From 321bd7bf56109c546a92298d54bcaccfe1289800 Mon Sep 17 00:00:00 2001 From: David Kupka Date: Thu, 25 Aug 2016 11:53:39 +0200 Subject: [PATCH] otptoken, permission: Convert custom type parameters on server Force client to send the value of ipatokenotpkey and ipapermlocation as entered by user. https://fedorahosted.org/freeipa/ticket/6247 Reviewed-By: Jan Cholasta --- ipaserver/plugins/otptoken.py | 2 ++ ipaserver/plugins/permission.py | 2 ++ 2 files changed, 4 insertions(+) diff --git a/ipaserver/plugins/otptoken.py b/ipaserver/plugins/otptoken.py index 39012e2f9106c33c520e19f14331fc440333015a..0b4250043618b4f434d2f8b337b88ee396c312ce 100644 --- a/ipaserver/plugins/otptoken.py +++ b/ipaserver/plugins/otptoken.py @@ -214,6 +214,8 @@ class otptoken(LDAPObject): doc=_('Token secret (Base32; default: random)'), default_from=lambda: os.urandom(KEY_LENGTH), autofill=True, + # force server-side conversion + normalizer=lambda x: x, flags=('no_display', 'no_update', 'no_search'), ), StrEnum('ipatokenotpalgorithm?', diff --git a/ipaserver/plugins/permission.py b/ipaserver/plugins/permission.py index 830773ae7a09f0197da702e4ec31b0b58f1214dd..0c040ce874534dc4716e700493e547df5b97ea99 100644 --- a/ipaserver/plugins/permission.py +++ b/ipaserver/plugins/permission.py @@ -283,6 +283,8 @@ class permission(baseldap.LDAPObject): cli_name='subtree', label=_('Subtree'), doc=_('Subtree to apply permissions to'), + # force server-side conversion + normalizer=lambda x: x, flags={'ask_create'}, ), Str( -- 2.7.4