From 4416c185de3534ed4ed55f90f8d1b1d215f918e2 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Sun, 29 Apr 2012 17:36:25 -0400
Subject: Revert "Search allowed attributes in superior objectclasses"

This reverts commit a58cbb985ec007c0ef83010b32408efb2f4784d2.

We are going to take another approach to this. Instead of erroring
out on attributes that don't seem to be allowed we are going to
eventually return a warning.
---
 ipaserver/plugins/ldap2.py                  |  3 ---
 tests/test_xmlrpc/test_permission_plugin.py | 35 -----------------------------
 2 files changed, 38 deletions(-)

diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index b65e011dd..ddef8dffc 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -413,9 +413,6 @@ class ldap2(CrudBackend, Encoder):
             obj = self.schema.get_obj(_ldap.schema.ObjectClass, oc)
             if obj is not None:
                 allowed_attributes += obj.must + obj.may
-                # look for allowed attributes in the superior objectclasses
-                if obj.sup:
-                    allowed_attributes += self.get_allowed_attributes(obj.sup,raise_on_unknown)
             elif raise_on_unknown:
                 raise errors.NotFound(reason=_('objectclass %s not found') % oc)
         return [unicode(a).lower() for a in list(set(allowed_attributes))]
diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py
index 1da9d795c..d67a427be 100644
--- a/tests/test_xmlrpc/test_permission_plugin.py
+++ b/tests/test_xmlrpc/test_permission_plugin.py
@@ -702,41 +702,6 @@ class test_permission(Declarative):
         ),
 
 
-        dict(
-            desc='Create permission %r with attributes from superior objectclass' % permission1,
-            command=(
-                'permission_add', [permission1], dict(
-                     type=u'hostgroup',
-                     permissions=[u'add', u'delete', u'write'],
-                     attrs=[u'businessCategory', u'owner', u'description'],
-                )
-            ),
-            expected=dict(
-                value=permission1,
-                summary=u'Added permission "%s"' % permission1,
-                result=dict(
-                    dn=lambda x: DN(x) == permission1_dn,
-                    cn=[permission1],
-                    objectclass=objectclasses.permission,
-                    type=u'hostgroup',
-                    permissions=[u'add',u'delete',u'write'],
-                    attrs=[u'businesscategory',u'owner',u'description'],
-                ),
-            ),
-        ),
-
-
-        dict(
-            desc='Delete %r' % permission1,
-            command=('permission_del', [permission1], {}),
-            expected=dict(
-                result=dict(failed=u''),
-                value=permission1,
-                summary=u'Deleted permission "%s"' % permission1,
-            ),
-        ),
-
-
         dict(
             desc='Create targetgroup permission %r' % permission1,
             command=(
-- 
cgit