diff options
| author | Ondrej Hamada <ohamada@redhat.com> | 2012-04-11 09:37:15 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2012-04-11 22:29:04 -0400 |
| commit | 2584e9be673985d530447b836b38cb4ddbf8ee21 (patch) | |
| tree | a70500c0ba84397987f9e05007235bba970d355a /ipalib | |
| parent | fca43ccd474db550cd68c17a9a03fc9436128b34 (diff) | |
| download | freeipa-2584e9be673985d530447b836b38cb4ddbf8ee21.tar.gz freeipa-2584e9be673985d530447b836b38cb4ddbf8ee21.tar.xz freeipa-2584e9be673985d530447b836b38cb4ddbf8ee21.zip | |
Unable to rename permission object
The update was failing because of the case insensitivity of permission
object DN. Unit-tests added.
https://fedorahosted.org/freeipa/ticket/2571
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/permission.py | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index 9b669d9f5..92203f174 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -335,14 +335,17 @@ class permission_mod(LDAPUpdate): # when renaming permission, check if the target permission does not # exists already. Then, make changes to underlying ACI if 'rename' in options: - try: - new_dn = dn.replace(keys[-1], options['rename'], 1) - (new_dn, attrs) = ldap.get_entry( - new_dn, attrs_list, normalize=self.obj.normalize_dn - ) - raise errors.DuplicateEntry() - except errors.NotFound: - pass # permission may be renamed, continue + if options['rename']: + try: + new_dn = dn.replace(keys[-1].lower(), options['rename'], 1) + (new_dn, attrs) = ldap.get_entry( + new_dn, attrs_list, normalize=self.obj.normalize_dn + ) + raise errors.DuplicateEntry() + except errors.NotFound: + pass # permission may be renamed, continue + else: + raise errors.ValidationError(name='rename',error=_('New name can not be empty')) opts = copy.copy(options) for o in ['all', 'raw', 'rights', 'rename']: |