From 00e299467c9d5c7b44724e45079bb0fdf7e5654b Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Fri, 31 Aug 2007 10:59:26 -0700 Subject: [PATCH] Add account deactivation checkbox. Fix genModList to lowercase all keys and use CIDict. --- ipa-server/ipa-gui/ipagui/controllers.py | 13 +++++++++++-- ipa-server/ipa-gui/ipagui/forms/user.py | 1 + ipa-server/ipa-gui/ipagui/static/css/style.css | 2 +- .../ipa-gui/ipagui/templates/usereditform.kid | 15 +++++++++++++++ .../ipa-gui/ipagui/templates/usernewform.kid | 15 +++++++++++++++ ipa-server/ipa-gui/ipagui/templates/usershow.kid | 10 ++++++++++ ipa-server/ipaserver/ipaldap.py | 8 ++++++-- ipa-server/xmlrpc-server/funcs.py | 2 -- 8 files changed, 59 insertions(+), 7 deletions(-) diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 5771ebe31..5fb4be06b 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -28,6 +28,8 @@ password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz client = ipa.ipaclient.IPAClient(True) client.set_principal("test@FREEIPA.ORG") +user_fields = ['*', 'nsAccountLock'] + def restrict_post(): if cherrypy.request.method != "POST": turbogears.flash("This method only accepts posts") @@ -77,6 +79,8 @@ class Root(controllers.RootController): new_user.setValue('sn', kw.get('sn')) new_user.setValue('mail', kw.get('mail')) new_user.setValue('telephonenumber', kw.get('telephonenumber')) + if kw.get('nsAccountLock'): + new_user.setValue('nsAccountLock', 'true') rv = client.add_user(new_user) turbogears.flash("%s added!" % kw['uid']) @@ -92,7 +96,7 @@ class Root(controllers.RootController): if tg_errors: turbogears.flash("There was a problem with the form!") - user = client.get_user_by_uid(uid) + user = client.get_user_by_uid(uid, user_fields) user_dict = user.toDict() # store a copy of the original user for the update later user_data = b64encode(dumps(user_dict)) @@ -120,6 +124,11 @@ class Root(controllers.RootController): new_user.setValue('sn', kw.get('sn')) new_user.setValue('mail', kw.get('mail')) new_user.setValue('telephonenumber', kw.get('telephonenumber')) + if kw.get('nsAccountLock'): + new_user.setValue('nsAccountLock', 'true') + else: + new_user.setValue('nsAccountLock', None) + # # this is a hack until we decide on the policy for names/cn/sn/givenName # @@ -161,7 +170,7 @@ class Root(controllers.RootController): def usershow(self, uid): """Retrieve a single user for display""" try: - user = client.get_user_by_uid(uid) + user = client.get_user_by_uid(uid, user_fields) return dict(user=user.toDict(), fields=forms.user.UserFields()) except ipaerror.IPAError, e: turbogears.flash("User show failed: " + str(e)) diff --git a/ipa-server/ipa-gui/ipagui/forms/user.py b/ipa-server/ipa-gui/ipagui/forms/user.py index 9ce512567..b9b6f33d4 100644 --- a/ipa-server/ipa-gui/ipagui/forms/user.py +++ b/ipa-server/ipa-gui/ipagui/forms/user.py @@ -10,6 +10,7 @@ class UserFields(): sn = widgets.TextField(name="sn", label="Last name") mail = widgets.TextField(name="mail", label="E-mail address") telephonenumber = widgets.TextField(name="telephonenumber", label="Phone") + nsAccountLock = widgets.CheckBox(name="nsAccountLock", label="Account Deactivated") uid.validator = validators.PlainText(not_empty=True) userpassword.validator = validators.String(not_empty=True) diff --git a/ipa-server/ipa-gui/ipagui/static/css/style.css b/ipa-server/ipa-gui/ipagui/static/css/style.css index 3c260c21b..9ea86ae01 100644 --- a/ipa-server/ipa-gui/ipagui/static/css/style.css +++ b/ipa-server/ipa-gui/ipagui/static/css/style.css @@ -122,7 +122,7 @@ body { } .formtable th { - width: 15%; + width: 20%; text-align: right; } diff --git a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid index cef7f116d..dc61f38c5 100644 --- a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid +++ b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid @@ -139,6 +139,21 @@ +
Account Status
+ + + + + +
+ + + +
+
diff --git a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid index c766327f0..d4863a3df 100644 --- a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid +++ b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid @@ -150,6 +150,21 @@
+
Account Status
+ + + + + +
+ + + +
+
diff --git a/ipa-server/ipa-gui/ipagui/templates/usershow.kid b/ipa-server/ipa-gui/ipagui/templates/usershow.kid index 2ffd1a4e9..4e73eba35 100644 --- a/ipa-server/ipa-gui/ipagui/templates/usershow.kid +++ b/ipa-server/ipa-gui/ipagui/templates/usershow.kid @@ -62,6 +62,16 @@
+
Account Status
+ + + + + +
+ ${user.get("nsAccountLock")}
+ edit diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py index 4d0630eef..164509263 100644 --- a/ipa-server/ipaserver/ipaldap.py +++ b/ipa-server/ipaserver/ipaldap.py @@ -29,6 +29,7 @@ import urllib2 import socket import ldif import re +import string import ldap import cStringIO import time @@ -382,8 +383,11 @@ class IPAdmin(SimpleLDAPObject): REPLACE operations, to deal with multi-user updates more properly.""" modlist = [] - keys = set(old_entry.keys()) - keys.update(new_entry.keys()) + old_entry = ipautil.CIDict(old_entry) + new_entry = ipautil.CIDict(new_entry) + + keys = set(map(string.lower, old_entry.keys())) + keys.update(map(string.lower, new_entry.keys())) for key in keys: new_values = new_entry.get(key, []) diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index fd95470b0..4b1fe7edd 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -270,8 +270,6 @@ class IPAServer: if user.get('gn'): del user['gn'] - if user.get('givenname'): - del user['givenname'] # some required objectclasses entry.setValues('objectClass', 'top', 'posixAccount', 'shadowAccount', 'account', 'person', 'inetOrgPerson', 'organizationalPerson', 'krbPrincipalAux', 'krbTicketPolicyAux')