fix hbac rule search for non-admin users

hbacrule has it default attributes (which are used in search) attribute 'memberhostgroup'. This attr is not in ACI nor in schema. If the search contains an attribute which can't be read then the search won't return anything. Therefore all searches with filter set fail. https://fedorahosted.org/freeipa/ticket/5130 Reviewed-By: Martin Basti <mbasti@redhat.com>
author: Petr Vobornik <pvoborni@redhat.com> 2015-07-14 18:04:33 +0200
committer: Petr Vobornik <pvoborni@redhat.com> 2015-07-16 15:37:24 +0200
commit: 6ead80d9ba6b775a6df3ba76b4d717050311b762 (patch)
tree: 0e30699e04ceee6dd62f9e7655e9d2e400caaf96 /ipalib
parent: f5fa38399277ab16fa32832f53580651ad4a4026 (diff)
download: freeipa-6ead80d9ba6b775a6df3ba76b4d717050311b762.tar.gz
freeipa-6ead80d9ba6b775a6df3ba76b4d717050311b762.tar.xz
freeipa-6ead80d9ba6b775a6df3ba76b4d717050311b762.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py
index 34bdc9bdf..82a52bd80 100644
--- a/ipalib/plugins/hbacrule.py
+++ b/ipalib/plugins/hbacrule.py
@@ -124,7 +124,7 @@ class hbacrule(LDAPObject):
         'description', 'usercategory', 'hostcategory',
         'servicecategory', 'ipaenabledflag',
         'memberuser', 'sourcehost', 'memberhost', 'memberservice',
-        'memberhostgroup', 'externalhost',
+        'externalhost',
     ]
     uuid_attribute = 'ipauniqueid'
     rdn_attribute = 'ipauniqueid'
author	Petr Vobornik <pvoborni@redhat.com>	2015-07-14 18:04:33 +0200
committer	Petr Vobornik <pvoborni@redhat.com>	2015-07-16 15:37:24 +0200
commit	6ead80d9ba6b775a6df3ba76b4d717050311b762 (patch)
tree	0e30699e04ceee6dd62f9e7655e9d2e400caaf96 /ipalib
parent	f5fa38399277ab16fa32832f53580651ad4a4026 (diff)
download	freeipa-6ead80d9ba6b775a6df3ba76b4d717050311b762.tar.gz freeipa-6ead80d9ba6b775a6df3ba76b4d717050311b762.tar.xz freeipa-6ead80d9ba6b775a6df3ba76b4d717050311b762.zip