IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Remove all references to ipa_server.* from user plugin

Browse Source
This commit is contained in:
Rob Crittenden 2008-10-16 10:32:20 -04:00
parent 1a8317ff74
commit 12f1e7fdf7
2 changed files with 44 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ipa_server/plugins/b_ldap.py
View File

@ -85,7 +85,17 @@ class ldap(CrudBackend):
return entry['dn'] return entry['dn']
def generate_search_filters(self, **kw): def get_ipa_config(self):
"""Return a dictionary of the IPA configuration"""
return servercore.get_ipa_config()
def mark_entry_active(self, dn):
return servercore.mark_entry_inactive(dn)
def mark_entry_inactive(self, dn):
return servercore.mark_entry_inactive(dn)
def _generate_search_filters(self, **kw):
"""Generates a search filter based on a list of words and a list """Generates a search filter based on a list of words and a list
of fields to search against. of fields to search against.
@ -110,6 +120,8 @@ class ldap(CrudBackend):
return (exact_match_filter, partial_match_filter) return (exact_match_filter, partial_match_filter)
# The CRUD operations
def create(self, **kw): def create(self, **kw):
if servercore.entry_exists(kw['dn']): if servercore.entry_exists(kw['dn']):
raise errors.DuplicateEntry("entry already exists") raise errors.DuplicateEntry("entry already exists")
@ -148,7 +160,7 @@ class ldap(CrudBackend):
objectclass = kw.get('objectclass') objectclass = kw.get('objectclass')
if objectclass: if objectclass:
del kw['objectclass'] del kw['objectclass']
(exact_match_filter, partial_match_filter) = self.generate_search_filters(**kw) (exact_match_filter, partial_match_filter) = self._generate_search_filters(**kw)
if objectclass: if objectclass:
exact_match_filter = "(&(objectClass=%s)%s)" % (objectclass, exact_match_filter) exact_match_filter = "(&(objectClass=%s)%s)" % (objectclass, exact_match_filter)
partial_match_filter = "(&(objectClass=%s)%s)" % (objectclass, partial_match_filter) partial_match_filter = "(&(objectClass=%s)%s)" % (objectclass, partial_match_filter)

64
ipalib/plugins/f_user.py
View File

@ -27,9 +27,6 @@ from ipalib.frontend import Param
from ipalib import api from ipalib import api
from ipalib import errors from ipalib import errors
from ipalib import ipa_types from ipalib import ipa_types
from ipa_server import servercore
from ipa_server import ipaldap
import ldap
# Command to get the idea how plugins will interact with api.env # Command to get the idea how plugins will interact with api.env
class envtest(frontend.Command): class envtest(frontend.Command):
@ -112,11 +109,12 @@ class user_add(crud.Add):
kw['uid'] = uid kw['uid'] = uid
kw['dn'] = ldap.make_user_dn(uid) kw['dn'] = ldap.make_user_dn(uid)
if servercore.uid_too_long(kw['uid']): # FIXME: enforce this elsewhere
raise errors.UsernameTooLong # if servercore.uid_too_long(kw['uid']):
# raise errors.UsernameTooLong
# Get our configuration # Get our configuration
config = servercore.get_ipa_config() config = ldap.get_ipa_config()
# Let us add in some missing attributes # Let us add in some missing attributes
if kw.get('homedirectory') is None: if kw.get('homedirectory') is None:
@ -131,20 +129,21 @@ class user_add(crud.Add):
# If uidnumber is blank the the FDS dna_plugin will automatically # If uidnumber is blank the the FDS dna_plugin will automatically
# assign the next value. So we don't have to do anything with it. # assign the next value. So we don't have to do anything with it.
group_dn="cn=%s,%s,%s" % (config.get('ipadefaultprimarygroup'), servercore.DefaultGroupContainer, servercore.basedn) if not kw.get('gidnumber'):
try: try:
default_group = servercore.get_entry_by_dn(group_dn, ['dn','gidNumber']) group_dn = ldap.find_entry_dn("cn", config.get('ipadefaultprimarygroup'))
if default_group: default_group = ldap.retrieve(group_dn, ['dn','gidNumber'])
kw['gidnumber'] = default_group.get('gidnumber') if default_group:
except errors.NotFound: kw['gidnumber'] = default_group.get('gidnumber')
# Fake an LDAP error so we can return something useful to the kw except errors.NotFound:
raise errors.NotFound, "The default group for new kws, '%s', cannot be found." % config.get('ipadefaultprimarygroup') # Fake an LDAP error so we can return something useful to the kw
except Exception, e: raise errors.NotFound, "The default group for new kws, '%s', cannot be found." % config.get('ipadefaultprimarygroup')
# catch everything else except Exception, e:
raise e # catch everything else
raise e
if kw.get('krbprincipalname') is None: if kw.get('krbprincipalname') is None:
kw['krbprincipalname'] = "%s@%s" % (kw.get('uid'), servercore.realm) kw['krbprincipalname'] = "%s@%s" % (kw.get('uid'), self.api.env.realm)
# FIXME. This is a hack so we can request separate First and Last # FIXME. This is a hack so we can request separate First and Last
# name in the GUI. # name in the GUI.
@ -185,12 +184,9 @@ class user_del(crud.Del):
raise SyntaxError("admin required") raise SyntaxError("admin required")
# raise ipaerror.gen_exception(ipaerror.INPUT_ADMIN_REQUIRED) # raise ipaerror.gen_exception(ipaerror.INPUT_ADMIN_REQUIRED)
# logging.info("IPA: delete_user '%s'" % uid) # logging.info("IPA: delete_user '%s'" % uid)
user = servercore.get_user_by_uid(uid, ['dn', 'uid'])
if not user:
raise errors.NotFound
ldap = self.api.Backend.ldap ldap = self.api.Backend.ldap
dn = ldap.find_entry_dn("uid", uid, ["*"], "posixAccount") dn = ldap.find_entry_dn("uid", uid, "posixAccount")
return ldap.delete(dn) return ldap.delete(dn)
def output_for_cli(self, ret): def output_for_cli(self, ret):
""" """
@ -234,9 +230,9 @@ api.register(user_mod)
class user_find(crud.Find): class user_find(crud.Find):
'Search the users.' 'Search the users.'
def execute(self, *args, **kw): def execute(self, uid, **kw):
ldap = self.api.Backend.ldap ldap = self.api.Backend.ldap
kw['uid'] = args[0] kw['uid'] = uid
return ldap.search(**kw) return ldap.search(**kw)
def output_for_cli(self, users): def output_for_cli(self, users):
if not users: if not users:
@ -244,7 +240,7 @@ class user_find(crud.Find):
counter = users[0] counter = users[0]
users = users[1:] users = users[1:]
if counter == 0: if counter == 0:
print "No entries found for", args[0] print "No entries found"
return return
elif counter == -1: elif counter == -1:
print "These results are truncated." print "These results are truncated."
@ -272,7 +268,7 @@ class user_show(crud.Get):
""" """
ldap = self.api.Backend.ldap ldap = self.api.Backend.ldap
dn = ldap.find_entry_dn("uid", uid, "posixAccount") dn = ldap.find_entry_dn("uid", uid, "posixAccount")
# FIXME: should kw contain the list of attributes? # FIXME: should kw contain the list of attributes to display?
return ldap.retrieve(dn) return ldap.retrieve(dn)
api.register(user_show) api.register(user_show)
@ -282,10 +278,10 @@ class user_lock(frontend.Command):
takes_args = ( takes_args = (
Param('uid', primary_key=True), Param('uid', primary_key=True),
) )
def execute(self, *args, **kw): def execute(self, uid, **kw):
uid = args[0] ldap = self.api.Backend.ldap
user = servercore.get_user_by_uid(uid, ['dn', 'uid']) dn = ldap.find_entry_dn("uid", uid, "posixAccount")
return servercore.mark_entry_inactive(user['dn']) return ldap.mark_entry_inactive(dn)
def output_for_cli(self, ret): def output_for_cli(self, ret):
if ret: if ret:
print "User locked" print "User locked"
@ -296,10 +292,10 @@ class user_unlock(frontend.Command):
takes_args = ( takes_args = (
Param('uid', primary_key=True), Param('uid', primary_key=True),
) )
def execute(self, *args, **kw): def execute(self, uid, **kw):
uid = args[0] ldap = self.api.Backend.ldap
user = servercore.get_user_by_uid(uid, ['dn', 'uid']) dn = ldap.find_entry_dn("uid", uid, "posixAccount")
return servercore.mark_entry_active(user['dn']) return ldap.mark_entry_active(dn)
def output_for_cli(self, ret): def output_for_cli(self, ret):
if ret: if ret:
print "User unlocked" print "User unlocked"