Blame SOURCES/0003-Prevent-to-rename-certprofile-profile-id.patch
|
 |
590d18 |
From 51f03f45f6cdab9da0479f48093951ccdd7cdab0 Mon Sep 17 00:00:00 2001
|
|
|
590d18 |
From: Martin Basti <mbasti@redhat.com>
|
|
|
590d18 |
Date: Thu, 9 Jul 2015 17:17:21 +0200
|
|
|
590d18 |
Subject: [PATCH] Prevent to rename certprofile profile id
|
|
|
590d18 |
|
|
|
590d18 |
https://fedorahosted.org/freeipa/ticket/5074
|
|
|
590d18 |
|
|
|
590d18 |
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
|
|
|
590d18 |
---
|
|
|
590d18 |
ipalib/plugins/certprofile.py | 3 +++
|
|
|
590d18 |
1 file changed, 3 insertions(+)
|
|
|
590d18 |
|
|
|
590d18 |
diff --git a/ipalib/plugins/certprofile.py b/ipalib/plugins/certprofile.py
|
|
|
590d18 |
index 6f9a41875b2a276b521219156e630817a9c41fdc..5550ed942521dbab2e783fba1570520268f9b378 100644
|
|
|
590d18 |
--- a/ipalib/plugins/certprofile.py
|
|
|
590d18 |
+++ b/ipalib/plugins/certprofile.py
|
|
|
590d18 |
@@ -291,6 +291,9 @@ class certprofile_mod(LDAPUpdate):
|
|
|
590d18 |
|
|
|
590d18 |
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
|
|
|
590d18 |
ca_enabled_check()
|
|
|
590d18 |
+ # Once a profile id is set it cannot be changed
|
|
|
590d18 |
+ if 'cn' in entry_attrs:
|
|
|
590d18 |
+ raise errors.ACIError(info=_('cn is immutable'))
|
|
|
590d18 |
if 'file' in options:
|
|
|
590d18 |
with self.api.Backend.ra_certprofile as profile_api:
|
|
|
590d18 |
profile_api.disable_profile(keys[0])
|
|
|
590d18 |
--
|
|
|
590d18 |
2.1.0
|
|
|
590d18 |
|