IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Update all remaining plugins to the new Registry API

Browse Source 
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
This commit is contained in:
Nathaniel McCallum
2014-06-10 11:27:51 -04:00
committed by Martin Kosek
parent 47d8fec92f
commit 255cbb4976
31 changed files with 333 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
ipalib/plugins/automount.py
View File

@@ -23,6 +23,7 @@ import os
from ipalib import api, errors
from ipalib import Object, Command
from ipalib import Flag, Str, IA5Str
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -193,10 +194,13 @@ automountInformation: -ro,soft,rsize=8192,wsize=8192 nfs.example.com:/vol/arch
"""
register = Registry()
DIRECT_MAP_KEY = u'/-'
DEFAULT_MAPS = (u'auto.direct', )
DEFAULT_KEYS = (u'/-', )
@register()
class automountlocation(LDAPObject):
"""
Location container for automount maps.
@@ -233,9 +237,8 @@ class automountlocation(LDAPObject):
),
)
api.register(automountlocation)
@register()
class automountlocation_add(LDAPCreate):
__doc__ = _('Create a new automount location.')
@@ -255,23 +258,19 @@ class automountlocation_add(LDAPCreate):
return dn
api.register(automountlocation_add)
@register()
class automountlocation_del(LDAPDelete):
__doc__ = _('Delete an automount location.')
msg_summary = _('Deleted automount location "%(value)s"')
api.register(automountlocation_del)
@register()
class automountlocation_show(LDAPRetrieve):
__doc__ = _('Display an automount location.')
api.register(automountlocation_show)
@register()
class automountlocation_find(LDAPSearch):
__doc__ = _('Search for an automount location.')
@@ -280,9 +279,8 @@ class automountlocation_find(LDAPSearch):
'%(count)d automount locations matched', 0
)
api.register(automountlocation_find)
@register()
class automountlocation_tofiles(LDAPQuery):
__doc__ = _('Generate automount files for a specific location.')
@@ -376,9 +374,8 @@ class automountlocation_tofiles(LDAPQuery):
)
)
api.register(automountlocation_tofiles)
@register()
class automountlocation_import(LDAPQuery):
__doc__ = _('Import automount files for a specific location.')
@@ -569,8 +566,7 @@ class automountlocation_import(LDAPQuery):
)
api.register(automountlocation_import)
@register()
class automountmap(LDAPObject):
"""
Automount map object.
@@ -598,17 +594,15 @@ class automountmap(LDAPObject):
label = _('Automount Maps')
label_singular = _('Automount Map')
api.register(automountmap)
@register()
class automountmap_add(LDAPCreate):
__doc__ = _('Create a new automount map.')
msg_summary = _('Added automount map "%(value)s"')
api.register(automountmap_add)
@register()
class automountmap_del(LDAPDelete):
__doc__ = _('Delete an automount map.')
@@ -627,17 +621,15 @@ class automountmap_del(LDAPDelete):
pass
return True
api.register(automountmap_del)
@register()
class automountmap_mod(LDAPUpdate):
__doc__ = _('Modify an automount map.')
msg_summary = _('Modified automount map "%(value)s"')
api.register(automountmap_mod)
@register()
class automountmap_find(LDAPSearch):
__doc__ = _('Search for an automount map.')
@@ -646,15 +638,13 @@ class automountmap_find(LDAPSearch):
'%(count)d automount maps matched', 0
)
api.register(automountmap_find)
@register()
class automountmap_show(LDAPRetrieve):
__doc__ = _('Display an automount map.')
api.register(automountmap_show)
@register()
class automountkey(LDAPObject):
__doc__ = _('Automount key object.')
@@ -800,9 +790,8 @@ class automountkey(LDAPObject):
else: return
self.handle_duplicate_entry(location, map, self.get_pk(key, info))
api.register(automountkey)
@register()
class automountkey_add(LDAPCreate):
__doc__ = _('Create a new automount key.')
@@ -830,9 +819,8 @@ class automountkey_add(LDAPCreate):
result['value'] = pkey_to_value(options['automountkey'], options)
return result
api.register(automountkey_add)
@register()
class automountmap_add_indirect(LDAPCreate):
__doc__ = _('Create a new indirect mount point.')
@@ -884,9 +872,8 @@ class automountmap_add_indirect(LDAPCreate):
raise
return result
api.register(automountmap_add_indirect)
@register()
class automountkey_del(LDAPDelete):
__doc__ = _('Delete an automount key.')
@@ -926,9 +913,8 @@ class automountkey_del(LDAPDelete):
result['value'] = pkey_to_value([options['automountkey']], options)
return result
api.register(automountkey_del)
@register()
class automountkey_mod(LDAPUpdate):
__doc__ = _('Modify an automount key.')
@@ -985,9 +971,8 @@ class automountkey_mod(LDAPUpdate):
result['value'] = pkey_to_value(options['automountkey'], options)
return result
api.register(automountkey_mod)
@register()
class automountkey_find(LDAPSearch):
__doc__ = _('Search for an automount key.')
@@ -996,9 +981,8 @@ class automountkey_find(LDAPSearch):
'%(count)d automount keys matched', 0
)
api.register(automountkey_find)
@register()
class automountkey_show(LDAPRetrieve):
__doc__ = _('Display an automount key.')
@@ -1028,5 +1012,3 @@ class automountkey_show(LDAPRetrieve):
result = super(automountkey_show, self).execute(*keys, **options)
result['value'] = pkey_to_value(options['automountkey'], options)
return result
api.register(automountkey_show)

5
ipalib/plugins/batch.py
View File

@@ -52,8 +52,12 @@ from ipalib.output import Output
from ipalib import output
from ipalib.text import _
from ipalib.request import context
from ipalib.plugable import Registry
from ipapython.version import API_VERSION
register = Registry()
@register()
class batch(Command):
NO_CLI = True
@@ -124,4 +128,3 @@ class batch(Command):
results.append(result)
return dict(count=len(results) , results=results)
api.register(batch)

15
ipalib/plugins/cert.py
View File

@@ -31,6 +31,7 @@ from ipalib import pkcs10
from ipalib import x509
from ipalib import util
from ipalib import ngettext
from ipalib.plugable import Registry
from ipalib.plugins.virtual import *
from ipalib.plugins.service import split_principal
import base64
@@ -122,6 +123,8 @@ http://www.ietf.org/rfc/rfc5280.txt
""")
register = Registry()
def validate_pkidate(ugettext, value):
"""
A date in the format of %Y-%m-%d
@@ -221,6 +224,7 @@ def get_host_from_principal(principal):
return hostname
@register()
class cert_request(VirtualCommand):
__doc__ = _('Submit a certificate signing request.')
@@ -419,9 +423,9 @@ class cert_request(VirtualCommand):
result=result
)
api.register(cert_request)
@register()
class cert_status(VirtualCommand):
__doc__ = _('Check the status of a certificate signing request.')
@@ -445,7 +449,6 @@ class cert_status(VirtualCommand):
result=self.Backend.ra.check_request_status(request_id)
)
api.register(cert_status)
_serial_number = Str('serial_number',
@@ -455,6 +458,7 @@ _serial_number = Str('serial_number',
normalizer=normalize_serial_number,
)
@register()
class cert_show(VirtualCommand):
__doc__ = _('Retrieve an existing certificate.')
@@ -540,9 +544,9 @@ class cert_show(VirtualCommand):
return super(cert_show, self).forward(*keys, **options)
api.register(cert_show)
@register()
class cert_revoke(VirtualCommand):
__doc__ = _('Revoke a certificate.')
@@ -587,9 +591,9 @@ class cert_revoke(VirtualCommand):
serial_number, revocation_reason=revocation_reason)
)
api.register(cert_revoke)
@register()
class cert_remove_hold(VirtualCommand):
__doc__ = _('Take a revoked certificate off hold.')
@@ -611,9 +615,9 @@ class cert_remove_hold(VirtualCommand):
result=self.Backend.ra.take_certificate_off_hold(serial_number)
)
api.register(cert_remove_hold)
@register()
class cert_find(Command):
__doc__ = _('Search for existing certificates.')
@@ -712,4 +716,3 @@ class cert_find(Command):
ret['truncated'] = False
return ret
api.register(cert_find)

9
ipalib/plugins/config.py
View File

@@ -20,6 +20,7 @@
from ipalib import api
from ipalib import Bool, Int, Str, IA5Str, StrEnum, DNParam
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.selinuxusermap import validate_selinuxuser
from ipalib import _
@@ -75,11 +76,14 @@ EXAMPLES:
ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'
""")
register = Registry()
def validate_searchtimelimit(ugettext, limit):
if limit == 0:
raise ValidationError(name='ipasearchtimelimit', error=_('searchtimelimit must be -1 or > 1.'))
return None
@register()
class config(LDAPObject):
"""
IPA configuration object
@@ -232,9 +236,9 @@ class config(LDAPObject):
def get_dn(self, *keys, **kwargs):
return DN(('cn', 'ipaconfig'), ('cn', 'etc'), api.env.basedn)
api.register(config)
@register()
class config_mod(LDAPUpdate):
__doc__ = _('Modify configuration options.')
@@ -338,10 +342,9 @@ class config_mod(LDAPUpdate):
return dn
api.register(config_mod)
@register()
class config_show(LDAPRetrieve):
__doc__ = _('Show the current configuration.')
api.register(config_show)

15
ipalib/plugins/delegation.py
View File

@@ -24,6 +24,7 @@ from ipalib.request import context
from ipalib import api, crud, errors
from ipalib import output
from ipalib import Object, Command
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
__doc__ = _("""
@@ -52,6 +53,8 @@ EXAMPLES:
ipa delegation-del "managers edit employees' street"
""")
register = Registry()
ACI_PREFIX=u"delegation"
output_params = (
@@ -60,6 +63,7 @@ output_params = (
),
)
@register()
class delegation(Object):
"""
Delegation object.
@@ -123,9 +127,9 @@ class delegation(Object):
except KeyError:
pass
api.register(delegation)
@register()
class delegation_add(crud.Create):
__doc__ = _('Add a new delegation.')
@@ -144,9 +148,9 @@ class delegation_add(crud.Create):
value=pkey_to_value(aciname, kw),
)
api.register(delegation_add)
@register()
class delegation_del(crud.Delete):
__doc__ = _('Delete a delegation.')
@@ -162,9 +166,9 @@ class delegation_del(crud.Delete):
value=pkey_to_value(aciname, kw),
)
api.register(delegation_del)
@register()
class delegation_mod(crud.Update):
__doc__ = _('Modify a delegation.')
@@ -181,9 +185,9 @@ class delegation_mod(crud.Update):
value=pkey_to_value(aciname, kw),
)
api.register(delegation_mod)
@register()
class delegation_find(crud.Search):
__doc__ = _('Search for delegations.')
@@ -207,9 +211,9 @@ class delegation_find(crud.Search):
truncated=False,
)
api.register(delegation_find)
@register()
class delegation_show(crud.Retrieve):
__doc__ = _('Display information about a delegation.')
@@ -223,4 +227,3 @@ class delegation_show(crud.Retrieve):
value=pkey_to_value(aciname, kw),
)
api.register(delegation_show)

47
ipalib/plugins/dns.py
View File

@@ -33,6 +33,7 @@ from ipalib import api, errors, output
from ipalib import Command
from ipalib.parameters import (Flag, Bool, Int, Decimal, Str, StrEnum, Any,
DeprecatedParam, DNSNameParam)
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
from ipalib.util import (validate_zonemgr, normalize_zonemgr,
@@ -229,6 +230,8 @@ server:
ipa dnsconfig-mod --forwarder=10.0.0.1
""")
register = Registry()
# supported resource record types
_record_types = (
u'A', u'AAAA', u'A6', u'AFSDB', u'APL', u'CERT', u'CNAME', u'DHCID', u'DLV',
@@ -1666,6 +1669,7 @@ def _records_idn_postprocess(record, **options):
record[attr] = rrs
@register()
class dnszone(LDAPObject):
"""
DNS Zone, container for resource records.
@@ -1887,9 +1891,9 @@ class dnszone(LDAPObject):
return
_records_idn_postprocess(record, **options)
api.register(dnszone)
@register()
class dnszone_add(LDAPCreate):
__doc__ = _('Create new DNS zone (SOA record).')
@@ -2006,9 +2010,9 @@ class dnszone_add(LDAPCreate):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return dn
api.register(dnszone_add)
@register()
class dnszone_del(LDAPDelete):
__doc__ = _('Delete DNS zone (SOA record).')
@@ -2035,9 +2039,9 @@ class dnszone_del(LDAPDelete):
return True
api.register(dnszone_del)
@register()
class dnszone_mod(LDAPUpdate):
__doc__ = _('Modify DNS zone (SOA record).')
@@ -2062,9 +2066,9 @@ class dnszone_mod(LDAPUpdate):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return dn
api.register(dnszone_mod)
@register()
class dnszone_find(LDAPSearch):
__doc__ = _('Search for DNS zones (SOA records).')
@@ -2124,9 +2128,9 @@ class dnszone_find(LDAPSearch):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return truncated
api.register(dnszone_find)
@register()
class dnszone_show(LDAPRetrieve):
__doc__ = _('Display information about a DNS zone (SOA record).')
@@ -2137,9 +2141,9 @@ class dnszone_show(LDAPRetrieve):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return dn
api.register(dnszone_show)
@register()
class dnszone_disable(LDAPQuery):
__doc__ = _('Disable DNS Zone.')
@@ -2161,9 +2165,9 @@ class dnszone_disable(LDAPQuery):
return dict(result=True, value=pkey_to_value(keys[-1], options))
api.register(dnszone_disable)
@register()
class dnszone_enable(LDAPQuery):
__doc__ = _('Enable DNS Zone.')
@@ -2185,8 +2189,8 @@ class dnszone_enable(LDAPQuery):
return dict(result=True, value=pkey_to_value(keys[-1], options))
api.register(dnszone_enable)
@register()
class dnszone_add_permission(LDAPQuery):
__doc__ = _('Add a permission for per-zone access delegation.')
@@ -2223,8 +2227,8 @@ class dnszone_add_permission(LDAPQuery):
value=pkey_to_value(permission_name, options),
)
api.register(dnszone_add_permission)
@register()
class dnszone_remove_permission(LDAPQuery):
__doc__ = _('Remove a permission for per-zone access delegation.')
@@ -2256,8 +2260,8 @@ class dnszone_remove_permission(LDAPQuery):
value=pkey_to_value(permission_name, options),
)
api.register(dnszone_remove_permission)
@register()
class dnsrecord(LDAPObject):
"""
DNS record.
@@ -2749,9 +2753,9 @@ class dnsrecord(LDAPObject):
dns_name = entry_name[1].derelativize(dns_domain)
self.wait_for_modified_attrs(entry, dns_name, dns_domain)
api.register(dnsrecord)
@register()
class dnsrecord_add(LDAPCreate):
__doc__ = _('Add new DNS resource record.')
@@ -2956,9 +2960,9 @@ class dnsrecord_add(LDAPCreate):
self.obj.wait_for_modified_entries(context.dnsrecord_entry_mods)
return dn
api.register(dnsrecord_add)
@register()
class dnsrecord_mod(LDAPUpdate):
__doc__ = _('Modify a DNS resource record.')
@@ -3124,9 +3128,9 @@ class dnsrecord_mod(LDAPUpdate):
0) % dict(count=len(rec_values), type=param.rrtype))
break
api.register(dnsrecord_mod)
@register()
class dnsrecord_delentry(LDAPDelete):
"""
Delete DNS record entry.
@@ -3134,9 +3138,9 @@ class dnsrecord_delentry(LDAPDelete):
msg_summary = _('Deleted record "%(value)s"')
NO_CLI = True
api.register(dnsrecord_delentry)
@register()
class dnsrecord_del(LDAPUpdate):
__doc__ = _('Delete DNS resource record.')
@@ -3303,9 +3307,9 @@ class dnsrecord_del(LDAPUpdate):
if deleted_values:
kw[param.name] = tuple(deleted_values)
api.register(dnsrecord_del)
@register()
class dnsrecord_show(LDAPRetrieve):
__doc__ = _('Display DNS resource.')
@@ -3320,9 +3324,9 @@ class dnsrecord_show(LDAPRetrieve):
self.obj.postprocess_record(entry_attrs, **options)
return dn
api.register(dnsrecord_show)
@register()
class dnsrecord_find(LDAPSearch):
__doc__ = _('Search for DNS resources.')
@@ -3357,8 +3361,8 @@ class dnsrecord_find(LDAPSearch):
return truncated
api.register(dnsrecord_find)
@register()
class dns_resolve(Command):
__doc__ = _('Resolve a host name in DNS.')
@@ -3385,8 +3389,8 @@ class dns_resolve(Command):
return dict(result=True, value=query)
api.register(dns_resolve)
@register()
class dns_is_enabled(Command):
"""
Checks if any of the servers has the DNS service enabled.
@@ -3410,9 +3414,9 @@ class dns_is_enabled(Command):
return dict(result=dns_enabled, value=pkey_to_value(None, options))
api.register(dns_is_enabled)
@register()
class dnsconfig(LDAPObject):
"""
DNS global configuration object
@@ -3464,9 +3468,9 @@ class dnsconfig(LDAPObject):
if not any(param in result['result'] for param in self.params):
result['summary'] = unicode(_('Global DNS configuration is empty'))
api.register(dnsconfig)
@register()
class dnsconfig_mod(LDAPUpdate):
__doc__ = _('Modify global DNS configuration.')
@@ -3475,9 +3479,9 @@ class dnsconfig_mod(LDAPUpdate):
self.obj.postprocess_result(result)
return result
api.register(dnsconfig_mod)
@register()
class dnsconfig_show(LDAPRetrieve):
__doc__ = _('Show the current global DNS configuration.')
@@ -3486,4 +3490,3 @@ class dnsconfig_show(LDAPRetrieve):
self.obj.postprocess_result(result)
return result
api.register(dnsconfig_show)

21
ipalib/plugins/group.py
View File

@@ -20,6 +20,7 @@
from ipalib import api
from ipalib import Int, Str
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins import baseldap
from ipalib import _, ngettext
@@ -110,8 +111,11 @@ Example:
ipa group-show ad_admins_external
""")
register = Registry()
PROTECTED_GROUPS = (u'admins', u'trust admins', u'default smb group')
@register()
class group(LDAPObject):
"""
Group object.
@@ -184,7 +188,6 @@ class group(LDAPObject):
),
)
api.register(group)
ipaexternalmember_param = Str('ipaexternalmember*',
cli_name='external',
@@ -194,6 +197,7 @@ ipaexternalmember_param = Str('ipaexternalmember*',
flags=['no_create', 'no_update', 'no_search'],
)
@register()
class group_add(LDAPCreate):
__doc__ = _('Create a new group.')
@@ -228,9 +232,9 @@ class group_add(LDAPCreate):
return dn
api.register(group_add)
@register()
class group_del(LDAPDelete):
__doc__ = _('Delete group.')
@@ -262,9 +266,9 @@ class group_del(LDAPDelete):
return True
api.register(group_del)
@register()
class group_mod(LDAPUpdate):
__doc__ = _('Modify a group.')
@@ -334,9 +338,9 @@ class group_mod(LDAPUpdate):
raise errors.RequirementError(name='gid')
raise exc
api.register(group_mod)
@register()
class group_find(LDAPSearch):
__doc__ = _('Search for groups.')
@@ -404,9 +408,9 @@ class group_find(LDAPSearch):
filter = ldap.combine_filters(filters, rules=ldap.MATCH_ALL)
return (filter, base_dn, scope)
api.register(group_find)
@register()
class group_show(LDAPRetrieve):
__doc__ = _('Display information about a named group.')
has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,)
@@ -425,9 +429,9 @@ class group_show(LDAPRetrieve):
except ValueError:
pass
return dn
api.register(group_show)
@register()
class group_add_member(LDAPAddMember):
__doc__ = _('Add members to a group.')
@@ -467,9 +471,9 @@ class group_add_member(LDAPAddMember):
failed['member']['group'] += restore + failed_sids
return result
api.register(group_add_member)
@register()
class group_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a group.')
@@ -521,9 +525,9 @@ class group_remove_member(LDAPRemoveMember):
failed['member']['group'] += restore + failed_sids
return result
api.register(group_remove_member)
@register()
class group_detach(LDAPQuery):
__doc__ = _('Detach a managed group from a user.')
@@ -592,4 +596,3 @@ class group_detach(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
api.register(group_detach)

34
ipalib/plugins/hbacrule.py
View File

@@ -19,6 +19,7 @@
from ipalib import api, errors
from ipalib import AccessTime, Password, Str, StrEnum, Bool, DeprecatedParam
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -70,6 +71,7 @@ EXAMPLES:
ipa hbacrule-del allow_server
""")
register = Registry()
# AccessTime support is being removed for now.
#
@@ -107,6 +109,7 @@ def is_all(options, attribute):
return False
@register()
class hbacrule(LDAPObject):
"""
HBAC object.
@@ -226,9 +229,9 @@ class hbacrule(LDAPObject):
external_host_param,
)
api.register(hbacrule)
@register()
class hbacrule_add(LDAPCreate):
__doc__ = _('Create a new HBAC rule.')
@@ -240,9 +243,9 @@ class hbacrule_add(LDAPCreate):
entry_attrs['ipaenabledflag'] = 'TRUE'
return dn
api.register(hbacrule_add)
@register()
class hbacrule_del(LDAPDelete):
__doc__ = _('Delete an HBAC rule.')
@@ -257,9 +260,9 @@ class hbacrule_del(LDAPDelete):
return dn
api.register(hbacrule_del)
@register()
class hbacrule_mod(LDAPUpdate):
__doc__ = _('Modify an HBAC rule.')
@@ -281,9 +284,9 @@ class hbacrule_mod(LDAPUpdate):
raise errors.MutuallyExclusiveError(reason=_("service category cannot be set to 'all' while there are allowed services"))
return dn
api.register(hbacrule_mod)
@register()
class hbacrule_find(LDAPSearch):
__doc__ = _('Search for HBAC rules.')
@@ -291,15 +294,15 @@ class hbacrule_find(LDAPSearch):
'%(count)d HBAC rule matched', '%(count)d HBAC rules matched', 0
)
api.register(hbacrule_find)
@register()
class hbacrule_show(LDAPRetrieve):
__doc__ = _('Display the properties of an HBAC rule.')
api.register(hbacrule_show)
@register()
class hbacrule_enable(LDAPQuery):
__doc__ = _('Enable an HBAC rule.')
@@ -327,9 +330,9 @@ class hbacrule_enable(LDAPQuery):
value=pkey_to_value(cn, options),
)
api.register(hbacrule_enable)
@register()
class hbacrule_disable(LDAPQuery):
__doc__ = _('Disable an HBAC rule.')
@@ -357,7 +360,6 @@ class hbacrule_disable(LDAPQuery):
value=pkey_to_value(cn, options),
)
api.register(hbacrule_disable)
class hbacrule_add_accesstime(LDAPQuery):
@@ -441,6 +443,7 @@ class hbacrule_remove_accesstime(LDAPQuery):
#api.register(hbacrule_remove_accesstime)
@register()
class hbacrule_add_user(LDAPAddMember):
__doc__ = _('Add users and groups to an HBAC rule.')
@@ -460,18 +463,18 @@ class hbacrule_add_user(LDAPAddMember):
reason=_("users cannot be added when user category='all'"))
return dn
api.register(hbacrule_add_user)
@register()
class hbacrule_remove_user(LDAPRemoveMember):
__doc__ = _('Remove users and groups from an HBAC rule.')
member_attributes = ['memberuser']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(hbacrule_remove_user)
@register()
class hbacrule_add_host(LDAPAddMember):
__doc__ = _('Add target hosts and hostgroups to an HBAC rule.')
@@ -491,18 +494,18 @@ class hbacrule_add_host(LDAPAddMember):
reason=_("hosts cannot be added when host category='all'"))
return dn
api.register(hbacrule_add_host)
@register()
class hbacrule_remove_host(LDAPRemoveMember):
__doc__ = _('Remove target hosts and hostgroups from an HBAC rule.')
member_attributes = ['memberhost']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(hbacrule_remove_host)
@register()
class hbacrule_add_sourcehost(LDAPAddMember):
NO_CLI = True
@@ -512,9 +515,9 @@ class hbacrule_add_sourcehost(LDAPAddMember):
def validate(self, **kw):
raise errors.DeprecationError(name='hbacrule_add_sourcehost')
api.register(hbacrule_add_sourcehost)
@register()
class hbacrule_remove_sourcehost(LDAPRemoveMember):
NO_CLI = True
@@ -524,9 +527,9 @@ class hbacrule_remove_sourcehost(LDAPRemoveMember):
def validate(self, **kw):
raise errors.DeprecationError(name='hbacrule_remove_sourcehost')
api.register(hbacrule_remove_sourcehost)
@register()
class hbacrule_add_service(LDAPAddMember):
__doc__ = _('Add services to an HBAC rule.')
@@ -546,13 +549,12 @@ class hbacrule_add_service(LDAPAddMember):
"services cannot be added when service category='all'"))
return dn
api.register(hbacrule_add_service)
@register()
class hbacrule_remove_service(LDAPRemoveMember):
__doc__ = _('Remove service and service groups from an HBAC rule.')
member_attributes = ['memberservice']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(hbacrule_remove_service)

15
ipalib/plugins/hbacsvc.py
View File

@@ -19,6 +19,7 @@
from ipalib import api
from ipalib import Str
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import LDAPObject, LDAPCreate, LDAPDelete
from ipalib.plugins.baseldap import LDAPUpdate, LDAPSearch, LDAPRetrieve
@@ -47,8 +48,11 @@ EXAMPLES:
""")
register = Registry()
topic = ('hbac', _('Host based access control commands'))
@register()
class hbacsvc(LDAPObject):
"""
HBAC Service object.
@@ -92,33 +96,33 @@ class hbacsvc(LDAPObject):
),
)
api.register(hbacsvc)
@register()
class hbacsvc_add(LDAPCreate):
__doc__ = _('Add a new HBAC service.')
msg_summary = _('Added HBAC service "%(value)s"')
api.register(hbacsvc_add)
@register()
class hbacsvc_del(LDAPDelete):
__doc__ = _('Delete an existing HBAC service.')
msg_summary = _('Deleted HBAC service "%(value)s"')
api.register(hbacsvc_del)
@register()
class hbacsvc_mod(LDAPUpdate):
__doc__ = _('Modify an HBAC service.')
msg_summary = _('Modified HBAC service "%(value)s"')
api.register(hbacsvc_mod)
@register()
class hbacsvc_find(LDAPSearch):
__doc__ = _('Search for HBAC services.')
@@ -126,10 +130,9 @@ class hbacsvc_find(LDAPSearch):
'%(count)d HBAC service matched', '%(count)d HBAC services matched', 0
)
api.register(hbacsvc_find)
@register()
class hbacsvc_show(LDAPRetrieve):
__doc__ = _('Display information about an HBAC service.')
api.register(hbacsvc_show)

19
ipalib/plugins/hbacsvcgroup.py
View File

@@ -18,6 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib import api, errors
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -42,8 +43,11 @@ EXAMPLES:
ipa hbacsvcgroup-del login
""")
register = Registry()
topic = ('hbac', _('Host based access control commands'))
@register()
class hbacsvcgroup(LDAPObject):
"""
HBAC service group object.
@@ -87,33 +91,33 @@ class hbacsvcgroup(LDAPObject):
),
)
api.register(hbacsvcgroup)
@register()
class hbacsvcgroup_add(LDAPCreate):
__doc__ = _('Add a new HBAC service group.')
msg_summary = _('Added HBAC service group "%(value)s"')
api.register(hbacsvcgroup_add)
@register()
class hbacsvcgroup_del(LDAPDelete):
__doc__ = _('Delete an HBAC service group.')
msg_summary = _('Deleted HBAC service group "%(value)s"')
api.register(hbacsvcgroup_del)
@register()
class hbacsvcgroup_mod(LDAPUpdate):
__doc__ = _('Modify an HBAC service group.')
msg_summary = _('Modified HBAC service group "%(value)s"')
api.register(hbacsvcgroup_mod)
@register()
class hbacsvcgroup_find(LDAPSearch):
__doc__ = _('Search for an HBAC service group.')
@@ -121,22 +125,21 @@ class hbacsvcgroup_find(LDAPSearch):
'%(count)d HBAC service group matched', '%(count)d HBAC service groups matched', 0
)
api.register(hbacsvcgroup_find)
@register()
class hbacsvcgroup_show(LDAPRetrieve):
__doc__ = _('Display information about an HBAC service group.')
api.register(hbacsvcgroup_show)
@register()
class hbacsvcgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to an HBAC service group.')
api.register(hbacsvcgroup_add_member)
@register()
class hbacsvcgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from an HBAC service group.')
api.register(hbacsvcgroup_remove_member)

5
ipalib/plugins/hbactest.py
View File

@@ -23,6 +23,7 @@ from types import NoneType
from ipalib.cli import to_cli
from ipalib import _, ngettext
from ipapython.dn import DN
from ipalib.plugable import Registry
if api.env.in_server and api.env.context in ['lite', 'server']:
try:
import ipaserver.dcerpc
@@ -205,6 +206,8 @@ EXAMPLES:
Not matched rules: can_login
""")
register = Registry()
def convert_to_ipa_rule(rule):
# convert a dict with a rule to an pyhbac rule
ipa_rule = pyhbac.HbacRule(rule['cn'][0])
@@ -237,6 +240,7 @@ def convert_to_ipa_rule(rule):
return ipa_rule
@register()
class hbactest(Command):
__doc__ = _('Simulate use of Host-based access controls')
@@ -510,4 +514,3 @@ class hbactest(Command):
# Propagate integer value for result. It will give proper command line result for scripts
return int(not output['value'])
api.register(hbactest)

21
ipalib/plugins/host.py
View File

@@ -28,6 +28,7 @@ import string
from ipalib import api, errors, util
from ipalib import Str, Flag, Bytes
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.service import (split_principal, validate_certificate,
set_certificate_attrs, ticket_flags_params, update_krbticketflags,
@@ -103,6 +104,8 @@ EXAMPLES:
ipa host-add-managedby --hosts=test2 test
""")
register = Registry()
# Characters to be used by random password generator
# The set was chosen to avoid the need for escaping the characters by user
host_pwd_chars=string.digits + string.ascii_letters + '_,.@+-='
@@ -223,6 +226,7 @@ def _hostname_validator(ugettext, value):
return None
@register()
class host(LDAPObject):
"""
Host object.
@@ -421,9 +425,9 @@ class host(LDAPObject):
else:
entry_attrs['memberofindirect'].remove(member)
api.register(host)
@register()
class host_add(LDAPCreate):
__doc__ = _('Add a new host.')
@@ -541,9 +545,9 @@ class host_add(LDAPCreate):
return dn
api.register(host_add)
@register()
class host_del(LDAPDelete):
__doc__ = _('Delete a host.')
@@ -653,9 +657,9 @@ class host_del(LDAPDelete):
return dn
api.register(host_del)
@register()
class host_mod(LDAPUpdate):
__doc__ = _('Modify information about a host.')
@@ -801,9 +805,9 @@ class host_mod(LDAPUpdate):
return dn
api.register(host_mod)
@register()
class host_find(LDAPSearch):
__doc__ = _('Search for hosts.')
@@ -886,9 +890,9 @@ class host_find(LDAPSearch):
return truncated
api.register(host_find)
@register()
class host_show(LDAPRetrieve):
__doc__ = _('Display information about a host.')
@@ -934,9 +938,9 @@ class host_show(LDAPRetrieve):
else:
return super(host_show, self).forward(*keys, **options)
api.register(host_show)
@register()
class host_disable(LDAPQuery):
__doc__ = _('Disable the Kerberos key, SSL certificate and all services of a host.')
@@ -1032,8 +1036,8 @@ class host_disable(LDAPQuery):
self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
return dn
api.register(host_disable)
@register()
class host_add_managedby(LDAPAddMember):
__doc__ = _('Add hosts that can manage this host.')
@@ -1046,9 +1050,9 @@ class host_add_managedby(LDAPAddMember):
self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
return (completed, dn)
api.register(host_add_managedby)
@register()
class host_remove_managedby(LDAPRemoveMember):
__doc__ = _('Remove hosts that can manage this host.')
@@ -1060,4 +1064,3 @@ class host_remove_managedby(LDAPRemoveMember):
self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
return (completed, dn)
api.register(host_remove_managedby)

19
ipalib/plugins/hostgroup.py
View File

@@ -18,6 +18,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import api, Int, _, ngettext, errors
from ipalib.plugins.netgroup import NETGROUP_PATTERN, NETGROUP_PATTERN_ERRMSG
@@ -53,6 +54,9 @@ EXAMPLES:
ipa hostgroup-del baltimore
""")
register = Registry()
@register()
class hostgroup(LDAPObject):
"""
Hostgroup object.
@@ -131,9 +135,9 @@ class hostgroup(LDAPObject):
else:
entry_attrs['memberof'].remove(member)
api.register(hostgroup)
@register()
class hostgroup_add(LDAPCreate):
__doc__ = _('Add a new hostgroup.')
@@ -172,17 +176,17 @@ class hostgroup_add(LDAPCreate):
return dn
api.register(hostgroup_add)
@register()
class hostgroup_del(LDAPDelete):
__doc__ = _('Delete a hostgroup.')
msg_summary = _('Deleted hostgroup "%(value)s"')
api.register(hostgroup_del)
@register()
class hostgroup_mod(LDAPUpdate):
__doc__ = _('Modify a hostgroup.')
@@ -193,9 +197,9 @@ class hostgroup_mod(LDAPUpdate):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return dn
api.register(hostgroup_mod)
@register()
class hostgroup_find(LDAPSearch):
__doc__ = _('Search for hostgroups.')
@@ -211,9 +215,9 @@ class hostgroup_find(LDAPSearch):
self.obj.suppress_netgroup_memberof(ldap, entry.dn, entry)
return truncated
api.register(hostgroup_find)
@register()
class hostgroup_show(LDAPRetrieve):
__doc__ = _('Display information about a hostgroup.')
@@ -222,9 +226,9 @@ class hostgroup_show(LDAPRetrieve):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return dn
api.register(hostgroup_show)
@register()
class hostgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to a hostgroup.')
@@ -233,9 +237,9 @@ class hostgroup_add_member(LDAPAddMember):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return (completed, dn)
api.register(hostgroup_add_member)
@register()
class hostgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a hostgroup.')
@@ -244,4 +248,3 @@ class hostgroup_remove_member(LDAPRemoveMember):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return (completed, dn)
api.register(hostgroup_remove_member)

14
ipalib/plugins/idrange.py
View File

@@ -17,6 +17,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import (LDAPObject, LDAPCreate, LDAPDelete,
LDAPRetrieve, LDAPSearch, LDAPUpdate)
from ipalib import api, Int, Str, DeprecatedParam, StrEnum, _, ngettext
@@ -150,7 +151,9 @@ IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be
modified to match the new range.
""")
register = Registry()
@register()
class idrange(LDAPObject):
"""
Range object.
@@ -353,6 +356,7 @@ class idrange(LDAPObject):
return True
@register()
class idrange_add(LDAPCreate):
__doc__ = _("""
Add new ID range.
@@ -557,6 +561,7 @@ class idrange_add(LDAPCreate):
return dn
@register()
class idrange_del(LDAPDelete):
__doc__ = _('Delete an ID range.')
@@ -604,6 +609,7 @@ class idrange_del(LDAPDelete):
return dn
@register()
class idrange_find(LDAPSearch):
__doc__ = _('Search for ranges.')
@@ -625,6 +631,7 @@ class idrange_find(LDAPSearch):
return truncated
@register()
class idrange_show(LDAPRetrieve):
__doc__ = _('Display information about a range.')
@@ -639,6 +646,7 @@ class idrange_show(LDAPRetrieve):
return dn
@register()
class idrange_mod(LDAPUpdate):
__doc__ = _('Modify ID range.')
@@ -761,9 +769,3 @@ class idrange_mod(LDAPUpdate):
return dn
api.register(idrange)
api.register(idrange_add)
api.register(idrange_mod)
api.register(idrange_del)
api.register(idrange_find)
api.register(idrange_show)

7
ipalib/plugins/internal.py
View File

@@ -31,7 +31,11 @@ from ipalib import Str
from ipalib.output import Output
from ipalib.text import _
from ipalib.util import json_serialize
from ipalib.plugable import Registry
register = Registry()
@register()
class json_metadata(Command):
"""
Export plugin meta-data for the webUI.
@@ -136,8 +140,8 @@ class json_metadata(Command):
def output_for_cli(self, textui, result, *args, **options):
print json.dumps(result, default=json_serialize)
api.register(json_metadata)
@register()
class i18n_messages(Command):
NO_CLI = True
@@ -730,4 +734,3 @@ class i18n_messages(Command):
print json.dumps(result, default=json_serialize)
api.register(i18n_messages)

5
ipalib/plugins/kerberos.py
View File

@@ -26,11 +26,15 @@ This wraps the python-kerberos and python-krbV bindings.
import sys
from ipalib import api
from ipalib.backend import Backend
from ipalib.plugable import Registry
import krbV
register = Registry()
ENCODING = 'UTF-8'
@register()
class krb(Backend):
"""
Kerberos backend plugin.
@@ -119,4 +123,3 @@ class krb(Backend):
return self.__get_principal(ccname).realm.decode(ENCODING)
api.register(krb)

5
ipalib/plugins/migration.py
View File

@@ -22,6 +22,7 @@ import re
from ipalib import api, errors, output
from ipalib import Command, Password, Str, Flag, StrEnum, DNParam, File
from ipalib.cli import to_cli
from ipalib.plugable import Registry
from ipalib.plugins.user import NO_UPG_MAGIC
if api.env.in_server and api.env.context in ['lite', 'server']:
try:
@@ -126,6 +127,8 @@ for each user added plus a summary when the default user group is
updated.
""")
register = Registry()
# USER MIGRATION CALLBACKS AND VARS
_krb_err_msg = _('Kerberos principal %s already exists. Use \'ipa user-mod\' to set it manually.')
@@ -441,6 +444,7 @@ def validate_ldapuri(ugettext, ldapuri):
raise errors.ValidationError(name='ldap_uri', error=err_msg)
@register()
class migrate_ds(Command):
__doc__ = _('Migrate users and groups from DS to IPA.')
@@ -928,4 +932,3 @@ can use their Kerberos accounts.''')
textui.print_plain('-' * len(self.name))
textui.print_plain(unicode(self.pwd_migration_msg))
api.register(migrate_ds)

7
ipalib/plugins/misc.py
View File

@@ -21,17 +21,21 @@ import re
from ipalib import api, LocalOrRemote, _, ngettext
from ipalib.output import Output, summary
from ipalib import Flag
from ipalib.plugable import Registry
__doc__ = _("""
Misc plug-ins
""")
register = Registry()
# FIXME: We should not let env return anything in_server
# when mode == 'production'. This would allow an attacker to see the
# configuration of the server, potentially revealing compromising
# information. However, it's damn handy for testing/debugging.
@register()
class env(LocalOrRemote):
__doc__ = _('Show environment variables.')
@@ -99,9 +103,9 @@ class env(LocalOrRemote):
ret['summary'] = None
return ret
api.register(env)
@register()
class plugins(LocalOrRemote):
__doc__ = _('Show all loaded plugins.')
@@ -137,4 +141,3 @@ class plugins(LocalOrRemote):
count=len(plugins),
)
api.register(plugins)

18
ipalib/plugins/netgroup.py
View File

@@ -21,6 +21,7 @@
from ipalib import api, errors
from ipalib import Str, StrEnum
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
from ipalib.plugins.hbacrule import is_all
@@ -49,6 +50,7 @@ EXAMPLES:
ipa netgroup-del admins
""")
register = Registry()
NETGROUP_PATTERN='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*$'
NETGROUP_PATTERN_ERRMSG='may only include letters, numbers, _, -, and .'
@@ -73,6 +75,7 @@ output_params = (
),
)
@register()
class netgroup(LDAPObject):
"""
Netgroup object.
@@ -169,9 +172,9 @@ class netgroup(LDAPObject):
external_host_param,
)
api.register(netgroup)
@register()
class netgroup_add(LDAPCreate):
__doc__ = _('Add a new netgroup.')
@@ -206,17 +209,17 @@ class netgroup_add(LDAPCreate):
return dn
api.register(netgroup_add)
@register()
class netgroup_del(LDAPDelete):
__doc__ = _('Delete a netgroup.')
msg_summary = _('Deleted netgroup "%(value)s"')
api.register(netgroup_del)
@register()
class netgroup_mod(LDAPUpdate):
__doc__ = _('Modify a netgroup.')
@@ -236,9 +239,9 @@ class netgroup_mod(LDAPUpdate):
raise errors.MutuallyExclusiveError(reason=_("host category cannot be set to 'all' while there are allowed hosts"))
return dn
api.register(netgroup_mod)
@register()
class netgroup_find(LDAPSearch):
__doc__ = _('Search for a netgroup.')
@@ -274,17 +277,17 @@ class netgroup_find(LDAPSearch):
filter = ldap.combine_filters((local_filter, filter), rules=ldap.MATCH_ALL)
return (filter, base_dn, scope)
api.register(netgroup_find)
@register()
class netgroup_show(LDAPRetrieve):
__doc__ = _('Display information about a netgroup.')
has_output_params = LDAPRetrieve.has_output_params + output_params
api.register(netgroup_show)
@register()
class netgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to a netgroup.')
@@ -298,9 +301,9 @@ class netgroup_add_member(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(netgroup_add_member)
@register()
class netgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a netgroup.')
@@ -310,4 +313,3 @@ class netgroup_remove_member(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(netgroup_remove_member)

5
ipalib/plugins/passwd.py
View File

@@ -22,6 +22,7 @@ from ipalib import Command
from ipalib import Str, Password
from ipalib import _
from ipalib import output
from ipalib.plugable import Registry
from ipalib.plugins.user import split_principal, validate_principal, normalize_principal
from ipalib.request import context
from ipapython.dn import DN
@@ -45,6 +46,8 @@ EXAMPLES:
ipa passwd tuser1
""")
register = Registry()
# We only need to prompt for the current password when changing a password
# for yourself, but the parameter is still required
MAGIC_VALUE = u'CHANGING_PASSWORD_FOR_ANOTHER_USER'
@@ -61,6 +64,7 @@ def get_current_password(principal):
else:
return MAGIC_VALUE
@register()
class passwd(Command):
__doc__ = _("Set a user's password.")
@@ -124,4 +128,3 @@ class passwd(Command):
value=principal,
)
api.register(passwd)

7
ipalib/plugins/pkinit.py
View File

@@ -21,6 +21,7 @@ from ipalib import api, errors
from ipalib import Int, Str
from ipalib import Object, Command
from ipalib import _
from ipalib.plugable import Registry
from ipapython.dn import DN
__doc__ = _("""
@@ -43,6 +44,9 @@ For more information on anonymous pkinit see:
http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit
""")
register = Registry()
@register()
class pkinit(Object):
"""
PKINIT Options
@@ -51,7 +55,6 @@ class pkinit(Object):
label=_('PKINIT')
api.register(pkinit)
def valid_arg(ugettext, action):
"""
@@ -64,6 +67,7 @@ def valid_arg(ugettext, action):
error=_('Unknown command %s') % action
)
@register()
class pkinit_anonymous(Command):
__doc__ = _('Enable or Disable Anonymous PKINIT.')
@@ -99,4 +103,3 @@ class pkinit_anonymous(Command):
return dict(result=True)
api.register(pkinit_anonymous)

8
ipalib/plugins/realmdomains.py
View File

@@ -20,6 +20,7 @@
from ipalib import api, errors
from ipalib import Str, Flag
from ipalib import _
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import LDAPObject, LDAPUpdate, LDAPRetrieve
from ipalib.util import has_soa_or_ns_record, validate_domain_name
from ipapython.dn import DN
@@ -47,6 +48,7 @@ EXAMPLES:
ipa realmdomains-mod --del-domain=olddomain.com
""")
register = Registry()
def _domain_name_normalizer(d):
return d.lower().rstrip('.')
@@ -58,6 +60,7 @@ def _domain_name_validator(ugettext, value):
return unicode(e)
@register()
class realmdomains(LDAPObject):
"""
List of domains associated with IPA realm.
@@ -102,9 +105,9 @@ class realmdomains(LDAPObject):
),
)
api.register(realmdomains)
@register()
class realmdomains_mod(LDAPUpdate):
__doc__ = _('Modify realm domains.')
@@ -199,10 +202,9 @@ class realmdomains_mod(LDAPUpdate):
return result
api.register(realmdomains_mod)
@register()
class realmdomains_show(LDAPRetrieve):
__doc__ = _('Display the list of realm domains.')
api.register(realmdomains_show)

23
ipalib/plugins/role.py
View File

@@ -18,6 +18,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import api, Str, _, ngettext
from ipalib import Command
@@ -58,6 +59,9 @@ EXAMPLES:
add users, reset passwords or add a user to the default IPA user group.
""")
register = Registry()
@register()
class role(LDAPObject):
"""
Role object.
@@ -107,33 +111,33 @@ class role(LDAPObject):
),
)
api.register(role)
@register()
class role_add(LDAPCreate):
__doc__ = _('Add a new role.')
msg_summary = _('Added role "%(value)s"')
api.register(role_add)
@register()
class role_del(LDAPDelete):
__doc__ = _('Delete a role.')
msg_summary = _('Deleted role "%(value)s"')
api.register(role_del)
@register()
class role_mod(LDAPUpdate):
__doc__ = _('Modify a role.')
msg_summary = _('Modified role "%(value)s"')
api.register(role_mod)
@register()
class role_find(LDAPSearch):
__doc__ = _('Search for roles.')
@@ -141,27 +145,27 @@ class role_find(LDAPSearch):
'%(count)d role matched', '%(count)d roles matched', 0
)
api.register(role_find)
@register()
class role_show(LDAPRetrieve):
__doc__ = _('Display information about a role.')
api.register(role_show)
@register()
class role_add_member(LDAPAddMember):
__doc__ = _('Add members to a role.')
api.register(role_add_member)
@register()
class role_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a role.')
api.register(role_remove_member)
@register()
class role_add_privilege(LDAPAddReverseMember):
__doc__ = _('Add privileges to a role.')
@@ -182,9 +186,9 @@ class role_add_privilege(LDAPAddReverseMember):
),
)
api.register(role_add_privilege)
@register()
class role_remove_privilege(LDAPRemoveReverseMember):
__doc__ = _('Remove privileges from a role.')
@@ -205,4 +209,3 @@ class role_remove_privilege(LDAPRemoveReverseMember):
),
)
api.register(role_remove_privilege)

15
ipalib/plugins/selfservice.py
View File

@@ -23,6 +23,7 @@ from ipalib.request import context
from ipalib import api, crud, errors
from ipalib import output
from ipalib import Object, Command
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
__doc__ = _("""
@@ -53,6 +54,8 @@ EXAMPLES:
ipa selfservice-del "Users manage their own address"
""")
register = Registry()
ACI_PREFIX=u"selfservice"
output_params = (
@@ -62,6 +65,7 @@ output_params = (
)
@register()
class selfservice(Object):
"""
Selfservice object.
@@ -116,9 +120,9 @@ class selfservice(Object):
except KeyError:
pass
api.register(selfservice)
@register()
class selfservice_add(crud.Create):
__doc__ = _('Add a new self-service permission.')
@@ -138,9 +142,9 @@ class selfservice_add(crud.Create):
value=pkey_to_value(aciname, kw),
)
api.register(selfservice_add)
@register()
class selfservice_del(crud.Delete):
__doc__ = _('Delete a self-service permission.')
@@ -156,9 +160,9 @@ class selfservice_del(crud.Delete):
value=pkey_to_value(aciname, kw),
)
api.register(selfservice_del)
@register()
class selfservice_mod(crud.Update):
__doc__ = _('Modify a self-service permission.')
@@ -178,9 +182,9 @@ class selfservice_mod(crud.Update):
value=pkey_to_value(aciname, kw),
)
api.register(selfservice_mod)
@register()
class selfservice_find(crud.Search):
__doc__ = _('Search for a self-service permission.')
@@ -205,9 +209,9 @@ class selfservice_find(crud.Search):
truncated=False,
)
api.register(selfservice_find)
@register()
class selfservice_show(crud.Retrieve):
__doc__ = _('Display information about a self-service permission.')
@@ -221,4 +225,3 @@ class selfservice_show(crud.Retrieve):
value=pkey_to_value(aciname, kw),
)
api.register(selfservice_show)

27
ipalib/plugins/selinuxusermap.py
View File

@@ -19,6 +19,7 @@
from ipalib import api, errors
from ipalib import Str, StrEnum, Bool
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
from ipalib.plugins.hbacrule import is_all
@@ -68,6 +69,8 @@ SEEALSO:
and the default SELinux user are available in the config-show command.
""")
register = Registry()
notboth_err = _('HBAC rule and local members cannot both be set')
@@ -126,6 +129,7 @@ def validate_selinuxuser_inlist(ldap, user):
return
@register()
class selinuxusermap(LDAPObject):
"""
SELinux User Map object.
@@ -254,9 +258,9 @@ class selinuxusermap(LDAPObject):
hbac_attrs = ldap.get_entry(entry_attrs['seealso'][0], ['cn'])
entry_attrs['seealso'] = hbac_attrs['cn'][0]
api.register(selinuxusermap)
@register()
class selinuxusermap_add(LDAPCreate):
__doc__ = _('Create a new SELinux User Map.')
@@ -291,17 +295,17 @@ class selinuxusermap_add(LDAPCreate):
return dn
api.register(selinuxusermap_add)
@register()
class selinuxusermap_del(LDAPDelete):
__doc__ = _('Delete a SELinux User Map.')
msg_summary = _('Deleted SELinux User Map "%(value)s"')
api.register(selinuxusermap_del)
@register()
class selinuxusermap_mod(LDAPUpdate):
__doc__ = _('Modify a SELinux User Map.')
@@ -355,9 +359,9 @@ class selinuxusermap_mod(LDAPUpdate):
self.obj._convert_seealso(ldap, entry_attrs, **options)
return dn
api.register(selinuxusermap_mod)
@register()
class selinuxusermap_find(LDAPSearch):
__doc__ = _('Search for SELinux User Maps.')
@@ -387,9 +391,9 @@ all=True)['result']
self.obj._convert_seealso(ldap, attrs, **options)
return truncated
api.register(selinuxusermap_find)
@register()
class selinuxusermap_show(LDAPRetrieve):
__doc__ = _('Display the properties of a SELinux User Map rule.')
@@ -398,9 +402,9 @@ class selinuxusermap_show(LDAPRetrieve):
self.obj._convert_seealso(ldap, entry_attrs, **options)
return dn
api.register(selinuxusermap_show)
@register()
class selinuxusermap_enable(LDAPQuery):
__doc__ = _('Enable an SELinux User Map rule.')
@@ -428,9 +432,9 @@ class selinuxusermap_enable(LDAPQuery):
value=pkey_to_value(cn, options),
)
api.register(selinuxusermap_enable)
@register()
class selinuxusermap_disable(LDAPQuery):
__doc__ = _('Disable an SELinux User Map rule.')
@@ -458,9 +462,9 @@ class selinuxusermap_disable(LDAPQuery):
value=pkey_to_value(cn, options),
)
api.register(selinuxusermap_disable)
@register()
class selinuxusermap_add_user(LDAPAddMember):
__doc__ = _('Add users and groups to an SELinux User Map rule.')
@@ -482,18 +486,18 @@ class selinuxusermap_add_user(LDAPAddMember):
raise errors.MutuallyExclusiveError(reason=notboth_err)
return dn
api.register(selinuxusermap_add_user)
@register()
class selinuxusermap_remove_user(LDAPRemoveMember):
__doc__ = _('Remove users and groups from an SELinux User Map rule.')
member_attributes = ['memberuser']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(selinuxusermap_remove_user)
@register()
class selinuxusermap_add_host(LDAPAddMember):
__doc__ = _('Add target hosts and hostgroups to an SELinux User Map rule.')
@@ -515,13 +519,12 @@ class selinuxusermap_add_host(LDAPAddMember):
raise errors.MutuallyExclusiveError(reason=notboth_err)
return dn
api.register(selinuxusermap_add_host)
@register()
class selinuxusermap_remove_host(LDAPRemoveMember):
__doc__ = _('Remove target hosts and hostgroups from an SELinux User Map rule.')
member_attributes = ['memberhost']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(selinuxusermap_remove_host)

21
ipalib/plugins/service.py
View File

@@ -24,6 +24,7 @@ import os
from ipalib import api, errors, util
from ipalib import Str, Flag, Bytes, StrEnum, Bool
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import x509
from ipalib import _, ngettext
@@ -91,6 +92,8 @@ EXAMPLES:
""")
register = Registry()
output_params = (
Flag('has_keytab',
label=_('Keytab'),
@@ -287,6 +290,7 @@ def set_kerberos_attrs(entry_attrs, options):
if name in options or all_opt:
entry_attrs[name] = bool(ticket_flags & value)
@register()
class service(LDAPObject):
"""
Service object.
@@ -371,9 +375,9 @@ class service(LDAPObject):
raise errors.ValidationError(name='ipakrbauthzdata',
error=_('NONE value cannot be combined with other PAC types'))
api.register(service)
@register()
class service_add(LDAPCreate):
__doc__ = _('Add a new IPA new service.')
@@ -433,9 +437,9 @@ class service_add(LDAPCreate):
set_kerberos_attrs(entry_attrs, options)
return dn
api.register(service_add)
@register()
class service_del(LDAPDelete):
__doc__ = _('Delete an IPA service.')
@@ -478,9 +482,9 @@ class service_del(LDAPDelete):
raise nsprerr
return dn
api.register(service_del)
@register()
class service_mod(LDAPUpdate):
__doc__ = _('Modify an existing IPA service.')
@@ -525,9 +529,9 @@ class service_mod(LDAPUpdate):
set_kerberos_attrs(entry_attrs, options)
return dn
api.register(service_mod)
@register()
class service_find(LDAPSearch):
__doc__ = _('Search for IPA services.')
@@ -562,9 +566,9 @@ class service_find(LDAPSearch):
set_kerberos_attrs(entry_attrs, options)
return truncated
api.register(service_find)
@register()
class service_show(LDAPRetrieve):
__doc__ = _('Display information about an IPA service.')
@@ -598,26 +602,26 @@ class service_show(LDAPRetrieve):
else:
return super(service_show, self).forward(*keys, **options)
api.register(service_show)
@register()
class service_add_host(LDAPAddMember):
__doc__ = _('Add hosts that can manage this service.')
member_attributes = ['managedby']
has_output_params = LDAPAddMember.has_output_params + output_params
api.register(service_add_host)
@register()
class service_remove_host(LDAPRemoveMember):
__doc__ = _('Remove hosts that can manage this service.')
member_attributes = ['managedby']
has_output_params = LDAPRemoveMember.has_output_params + output_params
api.register(service_remove_host)
@register()
class service_disable(LDAPQuery):
__doc__ = _('Disable the Kerberos key and SSL certificate of a service.')
@@ -679,4 +683,3 @@ class service_disable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
api.register(service_disable)

15
ipalib/plugins/sudocmd.py
View File

@@ -23,6 +23,7 @@ import sys
from ipalib import api, errors, util
from ipalib import Str
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -41,8 +42,11 @@ EXAMPLES:
""")
register = Registry()
topic = ('sudo', _('commands for controlling sudo configuration'))
@register()
class sudocmd(LDAPObject):
"""
Sudo Command object.
@@ -108,15 +112,15 @@ class sudocmd(LDAPObject):
pass
return dn
api.register(sudocmd)
@register()
class sudocmd_add(LDAPCreate):
__doc__ = _('Create new Sudo Command.')
msg_summary = _('Added Sudo Command "%(value)s"')
api.register(sudocmd_add)
@register()
class sudocmd_del(LDAPDelete):
__doc__ = _('Delete Sudo Command.')
@@ -148,15 +152,15 @@ class sudocmd_del(LDAPDelete):
dependent=', '.join(dependent_sudorules))
return dn
api.register(sudocmd_del)
@register()
class sudocmd_mod(LDAPUpdate):
__doc__ = _('Modify Sudo Command.')
msg_summary = _('Modified Sudo Command "%(value)s"')
api.register(sudocmd_mod)
@register()
class sudocmd_find(LDAPSearch):
__doc__ = _('Search for Sudo Commands.')
@@ -164,9 +168,8 @@ class sudocmd_find(LDAPSearch):
'%(count)d Sudo Command matched', '%(count)d Sudo Commands matched', 0
)
api.register(sudocmd_find)
@register()
class sudocmd_show(LDAPRetrieve):
__doc__ = _('Display Sudo Command.')
api.register(sudocmd_show)

19
ipalib/plugins/sudocmdgroup.py
View File

@@ -19,6 +19,7 @@
from ipalib import api
from ipalib import Str
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -45,8 +46,11 @@ EXAMPLES:
ipa group-show localadmins
""")
register = Registry()
topic = ('sudo', _('commands for controlling sudo configuration'))
@register()
class sudocmdgroup(LDAPObject):
"""
Sudo Command Group object.
@@ -100,33 +104,33 @@ class sudocmdgroup(LDAPObject):
),
)
api.register(sudocmdgroup)
@register()
class sudocmdgroup_add(LDAPCreate):
__doc__ = _('Create new Sudo Command Group.')
msg_summary = _('Added Sudo Command Group "%(value)s"')
api.register(sudocmdgroup_add)
@register()
class sudocmdgroup_del(LDAPDelete):
__doc__ = _('Delete Sudo Command Group.')
msg_summary = _('Deleted Sudo Command Group "%(value)s"')
api.register(sudocmdgroup_del)
@register()
class sudocmdgroup_mod(LDAPUpdate):
__doc__ = _('Modify Sudo Command Group.')
msg_summary = _('Modified Sudo Command Group "%(value)s"')
api.register(sudocmdgroup_mod)
@register()
class sudocmdgroup_find(LDAPSearch):
__doc__ = _('Search for Sudo Command Groups.')
@@ -135,22 +139,21 @@ class sudocmdgroup_find(LDAPSearch):
'%(count)d Sudo Command Groups matched', 0
)
api.register(sudocmdgroup_find)
@register()
class sudocmdgroup_show(LDAPRetrieve):
__doc__ = _('Display Sudo Command Group.')
api.register(sudocmdgroup_show)
@register()
class sudocmdgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to Sudo Command Group.')
api.register(sudocmdgroup_add_member)
@register()
class sudocmdgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from Sudo Command Group.')
api.register(sudocmdgroup_remove_member)

47
ipalib/plugins/sudorule.py
View File

@@ -19,6 +19,7 @@
from ipalib import api, errors
from ipalib import Str, StrEnum, Bool
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.hbacrule import is_all
from ipalib import _, ngettext
@@ -74,6 +75,8 @@ EXAMPLES:
ipa sudorule-add-option defaults --sudooption '!authenticate'
""")
register = Registry()
topic = ('sudo', _('Commands for controlling sudo configuration'))
def deprecated(attribute):
@@ -88,6 +91,7 @@ def validate_runasextuser(ugettext, value):
def validate_runasextgroup(ugettext, value):
deprecated('runasexternalgroup')
@register()
class sudorule(LDAPObject):
"""
Sudo Rule object.
@@ -323,9 +327,9 @@ class sudorule(LDAPObject):
}
)
api.register(sudorule)
@register()
class sudorule_add(LDAPCreate):
__doc__ = _('Create new Sudo Rule.')
@@ -338,17 +342,17 @@ class sudorule_add(LDAPCreate):
msg_summary = _('Added Sudo Rule "%(value)s"')
api.register(sudorule_add)
@register()
class sudorule_del(LDAPDelete):
__doc__ = _('Delete Sudo Rule.')
msg_summary = _('Deleted Sudo Rule "%(value)s"')
api.register(sudorule_del)
@register()
class sudorule_mod(LDAPUpdate):
__doc__ = _('Modify Sudo Rule.')
@@ -383,9 +387,9 @@ class sudorule_mod(LDAPUpdate):
return dn
api.register(sudorule_mod)
@register()
class sudorule_find(LDAPSearch):
__doc__ = _('Search for Sudo Rule.')
@@ -393,15 +397,15 @@ class sudorule_find(LDAPSearch):
'%(count)d Sudo Rule matched', '%(count)d Sudo Rules matched', 0
)
api.register(sudorule_find)
@register()
class sudorule_show(LDAPRetrieve):
__doc__ = _('Display Sudo Rule.')
api.register(sudorule_show)
@register()
class sudorule_enable(LDAPQuery):
__doc__ = _('Enable a Sudo Rule.')
@@ -426,9 +430,9 @@ class sudorule_enable(LDAPQuery):
def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Enabled Sudo Rule "%s"') % cn)
api.register(sudorule_enable)
@register()
class sudorule_disable(LDAPQuery):
__doc__ = _('Disable a Sudo Rule.')
@@ -453,9 +457,9 @@ class sudorule_disable(LDAPQuery):
def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Disabled Sudo Rule "%s"') % cn)
api.register(sudorule_disable)
@register()
class sudorule_add_allow_command(LDAPAddMember):
__doc__ = _('Add commands and sudo command groups affected by Sudo Rule.')
@@ -473,18 +477,18 @@ class sudorule_add_allow_command(LDAPAddMember):
return dn
api.register(sudorule_add_allow_command)
@register()
class sudorule_remove_allow_command(LDAPRemoveMember):
__doc__ = _('Remove commands and sudo command groups affected by Sudo Rule.')
member_attributes = ['memberallowcmd']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(sudorule_remove_allow_command)
@register()
class sudorule_add_deny_command(LDAPAddMember):
__doc__ = _('Add commands and sudo command groups affected by Sudo Rule.')
@@ -501,18 +505,18 @@ class sudorule_add_deny_command(LDAPAddMember):
raise errors.MutuallyExclusiveError(reason=_("commands cannot be added when command category='all'"))
return dn
api.register(sudorule_add_deny_command)
@register()
class sudorule_remove_deny_command(LDAPRemoveMember):
__doc__ = _('Remove commands and sudo command groups affected by Sudo Rule.')
member_attributes = ['memberdenycmd']
member_count_out = ('%i object removed.', '%i objects removed.')
api.register(sudorule_remove_deny_command)
@register()
class sudorule_add_user(LDAPAddMember):
__doc__ = _('Add users and groups affected by Sudo Rule.')
@@ -533,9 +537,9 @@ class sudorule_add_user(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('memberuser', 'user', 'externaluser', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_add_user)
@register()
class sudorule_remove_user(LDAPRemoveMember):
__doc__ = _('Remove users and groups affected by Sudo Rule.')
@@ -546,9 +550,9 @@ class sudorule_remove_user(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('memberuser', 'user', 'externaluser', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_remove_user)
@register()
class sudorule_add_host(LDAPAddMember):
__doc__ = _('Add hosts and hostgroups affected by Sudo Rule.')
@@ -569,9 +573,9 @@ class sudorule_add_host(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_add_host)
@register()
class sudorule_remove_host(LDAPRemoveMember):
__doc__ = _('Remove hosts and hostgroups affected by Sudo Rule.')
@@ -582,8 +586,8 @@ class sudorule_remove_host(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_remove_host)
@register()
class sudorule_add_runasuser(LDAPAddMember):
__doc__ = _('Add users and groups for Sudo to execute as.')
@@ -625,9 +629,9 @@ class sudorule_add_runasuser(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('ipasudorunas', 'user', 'ipasudorunasextuser', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_add_runasuser)
@register()
class sudorule_remove_runasuser(LDAPRemoveMember):
__doc__ = _('Remove users and groups for Sudo to execute as.')
@@ -638,9 +642,9 @@ class sudorule_remove_runasuser(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('ipasudorunas', 'user', 'ipasudorunasextuser', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_remove_runasuser)
@register()
class sudorule_add_runasgroup(LDAPAddMember):
__doc__ = _('Add group for Sudo to execute as.')
@@ -676,9 +680,9 @@ class sudorule_add_runasgroup(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('ipasudorunasgroup', 'group', 'ipasudorunasextgroup', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_add_runasgroup)
@register()
class sudorule_remove_runasgroup(LDAPRemoveMember):
__doc__ = _('Remove group for Sudo to execute as.')
@@ -689,9 +693,9 @@ class sudorule_remove_runasgroup(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('ipasudorunasgroup', 'group', 'ipasudorunasextgroup', ldap, completed, failed, dn, entry_attrs, keys, options)
api.register(sudorule_remove_runasgroup)
@register()
class sudorule_add_option(LDAPQuery):
__doc__ = _('Add an option to the Sudo Rule.')
@@ -742,9 +746,9 @@ class sudorule_add_option(LDAPQuery):
api.register(sudorule_add_option)
@register()
class sudorule_remove_option(LDAPQuery):
__doc__ = _('Remove an option from Sudo Rule.')
@@ -796,4 +800,3 @@ class sudorule_remove_option(LDAPQuery):
dict(option=options['ipasudoopt'], rule=cn))
super(sudorule_remove_option, self).output_for_cli(textui, result, cn, **options)
api.register(sudorule_remove_option)

45
ipalib/plugins/trust.py
View File

@@ -18,6 +18,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.dns import dns_container_exists
from ipapython.ipautil import realm_to_suffix
@@ -129,6 +130,8 @@ particular type.
ipa trustconfig-mod --type ad --fallback-primary-group "Default SMB Group"
""")
register = Registry()
trust_output_params = (
Str('trustdirection',
label=_('Trust direction')),
@@ -296,6 +299,7 @@ def add_range(self, range_name, dom_sid, *keys, **options):
return range_type, range_size, base_id
@register()
class trust(LDAPObject):
"""
Trust object.
@@ -389,6 +393,7 @@ class trust(LDAPObject):
dn=make_trust_dn(self.env, trust_type, DN(*sdn))
return dn
@register()
class trust_add(LDAPCreate):
__doc__ = _('''
Add new trust to use.
@@ -726,11 +731,13 @@ sides.
raise errors.ValidationError(name=_('AD Trust setup'),
error=_('Not enough arguments specified to perform trust setup'))
@register()
class trust_del(LDAPDelete):
__doc__ = _('Delete a trust.')
msg_summary = _('Deleted trust "%(value)s"')
@register()
class trust_mod(LDAPUpdate):
__doc__ = _("""
Modify a trust (for future use).
@@ -749,6 +756,7 @@ class trust_mod(LDAPUpdate):
return dn
@register()
class trust_find(LDAPSearch):
__doc__ = _('Search for trusts.')
has_output_params = LDAPSearch.has_output_params + trust_output_params +\
@@ -779,6 +787,7 @@ class trust_find(LDAPSearch):
return truncated
@register()
class trust_show(LDAPRetrieve):
__doc__ = _('Display information about a trust.')
has_output_params = LDAPRetrieve.has_output_params + trust_output_params +\
@@ -804,18 +813,13 @@ class trust_show(LDAPRetrieve):
return dn
api.register(trust)
api.register(trust_add)
api.register(trust_mod)
api.register(trust_del)
api.register(trust_find)
api.register(trust_show)
_trustconfig_dn = {
u'ad': DN(('cn', api.env.domain), api.env.container_cifsdomains, api.env.basedn),
}
@register()
class trustconfig(LDAPObject):
"""
Trusts global configuration object
@@ -920,8 +924,8 @@ class trustconfig(LDAPObject):
entry_attrs['ipantfallbackprimarygroup'] = [groupdn[0][0].value]
api.register(trustconfig)
@register()
class trustconfig_mod(LDAPUpdate):
__doc__ = _('Modify global trust configuration.')
@@ -941,9 +945,9 @@ class trustconfig_mod(LDAPUpdate):
self.obj._convert_groupdn(entry_attrs, options)
return dn
api.register(trustconfig_mod)
@register()
class trustconfig_show(LDAPRetrieve):
__doc__ = _('Show global trust configuration.')
@@ -958,7 +962,6 @@ class trustconfig_show(LDAPRetrieve):
self.obj._convert_groupdn(entry_attrs, options)
return dn
api.register(trustconfig_show)
if _nss_idmap_installed:
_idmap_type_dict = {
@@ -970,6 +973,7 @@ if _nss_idmap_installed:
string = _idmap_type_dict.get(int(level), 'unknown')
return unicode(string)
@register()
class trust_resolve(Command):
NO_CLI = True
__doc__ = _('Resolve security identifiers of users and groups in trusted domains')
@@ -1008,9 +1012,9 @@ class trust_resolve(Command):
return dict(result=result)
api.register(trust_resolve)
@register()
class adtrust_is_enabled(Command):
NO_CLI = True
@@ -1035,9 +1039,9 @@ class adtrust_is_enabled(Command):
return dict(result=True)
api.register(adtrust_is_enabled)
@register()
class compat_is_enabled(Command):
NO_CLI = True
@@ -1079,9 +1083,9 @@ class compat_is_enabled(Command):
return dict(result=True)
api.register(compat_is_enabled)
@register()
class sidgen_was_run(Command):
"""
This command tries to determine whether the sidgen task was run during
@@ -1123,8 +1127,8 @@ class sidgen_was_run(Command):
return dict(result=True)
api.register(sidgen_was_run)
@register()
class trustdomain(LDAPObject):
"""
Object representing a domain of the AD trust.
@@ -1172,8 +1176,8 @@ class trustdomain(LDAPObject):
dn=make_trust_dn(self.env, trust_type, DN(*sdn))
return dn
api.register(trustdomain)
@register()
class trustdomain_find(LDAPSearch):
__doc__ = _('Search domains of the trust')
@@ -1202,15 +1206,15 @@ class trustdomain_find(LDAPSearch):
return truncated
api.register(trustdomain_find)
@register()
class trustdomain_mod(LDAPUpdate):
__doc__ = _('Modify trustdomain of the trust')
NO_CLI = True
takes_options = LDAPUpdate.takes_options + (_trust_type_option,)
api.register(trustdomain_mod)
@register()
class trustdomain_add(LDAPCreate):
__doc__ = _('Allow access from the trusted domain')
NO_CLI = True
@@ -1220,8 +1224,8 @@ class trustdomain_add(LDAPCreate):
if 'ipanttrustpartner' in options:
entry_attrs['ipanttrustpartner'] = [options['ipanttrustpartner']]
return dn
api.register(trustdomain_add)
@register()
class trustdomain_del(LDAPDelete):
__doc__ = _('Remove infromation about the domain associated with the trust.')
@@ -1244,7 +1248,6 @@ class trustdomain_del(LDAPDelete):
return result
api.register(trustdomain_del)
def fetch_domains_from_trust(self, trustinstance, trust_entry, **options):
@@ -1293,6 +1296,7 @@ def fetch_domains_from_trust(self, trustinstance, trust_entry, **options):
pass
return result
@register()
class trust_fetch_domains(LDAPRetrieve):
__doc__ = _('Refresh list of the domains associated with the trust')
@@ -1333,8 +1337,8 @@ class trust_fetch_domains(LDAPRetrieve):
result['truncated'] = False
return result
api.register(trust_fetch_domains)
@register()
class trustdomain_enable(LDAPQuery):
__doc__ = _('Allow use of IPA resources by the domain of the trust')
@@ -1373,8 +1377,8 @@ class trustdomain_enable(LDAPQuery):
value=pkey_to_value(keys[1], options),
)
api.register(trustdomain_enable)
@register()
class trustdomain_disable(LDAPQuery):
__doc__ = _('Disable use of IPA resources by the domain of the trust')
@@ -1413,4 +1417,3 @@ class trustdomain_disable(LDAPQuery):
value=pkey_to_value(keys[1], options),
)
api.register(trustdomain_disable)

30
ipalib/plugins/user.py
View File

@@ -25,6 +25,7 @@ import os
from ipalib import api, errors
from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins import baseldap
from ipalib.request import context
@@ -81,6 +82,7 @@ EXAMPLES:
ipa user-del tuser1
""")
register = Registry()
NO_UPG_MAGIC = '__no_upg__'
@@ -216,6 +218,7 @@ def fix_addressbook_permission_bindrule(name, template, is_new,
template['ipapermbindruletype'] = 'anonymous'
@register()
class user(LDAPObject):
"""
User object.
@@ -675,9 +678,8 @@ class user(LDAPObject):
for m in xrange(len(entry_attrs['manager'])):
entry_attrs['manager'][m] = self.get_primary_key_from_dn(entry_attrs['manager'][m])
api.register(user)
@register()
class user_add(LDAPCreate):
__doc__ = _('Add a new user.')
@@ -851,9 +853,8 @@ class user_add(LDAPCreate):
radius_dn2pk(self.api, entry_attrs)
return dn
api.register(user_add)
@register()
class user_del(LDAPDelete):
__doc__ = _('Delete a user.')
@@ -872,9 +873,8 @@ class user_del(LDAPDelete):
return dn
api.register(user_del)
@register()
class user_mod(LDAPUpdate):
__doc__ = _('Modify a user.')
@@ -946,9 +946,8 @@ class user_mod(LDAPUpdate):
radius_dn2pk(self.api, entry_attrs)
return dn
api.register(user_mod)
@register()
class user_find(LDAPSearch):
__doc__ = _('Search for users.')
@@ -997,9 +996,8 @@ class user_find(LDAPSearch):
'%(count)d user matched', '%(count)d users matched', 0
)
api.register(user_find)
@register()
class user_show(LDAPRetrieve):
__doc__ = _('Display information about a user.')
@@ -1014,9 +1012,8 @@ class user_show(LDAPRetrieve):
radius_dn2pk(self.api, entry_attrs)
return dn
api.register(user_show)
@register()
class user_disable(LDAPQuery):
__doc__ = _('Disable a user account.')
@@ -1036,9 +1033,8 @@ class user_disable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
api.register(user_disable)
@register()
class user_enable(LDAPQuery):
__doc__ = _('Enable a user account.')
@@ -1058,8 +1054,8 @@ class user_enable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
api.register(user_enable)
@register()
class user_unlock(LDAPQuery):
__doc__ = _("""
Unlock a user account
@@ -1087,8 +1083,8 @@ class user_unlock(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
api.register(user_unlock)
@register()
class user_status(LDAPQuery):
__doc__ = _("""
Lockout status of a user account
@@ -1197,5 +1193,3 @@ class user_status(LDAPQuery):
summary=unicode(_('Account disabled: %(disabled)s' %
dict(disabled=disabled))),
)
api.register(user_status)