mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Display token type when viewing token
When viewing a token from the CLI or UI, the type of the token should be displayed. https://fedorahosted.org/freeipa/ticket/4563 Reviewed-By: Martin Kosek <mkosek@redhat.com>
This commit is contained in:
parent
e296137853
commit
560606a991
4
API.txt
4
API.txt
@ -2614,7 +2614,7 @@ option: Flag('no_members', autofill=True, default=False, exclude='webui')
|
||||
option: Flag('qrcode?', autofill=True, default=False)
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
|
||||
option: Str('setattr*', cli_name='setattr', exclude='webui')
|
||||
option: StrEnum('type', attribute=False, autofill=True, cli_name='type', default=u'totp', multivalue=False, required=False, values=(u'totp', u'hotp'))
|
||||
option: StrEnum('type', attribute=False, autofill=True, cli_name='type', default=u'totp', multivalue=False, required=False, values=(u'totp', u'hotp', u'TOTP', u'HOTP'))
|
||||
option: Str('version?', exclude='webui')
|
||||
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
||||
@ -2673,7 +2673,7 @@ option: Flag('pkey_only?', autofill=True, default=False)
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
|
||||
option: Int('sizelimit?', autofill=False, minvalue=0)
|
||||
option: Int('timelimit?', autofill=False, minvalue=0)
|
||||
option: StrEnum('type', attribute=False, autofill=False, cli_name='type', default=u'totp', multivalue=False, query=True, required=False, values=(u'totp', u'hotp'))
|
||||
option: StrEnum('type', attribute=False, autofill=False, cli_name='type', default=u'totp', multivalue=False, query=True, required=False, values=(u'totp', u'hotp', u'TOTP', u'HOTP'))
|
||||
option: Str('version?', exclude='webui')
|
||||
output: Output('count', <type 'int'>, None)
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
|
@ -180,6 +180,7 @@ return {
|
||||
label: '@i18n:objects.otptoken.details',
|
||||
fields: [
|
||||
'ipatokenuniqueid',
|
||||
'type',
|
||||
{
|
||||
$type: 'textarea',
|
||||
name: 'description'
|
||||
|
@ -108,6 +108,15 @@ def _check_interval(not_before, not_after):
|
||||
return not_before <= not_after
|
||||
return True
|
||||
|
||||
def _set_token_type(entry_attrs, **options):
|
||||
klasses = [x.lower() for x in entry_attrs.get('objectclass', [])]
|
||||
for ttype in TOKEN_TYPES.keys():
|
||||
cls = 'ipatoken' + ttype
|
||||
if cls.lower() in klasses:
|
||||
entry_attrs['type'] = ttype.upper()
|
||||
|
||||
if not options.get('all', False) or options.get('pkey_only', False):
|
||||
entry_attrs.pop('objectclass', None)
|
||||
|
||||
@register()
|
||||
class otptoken(LDAPObject):
|
||||
@ -146,7 +155,7 @@ class otptoken(LDAPObject):
|
||||
label=_('Type'),
|
||||
default=u'totp',
|
||||
autofill=True,
|
||||
values=tuple(TOKEN_TYPES.keys()),
|
||||
values=tuple(TOKEN_TYPES.keys() + [x.upper() for x in TOKEN_TYPES]),
|
||||
flags=('virtual_attribute', 'no_update'),
|
||||
),
|
||||
Str('description?',
|
||||
@ -259,6 +268,7 @@ class otptoken_add(LDAPCreate):
|
||||
error='is before the validity start')
|
||||
|
||||
# Set the object class and defaults for specific token types
|
||||
options['type'] = options['type'].lower()
|
||||
entry_attrs['objectclass'] = otptoken.object_class + ['ipatoken' + options['type']]
|
||||
for ttype, tattrs in TOKEN_TYPES.items():
|
||||
if ttype != options['type']:
|
||||
@ -305,10 +315,12 @@ class otptoken_add(LDAPCreate):
|
||||
uri = u'otpauth://%s/%s:%s?%s' % (options['type'], issuer, label, parameters)
|
||||
setattr(context, 'uri', uri)
|
||||
|
||||
attrs_list.append("objectclass")
|
||||
return dn
|
||||
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
entry_attrs['uri'] = getattr(context, 'uri')
|
||||
_set_token_type(entry_attrs, **options)
|
||||
_convert_owner(self.api.Object.user, entry_attrs, options)
|
||||
return super(otptoken_add, self).post_callback(ldap, dn, entry_attrs, *keys, **options)
|
||||
|
||||
@ -360,9 +372,12 @@ class otptoken_mod(LDAPUpdate):
|
||||
raise ValidationError(name='not_before',
|
||||
error='is after the validity end')
|
||||
_normalize_owner(self.api.Object.user, entry_attrs)
|
||||
|
||||
attrs_list.append("objectclass")
|
||||
return dn
|
||||
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
_set_token_type(entry_attrs, **options)
|
||||
_convert_owner(self.api.Object.user, entry_attrs, options)
|
||||
return super(otptoken_mod, self).post_callback(ldap, dn, entry_attrs, *keys, **options)
|
||||
|
||||
@ -372,7 +387,7 @@ class otptoken_find(LDAPSearch):
|
||||
__doc__ = _('Search for OTP token.')
|
||||
msg_summary = ngettext('%(count)d OTP token matched', '%(count)d OTP tokens matched', 0)
|
||||
|
||||
def pre_callback(self, ldap, filters, *args, **kwargs):
|
||||
def pre_callback(self, ldap, filters, attrs_list, *args, **kwargs):
|
||||
# This is a hack, but there is no other way to
|
||||
# replace the objectClass when searching
|
||||
type = kwargs.get('type', '')
|
||||
@ -381,7 +396,8 @@ class otptoken_find(LDAPSearch):
|
||||
filters = filters.replace("(objectclass=ipatoken)",
|
||||
"(objectclass=ipatoken%s)" % type)
|
||||
|
||||
return super(otptoken_find, self).pre_callback(ldap, filters, *args, **kwargs)
|
||||
attrs_list.append("objectclass")
|
||||
return super(otptoken_find, self).pre_callback(ldap, filters, attrs_list, *args, **kwargs)
|
||||
|
||||
def args_options_2_entry(self, *args, **options):
|
||||
entry = super(otptoken_find, self).args_options_2_entry(*args, **options)
|
||||
@ -390,6 +406,7 @@ class otptoken_find(LDAPSearch):
|
||||
|
||||
def post_callback(self, ldap, entries, truncated, *args, **options):
|
||||
for entry in entries:
|
||||
_set_token_type(entry, **options)
|
||||
_convert_owner(self.api.Object.user, entry, options)
|
||||
return super(otptoken_find, self).post_callback(ldap, entries, truncated, *args, **options)
|
||||
|
||||
@ -398,7 +415,12 @@ class otptoken_find(LDAPSearch):
|
||||
class otptoken_show(LDAPRetrieve):
|
||||
__doc__ = _('Display information about an OTP token.')
|
||||
|
||||
def pre_callback(self, ldap, dn, attrs_list, *keys, **options):
|
||||
attrs_list.append("objectclass")
|
||||
return super(otptoken_show, self).pre_callback(ldap, dn, attrs_list, *keys, **options)
|
||||
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
_set_token_type(entry_attrs, **options)
|
||||
_convert_owner(self.api.Object.user, entry_attrs, options)
|
||||
return super(otptoken_show, self).post_callback(ldap, dn, entry_attrs, *keys, **options)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user