From 63be2ee9f0296e1366c77258929c7ce2dad53154 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Tue, 30 Sep 2014 15:44:31 +0300
Subject: [PATCH] Support overridding user shell in ID views

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
---
 ACI.txt                   | 2 +-
 API.txt                   | 9 ++++++---
 ipalib/plugins/idviews.py | 8 ++++++--
 3 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/ACI.txt b/ACI.txt
index cebdc2cce..25f3c7228 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -121,7 +121,7 @@ aci: (targetfilter = "(objectclass=ipahostgroup)")(version 3.0;acl "permission:S
 dn: cn=views,cn=accounts,dc=ipa,dc=example
 aci: (targetattr = "cn || createtimestamp || description || entryusn || gidnumber || ipaanchoruuid || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaGroupOverride)")(version 3.0;acl "permission:System: Read Group ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
 dn: cn=views,cn=accounts,dc=ipa,dc=example
-aci: (targetattr = "createtimestamp || description || entryusn || homedirectory || ipaanchoruuid || ipaoriginaluid || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(objectclass=ipaUserOverride)")(version 3.0;acl "permission:System: Read User ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
+aci: (targetattr = "createtimestamp || description || entryusn || homedirectory || ipaanchoruuid || ipaoriginaluid || loginshell || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(objectclass=ipaUserOverride)")(version 3.0;acl "permission:System: Read User ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
 dn: cn=ranges,cn=etc,dc=ipa,dc=example
 aci: (targetattr = "cn || createtimestamp || entryusn || ipabaseid || ipabaserid || ipaidrangesize || ipanttrusteddomainsid || iparangetype || ipasecondarybaserid || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaidrange)")(version 3.0;acl "permission:System: Read ID Ranges";allow (compare,read,search) userdn = "ldap:///all";)
 dn: cn=views,cn=accounts,dc=ipa,dc=example
diff --git a/API.txt b/API.txt
index c5e76c759..41b852b65 100644
--- a/API.txt
+++ b/API.txt
@@ -2104,7 +2104,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: PrimaryKey('value', None, None)
 command: idoverrideuser_add
-args: 2,10,3
+args: 2,11,3
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, required=True)
 option: Str('addattr*', cli_name='addattr', exclude='webui')
@@ -2112,6 +2112,7 @@ option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui
 option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=False)
 option: Str('homedirectory', attribute=True, cli_name='homedir', multivalue=False, required=False)
 option: Str('ipaoriginaluid', attribute=True, cli_name='ipaoriginaluid', multivalue=False, required=False)
+option: Str('loginshell', attribute=True, cli_name='shell', multivalue=False, required=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Str('setattr*', cli_name='setattr', exclude='webui')
 option: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
@@ -2130,7 +2131,7 @@ output: Output('result', <type 'dict'>, None)
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: ListOfPrimaryKeys('value', None, None)
 command: idoverrideuser_find
-args: 2,12,4
+args: 2,13,4
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('criteria?', noextrawhitespace=False)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
@@ -2138,6 +2139,7 @@ option: Str('description', attribute=True, autofill=False, cli_name='desc', mult
 option: Str('homedirectory', attribute=True, autofill=False, cli_name='homedir', multivalue=False, query=True, required=False)
 option: Str('ipaanchoruuid', attribute=True, autofill=False, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=False)
 option: Str('ipaoriginaluid', attribute=True, autofill=False, cli_name='ipaoriginaluid', multivalue=False, query=True, required=False)
+option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, query=True, required=False)
 option: Flag('pkey_only?', autofill=True, default=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Int('sizelimit?', autofill=False, minvalue=0)
@@ -2150,7 +2152,7 @@ output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Output('truncated', <type 'bool'>, None)
 command: idoverrideuser_mod
-args: 2,13,3
+args: 2,14,3
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
 option: Str('addattr*', cli_name='addattr', exclude='webui')
@@ -2159,6 +2161,7 @@ option: Str('delattr*', cli_name='delattr', exclude='webui')
 option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
 option: Str('homedirectory', attribute=True, autofill=False, cli_name='homedir', multivalue=False, required=False)
 option: Str('ipaoriginaluid', attribute=True, autofill=False, cli_name='ipaoriginaluid', multivalue=False, required=False)
+option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, required=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Str('rename', cli_name='rename', multivalue=False, primary_key=True, required=False)
 option: Flag('rights', autofill=True, default=False)
diff --git a/ipalib/plugins/idviews.py b/ipalib/plugins/idviews.py
index 3b0df0223..afaa6f910 100644
--- a/ipalib/plugins/idviews.py
+++ b/ipalib/plugins/idviews.py
@@ -650,14 +650,14 @@ class idoverrideuser(baseidoverride):
             'ipapermright': {'read', 'search', 'compare'},
             'ipapermdefaultattr': {
                 'objectClass', 'ipaAnchorUUID', 'uidNumber', 'description',
-                'homeDirectory', 'uid', 'ipaOriginalUid',
+                'homeDirectory', 'uid', 'ipaOriginalUid', 'loginShell',
             },
         },
     }
 
     object_class = baseidoverride.object_class + ['ipaUserOverride']
     default_attributes = baseidoverride.default_attributes + [
-       'homeDirectory', 'uidNumber', 'uid', 'ipaOriginalUid',
+       'homeDirectory', 'uidNumber', 'uid', 'ipaOriginalUid', 'loginShell',
     ]
 
     takes_params = baseidoverride.takes_params + (
@@ -679,6 +679,10 @@ class idoverrideuser(baseidoverride):
             cli_name='homedir',
             label=_('Home directory'),
         ),
+        Str('loginshell?',
+            cli_name='shell',
+            label=_('Login shell'),
+        ),
         Str('ipaoriginaluid?',
             flags=['no_option', 'no_output']
             ),