1 files changed, 49 insertions, 1 deletions

diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
index 47610a75..c732e8f8 100644
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
@@ -125,6 +125,8 @@ class DelegationController(IPAController):
             aci_str_list = aci_entry.getValues('aci')
             if aci_str_list is None:
                 aci_str_list = []
+            if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+                aci_str_list = [aci_str_list]
 
             try :
                 old_aci_index = aci_str_list.index(kw['orig_acistr'])
@@ -171,6 +173,8 @@ class DelegationController(IPAController):
         aci_str_list = aci_entry.getValues('aci')
         if aci_str_list is None:
             aci_str_list = []
+        if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+            aci_str_list = [aci_str_list]
 
         aci_list = []
         for aci_str in aci_str_list:
@@ -182,7 +186,51 @@ class DelegationController(IPAController):
                 pass
         group_dn_to_cn = self.extract_group_cns(aci_list, client)
 
-        return dict(aci_list=aci_list, group_dn_to_cn=group_dn_to_cn)
+        # The list page needs to display field labels, not raw
+        # LDAP attributes
+        for aci in aci_list:
+            aci.attrs = map(lambda name:
+                      ipagui.forms.delegate.aci_name_to_label.get(name, name),
+                      aci.attrs)
+
+        return dict(aci_list=aci_list, group_dn_to_cn=group_dn_to_cn,
+                    fields=ipagui.forms.delegate.DelegateFields())
+
+    @expose()
+    @identity.require(identity.not_anonymous())
+    def delete(self, acistr):
+        """Display delegate page"""
+        self.restrict_post()
+        client = self.get_ipaclient()
+
+        try:
+            aci_entry = client.get_aci_entry(aci_fields)
+
+            aci_str_list = aci_entry.getValues('aci')
+            if aci_str_list is None:
+                aci_str_list = []
+            if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+                aci_str_list = [aci_str_list]
+
+            try :
+                old_aci_index = aci_str_list.index(acistr)
+            except ValueError:
+                turbogears.flash("Delegation deletion failed:<br />" +
+                        "The delegation you were attempting to delete has been " +
+                        "concurrently modified.")
+                raise turbogears.redirect('/delegate/list')
+
+            new_aci_str_list = copy.copy(aci_str_list)
+            del new_aci_str_list[old_aci_index]
+            aci_entry.setValue('aci', new_aci_str_list)
+
+            client.update_entry(aci_entry)
+
+            turbogears.flash("delegate deleted")
+            raise turbogears.redirect('/delegate/list')
+        except (SyntaxError, ipaerror.IPAError), e:
+            turbogears.flash("Delegation deletion failed: " + str(e))
+            raise turbogears.redirect('/delegate/list')
 
     @expose("ipagui.templates.delegategroupsearch")
     @identity.require(identity.not_anonymous())