summaryrefslogtreecommitdiffstats
path: root/makeaci
Commit message (Collapse)AuthorAgeFilesLines
* plugable: Load plugins only from modules imported by APIJan Cholasta2015-07-011-4/+2
| | | | | | | | Previously all plugin modules imported from anywhere were added to the API. https://fedorahosted.org/freeipa/ticket/3090 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* ipalib: Load ipaserver plugins when api.env.in_server is TrueJan Cholasta2015-07-011-0/+1
| | | | | | | https://fedorahosted.org/freeipa/ticket/3090 https://fedorahosted.org/freeipa/ticket/5073 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* makeaci: Use LDAPClient instead of IPASimpleLDAPObjectJan Cholasta2015-04-161-11/+2
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* makeaci: Use the DN where the ACI is stored, not the permission's DNPetr Viktorin2014-07-071-1/+1
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* Make sure member* attrs are always granted together in read permissionsPetr Viktorin2014-06-111-0/+18
| | | | | | | | | | | | | | Memberofindirect processing of an entry doesn't work if the user doesn't have rights to any one of these attributes: - member - memberuser - memberhost Add all of these to any read permission that specifies any of them. Add a check to makeaci that will enforce this for any future permissions. Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Add ACI.txtPetr Viktorin2014-06-111-0/+119
The ACI.txt file is a list all managed permissions in ACI form. Similarly to API.txt, it ensures that changes are not made lightly, since modifications must be reflected in ACI.txt and committed to Git. Add a script, makeaci, which parallels makeapi: it recreates or validates ACI.txt. Call makeaci --validate before the build, just after API.txt is validated. Reviewed-By: Martin Kosek <mkosek@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-07 19:01:28 +0000