Univention Bugzilla – Attachment 5381 Details for
Bug 31916
Policy tab does not show merged values if a policy is connected directly
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for erroneous policy evaluation in UDM UMC module.
bug31916.patch (text/plain), 5.79 KB, created by
Alexander Kläser
on 2013-08-19 18:50:28 CEST
(
hide
)
Description:
Patch for erroneous policy evaluation in UDM UMC module.
Filename:
MIME Type:
Creator:
Alexander Kläser
Created:
2013-08-19 18:50:28 CEST
Size:
5.79 KB
patch
obsolete
>--- /usr/share/pyshared/univention/admin/handlers/__init__.py.orig 2013-08-19 11:20:50.656000000 -0400 >+++ /usr/share/pyshared/univention/admin/handlers/__init__.py 2013-08-19 11:43:29.516000000 -0400 >@@ -2683,7 +2683,9 @@ > is cancelled. > > If faked_policy_reference is given at the top object >- (referring_object_dn) this policy object temporarily referenced""" >+ (referring_object_dn) this policy object temporarily referenced. >+ >+ faked_policy_reference can be a string or a list of strings.""" > > if not self.resultmode: > return >@@ -2691,7 +2693,9 @@ > self.polinfo_more={} > if not self.policy_attrs: > policies = [] >- if faked_policy_reference: >+ if isinstance(faked_policy_reference, (list, tuple)): >+ policies.extend(faked_policy_reference) >+ elif faked_policy_reference: > policies.append( faked_policy_reference ) > > # the referring object does not exist yet >--- /usr/share/pyshared/univention/management/console/modules/udm/__init__.py.orig 2013-08-19 09:30:10.892000000 -0400 >+++ /usr/share/pyshared/univention/management/console/modules/udm/__init__.py 2013-08-19 12:43:03.392000000 -0400 >@@ -951,42 +951,92 @@ > """Returns a virtual policy object containing the values that > the given object or container inherits""" > def _thread( request ): >- try: >- object_type = request.options[0].get( 'objectType' ) >- object_dn = request.options[0].get( 'objectDN' ) >- container = request.options[0].get( 'container' ) >- except IndexError: >- raise UMC_OptionTypeError( 'The given object type is not valid' ) >+ >+ object_dn = None >+ container_dn = None > obj = None >- if object_dn: >- module = UDM_Module( object_type ) >- if module.module is None: >+ >+ def _get_object(_dn, _module): >+ '''Get existing UDM object and corresponding module. Verify user input.''' >+ if _module.module is None: > raise UMC_OptionTypeError( 'The given object type is not valid' ) >- obj = module.get( object_dn ) >- elif container: >- module = get_module( None, container ) >- if module.module is None: >+ _obj = _module.get( _dn ) >+ if _obj is None: >+ raise UMC_OptionTypeError( 'The object could not be found' ) >+ return _obj, _module >+ >+ def _get_object_parts(_options): >+ '''Get object related information and corresponding UDM object/module. Verify user input.''' >+ try: >+ _object_type = _options.get('objectType') >+ _object_dn = _options.get('objectDN') >+ _container_dn = _options.get('container') >+ except IndexError: > raise UMC_OptionTypeError( 'The given object type is not valid' ) >- obj = module.get( container ) >- if obj is None: >- raise UMC_OptionTypeError( 'The object could not be found' ) > >+ if (object_dn, container_dn) == (_object_dn, _container_dn): >+ # nothing has changed w.r.t. last entry -> return last values >+ return (object_dn, container_dn, obj) >+ >+ _obj = None >+ _module = None >+ if _object_dn: >+ # editing an exiting UDM object -> use the object itself >+ _obj, _module = _get_object(_object_dn, UDM_Module(_object_type)) >+ elif _container_dn: >+ # editing a new (i.e. non existing) object -> use the parent container >+ _obj, _module = _get_object(_container_dn, get_module(None, _container_dn)) >+ >+ return (_object_dn, _container_dn, _obj) >+ >+ def _get_policy_parts(_options): >+ '''Get policy related UDM object and DN. Verify user input.''' >+ _policy_type = _options.get( 'policyType' ) >+ _policy_dn = _options.get( 'policyDN' ) >+ >+ _policy_obj, _policy_module = _get_object(_policy_dn, UDM_Module(_policy_type)) >+ >+ return (_policy_obj, _policy_dn) > > ret = [] >- for policy_options in request.options: >- policy_type = policy_options.get( 'policyType' ) >- policy_dn = policy_options.get( 'policyDN' ) >- >- policy_module = UDM_Module( policy_type ) >- if policy_module.module is None: >- raise UMC_OptionTypeError( 'The given policy type is not valid' ) >- >- policy_obj = policy_module.get() >- policy_obj.clone( obj ) >- # ensure that the object itself is ignored >- policy_obj.referring_object_position_dn = None >- policy_obj.policy_result( faked_policy_reference = policy_dn ) >+ for ioptions in request.options: >+ object_dn, container_dn, obj = _get_object_parts(ioptions) >+ policy_obj, policy_dn = _get_policy_parts(ioptions) >+ policy_obj.clone(obj) >+ >+ # There are 2x2x2 (=8) cases that may occur (c.f., Bug #31916): >+ # (1) >+ # [edit] editing existing UDM object >+ # -> the existing UDM object itself is loaded >+ # [new] virtually edit non-existing UDM object (when a new object is being created) >+ # -> the parent container UDM object is loaded >+ # (2) >+ # [w/pol] UDM object has assigend policies in LDAP directory >+ # [w/o_pol] UDM object has no policies assigend in LDAP directory >+ # (3) >+ # [inherit] user request to (virtually) change the policy to 'inherited' >+ # [set_pol] user request to (virtually) assign a particular policy >+ faked_policy_reference = None >+ if object_dn and not policy_dn: >+ # case: [edit; w/pol; inherit] >+ # -> current policy is (virtually) overwritten with 'None' >+ faked_policy_reference = [None] >+ elif not object_dn and policy_dn: >+ # cases: >+ # * [new; w/pol; inherit] >+ # * [new; w/pol; set_pol] >+ # -> old + temporary policy are both (virtually) set at the parent container >+ faked_policy_reference = obj.policies + [policy_dn] >+ else: >+ # cases: >+ # * [new; w/o_pol; inherit] >+ # * [new; w/o_pol; set_pol] >+ # * [edit; w/pol; set_pol] >+ # * [edit; w/o_pol; inherit] >+ # * [edit; w/o_pol; set_pol] >+ faked_policy_reference = policy_dn > >+ policy_obj.policy_result( faked_policy_reference ) > infos = copy.copy( policy_obj.polinfo_more ) > for key, value in infos.items(): > if key in policy_obj.polinfo:
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=5381">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 31916
: 5381