fix hbac rule search for non-admin users

hbacrule has it default attributes (which are used in search) attribute 'memberhostgroup'. This attr is not in ACI nor in schema. If the search contains an attribute which can't be read then the search won't return anything. Therefore all searches with filter set fail. https://fedorahosted.org/freeipa/ticket/5130 Reviewed-By: Martin Basti <mbasti@redhat.com>
author: Petr Vobornik <pvoborni@redhat.com> 2015-07-14 18:04:33 +0200
committer: Petr Vobornik <pvoborni@redhat.com> 2015-07-16 15:37:24 +0200
commit: 2e80645ef21ff6dbcc1645caacda02e8aac8226a (patch)
tree: 8e4d7dfd07ae92f4d1dfffe0fab9d71ac83eee3e /ipalib
parent: 26dee66d1bf05aac5af5f82862ce54585ccde7e4 (diff)
download: freeipa-2e80645ef21ff6dbcc1645caacda02e8aac8226a.tar.gz
freeipa-2e80645ef21ff6dbcc1645caacda02e8aac8226a.tar.xz
freeipa-2e80645ef21ff6dbcc1645caacda02e8aac8226a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py
index 34bdc9bdf..82a52bd80 100644
--- a/ipalib/plugins/hbacrule.py
+++ b/ipalib/plugins/hbacrule.py
@@ -124,7 +124,7 @@ class hbacrule(LDAPObject):
         'description', 'usercategory', 'hostcategory',
         'servicecategory', 'ipaenabledflag',
         'memberuser', 'sourcehost', 'memberhost', 'memberservice',
-        'memberhostgroup', 'externalhost',
+        'externalhost',
     ]
     uuid_attribute = 'ipauniqueid'
     rdn_attribute = 'ipauniqueid'
author	Petr Vobornik <pvoborni@redhat.com>	2015-07-14 18:04:33 +0200
committer	Petr Vobornik <pvoborni@redhat.com>	2015-07-16 15:37:24 +0200
commit	2e80645ef21ff6dbcc1645caacda02e8aac8226a (patch)
tree	8e4d7dfd07ae92f4d1dfffe0fab9d71ac83eee3e /ipalib
parent	26dee66d1bf05aac5af5f82862ce54585ccde7e4 (diff)
download	freeipa-2e80645ef21ff6dbcc1645caacda02e8aac8226a.tar.gz freeipa-2e80645ef21ff6dbcc1645caacda02e8aac8226a.tar.xz freeipa-2e80645ef21ff6dbcc1645caacda02e8aac8226a.zip