On 10/29/2010 09:31 PM, Endi Sukma Dewata wrote:
On 10/29/2010 2:50 PM, Adam Young wrote:
Check effective rights. If the right is not explicitly allowed, show the
field as read only.
It seems to be working, but I think it has to wait until the
attributelevelrights is returned in the JSON response because without
it the UI would become unusable because all fields would be disabled.
That is part of the patch. attributelevelrights has been added as a
flag to the JSON request. The change to baseldap.py will only apply on
to of the change made to return the rights.
I suspect that what you are seeing is that there is some holes in the
coverage of the attribute level rights, and I made the decision to
default to "don't allow changes". Thus, this code needs to go in
before we can identify places where the rights are not being properly
reported, otherwise, we just won't know.
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
