diff options
author | Martin Basti <mbasti@redhat.com> | 2016-06-11 17:49:00 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-06-17 15:22:24 +0200 |
commit | 394b094fc22ef67742824ec03d4e851a2876fd81 (patch) | |
tree | 54023d73f4b548b5cf6fe3b81953ac382b05014d /ipaserver/plugins/server.py | |
parent | 87c23ba029df9227384b3f5e2028f3f0e429e9ab (diff) | |
download | freeipa-394b094fc22ef67742824ec03d4e851a2876fd81.tar.gz freeipa-394b094fc22ef67742824ec03d4e851a2876fd81.tar.xz freeipa-394b094fc22ef67742824ec03d4e851a2876fd81.zip |
DNS Locations: permission: allow to read status of services
New permission was added: "System: Read Status of Services on IPA Servers"
This permission is needed for detection which records should be created
on which servers.
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/plugins/server.py')
-rw-r--r-- | ipaserver/plugins/server.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ipaserver/plugins/server.py b/ipaserver/plugins/server.py index a2c2752d9..edbd3bb78 100644 --- a/ipaserver/plugins/server.py +++ b/ipaserver/plugins/server.py @@ -66,7 +66,7 @@ class server(LDAPObject): 'ipalocation': ('IPA', 'in_', 'not_in_'), 'role': ('Enabled', '', 'no_'), } - permission_filter_objectclasses = ['ipaLocationMember'] + permission_filter_objectclasses = ['ipaConfigObject'] managed_permissions = { 'System: Read Locations of IPA Servers': { 'ipapermright': {'read', 'search', 'compare'}, @@ -75,6 +75,11 @@ class server(LDAPObject): }, 'default_privileges': {'DNS Administrators'}, }, + 'System: Read Status of Services on IPA Servers': { + 'ipapermright': {'read', 'search', 'compare'}, + 'ipapermdefaultattr': {'objectclass', 'cn', 'ipaconfigstring'}, + 'default_privileges': {'DNS Administrators'}, + } } takes_params = ( |