diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2014-09-12 09:59:52 +0200 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2014-09-12 18:22:17 +0200 |
| commit | 6ce44c4f058f07b7ebc5903644f76dcd8d56b7b4 (patch) | |
| tree | 925d14031317de92a90c47e612b4c4f57ace6212 /ipatests/test_xmlrpc/test_realmdomains_plugin.py | |
| parent | d61fb40542abb0aa66c49d987813099fda356adf (diff) | |
| download | freeipa-6ce44c4f058f07b7ebc5903644f76dcd8d56b7b4.tar.gz freeipa-6ce44c4f058f07b7ebc5903644f76dcd8d56b7b4.tar.xz freeipa-6ce44c4f058f07b7ebc5903644f76dcd8d56b7b4.zip | |
permission plugin: Auto-add operational atttributes to read permissions
The attributes entryusn, createtimestamp, and modifytimestamp
should be readable whenever thir entry is, i.e. when we allow reading
the objectclass.
Automatically add them to every read permission that includes objectclass.
https://fedorahosted.org/freeipa/ticket/4534
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Diffstat (limited to 'ipatests/test_xmlrpc/test_realmdomains_plugin.py')
| -rw-r--r-- | ipatests/test_xmlrpc/test_realmdomains_plugin.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ipatests/test_xmlrpc/test_realmdomains_plugin.py b/ipatests/test_xmlrpc/test_realmdomains_plugin.py index a2dc39b74..fc04e2ae5 100644 --- a/ipatests/test_xmlrpc/test_realmdomains_plugin.py +++ b/ipatests/test_xmlrpc/test_realmdomains_plugin.py @@ -66,7 +66,8 @@ class test_realmdomains(Declarative): objectclass=objectclasses.realmdomains, aci=[ u'(targetattr = "associateddomain || cn || ' - u'objectclass")' + u'createtimestamp || entryusn || ' + u'modifytimestamp || objectclass")' u'(targetfilter = "(objectclass=domainrelatedobject)")' u'(version 3.0;acl ' u'"permission:System: Read Realm Domains";' |