rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0029-Idviews-fix-objectclass-violation-on-idview-add.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   6ad8f3f1268e7a09ea9830aea99e7629487c2693
  2.   SOURCES
  3.   0029-Idviews-fix-objectclass-violation-on-idview-add.patch
Blob History Raw
c58629 
From 6d4676c4e3403df547ef03a2e716d6254c3c512e Mon Sep 17 00:00:00 2001
c58629 
From: Florence Blanc-Renaud <flo@redhat.com>
c58629 
Date: Fri, 5 Jan 2018 09:50:26 +0100
c58629 
Subject: [PATCH] Idviews: fix objectclass violation on idview-add
c58629
c58629 
When the option --domain-resolution-order is used with the command
c58629 
ipa idview-add, the resulting LDAP object stores the value in
c58629 
ipadomainresolutionorder attribute.
c58629 
The issue is that the add command does not add the needed object
c58629 
class (ipaNameResolutionData) because it is part of
c58629 
possible_objectclasses but not of object_class.
c58629
c58629 
The fix makes sure to add the objectclass when the option
c58629 
--domain-resolution-order is used, and adds a non-regression test.
c58629
c58629 
Note that idview-mod does not have any issue as it correctly handles
c58629 
the addition of missing possible objectclasses.
c58629
c58629 
Fixes:
c58629 
https://pagure.io/freeipa/issue/7350
c58629
c58629 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
c58629 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
c58629 
---
c58629 
 ipaserver/plugins/idviews.py                | 15 +++++++++----
c58629 
 ipatests/test_xmlrpc/test_idviews_plugin.py | 35 +++++++++++++++++++++++++++++
c58629 
 2 files changed, 46 insertions(+), 4 deletions(-)
c58629
c58629 
diff --git a/ipaserver/plugins/idviews.py b/ipaserver/plugins/idviews.py
c58629 
index a55c20bbf2466d9cb3a317d49a8bba3c9379f572..2b06cc54e4b04aac004efbf02a446464b8c89777 100644
c58629 
--- a/ipaserver/plugins/idviews.py
c58629 
+++ b/ipaserver/plugins/idviews.py
c58629 
@@ -22,10 +22,11 @@ import re
c58629 
 import six
c58629
c58629 
 from .baseldap import (LDAPQuery, LDAPObject, LDAPCreate,
c58629 
-                                     LDAPDelete, LDAPUpdate, LDAPSearch,
c58629 
-                                     LDAPAddAttributeViaOption,
c58629 
-                                     LDAPRemoveAttributeViaOption,
c58629 
-                                     LDAPRetrieve, global_output_params)
c58629 
+                       LDAPDelete, LDAPUpdate, LDAPSearch,
c58629 
+                       LDAPAddAttributeViaOption,
c58629 
+                       LDAPRemoveAttributeViaOption,
c58629 
+                       LDAPRetrieve, global_output_params,
c58629 
+                       add_missing_object_class)
c58629 
 from .hostgroup import get_complete_hostgroup_member_list
c58629 
 from .service import validate_certificate
c58629 
 from ipalib import api, Str, Int, Bytes, Flag, _, ngettext, errors, output
c58629 
@@ -169,6 +170,12 @@ class idview_add(LDAPCreate):
c58629 
     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
c58629 
         self.api.Object.config.validate_domain_resolution_order(entry_attrs)
c58629
c58629 
+        # The objectclass ipaNameResolutionData may not be present on
c58629 
+        # the id view. We need to add it if we define a new
c58629 
+        # value for ipaDomainResolutionOrder
c58629 
+        if 'ipadomainresolutionorder' in entry_attrs:
c58629 
+            add_missing_object_class(ldap, u'ipanameresolutiondata', dn,
c58629 
+                                     entry_attrs, update=False)
c58629 
         return dn
c58629
c58629
c58629 
diff --git a/ipatests/test_xmlrpc/test_idviews_plugin.py b/ipatests/test_xmlrpc/test_idviews_plugin.py
c58629 
index 35d31b37d8fb87384d9ae550182e353c1d6383cc..3d4cce5ea0505ef8b0cd8253fd74b037890ce18b 100644
c58629 
--- a/ipatests/test_xmlrpc/test_idviews_plugin.py
c58629 
+++ b/ipatests/test_xmlrpc/test_idviews_plugin.py
c58629 
@@ -1704,4 +1704,39 @@ class test_idviews(Declarative):
c58629 
             ),
c58629 
         ),
c58629
c58629 
+        # Delete the ID View
c58629 
+
c58629 
+        dict(
c58629 
+            desc='Delete ID View "%s"' % idview1,
c58629 
+            command=('idview_del', [idview1], {}),
c58629 
+            expected=dict(
c58629 
+                result=dict(failed=[]),
c58629 
+                summary=u'Deleted ID View "%s"' % idview1,
c58629 
+                value=[idview1],
c58629 
+            ),
c58629 
+        ),
c58629 
+
c58629 
+        # Test the creation of ID view with domain resolution order
c58629 
+        # Non-regression test for issue 7350
c58629 
+
c58629 
+        dict(
c58629 
+            desc='Create ID View "%s"' % idview1,
c58629 
+            command=(
c58629 
+                'idview_add',
c58629 
+                [idview1],
c58629 
+                dict(ipadomainresolutionorder=u'%s' % api.env.domain)
c58629 
+            ),
c58629 
+            expected=dict(
c58629 
+                value=idview1,
c58629 
+                summary=u'Added ID View "%s"' % idview1,
c58629 
+                result=dict(
c58629 
+                    dn=get_idview_dn(idview1),
c58629 
+                    objectclass=objectclasses.idview +
c58629 
+                    [u'ipanameresolutiondata'],
c58629 
+                    cn=[idview1],
c58629 
+                    ipadomainresolutionorder=[api.env.domain]
c58629 
+                )
c58629 
+            ),
c58629 
+        ),
c58629 
+
c58629 
     ]
c58629 
--
c58629 
2.13.6
c58629

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation