[Freeipa-devel] [PATCH] 987 Don't allow IPA master hosts and services to be disabled
Martin Kosek
mkosek at redhat.com
Mon Mar 19 15:10:16 UTC 2012
On Mon, 2012-03-19 at 10:17 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Fri, 2012-03-16 at 08:29 -0400, Rob Crittenden wrote:
> >> Petr Viktorin wrote:
> >>> On 03/15/2012 10:04 PM, Rob Crittenden wrote:
> >>>> diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
> >>>> index
> >>>> 9562ff98729ead6ac9e56d504f6ee0a7c0ca377a..f3c89a0fc5e3f00ed7f132dbff2510d89bc7370d
> >>>> 100644
> >>>> --- a/ipalib/plugins/baseldap.py
> >>>> +++ b/ipalib/plugins/baseldap.py
> >>>> @@ -887,12 +877,29 @@ last, after all sets and adds."""),
> >>>> # normalize all values
> >>>> changedattrs = setattrs | addattrs | delattrs
> >>>> for attr in changedattrs:
> >>>> - # remove duplicite and invalid values
> >>>> - entry_attrs[attr] = list(set([val for val in entry_attrs[attr] if
> >>>> val]))
> >>>> - if not entry_attrs[attr]:
> >>>> - entry_attrs[attr] = None
> >>>> - elif isinstance(entry_attrs[attr], (tuple, list)) and
> >>>> len(entry_attrs[attr]) == 1:
> >>>> - entry_attrs[attr] = entry_attrs[attr][0]
> >>>> + if attr in self.obj.params:
> >>>> + # convert single-value params to scalars
> >>>> + # Need to use the LDAPObject's params, not self's, because the
> >>>> + # CRUD classes filter their disallowed parameters out.
> >>>> + # Yet {set,add,del}attr are powerful enough to change these
> >>>> + # (e.g. Config's ipacertificatesubjectbase)
> >>>> + if not self.obj.params[attr].multivalue:
> >>>> + if len(entry_attrs[attr]) == 1:
> >>>> + entry_attrs[attr] = entry_attrs[attr][0]
> >>>> + elif not entry_attrs[attr]:
> >>>> + entry_attrs[attr] = None
> >>>> + else:
> >>>> + raise errors.OnlyOneValueAllowed(attr=attr)
> >>>> + # validate and convert params
> >>>> + entry_attrs[attr] = self.obj.params[attr](entry_attrs[attr])
> >>>> + else:
> >>>> + # unknown attribute: remove duplicite and invalid values
> >>>> + entry_attrs[attr] = list(set([val for val in entry_attrs[attr] if
> >>>> val]))
> >>>> + if not entry_attrs[attr]:
> >>>> + entry_attrs[attr] = None
> >>>> + elif isinstance(entry_attrs[attr], (tuple, list)) and
> >>>> len(entry_attrs[attr]) == 1:
> >>>> + entry_attrs[attr] = entry_attrs[attr][0]
> >>>> +
> >>>
> >>> You've included an unrelated patch (my 0016).
> >>>
> >>
> >> That's what I get for mixing my review and dev branch. Correct patch
> >> attached.
> >>
> >> rob
> >
> > I still think this is not the one. It somehow got squashed with Petr3's
> > *attr patch.
> >
> > Martin
> >
>
> Ok, was a little more careful this time.
>
> rob
Yup, its much better now. ACK. Pushed to master, ipa-2-2.
Martin
More information about the Freeipa-devel
mailing list