diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-01-10 14:21:45 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-01-11 10:23:31 -0500 |
| commit | c7789199f9541844bf8c36a85311ba957a1c1dcb (patch) | |
| tree | 2c1886530bb4465e961796f25da39bcb6bab2ee5 /ipaserver | |
| parent | 06179dc105239496a7b0e55fc4a19ce576033565 (diff) | |
| download | freeipa-c7789199f9541844bf8c36a85311ba957a1c1dcb.tar.gz freeipa-c7789199f9541844bf8c36a85311ba957a1c1dcb.tar.xz freeipa-c7789199f9541844bf8c36a85311ba957a1c1dcb.zip | |
Fix output of failed managedby hosts, allow a host to manage itself.
The output problem was a missing label for failed managedby.
This also fixes a call to print_entry that was missing the flags argument.
Add a flag to specify whether a group can be a member of itself, defaulting
to False.
ticket 708
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 77133aec2..a728199eb 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -802,8 +802,14 @@ class ldap2(CrudBackend, Encoder): except _ldap.LDAPError, e: _handle_errors(e, **{}) - def add_entry_to_group(self, dn, group_dn, member_attr='member'): - """Add entry to group.""" + def add_entry_to_group(self, dn, group_dn, member_attr='member', allow_same=False): + """ + Add entry designaed by dn to group group_dn in the member attribute + member_attr. + + Adding a group as a member of itself is not allowed unless allow_same + is True. + """ # check if the entry exists (dn, entry_attrs) = self.get_entry(dn, ['objectclass']) @@ -811,7 +817,7 @@ class ldap2(CrudBackend, Encoder): (group_dn, group_entry_attrs) = self.get_entry(group_dn, [member_attr]) # check if we're not trying to add group into itself - if dn == group_dn: + if dn == group_dn and not allow_same: raise errors.SameGroupError() # add dn to group entry's `member_attr` attribute |