summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2012-05-11 15:28:03 -0400
committerMartin Kosek <mkosek@redhat.com>2012-05-14 10:07:41 +0200
commit95bb8d0f45c3061035633c7b9c3b1609b11a158d (patch)
tree815f45e8ecc3724b87777b557fd59af0e77bc643 /ipalib
parent472f9fc5aad845afa335786599ba75603c006d31 (diff)
downloadfreeipa-95bb8d0f45c3061035633c7b9c3b1609b11a158d.tar.gz
freeipa-95bb8d0f45c3061035633c7b9c3b1609b11a158d.tar.xz
freeipa-95bb8d0f45c3061035633c7b9c3b1609b11a158d.zip
Fix overlapping cn param/option issue, pass cn as aciname in find
permission-find --name wasn't working for two reasons. The first was that the cn to search on in options ended up overlapping the primary key name causing the request to fail. The second reason was aci uses aciname, not cn, as its name field. So searching on --name matched everything because it was as if you were searching on nothing. https://fedorahosted.org/freeipa/ticket/2320
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/plugins/permission.py7
1 files changed, 7 insertions, 0 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py
index 2cf42bbc0..9bf17944c 100644
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@@ -387,10 +387,17 @@ class permission_find(LDAPSearch):
del opts['raw']
except:
pass
+ if 'cn' in options:
+ # the attribute for name is difference in acis
+ opts['aciname'] = options['cn']
aciresults = self.api.Command.aci_find(*args, **opts)
truncated = truncated or aciresults['truncated']
results = aciresults['result']
+ if 'cn' in options:
+ # there is an option/param overlap if --name is in the
+ # search list, we don't need cn anymore so drop it.
+ options.pop('cn')
for aci in results:
found = False
if 'permission' in aci:
generated by cgit (git 2.34.1) at 2024-05-02 06:00:52 +0000