diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-12-16 16:11:33 +0100 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-12-17 12:29:56 +0100 |
commit | 1a9beac1bebc7d9b0207053a7eb6d775cae590d1 (patch) | |
tree | e9c9370f02c04078528b11fa02bca9e31877d286 /ipalib | |
parent | bc3f3381c6bf0b4941889b775025a60f56318551 (diff) | |
download | freeipa-1a9beac1bebc7d9b0207053a7eb6d775cae590d1.tar.gz freeipa-1a9beac1bebc7d9b0207053a7eb6d775cae590d1.tar.xz freeipa-1a9beac1bebc7d9b0207053a7eb6d775cae590d1.zip |
permission_find: Do not fail for ipasearchrecordslimit=-1
ipasearchrecordslimit can be -1, which means unlimited.
The permission_find post_callback failed in this case in legacy
permission handling.
Do not fail in this case.
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/plugins/permission.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index 345faa896..fef640c37 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -891,11 +891,12 @@ class permission_find(baseldap.LDAPSearch): for entry in legacy_entries: if entry.single_value['cn'] in nonlegacy_names: continue - if len(entries) > max_entries: + if max_entries > 0 and len(entries) > max_entries: # We've over the limit, pop the last entry and set # truncated flag # (this is easier to do than checking before adding # the entry to results) + # (max_entries <= 0 means unlimited) entries.pop() truncated = True break |