[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Freeipa-devel] [PATCHES] 0041-42 Fix internal server errors with empty options



Empty values in reverse_member options, and attattr/setattr/delattr, caused internal server errors.

We convert empty values to None and bypass normal validation, so they need special care.


https://fedorahosted.org/freeipa/ticket/2680
https://fedorahosted.org/freeipa/ticket/2681

--
PetrĀ³
From b6bc60ee00295a2719f8d12485c6f835e685f986 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori redhat com>
Date: Fri, 27 Apr 2012 07:15:56 -0400
Subject: [PATCH] Do not crash on empty reverse member options

Calling a LDAP{Add,Remove}ReverseMember with an empty reverse_member
caused an internal error, because empty values are converted to None,
which is then iterated.

Use an empty list instead of None (or other false falues, of which we
only use the empty list).

https://fedorahosted.org/freeipa/ticket/2681
---
 ipalib/plugins/baseldap.py                 |    4 +-
 tests/test_xmlrpc/test_privilege_plugin.py |   44 ++++++++++++++++++++++++++++
 tests/test_xmlrpc/test_role_plugin.py      |   42 ++++++++++++++++++++++++++
 3 files changed, 88 insertions(+), 2 deletions(-)

diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index d37a20d1faefce75e90bbffeb1a79204a933f508..5a8013efc9b14c4e29719aeb7c443f089f7e72e3 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -1966,7 +1966,7 @@ def execute(self, *keys, **options):
         entry_start = self.api.Command[self.show_command](keys[-1])['result']
         completed = 0
         failed = {'member': {self.reverse_attr: []}}
-        for attr in options.get(self.reverse_attr, []):
+        for attr in options.get(self.reverse_attr) or []:
             try:
                 options = {'%s' % self.member_attr: keys[-1]}
                 try:
@@ -2073,7 +2073,7 @@ def execute(self, *keys, **options):
         entry_start = self.api.Command[self.show_command](keys[-1])['result']
         completed = 0
         failed = {'member': {self.reverse_attr: []}}
-        for attr in options.get(self.reverse_attr, []):
+        for attr in options.get(self.reverse_attr) or []:
             try:
                 options = {'%s' % self.member_attr: keys[-1]}
                 try:
diff --git a/tests/test_xmlrpc/test_privilege_plugin.py b/tests/test_xmlrpc/test_privilege_plugin.py
index eb81206842c3cc2b7027568f9a3bb7d8fc9ae443..d8d9b22a66d808058e377d97a7431d55f2cca9f3 100644
--- a/tests/test_xmlrpc/test_privilege_plugin.py
+++ b/tests/test_xmlrpc/test_privilege_plugin.py
@@ -348,6 +348,50 @@ class test_privilege(Declarative):
 
 
         dict(
+            desc='Add zero permissions to %r' % privilege1,
+            command=('privilege_add_permission', [privilege1],
+                dict(permission=None),
+            ),
+            expected=dict(
+                completed=0,
+                failed=dict(
+                    member=dict(
+                        permission=[],
+                    ),
+                ),
+                result={
+                    'dn': lambda x: DN(x) == privilege1_dn,
+                    'cn': [privilege1],
+                    'description': [u'New desc 1'],
+                    'memberof_permission': [permission2],
+                }
+            ),
+        ),
+
+
+        dict(
+            desc='Remove zero permissions from %r' % privilege1,
+            command=('privilege_remove_permission', [privilege1],
+                dict(permission=None),
+            ),
+            expected=dict(
+                completed=0,
+                failed=dict(
+                    member=dict(
+                        permission=[],
+                    ),
+                ),
+                result={
+                    'dn': lambda x: DN(x) == privilege1_dn,
+                    'cn': [privilege1],
+                    'description': [u'New desc 1'],
+                    'memberof_permission': [permission2],
+                }
+            ),
+        ),
+
+
+        dict(
             desc='Delete %r' % privilege1,
             command=('privilege_del', [privilege1], {}),
             expected=dict(
diff --git a/tests/test_xmlrpc/test_role_plugin.py b/tests/test_xmlrpc/test_role_plugin.py
index 62bc6eade428bfbc501be15fa7242a7904422f6f..e2bd28cd667e1c782fd4ef798c81a703f808f83b 100644
--- a/tests/test_xmlrpc/test_role_plugin.py
+++ b/tests/test_xmlrpc/test_role_plugin.py
@@ -202,6 +202,48 @@ class test_role(Declarative):
 
 
         dict(
+            desc='Add zero privileges to role %r' % role1,
+            command=('role_add_privilege', [role1], dict(privilege=None)
+            ),
+            expected=dict(
+                completed=0,
+                failed=dict(
+                    member=dict(
+                        privilege=[],
+                    ),
+                ),
+                result={
+                    'dn': lambda x: DN(x) == role1_dn,
+                    'cn': [role1],
+                    'description': [u'role desc 1'],
+                    'memberof_privilege': [privilege1],
+                }
+            ),
+        ),
+
+
+        dict(
+            desc='Remove zero privileges from role %r' % role1,
+            command=('role_remove_privilege', [role1], dict(privilege=None)
+            ),
+            expected=dict(
+                completed=0,
+                failed=dict(
+                    member=dict(
+                        privilege=[],
+                    ),
+                ),
+                result={
+                    'dn': lambda x: DN(x) == role1_dn,
+                    'cn': [role1],
+                    'description': [u'role desc 1'],
+                    'memberof_privilege': [privilege1],
+                }
+            ),
+        ),
+
+
+        dict(
             desc='Add member %r to %r' % (group1, role1),
             command=('role_add_member', [role1], dict(group=group1)),
             expected=dict(
-- 
1.7.7.6

From 218369415d30c5c6420ea961f8121c02d9e37b39 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori redhat com>
Date: Fri, 27 Apr 2012 06:07:16 -0400
Subject: [PATCH] Do not crash on empty --setattr, --getattr, --addattr

Also the unused `append` argument from _convert_2_dict.

https://fedorahosted.org/freeipa/ticket/2680
---
 ipalib/plugins/baseldap.py     |   16 ++++++++--------
 tests/test_xmlrpc/test_attr.py |    3 ++-
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index 5a8013efc9b14c4e29719aeb7c443f089f7e72e3..e4f8cdc698f8ce56066836cf90874301323eb08b 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -791,27 +791,27 @@ class BaseLDAPCommand(CallbackInterface, Command):
                          exclude='webui',
                         )
 
-    def _convert_2_dict(self, attrs, append=True):
+    def _convert_2_dict(self, attrs):
         """
         Convert a string in the form of name/value pairs into a dictionary.
-        The incoming attribute may be a string or a list.
 
-        :param attrs: A list of name/value pairs
-
-        :param append: controls whether this returns a list of values or a single
-        value.
+        :param attrs: A list of name/value pair strings, in the "name=value"
+            format. May also be a single string, or None.
         """
+
         newdict = {}
-        if not type(attrs) in (list, tuple):
+        if attrs is None:
+            attrs = []
+        elif not type(attrs) in (list, tuple):
             attrs = [attrs]
         for a in attrs:
             m = re.match("\s*(.*?)\s*=\s*(.*?)\s*$", a)
             attr = str(m.group(1)).lower()
             value = m.group(2)
             if len(value) == 0:
                 # None means "delete this attribute"
                 value = None
-            if append and attr in newdict:
+            if attr in newdict:
                 if type(value) in (tuple,):
                     newdict[attr] += list(value)
                 else:
diff --git a/tests/test_xmlrpc/test_attr.py b/tests/test_xmlrpc/test_attr.py
index 6877a6306015052a9e8a0a47773cce75ae105bc3..5916ebd2d0f3b7bce8fc3160bce86d703145880d 100644
--- a/tests/test_xmlrpc/test_attr.py
+++ b/tests/test_xmlrpc/test_attr.py
@@ -39,7 +39,8 @@ class test_attr(Declarative):
         dict(
             desc='Create %r' % user1,
             command=(
-                'user_add', [user1], dict(givenname=u'Test', sn=u'User1')
+                'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
+                    setattr=None)
             ),
             expected=dict(
                 value=user1,
-- 
1.7.7.6


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]