[Freeipa-devel] [PATCH] 798 Fix indirect member calculation
Endi Sukma Dewata
edewata at redhat.com
Mon Jun 13 21:48:05 UTC 2011
On 6/13/2011 2:45 PM, Rob Crittenden wrote:
> Indirect membership is calculated by looking at each member and pulling
> all the memberof out of it. What was missing was doing nested searches
> on any members in that member group.
>
> So if group2 was a member of group1 and group3 was a member of group2 we
> would miss group3 as being an indirect member of group1.
>
> I updated the nesting test to do deeper nested testing. I confirmed that
> this test failed with the old code and works with the new.
>
> ticket https://fedorahosted.org/freeipa/ticket/1273
NACK. If a user is an indirect member of a group via 2 different paths,
the user will be listed twice. Here is a test scenario:
Group 1 has 2 members: group 2 and group 3.
User X is a member of both group 2 and group 3.
Group 1's indirect members should only list the user X once. Currently
it is listed twice.
--
Endi S. Dewata
More information about the Freeipa-devel
mailing list