freeipa

Clone
Source Code
GIT

4f89dec ldap2.has_upg: Raise an error if the UPG definition is not found

Authored and Committed by pviktori 9 years ago
raw patch tree parent
1 file changed. 17 lines added. 13 lines removed.
ipaserver/plugins/ldap2.py
file modified
+17 -13 
    ldap2.has_upg: Raise an error if the UPG definition is not found
    
    The UPG Definition is always present in IPA; if it can not be read
    it's usually caused by insufficient privileges.
    Previously the code assumed the absence of the entry meant that
    UPG is disabled. With granular read permissions, this would mean
    that users that can add users but can't read UPG Definition would
    add users without UPG, and the reason for that would not be very clear.
    It is better to fail early if the definition can't be read.
    
    Raise an error if the UPG Definition is not available. This makes
    read access to it a prerequisite for adding users.
    
    Part of the work for: https://fedorahosted.org/freeipa/ticket/3566
    
    Reviewed-By: Martin Kosek <mkosek@redhat.com>
file modified
+17 -13
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.