diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-04-20 13:26:20 -0400 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2011-04-21 08:25:53 +0200 |
commit | ccde1154215c89ac6ad0982425555be59ab1c699 (patch) | |
tree | 221d43ca92c98f3c0f282cc17fc345c36799df25 | |
parent | c31d7b9ad66248d62e9a5b3353c391b5a65237a9 (diff) | |
download | freeipa-ccde1154215c89ac6ad0982425555be59ab1c699.tar.gz freeipa-ccde1154215c89ac6ad0982425555be59ab1c699.tar.xz freeipa-ccde1154215c89ac6ad0982425555be59ab1c699.zip |
Provide attributelevelrights for the aci components in permission_show.
Since the broken-out components are just part of the aci just copy right
access rights for aci.
ticket 943
-rw-r--r-- | ipalib/plugins/permission.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index ac8b09b1d..7988b33c2 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -339,7 +339,7 @@ class permission_mod(LDAPUpdate): cn = options['rename'] # rename finished - result = self.api.Command.permission_show(cn)['result'] + result = self.api.Command.permission_show(cn, **options)['result'] for r in result: if not r.startswith('member'): entry_attrs[r] = result[r] @@ -414,6 +414,11 @@ class permission_show(LDAPRetrieve): entry_attrs[attr] = aci[attr] except errors.NotFound: self.debug('ACI not found for %s' % entry_attrs['cn'][0]) + if options.get('rights', False) and options.get('all', False): + # The ACI attributes are just broken-out components of aci so + # the rights should all match it. + for attr in self.obj.aci_attributes: + entry_attrs['attributelevelrights'][attr] = entry_attrs['attributelevelrights']['aci'] return dn api.register(permission_show) |