782861 – Unable to setattr or addattr using ipa permission-mod

Bug 782861 - Unable to setattr or addattr using ipa permission-mod

Summary: Unable to setattr or addattr using ipa permission-mod

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Martin Kosek
QA Contact:	IDM QE LIST
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-01-18 17:29 UTC by Namita Soman
Modified:	2015-01-16 12:50 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-01-16 12:50:33 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Namita Soman 2012-01-18 17:29:53 UTC

Description of problem:
When using addattr or setattr, permissions cannot be modified to pick those new attributes

1> Add a permission
# ipa permission-add ManageUser --permissions="read,write" --type=user --attr=carlicense

-----------------------------
Added permission "ManageUser"
-----------------------------
  Permission name: ManageUser
  Permissions: read, write
  Attributes: carlicense
  Type: user

2> Use setattr to modify permissions:
# ipa permission-mod --setattr permissions=read ManageUser
[Attributes]: carlicense
[Type]: user
[Member of group]: 
[Filter]: 
[Subtree]: 
[Target group]: 
ipa: ERROR: no modifications to be performed

3> Check if any changes were made:
# ipa permission-show --all --raw ManageUser
  dn: cn=manageuser,cn=permissions,cn=pbac,dc=testrelm
  cn: ManageUser
  permissions: read
  permissions: write
  attrs: carlicense
  type: user
  objectclass: groupofnames
  objectclass: ipapermission
  objectclass: top

4> Also tried:
# ipa permission-mod --addattr attrs=description ManageUser
[Attributes]: audio
[Type]: user
[Member of group]: 
[Filter]: 
[Subtree]: 
[Target group]: 
--------------------------------
Modified permission "ManageUser"
--------------------------------
  Permission name: ManageUser
  Permissions: read, write
  Attributes: audio
  Type: user



Version-Release number of selected component (if applicable):
freeipa-server-2.1.4-4.fc16.x86_64

How reproducible:
always

Steps to Reproduce:
1. As listed above

  
Actual results:
No modifications are made

Expected results:
attr to be updated

Additional info:

Comment 2 Martin Kosek 2012-01-19 09:55:28 UTC

Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2279

Comment 5 Namita Soman 2013-11-18 19:57:14 UTC

This is fixed in ipa-server-3.3.3-4.el7.x86_64

Automation test results:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-permission-cli-1059 - modify permission --setattr (bz782861)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 16:08:41 ] ::  Executing: ipa permission-mod APermission --setattr=description=NewDescription --attrs=
---------------------------------
Modified permission "APermission"
---------------------------------
  Permission name: APermission
  Permissions: write
  Type: user
:: [ 16:08:43 ] ::  Modified permission APermission successfully
:: [   PASS   ] :: Running 'modifyPermission "APermission" --setattr=description=NewDescription --attrs=' (Expected 0, got 0)
:: [ 16:08:43 ] ::  Executing: ipa permission-show --all "APermission"  > /tmp/tmp.3ahW2Teeuy/permissionshow.out
  description: NewDescription
:: [ 16:08:44 ] ::  ipa permission APermission Verification successful: Value of Description: = NewDescription
:: [   PASS   ] :: Verify Permissions (Expected 0, got 0)
'ef891add-ad46-4be9-8119-7de56cd33b38'
ipa-permission-cli-1059-modify-permission-setattr-bz782861- result: PASS

Comment 6 Martin Kosek 2015-01-16 12:50:33 UTC

Given Comment 5, closing as fixed.

Note You need to log in before you can comment on or make changes to this bug.