diff options
| author | Jan Zeleny <jzeleny@redhat.com> | 2011-01-27 05:11:28 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-01-31 11:24:39 -0500 |
| commit | 6db310531583385102c4139fe46a6eec0e5e1a0a (patch) | |
| tree | 2bd27176c369a8c922b49ba19c5ee051c7f011f3 /ipalib | |
| parent | 987507efd03f946a21a6dd352855513e087f1c6e (diff) | |
| download | freeipa-6db310531583385102c4139fe46a6eec0e5e1a0a.tar.gz freeipa-6db310531583385102c4139fe46a6eec0e5e1a0a.tar.xz freeipa-6db310531583385102c4139fe46a6eec0e5e1a0a.zip | |
Fixed permission lookup
Lookup based on --filter wasn't implemented at all. It did't show until
now, because of bug sitting on top of it which was resulting in internal
error. This patch fixes the bug and adds the filtering functionality.
https://fedorahosted.org/freeipa/ticket/818
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/aci.py | 11 | ||||
| -rw-r--r-- | ipalib/plugins/baseldap.py | 12 | ||||
| -rw-r--r-- | ipalib/plugins/permission.py | 5 |
3 files changed, 16 insertions, 12 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index 648f5111f..4ddaf98ab 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -780,7 +780,16 @@ class aci_find(crud.Search): except ValueError: pass - # TODO: searching by: filter, subtree + if 'filter' in kw: + if not kw['filter'].startswith('('): + kw['filter'] = unicode('('+kw['filter']+')') + for a in acis: + if 'targetfilter' not in a.target or\ + not a.target['targetfilter']['expression'] or\ + a.target['targetfilter']['expression'] != kw['filter']: + results.remove(a) + + # TODO: searching by: subtree acis = [] for result in results: diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index b20d96012..d25deb527 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -1372,11 +1372,9 @@ class LDAPSearch(CallbackInterface, crud.Search): for callback in self.POST_CALLBACKS: if hasattr(callback, 'im_self'): - more = callback(ldap, entries, truncated, *args, **options) + callback(ldap, entries, truncated, *args, **options) else: - more = callback(self, ldap, entries, truncated, *args, **options) - if more: - entries = entries + more + callback(self, ldap, entries, truncated, *args, **options) if not options.get('raw', False): for e in entries: @@ -1392,11 +1390,11 @@ class LDAPSearch(CallbackInterface, crud.Search): truncated=truncated, ) - def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options): - return (filter, base_dn, scope) + def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options): + return (filters, base_dn, scope) def post_callback(self, ldap, entries, truncated, *args, **options): - return [] + pass def exc_callback(self, args, options, exc, call_func, *call_args, **call_kwargs): raise exc diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index d1fe2d2b3..0c76ec5a9 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -336,7 +336,6 @@ class permission_find(LDAPSearch): ) def post_callback(self, ldap, entries, truncated, *args, **options): - newentries = [] for entry in entries: (dn, attrs) = entry try: @@ -374,9 +373,7 @@ class permission_find(LDAPSearch): dn = attrs['dn'] del attrs['dn'] if (dn, attrs) not in entries: - newentries.append((dn, attrs)) - - return newentries + entries.append((dn, attrs)) api.register(permission_find) |