diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2012-04-29 17:36:25 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2012-04-29 17:40:23 -0400 |
| commit | fab98c7f0d48bb2fa48483ad47f14c1871c4c193 (patch) | |
| tree | 8c1b06f6521e39109cdb7881928ba974c1bcceeb | |
| parent | 71f4b2be541863e7e462867c550e0f4fa6ba2642 (diff) | |
| download | freeipa.git-fab98c7f0d48bb2fa48483ad47f14c1871c4c193.tar.gz freeipa.git-fab98c7f0d48bb2fa48483ad47f14c1871c4c193.tar.xz freeipa.git-fab98c7f0d48bb2fa48483ad47f14c1871c4c193.zip | |
Revert "Search allowed attributes in superior objectclasses"
This reverts commit a58cbb985ec007c0ef83010b32408efb2f4784d2.
We are going to take another approach to this. Instead of erroring
out on attributes that don't seem to be allowed we are going to
eventually return a warning.
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 3 | ||||
| -rw-r--r-- | tests/test_xmlrpc/test_permission_plugin.py | 35 |
2 files changed, 0 insertions, 38 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index b65e011d..ddef8dff 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -413,9 +413,6 @@ class ldap2(CrudBackend, Encoder): obj = self.schema.get_obj(_ldap.schema.ObjectClass, oc) if obj is not None: allowed_attributes += obj.must + obj.may - # look for allowed attributes in the superior objectclasses - if obj.sup: - allowed_attributes += self.get_allowed_attributes(obj.sup,raise_on_unknown) elif raise_on_unknown: raise errors.NotFound(reason=_('objectclass %s not found') % oc) return [unicode(a).lower() for a in list(set(allowed_attributes))] diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py index 1da9d795..d67a427b 100644 --- a/tests/test_xmlrpc/test_permission_plugin.py +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -703,41 +703,6 @@ class test_permission(Declarative): dict( - desc='Create permission %r with attributes from superior objectclass' % permission1, - command=( - 'permission_add', [permission1], dict( - type=u'hostgroup', - permissions=[u'add', u'delete', u'write'], - attrs=[u'businessCategory', u'owner', u'description'], - ) - ), - expected=dict( - value=permission1, - summary=u'Added permission "%s"' % permission1, - result=dict( - dn=lambda x: DN(x) == permission1_dn, - cn=[permission1], - objectclass=objectclasses.permission, - type=u'hostgroup', - permissions=[u'add',u'delete',u'write'], - attrs=[u'businesscategory',u'owner',u'description'], - ), - ), - ), - - - dict( - desc='Delete %r' % permission1, - command=('permission_del', [permission1], {}), - expected=dict( - result=dict(failed=u''), - value=permission1, - summary=u'Deleted permission "%s"' % permission1, - ), - ), - - - dict( desc='Create targetgroup permission %r' % permission1, command=( 'permission_add', [permission1], dict( |