Re: [Freeipa-devel] [PATCH] 0480 permission plugin: Don't crash with empty targetfilter

2014-03-07 Thread Martin Kosek 
On 02/28/2014 01:13 PM, Petr Viktorin wrote:
 Fixing the subject
 On 02/28/2014 01:11 PM, Petr Viktorin wrote:
 Hello,
 This fixes https://fedorahosted.org/freeipa/ticket/4206

 Apply on top of my patch 0479, to avoid a conflict in tests.
 
 

Works fine, ACK (thanks for your care with adding tests every time, this will
benefit us in a long run).

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0480 permission plugin: Don't crash with empty targetfilter

2014-03-07 Thread Petr Viktorin 

On 03/07/2014 04:34 PM, Martin Kosek wrote:

On 02/28/2014 01:13 PM, Petr Viktorin wrote:

Fixing the subject
On 02/28/2014 01:11 PM, Petr Viktorin wrote:

Hello,
This fixes https://fedorahosted.org/freeipa/ticket/4206

Apply on top of my patch 0479, to avoid a conflict in tests.





Works fine, ACK


Thank you! Pushed to master: d727599aa804aecd91de969a9309c1903d0cfdce


(thanks for your care with adding tests every time, this will
benefit us in a long run).


Not just in the long run; I think I'd go crazy if I had to test this 
manually...



--
Petr³

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 0480

2014-02-28 Thread Petr Viktorin 

Hello,
This fixes https://fedorahosted.org/freeipa/ticket/4206

Apply on top of my patch 0479, to avoid a conflict in tests.

--
Petr³
From 286190d9374290acef301ca92279f3f729827cad Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Fri, 28 Feb 2014 12:23:17 +0100
Subject: [PATCH] permissions plugin: Don't crash with empty targetfilter

https://fedorahosted.org/freeipa/ticket/4206
---
 ipalib/plugins/permission.py   |  2 +-
 ipatests/test_xmlrpc/test_permission_plugin.py | 47 ++
 2 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py
index fb57fded7efe464d7879c12042999369c7d63bc4..2b2509ecbdfc7cd6b45f3c220188bee176679bf5 100644
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@@ -711,7 +711,7 @@ def preprocess_options(self, options, return_filter_ops=False):
 return filter_ops
 elif filter_ops['add']:
 options['ipapermtargetfilter'] = list(options.get(
-'ipapermtargetfilter', [])) + filter_ops['add']
+'ipapermtargetfilter') or []) + filter_ops['add']
 
 def validate_permission(self, entry):
 ldap = self.Backend.ldap2
diff --git a/ipatests/test_xmlrpc/test_permission_plugin.py b/ipatests/test_xmlrpc/test_permission_plugin.py
index 2d214013995266412cf0cf4559537095ffcd633c..833071823752ece578c6d688cf8a0dbf78c18d2a 100644
--- a/ipatests/test_xmlrpc/test_permission_plugin.py
+++ b/ipatests/test_xmlrpc/test_permission_plugin.py
@@ -3260,4 +3260,51 @@ class test_permission_filters(Declarative):
 '(version 3.0;acl permission:%s;' % permission1 +
 'allow (write) groupdn = ldap:///%s;;)' % permission1_dn,
 ),
+
+dict(
+desc='Delete %r' % permission1,
+command=('permission_del', [permission1], {}),
+expected=dict(
+result=dict(failed=u''),
+value=permission1,
+summary=u'Deleted permission %s' % permission1,
+)
+),
+
+verify_permission_aci_missing(permission1, api.env.basedn),
+
+dict(
+desc='Create %r with empty filters [#4206]' % permission1,
+command=(
+'permission_add', [permission1], dict(
+type=u'user',
+ipapermright=u'write',
+ipapermtargetfilter=u'',
+)
+),
+expected=dict(
+value=permission1,
+summary=u'Added permission %s' % permission1,
+result=dict(
+dn=permission1_dn,
+cn=[permission1],
+objectclass=objectclasses.permission,
+type=[u'user'],
+ipapermright=[u'write'],
+ipapermbindruletype=[u'permission'],
+ipapermissiontype=[u'SYSTEM', u'V2'],
+ipapermlocation=[users_dn],
+ipapermtargetfilter=[
+u'(objectclass=posixaccount)',
+],
+),
+),
+),
+
+verify_permission_aci(
+permission1, users_dn,
+'(targetfilter = (objectclass=posixaccount))' +
+'(version 3.0;acl permission:%s;' % permission1 +
+'allow (write) groupdn = ldap:///%s;;)' % permission1_dn,
+),
 ]
-- 
1.8.5.3

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0480 permission plugin: Don't crash with empty targetfilter

2014-02-28 Thread Petr Viktorin 

Fixing the subject
On 02/28/2014 01:11 PM, Petr Viktorin wrote:

Hello,
This fixes https://fedorahosted.org/freeipa/ticket/4206

Apply on top of my patch 0479, to avoid a conflict in tests.



--
Petr³

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel