[Freeipa-devel] [PATCH] 987 Don't allow IPA master hosts and services to be disabled
Petr Viktorin
pviktori at redhat.com
Fri Mar 16 12:10:23 UTC 2012
On 03/15/2012 10:04 PM, Rob Crittenden wrote:
> diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
> index 9562ff98729ead6ac9e56d504f6ee0a7c0ca377a..f3c89a0fc5e3f00ed7f132dbff2510d89bc7370d 100644
> --- a/ipalib/plugins/baseldap.py
> +++ b/ipalib/plugins/baseldap.py
> @@ -887,12 +877,29 @@ last, after all sets and adds."""),
> # normalize all values
> changedattrs = setattrs | addattrs | delattrs
> for attr in changedattrs:
> - # remove duplicite and invalid values
> - entry_attrs[attr] = list(set([val for val in entry_attrs[attr] if val]))
> - if not entry_attrs[attr]:
> - entry_attrs[attr] = None
> - elif isinstance(entry_attrs[attr], (tuple, list)) and len(entry_attrs[attr]) == 1:
> - entry_attrs[attr] = entry_attrs[attr][0]
> + if attr in self.obj.params:
> + # convert single-value params to scalars
> + # Need to use the LDAPObject's params, not self's, because the
> + # CRUD classes filter their disallowed parameters out.
> + # Yet {set,add,del}attr are powerful enough to change these
> + # (e.g. Config's ipacertificatesubjectbase)
> + if not self.obj.params[attr].multivalue:
> + if len(entry_attrs[attr]) == 1:
> + entry_attrs[attr] = entry_attrs[attr][0]
> + elif not entry_attrs[attr]:
> + entry_attrs[attr] = None
> + else:
> + raise errors.OnlyOneValueAllowed(attr=attr)
> + # validate and convert params
> + entry_attrs[attr] = self.obj.params[attr](entry_attrs[attr])
> + else:
> + # unknown attribute: remove duplicite and invalid values
> + entry_attrs[attr] = list(set([val for val in entry_attrs[attr] if val]))
> + if not entry_attrs[attr]:
> + entry_attrs[attr] = None
> + elif isinstance(entry_attrs[attr], (tuple, list)) and len(entry_attrs[attr]) == 1:
> + entry_attrs[attr] = entry_attrs[attr][0]
> +
You've included an unrelated patch (my 0016).
--
Petr³
More information about the Freeipa-devel
mailing list