From 1b166c9e8b16a740442a913446fee9be5eda40de Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 9 Nov 2010 16:05:54 -0500 Subject: Fix returning effective rights for password policy. This also returns the rights for cospriority if the policy is for a group. ticket 449 --- ipalib/plugins/baseldap.py | 2 +- ipalib/plugins/pwpolicy.py | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'ipalib') diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index 6bf9b3b3e..d742a791e 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -151,7 +151,7 @@ def get_attributes(attrs): def get_effective_rights(ldap, dn, attrs=None): if attrs is None: - attrs = ['*', 'nsaccountlock'] + attrs = ['*', 'nsaccountlock', 'cospriority'] rights = ldap.get_effective_rights(dn, attrs) rdict = {} if 'attributelevelrights' in rights[1]: diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 7a83216f3..f1e708e71 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -401,7 +401,7 @@ class pwpolicy_show(LDAPRetrieve): """ Display information about password policy. """ - takes_options = ( + takes_options = LDAPRetrieve.takes_options + ( Str('user?', label=_('User'), doc=_('Display effective policy for a specific user'), @@ -428,6 +428,10 @@ class pwpolicy_show(LDAPRetrieve): entry_attrs['cospriority'] = cos_entry['cospriority'] except errors.NotFound: pass + if options.get('rights', False) and options.get('all', False) and \ + keys[-1] is not None: + cos_entry = self.api.Command.cosentry_show(keys[-1], rights=True, all=True)['result'] + entry_attrs['attributelevelrights']['cospriority'] = cos_entry['attributelevelrights']['cospriority'] self.obj.convert_time_for_output(entry_attrs, **options) return dn -- cgit