summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2015-04-08 16:13:55 -0400
committerSimo Sorce <simo@redhat.com>2015-04-10 10:41:09 -0400
commit348fcbcbaf5c686cdb077c9bed53ded95ad04b49 (patch)
treefa0e8b0890bb7a73ae62905e2b8fe614157a4e77
parent130aaa056aac3d214afef4a43ddf6f948f5f0a8b (diff)
downloadipsilon-348fcbcbaf5c686cdb077c9bed53ded95ad04b49.zip
ipsilon-348fcbcbaf5c686cdb077c9bed53ded95ad04b49.tar.gz
ipsilon-348fcbcbaf5c686cdb077c9bed53ded95ad04b49.tar.xz
The last allowed/mapping rule can be removed in SPs
If you created rule(s) in an SP for either allowed attributes or attribute mapping there was no way to remove the last rule meaning it could never go back to use the global defaults. https://fedorahosted.org/ipsilon/ticket/25 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
-rw-r--r--ipsilon/providers/saml2/admin.py52
-rw-r--r--ipsilon/util/config.py4
-rw-r--r--ipsilon/util/data.py10
3 files changed, 41 insertions, 25 deletions
diff --git a/ipsilon/providers/saml2/admin.py b/ipsilon/providers/saml2/admin.py
index f0456c1..f8163f7 100644
--- a/ipsilon/providers/saml2/admin.py
+++ b/ipsilon/providers/saml2/admin.py
@@ -172,15 +172,21 @@ class SPAdminPage(AdminPage):
value = get_complex_list_value(name,
current,
**kwargs)
+ # if current value is None do nothing
if value is None:
- continue
+ if option.get_value() is None:
+ continue
+ # else pass and let it continue as None
elif type(option) is pconfig.MappingList:
current = deepcopy(option.get_value())
value = get_mapping_list_value(name,
current,
**kwargs)
+ # if current value is None do nothing
if value is None:
- continue
+ if option.get_value() is None:
+ continue
+ # else pass and let it continue as None
else:
continue
@@ -210,26 +216,28 @@ class SPAdminPage(AdminPage):
# Make changes in current config
for name, option in conf.iteritems():
value = new_db_values.get(name, False)
- if value:
- if name == 'Name':
- if not self.sp.is_valid_name(value):
- raise InvalidValueFormat(
- 'Invalid name! Use only numbers and'
- ' letters'
- )
- self.sp.name = value
- self.url = '%s/sp/%s' % (self.parent.url, value)
- self.parent.rename_sp(option.get_value(), value)
- elif name == 'User Owner':
- self.sp.owner = value
- elif name == 'Default NameID':
- self.sp.default_nameid = value
- elif name == 'Allowed NameIDs':
- self.sp.allowed_nameids = value
- elif name == 'Attribute Mapping':
- self.sp.attribute_mappings = value
- elif name == 'Allowed Attributes':
- self.sp.allowed_attributes = value
+ # A value of None means remove from the data store
+ if value is False or value == []:
+ continue
+ if name == 'Name':
+ if not self.sp.is_valid_name(value):
+ raise InvalidValueFormat(
+ 'Invalid name! Use only numbers and'
+ ' letters'
+ )
+ self.sp.name = value
+ self.url = '%s/sp/%s' % (self.parent.url, value)
+ self.parent.rename_sp(option.get_value(), value)
+ elif name == 'User Owner':
+ self.sp.owner = value
+ elif name == 'Default NameID':
+ self.sp.default_nameid = value
+ elif name == 'Allowed NameIDs':
+ self.sp.allowed_nameids = value
+ elif name == 'Attribute Mapping':
+ self.sp.attribute_mappings = value
+ elif name == 'Allowed Attributes':
+ self.sp.allowed_attributes = value
except InvalidValueFormat, e:
message = str(e)
message_type = ADMIN_STATUS_WARN
diff --git a/ipsilon/util/config.py b/ipsilon/util/config.py
index 523601d..5366a96 100644
--- a/ipsilon/util/config.py
+++ b/ipsilon/util/config.py
@@ -178,6 +178,8 @@ class List(Option):
class ComplexList(List):
def _check_value(self, value):
+ if value is None:
+ return
if type(value) is not list:
raise ValueError('The value type must be a list, not "%s"' %
type(value))
@@ -202,6 +204,8 @@ class ComplexList(List):
class MappingList(ComplexList):
def _check_value(self, value):
+ if value is None:
+ return
if type(value) is not list:
raise ValueError('The value type must be a list, not "%s"' %
type(value))
diff --git a/ipsilon/util/data.py b/ipsilon/util/data.py
index 72e7f96..b06f00c 100644
--- a/ipsilon/util/data.py
+++ b/ipsilon/util/data.py
@@ -377,10 +377,14 @@ class Store(Log):
datum = data[uid]
for name in datum:
if name in curvals:
- q.update({'value': datum[name]},
- {'uuid': uid, 'name': name})
+ if datum[name] is None:
+ q.delete({'uuid': uid, 'name': name})
+ else:
+ q.update({'value': datum[name]},
+ {'uuid': uid, 'name': name})
else:
- q.insert((uid, name, datum[name]))
+ if datum[name] is not None:
+ q.insert((uid, name, datum[name]))
q.commit()
except Exception, e: # pylint: disable=broad-except