Re: [Freeipa-devel] [PATCH] 902 Don't allow empty default object classes

[Martin Kosek]

On Wed, 2011-11-09 at 09:23 +0200, Alexander Bokovoy wrote:
> On Tue, 08 Nov 2011, Rob Crittenden wrote:
> 
> > Don't allow one to set a blank list of default objectclasses in
> > cn=ipaconfig.
> > 
> ACK
> 

Pushed to master, ipa-2-1.

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 902 Don't allow empty default object classes

[Alexander Bokovoy]

On Tue, 08 Nov 2011, Rob Crittenden wrote:

> Don't allow one to set a blank list of default objectclasses in
> cn=ipaconfig.
> 
ACK

-- 
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 902 Don't allow empty default object classes

[Rob Crittenden]

Don't allow one to set a blank list of default objectclasses in 
cn=ipaconfig.


rob
>From 0d486f34eaf68384151a809da5d5d5749095f7d7 Mon Sep 17 00:00:00 2001
From: Rob Crittenden 
Date: Tue, 8 Nov 2011 17:04:26 -0500
Subject: [PATCH] Don't allow default objectclass list to be empty.

https://fedorahosted.org/freeipa/ticket/1945
---
 ipalib/plugins/config.py |3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/ipalib/plugins/config.py b/ipalib/plugins/config.py
index 9bed5d8..332eea1 100644
--- a/ipalib/plugins/config.py
+++ b/ipalib/plugins/config.py
@@ -220,6 +220,9 @@ class config_mod(LDAPUpdate):
 for (attr, obj) in (('ipauserobjectclasses', 'user'),
 ('ipagroupobjectclasses', 'group')):
 if attr in entry_attrs:
+if not entry_attrs[attr]:
+raise errors.ValidationError(name=attr,
+error=_('May not be empty'))
 objectclasses = list(set(entry_attrs[attr] \
  + self.api.Object[obj].possible_objectclasses))
 new_allowed_attrs = ldap.get_allowed_attributes(objectclasses,
-- 
1.7.6.4

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel