summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins
diff options
context:
space:
mode:
authorJr Aquino <jr.aquino@citrix.com>2011-02-16 08:04:03 -0800
committerEndi S. Dewata <edewata@redhat.com>2011-02-16 17:52:21 -0500
commitd781dbd04596a87b0b677a82cb9e704d26471662 (patch)
tree216ac8d283d79c1fbd7b1ece78d99d6497fb4a3d /ipalib/plugins
parente5d57d237b4f146faf2e5c27d4e9eb3359dc15b3 (diff)
downloadfreeipa-d781dbd04596a87b0b677a82cb9e704d26471662.tar.gz
freeipa-d781dbd04596a87b0b677a82cb9e704d26471662.tar.xz
freeipa-d781dbd04596a87b0b677a82cb9e704d26471662.zip
17-2 Managed netgroups should be invisible https://fedorahosted.org/freeipa/ticket/963
Diffstat (limited to 'ipalib/plugins')
-rw-r--r--ipalib/plugins/netgroup.py18
1 files changed, 18 insertions, 0 deletions
diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py
index ad045eeb1..e89d8c8db 100644
--- a/ipalib/plugins/netgroup.py
+++ b/ipalib/plugins/netgroup.py
@@ -186,6 +186,24 @@ class netgroup_find(LDAPSearch):
'%(count)d netgroup matched', '%(count)d netgroups matched'
)
+ takes_options = LDAPSearch.takes_options + (
+ Flag('private',
+ cli_name='private',
+ doc=_('search for private groups'),
+ ),
+ )
+
+ def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options):
+ # Do not display private mepManagedEntry netgroups by default
+ # If looking for private groups, we need to omit the negation search filter
+
+ if not options['private']:
+ search_kw = self.args_options_2_entry(**options)
+ search_kw['objectclass'] = ['mepManagedEntry']
+ negation = ldap.make_filter(search_kw, rules=ldap.MATCH_NONE)
+ filter = ldap.combine_filters((negation, filter), rules='&')
+ return (filter, base_dn, scope)
+
api.register(netgroup_find)