URL: https://github.com/freeipa/freeipa/pull/2535 Author: tiran Title: #2535: Copy-paste error in permssions plugin, CID 323649 Action: opened
PR body: """ Address a bug in the code block for attributeLevelRights for old clients. The backward compatibility code for deprecated options was not triggered, because the new name was checked against wrong dict. Coverity Scan issue 323649, Copy-paste error The copied code will not have its intended effect. In postprocess_result: A copied piece of code is inconsistent with the original (CWE-398) See: Fixes: https://pagure.io/freeipa/issue/7753 Signed-off-by: Christian Heimes <chei...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2535/head:pr2535 git checkout pr2535
From 8c92bb0e950f64c55f2dbfdf37299ebfff52e5d0 Mon Sep 17 00:00:00 2001 From: Christian Heimes <chei...@redhat.com> Date: Thu, 8 Nov 2018 10:42:43 +0100 Subject: [PATCH] Copy-paste error in permssions plugin, CID 323649 Address a bug in the code block for attributeLevelRights for old clients. The backward compatibility code for deprecated options was not triggered, because the new name was checked against wrong dict. Coverity Scan issue 323649, Copy-paste error The copied code will not have its intended effect. In postprocess_result: A copied piece of code is inconsistent with the original (CWE-398) See: Fixes: https://pagure.io/freeipa/issue/7753 Signed-off-by: Christian Heimes <chei...@redhat.com> --- ipaserver/plugins/permission.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ipaserver/plugins/permission.py b/ipaserver/plugins/permission.py index 0363b0ab68..0a1733b544 100644 --- a/ipaserver/plugins/permission.py +++ b/ipaserver/plugins/permission.py @@ -486,7 +486,7 @@ def postprocess_result(self, entry, options): if old_client: for old_name, new_name in _DEPRECATED_OPTION_ALIASES.items(): - if new_name in entry: + if new_name in rights: rights[old_name] = rights[new_name] del rights[new_name]
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org