From a540c909a7f63e7b0c19207eec69bd5914cb186e Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabinsk@redhat.com>
Date: Fri, 17 Jun 2016 16:16:48 +0200
Subject: Fix listing of enabled roles in `server-find`

The roles can be thought of as membership attributes so we should only
list
them if `--all` is specified and `--no-members` is not.

Also do not show them if `--raw` is passed in.

https://fedorahosted.org/freeipa/ticket/5181

Reviewed-By: Martin Basti <mbasti@redhat.com>
---
 ipaserver/plugins/server.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ipaserver/plugins/server.py b/ipaserver/plugins/server.py
index b7d3ee826..42bcb393f 100644
--- a/ipaserver/plugins/server.py
+++ b/ipaserver/plugins/server.py
@@ -192,7 +192,10 @@ class server(LDAPObject):
             entry_attrs['ipalocation_location'] = converted_locations
 
     def get_enabled_roles(self, entry_attrs, **options):
-        if options.get('raw', False) or options.get('no_members', False):
+        if not options.get('all', False) and options.get('no_members', False):
+            return
+
+        if options.get('raw', False):
             return
 
         enabled_roles = self.api.Command.server_role_find(
-- 
cgit