IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

stageuser: Add stageuser-{add,remove}-cert

Browse Source 
Move {add,remove}-cert implementation from user to baseuser and inherit
{,stage}user-{add,remove}-cert from it.

https://fedorahosted.org/freeipa/ticket/6623

Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
David Kupka 2017-01-18 13:24:29 +01:00 committed by Martin Basti
parent 054c1e013a
commit 9c0e86530e
4 changed files with 78 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
API.txt
View File

@ -4751,6 +4751,17 @@ option: Str('version?')
output: Entry('result') output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>]) output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value') output: PrimaryKey('value')
command: stageuser_add_cert/1
args: 1,5,3
arg: Str('uid', cli_name='login')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Flag('no_members', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Bytes('usercertificate+', alwaysask=True, cli_name='certificate')
option: Str('version?')
output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: stageuser_add_manager/1 command: stageuser_add_manager/1
args: 1,5,3 args: 1,5,3
arg: Str('uid', cli_name='login') arg: Str('uid', cli_name='login')
@ -4882,6 +4893,17 @@ option: Str('version?')
output: Entry('result') output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>]) output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value') output: PrimaryKey('value')
command: stageuser_remove_cert/1
args: 1,5,3
arg: Str('uid', cli_name='login')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Flag('no_members', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Bytes('usercertificate+', alwaysask=True, cli_name='certificate')
option: Str('version?')
output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: stageuser_remove_manager/1 command: stageuser_remove_manager/1
args: 1,5,3 args: 1,5,3
arg: Str('uid', cli_name='login') arg: Str('uid', cli_name='login')
@ -6661,10 +6683,12 @@ default: sidgen_was_run/1
default: stageuser/1 default: stageuser/1
default: stageuser_activate/1 default: stageuser_activate/1
default: stageuser_add/1 default: stageuser_add/1
default: stageuser_add_cert/1
default: stageuser_add_manager/1 default: stageuser_add_manager/1
default: stageuser_del/1 default: stageuser_del/1
default: stageuser_find/1 default: stageuser_find/1
default: stageuser_mod/1 default: stageuser_mod/1
default: stageuser_remove_cert/1
default: stageuser_remove_manager/1 default: stageuser_remove_manager/1
default: stageuser_show/1 default: stageuser_show/1
default: sudocmd/1 default: sudocmd/1

36
ipaserver/plugins/baseuser.py
View File

@ -26,7 +26,7 @@ from ipalib.plugable import Registry
from .baseldap import ( from .baseldap import (
DN, LDAPObject, LDAPCreate, LDAPUpdate, LDAPSearch, LDAPDelete, DN, LDAPObject, LDAPCreate, LDAPUpdate, LDAPSearch, LDAPDelete,
LDAPRetrieve, LDAPAddAttribute, LDAPRemoveAttribute, LDAPAddMember, LDAPRetrieve, LDAPAddAttribute, LDAPRemoveAttribute, LDAPAddMember,
LDAPRemoveMember) LDAPRemoveMember, LDAPAddAttributeViaOption, LDAPRemoveAttributeViaOption)
from ipaserver.plugins.service import ( from ipaserver.plugins.service import (
validate_certificate, validate_realm, normalize_principal) validate_certificate, validate_realm, normalize_principal)
from ipalib.request import context from ipalib.request import context
@ -694,3 +694,37 @@ class baseuser_remove_principal(LDAPRemoveAttribute):
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
ensure_last_krbprincipalname(ldap, entry_attrs, *keys) ensure_last_krbprincipalname(ldap, entry_attrs, *keys)
return dn return dn
class baseuser_add_cert(LDAPAddAttributeViaOption):
attribute = 'usercertificate'
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys,
**options):
self.obj.convert_usercertificate_pre(entry_attrs)
return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
assert isinstance(dn, DN)
self.obj.convert_usercertificate_post(entry_attrs, **options)
return dn
class baseuser_remove_cert(LDAPRemoveAttributeViaOption):
attribute = 'usercertificate'
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys,
**options):
self.obj.convert_usercertificate_pre(entry_attrs)
return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
assert isinstance(dn, DN)
self.obj.convert_usercertificate_post(entry_attrs, **options)
return dn

14
ipaserver/plugins/stageuser.py
View File

@ -39,6 +39,8 @@ from .baseuser import (
baseuser_show, baseuser_show,
NO_UPG_MAGIC, NO_UPG_MAGIC,
baseuser_output_params, baseuser_output_params,
baseuser_add_cert,
baseuser_remove_cert,
baseuser_add_manager, baseuser_add_manager,
baseuser_remove_manager) baseuser_remove_manager)
from ipalib.request import context from ipalib.request import context
@ -744,3 +746,15 @@ class stageuser_add_manager(baseuser_add_manager):
@register() @register()
class stageuser_remove_manager(baseuser_remove_manager): class stageuser_remove_manager(baseuser_remove_manager):
__doc__ = _("Remove a manager to the stage user entry") __doc__ = _("Remove a manager to the stage user entry")
@register()
class stageuser_add_cert(baseuser_add_cert):
__doc__ = _("Add one or more certificates to the stageuser entry")
msg_summary = _('Added certificates to stageuser "%(value)s"')
@register()
class stageuser_remove_cert(baseuser_remove_cert):
__doc__ = _("Remove one or more certificates to the stageuser entry")
msg_summary = _('Removed certificates from stageuser "%(value)s"')

42
ipaserver/plugins/user.py
View File

@ -43,6 +43,8 @@ from .baseuser import (
fix_addressbook_permission_bindrule, fix_addressbook_permission_bindrule,
baseuser_add_manager, baseuser_add_manager,
baseuser_remove_manager, baseuser_remove_manager,
baseuser_add_cert,
baseuser_remove_cert,
baseuser_add_principal, baseuser_add_principal,
baseuser_remove_principal) baseuser_remove_principal)
from .idviews import remove_ipaobject_overrides from .idviews import remove_ipaobject_overrides
@ -53,9 +55,7 @@ from .baseldap import (
LDAPCreate, LDAPCreate,
LDAPSearch, LDAPSearch,
LDAPQuery, LDAPQuery,
LDAPMultiQuery, LDAPMultiQuery)
LDAPAddAttributeViaOption,
LDAPRemoveAttributeViaOption)
from . import baseldap from . import baseldap
from ipalib.request import context from ipalib.request import context
from ipalib import _, ngettext from ipalib import _, ngettext
@ -1157,47 +1157,15 @@ class user_status(LDAPQuery):
@register() @register()
class user_add_cert(LDAPAddAttributeViaOption): class user_add_cert(baseuser_add_cert):
__doc__ = _('Add one or more certificates to the user entry') __doc__ = _('Add one or more certificates to the user entry')
msg_summary = _('Added certificates to user "%(value)s"') msg_summary = _('Added certificates to user "%(value)s"')
attribute = 'usercertificate'
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys,
**options):
dn = self.obj.get_either_dn(*keys, **options)
self.obj.convert_usercertificate_pre(entry_attrs)
return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
assert isinstance(dn, DN)
self.obj.convert_usercertificate_post(entry_attrs, **options)
return dn
@register() @register()
class user_remove_cert(LDAPRemoveAttributeViaOption): class user_remove_cert(baseuser_remove_cert):
__doc__ = _('Remove one or more certificates to the user entry') __doc__ = _('Remove one or more certificates to the user entry')
msg_summary = _('Removed certificates from user "%(value)s"') msg_summary = _('Removed certificates from user "%(value)s"')
attribute = 'usercertificate'
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys,
**options):
dn = self.obj.get_either_dn(*keys, **options)
self.obj.convert_usercertificate_pre(entry_attrs)
return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
assert isinstance(dn, DN)
self.obj.convert_usercertificate_post(entry_attrs, **options)
return dn
@register() @register()