diff options
| author | Jr Aquino <jr.aquino@citrix.com> | 2011-02-16 08:04:03 -0800 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2011-02-16 17:52:21 -0500 |
| commit | d781dbd04596a87b0b677a82cb9e704d26471662 (patch) | |
| tree | 216ac8d283d79c1fbd7b1ece78d99d6497fb4a3d /ipalib/plugins | |
| parent | e5d57d237b4f146faf2e5c27d4e9eb3359dc15b3 (diff) | |
| download | freeipa-d781dbd04596a87b0b677a82cb9e704d26471662.tar.gz freeipa-d781dbd04596a87b0b677a82cb9e704d26471662.tar.xz freeipa-d781dbd04596a87b0b677a82cb9e704d26471662.zip | |
17-2 Managed netgroups should be invisible https://fedorahosted.org/freeipa/ticket/963
Diffstat (limited to 'ipalib/plugins')
| -rw-r--r-- | ipalib/plugins/netgroup.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py index ad045eeb1..e89d8c8db 100644 --- a/ipalib/plugins/netgroup.py +++ b/ipalib/plugins/netgroup.py @@ -186,6 +186,24 @@ class netgroup_find(LDAPSearch): '%(count)d netgroup matched', '%(count)d netgroups matched' ) + takes_options = LDAPSearch.takes_options + ( + Flag('private', + cli_name='private', + doc=_('search for private groups'), + ), + ) + + def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options): + # Do not display private mepManagedEntry netgroups by default + # If looking for private groups, we need to omit the negation search filter + + if not options['private']: + search_kw = self.args_options_2_entry(**options) + search_kw['objectclass'] = ['mepManagedEntry'] + negation = ldap.make_filter(search_kw, rules=ldap.MATCH_NONE) + filter = ldap.combine_filters((negation, filter), rules='&') + return (filter, base_dn, scope) + api.register(netgroup_find) |