diff options
author | Petr Viktorin <pviktori@redhat.com> | 2014-03-26 17:11:23 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-04-17 07:51:03 +0200 |
commit | adde918f38a7df8f72e5293d1d0c5a5637b7e5a8 (patch) | |
tree | 0e5cd73e16eaa764468a0f4a48c42ca360407775 /ipalib/plugins/automount.py | |
parent | bb4e47d9ea249d7f3ead460284dd67312cc82bd5 (diff) | |
download | freeipa-adde918f38a7df8f72e5293d1d0c5a5637b7e5a8.tar.gz freeipa-adde918f38a7df8f72e5293d1d0c5a5637b7e5a8.tar.xz freeipa-adde918f38a7df8f72e5293d1d0c5a5637b7e5a8.zip |
Add managed read permission to automount
A single permission is added to cover automountlocation,
automountmap, and automountkey.
Part of the work for: https://fedorahosted.org/freeipa/ticket/3566
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Diffstat (limited to 'ipalib/plugins/automount.py')
-rw-r--r-- | ipalib/plugins/automount.py | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py index 4b94a5957..b961b1c17 100644 --- a/ipalib/plugins/automount.py +++ b/ipalib/plugins/automount.py @@ -208,6 +208,21 @@ class automountlocation(LDAPObject): default_attributes = ['cn'] label = _('Automount Locations') label_singular = _('Automount Location') + managed_permissions = { + 'System: Read Automount Configuration': { + # Single permission for all automount-related entries + 'non_object': True, + 'ipapermlocation': DN(container_dn, api.env.basedn), + 'replaces_global_anonymous_aci': True, + 'ipapermbindruletype': 'anonymous', + 'ipapermright': {'read', 'search', 'compare'}, + 'ipapermdefaultattr': { + 'cn', 'objectclass', + 'automountinformation', 'automountkey', 'description', + 'automountmapname', 'description', + }, + }, + } takes_params = ( Str('cn', |