Re: [Freeipa-devel] [PATCH] 0006 Fix group-remove-member crash when group is removed from a protected group

David Kupka Wed, 23 Jul 2014 07:33:37 -0700

On 07/23/2014 04:15 PM, Martin Kosek wrote:

On 07/23/2014 04:08 PM, David Kupka wrote:

https://fedorahosted.org/freeipa/ticket/4448


Alternatively, we could also update the "if" condition to avoid running this
section at all when options['user'] does not exist or is empty. This would save
us at least from api.Command.group_show call.

Martin

You're right as always, Martin :-)

--
David Kupka

From 83f3cac66ccf29d095044c50d240afbd3d9e6be0 Mon Sep 17 00:00:00 2001
From: David Kupka <[email protected]>
Date: Wed, 23 Jul 2014 16:23:59 +0200
Subject: [PATCH] Fix group-remove-member crash when group is removed from a
 protected group

https://fedorahosted.org/freeipa/ticket/4448
---
 ipalib/plugins/group.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index af5d4b6bf5217fcda912a92453d15cd0974c1c53..69740dfe1269ffac3bbd60fbe387dd2191518cf8 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -522,7 +522,7 @@ class group_remove_member(LDAPRemoveMember):
 
     def pre_callback(self, ldap, dn, found, not_found, *keys, **options):
         assert isinstance(dn, DN)
-        if keys[0] in PROTECTED_GROUPS:
+        if keys[0] in PROTECTED_GROUPS and 'user' in options:
             protected_group_name = keys[0]
             result = api.Command.group_show(protected_group_name)
             users_left = set(result['result'].get('member_user', []))
-- 
1.9.3

_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0006 Fix group-remove-member crash when group is removed from a protected group

Reply via email to