Bug 41824
| Summary: | Object class violation: attribute 'ownCloudEnabled' not allowed | ||
|---|---|---|---|
| Product: | UCS | Reporter: | Florian Best <best> |
| Component: | UDM (Generic) | Assignee: | Florian Best <best> |
| Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
| Severity: | normal | ||
| Priority: | P5 | CC: | alexander.wotschke, gohmann, stephan.hendl |
| Version: | UCS 4.1 | Flags: | best:
Patch_Available+
|
| Target Milestone: | UCS 4.1-3-errata | ||
| Hardware: | Other | ||
| OS: | Linux | ||
| What kind of report is it?: | Bug Report | What type of bug is this?: | 7: Crash: Bug causes crash or data loss |
| Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 5: Blocking further progress on the daily work |
| User Pain: | 0.600 | Enterprise Customer affected?: | |
| School Customer affected?: | ISV affected?: | ||
| Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
| Ticket number: | Bug group (optional): | Error handling, External feedback | |
| Max CVSS v3 score: | |||
| Attachments: | patch | ||
Created attachment 7817 [details]
patch
univention-directory-manager-modules (11.0.3-29): r71613 | Bug #41824: respect ';binary' suffixed attribute names univention-directory-manager-modules.yaml: r71615 | YAML Bug #41824 Bug #41829 Bug #41899 UCS 4.2: univention-directory-manager-modules (12.0.1-1): r71610 | Bug #41824: respect ';binary' suffixed attribute names Code review: OK YAML: OK Tests: OK, I was able to reproduce it with the old version. It works with the patched version. ucs-test: OK |
# udm users/user modify --dn uid=foo,ou=users,dc=foo --set owncloudEnabled=1 LDAP Error: Object class violation: attribute 'ownCloudEnabled' not allowed The mechanism to detect the new object classes for a object doesn't consider a special exception: Having a User with the following attributes causes the object classes to not being changeable: objectClass: univentionManageCertificates userCertificate;binary:: … Here is a quick working hotfix: diff --git a/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py b/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py index d527575..3cde05b 100644 --- a/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py +++ b/management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py @@ -852,7 +852,7 @@ def _ldap_object_classes(self, ml): for attr, val in newattr.items(): if not val: continue - if attr.lower() not in allowed: + if attr.lower() not in allowed and re.sub(';binary$', '', attr).lower() not in allowed: univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'The attribute %r is not allowed by any object class.' % (attr,)) # ml.append((attr, val, [])) # TODO: Remove the now invalid attribute instead return ml