summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorOndrej Hamada <ohamada@redhat.com>2012-04-11 09:37:15 +0200
committerRob Crittenden <rcritten@redhat.com>2012-04-11 22:29:04 -0400
commit2584e9be673985d530447b836b38cb4ddbf8ee21 (patch)
treea70500c0ba84397987f9e05007235bba970d355a /ipalib
parentfca43ccd474db550cd68c17a9a03fc9436128b34 (diff)
downloadfreeipa-2584e9be673985d530447b836b38cb4ddbf8ee21.tar.gz
freeipa-2584e9be673985d530447b836b38cb4ddbf8ee21.tar.xz
freeipa-2584e9be673985d530447b836b38cb4ddbf8ee21.zip
Unable to rename permission object
The update was failing because of the case insensitivity of permission object DN. Unit-tests added. https://fedorahosted.org/freeipa/ticket/2571
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/plugins/permission.py19
1 files changed, 11 insertions, 8 deletions
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py
index 9b669d9f5..92203f174 100644
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@@ -335,14 +335,17 @@ class permission_mod(LDAPUpdate):
# when renaming permission, check if the target permission does not
# exists already. Then, make changes to underlying ACI
if 'rename' in options:
- try:
- new_dn = dn.replace(keys[-1], options['rename'], 1)
- (new_dn, attrs) = ldap.get_entry(
- new_dn, attrs_list, normalize=self.obj.normalize_dn
- )
- raise errors.DuplicateEntry()
- except errors.NotFound:
- pass # permission may be renamed, continue
+ if options['rename']:
+ try:
+ new_dn = dn.replace(keys[-1].lower(), options['rename'], 1)
+ (new_dn, attrs) = ldap.get_entry(
+ new_dn, attrs_list, normalize=self.obj.normalize_dn
+ )
+ raise errors.DuplicateEntry()
+ except errors.NotFound:
+ pass # permission may be renamed, continue
+ else:
+ raise errors.ValidationError(name='rename',error=_('New name can not be empty'))
opts = copy.copy(options)
for o in ['all', 'raw', 'rights', 'rename']: