summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins
diff options
context:
space:
mode:
authorJan Zeleny <jzeleny@redhat.com>2011-01-27 05:11:28 -0500
committerRob Crittenden <rcritten@redhat.com>2011-01-31 11:24:39 -0500
commit6db310531583385102c4139fe46a6eec0e5e1a0a (patch)
tree2bd27176c369a8c922b49ba19c5ee051c7f011f3 /ipalib/plugins
parent987507efd03f946a21a6dd352855513e087f1c6e (diff)
downloadfreeipa-6db310531583385102c4139fe46a6eec0e5e1a0a.tar.gz
freeipa-6db310531583385102c4139fe46a6eec0e5e1a0a.tar.xz
freeipa-6db310531583385102c4139fe46a6eec0e5e1a0a.zip
Fixed permission lookup
Lookup based on --filter wasn't implemented at all. It did't show until now, because of bug sitting on top of it which was resulting in internal error. This patch fixes the bug and adds the filtering functionality. https://fedorahosted.org/freeipa/ticket/818
Diffstat (limited to 'ipalib/plugins')
-rw-r--r--ipalib/plugins/aci.py11
-rw-r--r--ipalib/plugins/baseldap.py12
-rw-r--r--ipalib/plugins/permission.py5
3 files changed, 16 insertions, 12 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py
index 648f5111f..4ddaf98ab 100644
--- a/ipalib/plugins/aci.py
+++ b/ipalib/plugins/aci.py
@@ -780,7 +780,16 @@ class aci_find(crud.Search):
except ValueError:
pass
- # TODO: searching by: filter, subtree
+ if 'filter' in kw:
+ if not kw['filter'].startswith('('):
+ kw['filter'] = unicode('('+kw['filter']+')')
+ for a in acis:
+ if 'targetfilter' not in a.target or\
+ not a.target['targetfilter']['expression'] or\
+ a.target['targetfilter']['expression'] != kw['filter']:
+ results.remove(a)
+
+ # TODO: searching by: subtree
acis = []
for result in results:
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index b20d96012..d25deb527 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -1372,11 +1372,9 @@ class LDAPSearch(CallbackInterface, crud.Search):
for callback in self.POST_CALLBACKS:
if hasattr(callback, 'im_self'):
- more = callback(ldap, entries, truncated, *args, **options)
+ callback(ldap, entries, truncated, *args, **options)
else:
- more = callback(self, ldap, entries, truncated, *args, **options)
- if more:
- entries = entries + more
+ callback(self, ldap, entries, truncated, *args, **options)
if not options.get('raw', False):
for e in entries:
@@ -1392,11 +1390,11 @@ class LDAPSearch(CallbackInterface, crud.Search):
truncated=truncated,
)
- def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options):
- return (filter, base_dn, scope)
+ def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options):
+ return (filters, base_dn, scope)
def post_callback(self, ldap, entries, truncated, *args, **options):
- return []
+ pass
def exc_callback(self, args, options, exc, call_func, *call_args, **call_kwargs):
raise exc
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py
index d1fe2d2b3..0c76ec5a9 100644
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@@ -336,7 +336,6 @@ class permission_find(LDAPSearch):
)
def post_callback(self, ldap, entries, truncated, *args, **options):
- newentries = []
for entry in entries:
(dn, attrs) = entry
try:
@@ -374,9 +373,7 @@ class permission_find(LDAPSearch):
dn = attrs['dn']
del attrs['dn']
if (dn, attrs) not in entries:
- newentries.append((dn, attrs))
-
- return newentries
+ entries.append((dn, attrs))
api.register(permission_find)