On Mon, 2018-09-24 at 19:59 +0200, Jakub Hrozek wrote:
On Mon, Sep 24, 2018 at 10:22:35AM -0400, Simo Sorce wrote:
> > btw it’s a good question to ask why isn’t the check done on saving
> > the group. I thought it was and I see code that checks for ID
> > uniqueness and even a test..
>
> In current code, saving would override data as if the group was renamed
> changed I think ?
The way the code is currently written is, if there is a duplicate:
- check if the "new" group has the same SID, uniqueID or original DN
as the "old" one
- yes, same: this is a rename, allow
- no, different: this is a duplicate, error
not sure how the original DN would match if you rename the object and
that changes the DN too ?
Simo.
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc