diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2015-04-08 16:13:55 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2015-04-10 10:41:09 -0400 |
| commit | 348fcbcbaf5c686cdb077c9bed53ded95ad04b49 (patch) | |
| tree | fa0e8b0890bb7a73ae62905e2b8fe614157a4e77 /ipsilon/providers/saml2/admin.py | |
| parent | 130aaa056aac3d214afef4a43ddf6f948f5f0a8b (diff) | |
| download | ipsilon-348fcbcbaf5c686cdb077c9bed53ded95ad04b49.tar.gz ipsilon-348fcbcbaf5c686cdb077c9bed53ded95ad04b49.tar.xz ipsilon-348fcbcbaf5c686cdb077c9bed53ded95ad04b49.zip | |
The last allowed/mapping rule can be removed in SPs
If you created rule(s) in an SP for either allowed attributes or
attribute mapping there was no way to remove the last rule meaning
it could never go back to use the global defaults.
https://fedorahosted.org/ipsilon/ticket/25
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'ipsilon/providers/saml2/admin.py')
| -rw-r--r-- | ipsilon/providers/saml2/admin.py | 52 |
1 files changed, 30 insertions, 22 deletions
diff --git a/ipsilon/providers/saml2/admin.py b/ipsilon/providers/saml2/admin.py index f0456c1..f8163f7 100644 --- a/ipsilon/providers/saml2/admin.py +++ b/ipsilon/providers/saml2/admin.py @@ -172,15 +172,21 @@ class SPAdminPage(AdminPage): value = get_complex_list_value(name, current, **kwargs) + # if current value is None do nothing if value is None: - continue + if option.get_value() is None: + continue + # else pass and let it continue as None elif type(option) is pconfig.MappingList: current = deepcopy(option.get_value()) value = get_mapping_list_value(name, current, **kwargs) + # if current value is None do nothing if value is None: - continue + if option.get_value() is None: + continue + # else pass and let it continue as None else: continue @@ -210,26 +216,28 @@ class SPAdminPage(AdminPage): # Make changes in current config for name, option in conf.iteritems(): value = new_db_values.get(name, False) - if value: - if name == 'Name': - if not self.sp.is_valid_name(value): - raise InvalidValueFormat( - 'Invalid name! Use only numbers and' - ' letters' - ) - self.sp.name = value - self.url = '%s/sp/%s' % (self.parent.url, value) - self.parent.rename_sp(option.get_value(), value) - elif name == 'User Owner': - self.sp.owner = value - elif name == 'Default NameID': - self.sp.default_nameid = value - elif name == 'Allowed NameIDs': - self.sp.allowed_nameids = value - elif name == 'Attribute Mapping': - self.sp.attribute_mappings = value - elif name == 'Allowed Attributes': - self.sp.allowed_attributes = value + # A value of None means remove from the data store + if value is False or value == []: + continue + if name == 'Name': + if not self.sp.is_valid_name(value): + raise InvalidValueFormat( + 'Invalid name! Use only numbers and' + ' letters' + ) + self.sp.name = value + self.url = '%s/sp/%s' % (self.parent.url, value) + self.parent.rename_sp(option.get_value(), value) + elif name == 'User Owner': + self.sp.owner = value + elif name == 'Default NameID': + self.sp.default_nameid = value + elif name == 'Allowed NameIDs': + self.sp.allowed_nameids = value + elif name == 'Attribute Mapping': + self.sp.attribute_mappings = value + elif name == 'Allowed Attributes': + self.sp.allowed_attributes = value except InvalidValueFormat, e: message = str(e) message_type = ADMIN_STATUS_WARN |