From 01de849204a3a13c2815aae90e59410e4248968e Mon Sep 17 00:00:00 2001
From: kakwa <carpentier.pf@gmail.com>
Date: Thu, 18 Jun 2015 10:04:20 +0200
Subject: [PATCH] list of roles and not a uniq role for get_groups

---
 ldapcherry/roles.py | 14 ++++++++++----
 tests/test_Roles.py |  2 +-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/ldapcherry/roles.py b/ldapcherry/roles.py
index 2c38225..7726d34 100644
--- a/ldapcherry/roles.py
+++ b/ldapcherry/roles.py
@@ -307,11 +307,17 @@ class Roles:
             raise MissingRole(role)
         return self.flatten[role]['display_name']
 
-    def get_groups(self, role):
+    def get_groups(self, roles):
         """get the list of groups from role"""
-        if not role in self.flatten:
-            raise MissingRole(role)
-        return self.flatten[role]['backends_groups']
+        ret = {}
+        for role in roles:
+            if not role in self.flatten:
+                raise MissingRole(role)
+            for b in self.flatten[role]['backends_groups']:
+                if b not in ret:
+                    ret[b] = []
+                ret[b] = ret[b] + self.flatten[role]['backends_groups'][b]
+        return ret
 
     def is_admin(self, roles):
         """determine from a list of roles if is ldapcherry administrator"""
diff --git a/tests/test_Roles.py b/tests/test_Roles.py
index 043551b..6489c30 100644
--- a/tests/test_Roles.py
+++ b/tests/test_Roles.py
@@ -69,7 +69,7 @@ class TestError(object):
 
     def testGetGroup(self):
         inv = Roles('./tests/cfg/roles.yml')
-        res = inv.get_groups('users')
+        res = inv.get_groups(['users'])
         expected = {
             'ad': ['Domain Users'],
             'ldap': ['cn=users,ou=group,dc=example,dc=com']