diff options
| author | Stanislav Laznicka <slaznick@redhat.com> | 2016-08-11 14:09:22 +0200 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2016-12-06 11:36:46 +0100 |
| commit | 29aa4877eec89894cc3a6e50c4b6817a713d3177 (patch) | |
| tree | adf58bcef9352fc1aada0c4c4f67a2e769b6fe1d /ipaserver/plugins | |
| parent | 0df65b6d035331322998ce5a15bdaae1bfd97c67 (diff) | |
| download | freeipa-29aa4877eec89894cc3a6e50c4b6817a713d3177.tar.gz freeipa-29aa4877eec89894cc3a6e50c4b6817a713d3177.tar.xz freeipa-29aa4877eec89894cc3a6e50c4b6817a713d3177.zip | |
fix permission_find fail on low search size limit
permission_find() method would have failed if size_limit in config is too
small caused by a search in post_callback. This search should also
respect the passed sizelimit or the sizelimit from ipa config if no
sizelimit is passed.
https://fedorahosted.org/freeipa/ticket/5640
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/plugins')
| -rw-r--r-- | ipaserver/plugins/permission.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ipaserver/plugins/permission.py b/ipaserver/plugins/permission.py index 130c99c29..af0cfea59 100644 --- a/ipaserver/plugins/permission.py +++ b/ipaserver/plugins/permission.py @@ -1307,10 +1307,10 @@ class permission_find(baseldap.LDAPSearch): if options.get('all'): attrs_list.append('*') try: - legacy_entries = ldap.get_entries( + legacy_entries, truncated = ldap.find_entries( base_dn=DN(self.obj.container_dn, self.api.env.basedn), filter=ldap.combine_filters(filters, rules=ldap.MATCH_ALL), - attrs_list=attrs_list) + attrs_list=attrs_list, size_limit=max_entries) # Retrieve the root entry (with all legacy ACIs) at once root_entry = ldap.get_entry(DN(api.env.basedn), ['aci']) except errors.NotFound: |