idm-console-framework

Clone
Source Code
GIT

f525cda Ticket 47946 - ACI's are replaced by "ACI_ALL" after editing group of ACI's including invalid one

Authored and Committed by mreynolds 9 years ago
raw patch tree parent
2 files changed. 79 lines added. 75 lines removed.
src/com/netscape/management/client/ace/ACIEditor.java
file modified
+17 -52
src/com/netscape/management/client/ace/ACIManager.java
file modified
+62 -23 
    Ticket 47946 - ACI's are replaced by "ACI_ALL" after editing group of ACI's including invalid one
    
    Bug Description:  When the console processes an aci update, it removes all the aci's and reads
                      the "updated" aci's.  It does something similiar when checking hte syntax, where
                      it removes the aci's and then adds a generic "allow(all)" aci, and the current
                      aci that we want to check the syntax.  If the syntax is invalid, we do not restore
                      the aci's.
    
    Fix Description:  I reworked how we update aci's, where we only "replace" aci's that were modified,
                      instead of removing all aci's and adding them all back.  In order to properly check
                      if an aci has the correct syntax it must be added (somewhere).  Added a new testACI()
                      method that will test if an aci passes the syntax check by adding the aci to the
                      ACL plugin entry, and then removing it right away.  Using this approach we do not
                      automatically delete invalid aci's that were already present in the db, and we do
                      not delete valid aci's that were attempted to be modified into invalid aci's.
    
    https://fedorahosted.org/389/ticket/47946
    
    Reviewed by: nhosoi(Thanks!)
file modified
+17 -52
file modified
+62 -23
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.