From 10e07c472a73744d69fd1089a30498f59cebd5f8 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 1 Oct 2014 10:53:04 -0400
Subject: [PATCH] Leverage new libqpol function for getting object class from
 role trans.

---
 libapol/policyrep/rbacrule.py | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/libapol/policyrep/rbacrule.py b/libapol/policyrep/rbacrule.py
index c43ba35..688267c 100644
--- a/libapol/policyrep/rbacrule.py
+++ b/libapol/policyrep/rbacrule.py
@@ -30,9 +30,7 @@ class RBACRule(rule.PolicyRule):
 
     def __str__(self):
         try:
-            # qpol doesnt currently support role transitons
-            # with an object class specified (v26+)
-            return "role_transition {0.source} {0.target} {0.default};".format(self)
+            return "role_transition {0.source} {0.target}:{0.tclass} {0.default};".format(self)
         except rule.InvalidRuleUse:
             return "allow {0.source} {0.target};".format(self)
 
@@ -63,12 +61,8 @@ class RBACRule(rule.PolicyRule):
     @property
     def tclass(self):
         """The rule's object class."""
-        # qpol doesnt currently support role transitions
-        # with an object class specified (v26+)
-        raise NotImplementedError
-
         try:
-            return objclass.ObjClass(self.policy, self.qpol_symbol.get_target_class(self.policy))
+            return objclass.ObjClass(self.policy, self.qpol_symbol.get_object_class(self.policy))
         except AttributeError:
             raise rule.InvalidRuleUse(
                 "Role allow rules do not have an object class.")