mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Make plugins2 use lowercase when reffering to LDAP attributes.
This commit is contained in:
parent
708fe4dfe5
commit
37a391cd78
@ -26,14 +26,14 @@ from ipalib import api, crud, errors
|
||||
from ipalib import Command, Object
|
||||
from ipalib import Flag, Int, List, Str
|
||||
|
||||
_default_attributes = ['cn', 'description', 'member', 'memberOf']
|
||||
_default_class = 'groupOfNames'
|
||||
_default_attributes = ['cn', 'description', 'member', 'memberof']
|
||||
_default_class = 'groupofnames'
|
||||
|
||||
|
||||
def get_dn_by_attr(ldap, attr, value, object_class, parent_dn=''):
|
||||
search_kw = {}
|
||||
search_kw[attr] = value
|
||||
search_kw['objectClass'] = object_class
|
||||
search_kw['objectclass'] = object_class
|
||||
filter = ldap.make_filter(search_kw, rules=ldap.MATCH_ALL)
|
||||
(dn, entry_attrs) = ldap.find_entries(filter, [''], base_dn=parent_dn)[0]
|
||||
return dn
|
||||
@ -283,15 +283,15 @@ class basegroup2_find(crud.Search):
|
||||
assert self.api.env.use_ldap2, 'use_ldap2 is False'
|
||||
ldap = self.api.Backend.ldap2
|
||||
|
||||
search_kw = self.args_options_2_entry(*tuple(), **kw)
|
||||
search_kw = self.args_options_2_entry(**kw)
|
||||
if self.filter_class:
|
||||
search_kw['objectClass'] = self.filter_class
|
||||
search_kw['objectclass'] = self.filter_class
|
||||
filter = ldap.make_filter(search_kw, rules=ldap.MATCH_ALL)
|
||||
if term:
|
||||
if not self.searchfields:
|
||||
# Pull the list of searchable attributes out of the IPA config.
|
||||
conf = ldap.get_ipa_config()[1]
|
||||
search_fields = conf.get('ipaGroupSearchFields')[0].split(',')
|
||||
search_fields = conf.get('ipagroupsearchfields')[0].split(',')
|
||||
else:
|
||||
search_fields = self.searchfields
|
||||
|
||||
@ -422,7 +422,7 @@ class basegroup2_add_member(Command):
|
||||
|
||||
members = kw.get('groups', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaUserGroup',
|
||||
ldap, add_failed, members, 'cn', 'ipausergroup',
|
||||
self.api.env.container_group
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -431,7 +431,7 @@ class basegroup2_add_member(Command):
|
||||
|
||||
members = kw.get('users', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'uid', 'posixAccount',
|
||||
ldap, add_failed, members, 'uid', 'posixaccount',
|
||||
self.api.env.container_user
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -499,7 +499,7 @@ class basegroup2_del_member(Command):
|
||||
|
||||
members = kw.get('groups', [])
|
||||
(to_remove, remove_failed) = find_members(
|
||||
ldap, remove_failed, members, 'cn', 'ipaUserGroup',
|
||||
ldap, remove_failed, members, 'cn', 'ipausergroup',
|
||||
self.api.env.container_group
|
||||
)
|
||||
(completed, remove_failed) = del_members(
|
||||
@ -508,7 +508,7 @@ class basegroup2_del_member(Command):
|
||||
|
||||
members = kw.get('users', [])
|
||||
(to_remove, remove_failed) = find_members(
|
||||
ldap, remove_failed, members, 'uid', 'posixAccount',
|
||||
ldap, remove_failed, members, 'uid', 'posixaccount',
|
||||
self.api.env.container_user
|
||||
)
|
||||
(completed, remove_failed) = del_members(
|
||||
|
@ -95,7 +95,7 @@ _zone_default_attributes = [
|
||||
|
||||
# build zone dn
|
||||
def _get_zone_dn(ldap, idnsname):
|
||||
rdn = ldap.make_rdn_from_attr('idnsName', idnsname)
|
||||
rdn = ldap.make_rdn_from_attr('idnsname', idnsname)
|
||||
return ldap.make_dn_from_rdn(rdn, _zone_container_dn)
|
||||
|
||||
# build dn for entry with record
|
||||
@ -103,7 +103,7 @@ def _get_record_dn(ldap, zone, idnsname):
|
||||
parent_dn = _get_zone_dn(ldap, zone)
|
||||
if idnsname == '@' or idnsname == zone:
|
||||
return parent_dn
|
||||
rdn = ldap.make_rdn_from_attr('idnsName', idnsname)
|
||||
rdn = ldap.make_rdn_from_attr('idnsname', idnsname)
|
||||
return ldap.make_dn_from_rdn(rdn, parent_dn)
|
||||
|
||||
|
||||
@ -182,7 +182,7 @@ class dns2_create(crud.Create):
|
||||
dn = _get_zone_dn(ldap, idnsname)
|
||||
|
||||
# fill in required attributes
|
||||
entry_attrs['objectclass'] = ['top', 'idnsRecord', 'idnsZone']
|
||||
entry_attrs['objectclass'] = ['top', 'idnsrecord', 'idnszone']
|
||||
entry_attrs['idnszoneactive'] = True
|
||||
|
||||
# fill default values, build SOA serial from current date
|
||||
@ -299,7 +299,7 @@ class dns2_find(crud.Search):
|
||||
ldap = self.api.Backend.ldap2
|
||||
|
||||
# build search filter
|
||||
filter = ldap.make_filter_from_attr('idnsName', term, exact=False)
|
||||
filter = ldap.make_filter_from_attr('idnsname', term, exact=False)
|
||||
|
||||
# select attributes we want to retrieve
|
||||
if options['all']:
|
||||
@ -505,7 +505,7 @@ class dns2_add_rr(Command):
|
||||
)
|
||||
|
||||
# fill in required attributes
|
||||
entry_attrs['objectclass'] = ['top', 'idnsRecord']
|
||||
entry_attrs['objectclass'] = ['top', 'idnsrecord']
|
||||
|
||||
# fill in the record
|
||||
entry_attrs[attr] = data
|
||||
@ -600,7 +600,7 @@ class dns2_del_rr(Command):
|
||||
raise errors.NotFound(reason=u'resource record not found')
|
||||
|
||||
# check if it's worth to keep this entry in LDAP
|
||||
if 'idnsZone' not in entry_attrs['objectclass']:
|
||||
if 'idnszone' not in entry_attrs['objectclass']:
|
||||
# get a list of all meaningful record attributes
|
||||
record_attrs = []
|
||||
for (k, v) in entry_attrs.iteritems():
|
||||
|
@ -26,8 +26,8 @@ from ipalib import api
|
||||
from ipalib.plugins.basegroup2 import *
|
||||
|
||||
_container_dn = api.env.container_group
|
||||
_default_attributes = ['cn', 'description', 'gidNumber', 'member', 'memberOf']
|
||||
_default_class = 'ipaUserGroup'
|
||||
_default_attributes = ['cn', 'description', 'gidnumber', 'member', 'memberof']
|
||||
_default_class = 'ipausergroup'
|
||||
|
||||
|
||||
class group2(basegroup2):
|
||||
@ -79,9 +79,9 @@ class group2_create(basegroup2_create):
|
||||
|
||||
config = ldap.get_ipa_config()[1]
|
||||
|
||||
kw['objectclass'] = config.get('ipaGroupObjectClasses')
|
||||
kw['objectclass'] = config.get('ipagroupobjectclasses')
|
||||
if kw['posix'] or 'gidnumber' in kw:
|
||||
kw['objectclass'].append('posixGroup')
|
||||
kw['objectclass'].append('posixgroup')
|
||||
|
||||
return super(group2_create, self).execute(cn, **kw)
|
||||
|
||||
@ -112,7 +112,7 @@ class group2_delete(basegroup2_delete):
|
||||
# Don't allow the default user group to be removed
|
||||
try:
|
||||
config = ldap.get_ipa_config()[1]
|
||||
def_group_cn = config.get('ipaDefaultPrimaryGroup')
|
||||
def_group_cn = config.get('ipadefaultprimarygroup')
|
||||
def_group_dn = get_dn_by_attr(
|
||||
ldap, 'cn', def_group_cn, self.filter_class, self.container
|
||||
)
|
||||
@ -158,13 +158,13 @@ class group2_mod(basegroup2_mod):
|
||||
|
||||
if kw['posix'] or 'gidnumber' in kw:
|
||||
dn = get_dn_by_attr(ldap, 'cn', cn, self.filter_class, self.container)
|
||||
(dn, entry_attrs) = ldap.get_entry(dn, ['objectClass'])
|
||||
if 'posixGroup' in entry_attrs['objectClass']:
|
||||
if kw['posix'] in entry_attrs['objectClass']:
|
||||
(dn, entry_attrs) = ldap.get_entry(dn, ['objectclass'])
|
||||
if 'posixgroup' in entry_attrs['objectclass']:
|
||||
if kw['posix'] in entry_attrs['objectclass']:
|
||||
raise errors.AlreadyPosixGroup()
|
||||
else:
|
||||
entry_attrs['objectClass'].append('posixGroup')
|
||||
kw['objectclass'] = entry_attrs['objectClass']
|
||||
entry_attrs['objectclass'].append('posixgroup')
|
||||
kw['objectclass'] = entry_attrs['objectclass']
|
||||
|
||||
return super(group2_mod, self).execute(cn, **kw)
|
||||
|
||||
|
@ -25,8 +25,8 @@ from ipalib import api
|
||||
from ipalib.plugins.basegroup2 import *
|
||||
|
||||
_container_dn = api.env.container_hostgroup
|
||||
_default_attributes = ['cn', 'description', 'member', 'memberOf']
|
||||
_default_class = 'ipaHostGroup'
|
||||
_default_attributes = ['cn', 'description', 'member', 'memberof']
|
||||
_default_class = 'ipahostgroup'
|
||||
|
||||
|
||||
class hostgroup2(basegroup2):
|
||||
@ -145,7 +145,7 @@ class hostgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('groups', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaUserGroup',
|
||||
ldap, add_failed, members, 'cn', 'ipausergroup',
|
||||
self.api.env.container_group
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -154,7 +154,7 @@ class hostgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('hosts', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaHost',
|
||||
ldap, add_failed, members, 'cn', 'ipahost',
|
||||
self.api.env.container_host
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -163,7 +163,7 @@ class hostgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('hostgroups', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaHostGroup',
|
||||
ldap, add_failed, members, 'cn', 'ipahostgroup',
|
||||
self.api.env.container_hostgroup
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -216,7 +216,7 @@ class hostgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('groups', [])
|
||||
(to_remove, remove_failed) = find_members(
|
||||
ldap, remove_failed, members, 'cn', 'ipaUserGroup',
|
||||
ldap, remove_failed, members, 'cn', 'ipausergroup',
|
||||
self.api.env.container_group
|
||||
)
|
||||
(completed, remove_failed) = del_members(
|
||||
@ -225,7 +225,7 @@ class hostgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('hosts', [])
|
||||
(to_remove, remove_failed) = find_members(
|
||||
ldap, remove_failed, members, 'cn', 'ipaHost',
|
||||
ldap, remove_failed, members, 'cn', 'ipahost',
|
||||
self.api.env.container_host
|
||||
)
|
||||
(completed, remove_failed) = del_members(
|
||||
@ -234,7 +234,7 @@ class hostgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('hostgroups', [])
|
||||
(to_remove, remove_failed) = find_members(
|
||||
ldap, remove_failed, members, 'cn', 'ipaHostGroup',
|
||||
ldap, remove_failed, members, 'cn', 'ipahostgroup',
|
||||
self.api.env.container_hostgroup
|
||||
)
|
||||
(completed, remove_failed) = del_members(
|
||||
|
@ -27,9 +27,9 @@ from ipalib import uuid
|
||||
|
||||
_container_dn = 'cn=ng,cn=alt'
|
||||
_default_attributes = [
|
||||
'cn', 'description', 'member', 'memberUser', 'memberHost','externalHost'
|
||||
'cn', 'description', 'member', 'memberUser', 'memberhost','externalhost'
|
||||
]
|
||||
_default_class = 'ipaNISNetgroup'
|
||||
_default_class = 'ipanisnetgroup'
|
||||
|
||||
|
||||
class netgroup2(basegroup2):
|
||||
@ -70,11 +70,11 @@ class netgroup2_create(basegroup2_create):
|
||||
ldap = self.api.Backend.ldap2
|
||||
|
||||
entry_attrs = self.args_options_2_entry(cn, **kw)
|
||||
entry_attrs['ipaUniqueID'] = str(uuid.uuid1())
|
||||
entry_attrs['objectClass'] = ['top', 'ipaAssociation', _default_class]
|
||||
entry_attrs['ipauniqueid'] = str(uuid.uuid1())
|
||||
entry_attrs['objectclass'] = ['top', 'ipaassociation', _default_class]
|
||||
entry_attrs.setdefault('nisdomainname', self.api.env.domain)
|
||||
|
||||
dn = ldap.make_dn(entry_attrs, 'ipaUniqueID', _container_dn)
|
||||
dn = ldap.make_dn(entry_attrs, 'ipauniqueid', _container_dn)
|
||||
|
||||
ldap.add_entry(dn, entry_attrs)
|
||||
|
||||
@ -165,8 +165,8 @@ class netgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
def _add_external(self, ldap, completed, members, group_dn):
|
||||
add_failed = []
|
||||
entry_attrs = ldap.get_entry(group_dn, ['externalHost'])
|
||||
external_hosts = entry_attrs.get('externalHost', [])
|
||||
entry_attrs = ldap.get_entry(group_dn, ['externalhost'])
|
||||
external_hosts = entry_attrs.get('externalhost', [])
|
||||
|
||||
for m in members:
|
||||
m = m.lower()
|
||||
@ -177,7 +177,7 @@ class netgroup2_add_member(basegroup2_add_member):
|
||||
add_failed.append(m)
|
||||
|
||||
try:
|
||||
ldap.update_entry(group_dn, **{'externalHost': external_hosts})
|
||||
ldap.update_entry(group_dn, **{'externalhost': external_hosts})
|
||||
except errors.EmptyModlist:
|
||||
pass
|
||||
|
||||
@ -205,7 +205,7 @@ class netgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('groups', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaUserGroup',
|
||||
ldap, add_failed, members, 'cn', 'ipausergroup',
|
||||
self.api.env.container_group
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -214,7 +214,7 @@ class netgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('users', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'uid', 'posixAccount',
|
||||
ldap, add_failed, members, 'uid', 'posixaccount',
|
||||
self.api.env.container_user
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -223,7 +223,7 @@ class netgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('hosts', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaHost',
|
||||
ldap, add_failed, members, 'cn', 'ipahost',
|
||||
self.api.env.container_host
|
||||
)
|
||||
|
||||
@ -238,7 +238,7 @@ class netgroup2_add_member(basegroup2_add_member):
|
||||
|
||||
members = kw.get('hostgroups', [])
|
||||
(to_add, add_failed) = find_members(
|
||||
ldap, add_failed, members, 'cn', 'ipaHostGroup',
|
||||
ldap, add_failed, members, 'cn', 'ipahostgroup',
|
||||
self.api.env.container_hostgroup
|
||||
)
|
||||
(completed, add_failed) = add_members(
|
||||
@ -284,8 +284,8 @@ class netgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
def _del_external(self, ldap, completed, members, group_dn):
|
||||
rem_failed = []
|
||||
entry_attrs = ldap.get_entry(group_dn, ['externalHost'])
|
||||
external_hosts = entry_attrs.get('externalHost', [])
|
||||
entry_attrs = ldap.get_entry(group_dn, ['externalhost'])
|
||||
external_hosts = entry_attrs.get('externalhost', [])
|
||||
|
||||
for m in members:
|
||||
m = m.lower()
|
||||
@ -296,7 +296,7 @@ class netgroup2_del_member(basegroup2_del_member):
|
||||
rem_failed.append(m)
|
||||
|
||||
try:
|
||||
ldap.update_entry(group_dn, **{'externalHost': external_hosts})
|
||||
ldap.update_entry(group_dn, **{'externalhost': external_hosts})
|
||||
except errors.EmptyModlist:
|
||||
pass
|
||||
|
||||
@ -324,7 +324,7 @@ class netgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('groups', [])
|
||||
(to_rem, rem_failed) = find_members(
|
||||
ldap, rem_failed, members, 'cn', 'ipaUserGroup',
|
||||
ldap, rem_failed, members, 'cn', 'ipausergroup',
|
||||
self.api.env.container_group
|
||||
)
|
||||
(completed, rem_failed) = del_members(
|
||||
@ -333,7 +333,7 @@ class netgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('users', [])
|
||||
(to_rem, rem_failed) = find_members(
|
||||
ldap, rem_failed, members, 'uid', 'posixAccount',
|
||||
ldap, rem_failed, members, 'uid', 'posixaccount',
|
||||
self.api.env.container_user
|
||||
)
|
||||
(completed, rem_failed) = del_members(
|
||||
@ -342,7 +342,7 @@ class netgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('hosts', [])
|
||||
(to_rem, rem_failed) = find_members(
|
||||
ldap, rem_failed, members, 'cn', 'ipaHost',
|
||||
ldap, rem_failed, members, 'cn', 'ipahost',
|
||||
self.api.env.container_host
|
||||
)
|
||||
|
||||
@ -357,7 +357,7 @@ class netgroup2_del_member(basegroup2_del_member):
|
||||
|
||||
members = kw.get('hostgroups', [])
|
||||
(to_rem, rem_failed) = find_members(
|
||||
ldap, rem_failed, members, 'cn', 'ipaHostGroup',
|
||||
ldap, rem_failed, members, 'cn', 'ipahostgroup',
|
||||
self.api.env.container_hostgroup
|
||||
)
|
||||
(completed, rem_failed) = del_members(
|
||||
|
@ -30,7 +30,7 @@ _container_dn = api.env.container_user
|
||||
|
||||
# attributes displayed by default
|
||||
_default_attributes = [
|
||||
'uid', 'givenName', 'sn', 'homeDirectory', 'loginShell'
|
||||
'uid', 'givenname', 'sn', 'homedirectory', 'loginshell'
|
||||
]
|
||||
|
||||
|
||||
@ -115,11 +115,11 @@ class user2_create(crud.Create):
|
||||
config = ldap.get_ipa_config()[1]
|
||||
|
||||
# fill in required attributes
|
||||
entry_attrs['objectclass'] = config.get('ipaUserObjectClasses')
|
||||
entry_attrs['objectclass'] = config.get('ipauserobjectclasses')
|
||||
|
||||
# fill default values
|
||||
# uidNumber gets filled automatically by the DS dna_plugin
|
||||
entry_attrs.setdefault('loginshell', config.get('ipaDefaultLoginShell'))
|
||||
entry_attrs.setdefault('loginshell', config.get('ipadefaultloginshell'))
|
||||
entry_attrs.setdefault('gecos', uid)
|
||||
entry_attrs.setdefault(
|
||||
'krbprincipalname', '%s@%s' % (uid, self.api.env.realm)
|
||||
@ -130,7 +130,7 @@ class user2_create(crud.Create):
|
||||
)
|
||||
if 'homedirectory' not in entry_attrs:
|
||||
# get home's root directory from config
|
||||
homes_root = config.get('ipaHomesRootDir', '/home')[0]
|
||||
homes_root = config.get('ipahomesrootdir', '/home')[0]
|
||||
# build user's home directory based on his uid
|
||||
home_dir = '%s/%s' % (homes_root, uid)
|
||||
home_dir = home_dir.replace('//', '/').rstrip('/')
|
||||
@ -138,19 +138,19 @@ class user2_create(crud.Create):
|
||||
|
||||
# we're adding new users to a default group, get it's DN and gidNumber
|
||||
# get default group name from config
|
||||
def_primary_group = config.get('ipaDefaultPrimaryGroup')
|
||||
def_primary_group = config.get('ipadefaultprimarygroup')
|
||||
# build the group's DN
|
||||
group_parent_dn = self.api.env.container_group
|
||||
group_rdn = ldap.make_rdn_from_attr('cn', def_primary_group)
|
||||
group_dn = ldap.make_dn_from_rdn(group_rdn, group_parent_dn)
|
||||
# try to retrieve the group's gidNumber
|
||||
try:
|
||||
(group_dn, group_attrs) = ldap.get_entry(group_dn, ['gidNumber'])
|
||||
(group_dn, group_attrs) = ldap.get_entry(group_dn, ['gidnumber'])
|
||||
except errors.NotFound:
|
||||
error_msg = 'Default group for new users not found.'
|
||||
raise errors.NotFound(reason=error_msg)
|
||||
# fill default group's gidNumber
|
||||
entry_attrs['gidnumber'] = group_attrs['gidNumber']
|
||||
entry_attrs['gidnumber'] = group_attrs['gidnumber']
|
||||
|
||||
# create user entry
|
||||
ldap.add_entry(dn, entry_attrs)
|
||||
@ -256,12 +256,13 @@ class user2_find(crud.Search):
|
||||
|
||||
# get list of search fields from config
|
||||
config = ldap.get_ipa_config()[1]
|
||||
search_fields = config.get('ipaUserSearchFields')[0].split(',')
|
||||
search_fields = config.get('ipausersearchfields')[0].split(',')
|
||||
|
||||
# look for term in all search fields
|
||||
search_kw = {}
|
||||
for f in search_fields:
|
||||
search_kw[f] = '%s' % term
|
||||
search_kw = self.args_options_2_entry(**options)
|
||||
if term:
|
||||
for f in search_fields:
|
||||
search_kw[f] = '%s' % term
|
||||
# build search filter
|
||||
filter = ldap.make_filter(search_kw, exact=False)
|
||||
|
||||
@ -295,7 +296,7 @@ class user2_find(crud.Search):
|
||||
api.register(user2_find)
|
||||
|
||||
|
||||
class user2_show(crud.Search):
|
||||
class user2_show(crud.Retrieve):
|
||||
"""
|
||||
Display user.
|
||||
"""
|
||||
|
Loading…
Reference in New Issue
Block a user