freeipa/ticket/4423 Reviewed-By: Petr Spacek <pspacek@redhat.com>
author: Martin Kosek <mkosek@redhat.com> 2014-07-04 09:32:08 +0200
committer: Petr Viktorin <pviktori@redhat.com> 2014-07-04 12:17:04 +0200
commit: ef83a0c67884274be000f3b4fcc8150e8910bcb7 (patch)
tree: d95fea530d786010ec2a2acc325c6ab568ebb4ee /ipalib/plugins/realmdomains.py
parent: 52bcf5345c9a920db513ed3fc8c2dc029661ecf2 (diff)
download: freeipa-ef83a0c67884274be000f3b4fcc8150e8910bcb7.tar.gz
freeipa-ef83a0c67884274be000f3b4fcc8150e8910bcb7.tar.xz
freeipa-ef83a0c67884274be000f3b4fcc8150e8910bcb7.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/ipalib/plugins/realmdomains.py b/ipalib/plugins/realmdomains.py
index 08d3a6a78..c53340591 100644
--- a/ipalib/plugins/realmdomains.py
+++ b/ipalib/plugins/realmdomains.py
@@ -79,6 +79,14 @@ class realmdomains(LDAPObject):
                 'objectclass', 'cn', 'associateddomain',
             },
         },
+        'System: Modify Realm Domains': {
+            'ipapermbindruletype': 'permission',
+            'ipapermright': {'write'},
+            'ipapermdefaultattr': {
+                'associatedDomain',
+            },
+            'default_privileges': {'DNS Administrators'},
+        },
     }
 
     label = _('Realm Domains')
author	Martin Kosek <mkosek@redhat.com>	2014-07-04 09:32:08 +0200
committer	Petr Viktorin <pviktori@redhat.com>	2014-07-04 12:17:04 +0200
commit	ef83a0c67884274be000f3b4fcc8150e8910bcb7 (patch)
tree	d95fea530d786010ec2a2acc325c6ab568ebb4ee /ipalib/plugins/realmdomains.py
parent	52bcf5345c9a920db513ed3fc8c2dc029661ecf2 (diff)
download	freeipa-ef83a0c67884274be000f3b4fcc8150e8910bcb7.tar.gz freeipa-ef83a0c67884274be000f3b4fcc8150e8910bcb7.tar.xz freeipa-ef83a0c67884274be000f3b4fcc8150e8910bcb7.zip