[Freeipa-devel] [PATCH] 608 Fix returning effective rights for password policy

Thu, 18 Nov 2010 08:23:32 -0800

Password policy needs to update the class of service priority in another entry. Include the CoS attribute when reporting rights. 

rob

>From 624ee8daeb26c420722d11e6f37af315e4922847 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Tue, 9 Nov 2010 16:05:54 -0500
Subject: [PATCH] Fix returning effective rights for password policy.

This also returns the rights for cospriority if the policy is for a group.

ticket 449
---
 ipalib/plugins/baseldap.py |    2 +-
 ipalib/plugins/pwpolicy.py |    6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index 1b56cc4..61fedd9 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -151,7 +151,7 @@ def get_attributes(attrs):
 
 def get_effective_rights(ldap, dn, attrs=None):
     if attrs is None:
-        attrs = ['*', 'nsaccountlock']
+        attrs = ['*', 'nsaccountlock', 'cospriority']
     rights = ldap.get_effective_rights(dn, attrs)
     rdict = {}
     if 'attributelevelrights' in rights[1]:
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py
index 53989de..ea77fa5 100644
--- a/ipalib/plugins/pwpolicy.py
+++ b/ipalib/plugins/pwpolicy.py
@@ -395,7 +395,7 @@ class pwpolicy_show(LDAPRetrieve):
     """
     Display information about password policy.
     """
-    takes_options = (
+    takes_options = LDAPRetrieve.takes_options + (
         Str('user?',
             label=_('User'),
             doc=_('Display effective policy for a specific user'),
@@ -422,6 +422,10 @@ class pwpolicy_show(LDAPRetrieve):
                         entry_attrs['cospriority'] = cos_entry['cospriority']
                 except errors.NotFound:
                     pass
+        if options.get('rights', False) and options.get('all', False) and \
+            keys[-1] is not None:
+            cos_entry = self.api.Command.cosentry_show(keys[-1], rights=True, all=True)['result']
+            entry_attrs['attributelevelrights']['cospriority'] = cos_entry['attributelevelrights']['cospriority']
         self.obj.convert_time_for_output(entry_attrs, **options)
         return dn
 
-- 
1.7.2.1


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to