IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

server: define missing virtual attributes

Browse Source 
Move virtual attributes defined in output params of methods into params of
the related object.

This fixes the virtual attributes being ommited in CLI output.

https://fedorahosted.org/freeipa/ticket/4739

Reviewed-By: David Kupka <dkupka@redhat.com>
This commit is contained in:
Jan Cholasta 2016-06-30 06:37:16 +02:00
parent 16f33ddb51
commit ae5f11b4de
12 changed files with 147 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ipaserver/plugins/aci.py
View File

@ -507,6 +507,10 @@ class aci(Object):
flags=('virtual_attribute',),
),
_prefix_option,
Str('aci',
label=_('ACI'),
flags={'no_create', 'no_update', 'no_search'},
),
)
@ -611,11 +615,6 @@ class aci_mod(crud.Update):
Modify ACI.
"""
NO_CLI = True
has_output_params = (
Str('aci',
label=_('ACI'),
),
)
takes_options = (_prefix_option,)
@ -886,12 +885,6 @@ class aci_show(crud.Retrieve):
"""
NO_CLI = True
has_output_params = (
Str('aci',
label=_('ACI'),
),
)
takes_options = (
_prefix_option,
DNParam('location?',
@ -932,11 +925,6 @@ class aci_rename(crud.Update):
Rename an ACI.
"""
NO_CLI = True
has_output_params = (
Str('aci',
label=_('ACI'),
),
)
takes_options = (
_prefix_option,

7
ipaserver/plugins/baseuser.py
View File

@ -59,9 +59,6 @@ baseuser_output_params = (
Flag('has_keytab',
label=_('Kerberos keys available'),
),
Str('sshpubkeyfp*',
label=_('SSH public key fingerprint'),
),
)
status_baseuser_output_params = (
@ -353,6 +350,10 @@ class baseuser(LDAPObject):
normalizer=normalize_sshpubkey,
flags=['no_search'],
),
Str('sshpubkeyfp*',
label=_('SSH public key fingerprint'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
StrEnum('ipauserauthtype*',
cli_name='user_auth_type',
label=_('User authentication types'),

10
ipaserver/plugins/certprofile.py
View File

@ -122,6 +122,10 @@ class certprofile(LDAPObject):
label=_('Profile ID'),
doc=_('Profile ID for referring to this profile'),
),
Str('config',
label=_('Profile configuration'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('description',
required=True,
cli_name='desc',
@ -195,12 +199,6 @@ class certprofile_find(LDAPSearch):
class certprofile_show(LDAPRetrieve):
__doc__ = _("Display the properties of a Certificate Profile.")
has_output_params = LDAPRetrieve.has_output_params + (
Str('config',
label=_('Profile configuration'),
),
)
takes_options = LDAPRetrieve.takes_options + (
Str('out?',
doc=_('Write profile configuration to file'),

14
ipaserver/plugins/delegation.py
View File

@ -56,11 +56,6 @@ register = Registry()
ACI_PREFIX=u"delegation"
output_params = (
Str('aci',
label=_('ACI'),
),
)
@register()
class delegation(Object):
@ -102,6 +97,10 @@ class delegation(Object):
label=_('User group'),
doc=_('User group ACI grants access to'),
),
Str('aci',
label=_('ACI'),
flags={'no_create', 'no_update', 'no_search'},
),
)
def __json__(self):
@ -131,7 +130,6 @@ class delegation_add(crud.Create):
__doc__ = _('Add a new delegation.')
msg_summary = _('Added delegation "%(value)s"')
has_output_params = output_params
def execute(self, aciname, **kw):
if not 'permissions' in kw:
@ -170,7 +168,6 @@ class delegation_mod(crud.Update):
__doc__ = _('Modify a delegation.')
msg_summary = _('Modified delegation "%(value)s"')
has_output_params = output_params
def execute(self, aciname, **kw):
kw['aciprefix'] = ACI_PREFIX
@ -193,7 +190,6 @@ class delegation_find(crud.Search):
)
takes_options = (gen_pkey_only_option("name"),)
has_output_params = output_params
def execute(self, term=None, **kw):
kw['aciprefix'] = ACI_PREFIX
@ -214,8 +210,6 @@ class delegation_find(crud.Search):
class delegation_show(crud.Retrieve):
__doc__ = _('Display information about a delegation.')
has_output_params = output_params
def execute(self, aciname, **kw):
result = api.Command['aci_show'](aciname, aciprefix=ACI_PREFIX, **kw)['result']
self.obj.postprocess_result(result)

21
ipaserver/plugins/dns.py
View File

@ -1550,12 +1550,6 @@ def default_zone_update_policy(zone):
else:
return get_dns_forward_zone_update_policy(api.env.realm)
dnszone_output_params = (
Str('managedby',
label=_('Managedby permission'),
),
)
def _convert_to_idna(value):
"""
@ -1990,7 +1984,10 @@ class DNSZoneBase(LDAPObject):
'that case, conditional zone forwarders are disregarded.'),
values=(u'only', u'first', u'none'),
),
Str('managedby',
label=_('Managedby permission'),
flags={'virtual_attribute', 'no_create', 'no_search', 'no_update'},
),
)
def get_dn(self, *keys, **options):
@ -2081,8 +2078,6 @@ class DNSZoneBase_add(LDAPCreate):
),
)
has_output_params = LDAPCreate.has_output_params + dnszone_output_params
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
assert isinstance(dn, DN)
@ -2127,8 +2122,6 @@ class DNSZoneBase_del(LDAPDelete):
class DNSZoneBase_mod(LDAPUpdate):
has_output_params = LDAPUpdate.has_output_params + dnszone_output_params
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
assert isinstance(dn, DN)
self.obj._make_zonename_absolute(entry_attrs, **options)
@ -2138,8 +2131,6 @@ class DNSZoneBase_mod(LDAPUpdate):
class DNSZoneBase_find(LDAPSearch):
__doc__ = _('Search for DNS zones (SOA records).')
has_output_params = LDAPSearch.has_output_params + dnszone_output_params
def args_options_2_params(self, *args, **options):
# FIXME: Check that name_from_ip is valid. This is necessary because
# custom validation rules, including _validate_ipnet, are not
@ -2178,8 +2169,6 @@ class DNSZoneBase_find(LDAPSearch):
class DNSZoneBase_show(LDAPRetrieve):
has_output_params = LDAPRetrieve.has_output_params + dnszone_output_params
def pre_callback(self, ldap, dn, attrs_list, *keys, **options):
assert isinstance(dn, DN)
if not _check_DN_objectclass(ldap, dn, self.obj.object_class):
@ -4397,8 +4386,6 @@ class dnsforwardzone_find(DNSZoneBase_find):
class dnsforwardzone_show(DNSZoneBase_show):
__doc__ = _('Display information about a DNS forward zone.')
has_output_params = LDAPRetrieve.has_output_params + dnszone_output_params
@register()
class dnsforwardzone_disable(DNSZoneBase_disable):

70
ipaserver/plugins/host.py
View File

@ -198,39 +198,9 @@ host_output_params = (
Str('managing_host',
label='Managing',
),
Str('subject',
label=_('Subject'),
),
Str('serial_number',
label=_('Serial Number'),
),
Str('serial_number_hex',
label=_('Serial Number (hex)'),
),
Str('issuer',
label=_('Issuer'),
),
Str('valid_not_before',
label=_('Not Before'),
),
Str('valid_not_after',
label=_('Not After'),
),
Str('md5_fingerprint',
label=_('Fingerprint (MD5)'),
),
Str('sha1_fingerprint',
label=_('Fingerprint (SHA1)'),
),
Str('revocation_reason?',
label=_('Revocation reason'),
),
Str('managedby',
label=_('Failed managedby'),
),
Str('sshpubkeyfp*',
label=_('SSH public key fingerprint'),
),
Str('ipaallowedtoperform_read_keys_user',
label=_('Users allowed to retrieve keytab'),
),
@ -502,6 +472,42 @@ class host(LDAPObject):
label=_('Certificate'),
doc=_('Base-64 encoded host certificate'),
),
Str('subject',
label=_('Subject'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('serial_number',
label=_('Serial Number'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('serial_number_hex',
label=_('Serial Number (hex)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('issuer',
label=_('Issuer'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('valid_not_before',
label=_('Not Before'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('valid_not_after',
label=_('Not After'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('md5_fingerprint',
label=_('Fingerprint (MD5)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('sha1_fingerprint',
label=_('Fingerprint (SHA1)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('revocation_reason?',
label=_('Revocation reason'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('krbprincipalname?',
label=_('Principal name'),
flags=['no_create', 'no_update', 'no_search'],
@ -520,6 +526,10 @@ class host(LDAPObject):
normalizer=normalize_sshpubkey,
flags=['no_search'],
),
Str('sshpubkeyfp*',
label=_('SSH public key fingerprint'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('userclass*',
cli_name='class',
label=_('Class'),

24
ipaserver/plugins/idviews.py
View File

@ -106,6 +106,18 @@ class idview(LDAPObject):
cli_name='desc',
label=_('Description'),
),
Str('useroverrides',
label=_('User object overrides'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('groupoverrides',
label=_('Group object overrides'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('appliedtohosts',
label=_('Hosts the view applies to'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
)
permission_filter_objectclasses = ['nsContainer']
@ -170,17 +182,7 @@ class idview_show(LDAPRetrieve):
),
)
has_output_params = global_output_params + (
Str('useroverrides',
label=_('User object overrides'),
),
Str('groupoverrides',
label=_('Group object overrides'),
),
Str('appliedtohosts',
label=_('Hosts the view applies to')
),
)
has_output_params = global_output_params
def show_id_overrides(self, dn, entry_attrs):
ldap = self.obj.backend

8
ipaserver/plugins/otptoken.py
View File

@ -264,6 +264,10 @@ class otptoken(LDAPObject):
minvalue=0,
flags=('no_update'),
),
Str('uri?',
label=_('URI'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
)
@ -277,10 +281,6 @@ class otptoken_add(LDAPCreate):
Flag('no_qrcode', label=_('Do not display QR code'), default=False),
)
has_output_params = LDAPCreate.has_output_params + (
Str('uri?', label=_('URI')),
)
def execute(self, ipatokenuniqueid=None, **options):
return super(otptoken_add, self).execute(ipatokenuniqueid, **options)

15
ipaserver/plugins/permission.py
View File

@ -113,12 +113,6 @@ _DEPRECATED_OPTION_ALIASES = {
KNOWN_FLAGS = {'SYSTEM', 'V2', 'MANAGED'}
output_params = (
Str('aci',
label=_('ACI'),
),
)
def strip_ldap_prefix(uri):
prefix = 'ldap:///'
@ -354,6 +348,10 @@ class permission(baseldap.LDAPObject):
for old_name, new_name in _DEPRECATED_OPTION_ALIASES.items()
) + (
_ipapermissiontype_param,
Str('aci',
label=_('ACI'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
)
def reject_system(self, entry):
@ -950,7 +948,6 @@ class permission_add_noaci(baseldap.LDAPCreate):
msg_summary = _('Added permission "%(value)s"')
NO_CLI = True
has_output_params = baseldap.LDAPCreate.has_output_params + output_params
takes_options = (
_ipapermissiontype_param,
@ -978,7 +975,6 @@ class permission_add(baseldap.LDAPCreate):
__doc__ = _('Add a new permission.')
msg_summary = _('Added permission "%(value)s"')
has_output_params = baseldap.LDAPCreate.has_output_params + output_params
# Need to override execute so that processed options apply to
# the whole command, not just the callbacks
@ -1082,7 +1078,6 @@ class permission_mod(baseldap.LDAPUpdate):
__doc__ = _('Modify a permission.')
msg_summary = _('Modified permission "%(value)s"')
has_output_params = baseldap.LDAPUpdate.has_output_params + output_params
def execute(self, *keys, **options):
context.filter_ops = self.obj.preprocess_options(
@ -1249,7 +1244,6 @@ class permission_find(baseldap.LDAPSearch):
msg_summary = ngettext(
'%(count)d permission matched', '%(count)d permissions matched', 0)
has_output_params = baseldap.LDAPSearch.has_output_params + output_params
def execute(self, *keys, **options):
self.obj.preprocess_options(options, merge_targetfilter=True)
@ -1375,7 +1369,6 @@ class permission_find(baseldap.LDAPSearch):
@register()
class permission_show(baseldap.LDAPRetrieve):
__doc__ = _('Display information about a permission.')
has_output_params = baseldap.LDAPRetrieve.has_output_params + output_params
def post_callback(self, ldap, dn, entry, *keys, **options):
self.obj.upgrade_permission(entry, output_only=True)

15
ipaserver/plugins/selfservice.py
View File

@ -57,12 +57,6 @@ register = Registry()
ACI_PREFIX=u"selfservice"
output_params = (
Str('aci',
label=_('ACI'),
),
)
@register()
class selfservice(Object):
@ -96,6 +90,10 @@ class selfservice(Object):
doc=_('Attributes to which the permission applies.'),
normalizer=lambda value: value.lower(),
),
Str('aci',
label=_('ACI'),
flags={'no_create', 'no_update', 'no_search'},
),
)
def __json__(self):
@ -124,7 +122,6 @@ class selfservice_add(crud.Create):
__doc__ = _('Add a new self-service permission.')
msg_summary = _('Added selfservice "%(value)s"')
has_output_params = output_params
def execute(self, aciname, **kw):
if not 'permissions' in kw:
@ -164,7 +161,6 @@ class selfservice_mod(crud.Update):
__doc__ = _('Modify a self-service permission.')
msg_summary = _('Modified selfservice "%(value)s"')
has_output_params = output_params
def execute(self, aciname, **kw):
if 'attrs' in kw and kw['attrs'] is None:
@ -190,7 +186,6 @@ class selfservice_find(crud.Search):
)
takes_options = (gen_pkey_only_option("name"),)
has_output_params = output_params
def execute(self, term=None, **kw):
kw['selfaci'] = True
@ -212,8 +207,6 @@ class selfservice_find(crud.Search):
class selfservice_show(crud.Retrieve):
__doc__ = _('Display information about a self-service permission.')
has_output_params = output_params
def execute(self, aciname, **kw):
result = api.Command['aci_show'](aciname, aciprefix=ACI_PREFIX, **kw)['result']
self.obj.postprocess_result(result)

63
ipaserver/plugins/service.py
View File

@ -122,33 +122,6 @@ output_params = (
Str('managedby_host',
label='Managed by',
),
Str('subject',
label=_('Subject'),
),
Str('serial_number',
label=_('Serial Number'),
),
Str('serial_number_hex',
label=_('Serial Number (hex)'),
),
Str('issuer',
label=_('Issuer'),
),
Str('valid_not_before',
label=_('Not Before'),
),
Str('valid_not_after',
label=_('Not After'),
),
Str('md5_fingerprint',
label=_('Fingerprint (MD5)'),
),
Str('sha1_fingerprint',
label=_('Fingerprint (SHA1)'),
),
Str('revocation_reason?',
label=_('Revocation reason'),
),
Str('ipaallowedtoperform_read_keys_user',
label=_('Users allowed to retrieve keytab'),
),
@ -497,6 +470,42 @@ class service(LDAPObject):
doc=_('Base-64 encoded service certificate'),
flags=['no_search',],
),
Str('subject',
label=_('Subject'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('serial_number',
label=_('Serial Number'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('serial_number_hex',
label=_('Serial Number (hex)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('issuer',
label=_('Issuer'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('valid_not_before',
label=_('Not Before'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('valid_not_after',
label=_('Not After'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('md5_fingerprint',
label=_('Fingerprint (MD5)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('sha1_fingerprint',
label=_('Fingerprint (SHA1)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('revocation_reason?',
label=_('Revocation reason'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
StrEnum('ipakrbauthzdata*',
cli_name='pac_type',
label=_('PAC type'),

46
ipaserver/plugins/trust.py
View File

@ -157,17 +157,6 @@ particular type.
register = Registry()
trust_output_params = (
Str('trustdirection',
label=_('Trust direction')),
Str('trusttype',
label=_('Trust type')),
Str('truststatus',
label=_('Trust status')),
Str('ipantadditionalsuffixes*',
label=_('UPN suffixes')),
)
# Trust type is a combination of ipanttrusttype and ipanttrustattributes
# We shift trust attributes by 3 bits to left so bit 0 becomes bit 3 and
# 2+(1 << 3) becomes 10.
@ -551,6 +540,22 @@ class trust(LDAPObject):
cli_name='sid_blacklist_outgoing',
label=_('SID blacklist outgoing'),
flags=['no_create']),
Str('trustdirection',
label=_('Trust direction'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('trusttype',
label=_('Trust type'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('truststatus',
label=_('Trust status'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
Str('ipantadditionalsuffixes*',
label=_('UPN suffixes'),
flags={'no_create', 'no_update', 'no_search'},
),
)
def validate_sid_blacklists(self, entry_attrs):
@ -704,7 +709,6 @@ sides.
msg_summary = _('Added Active Directory trust for realm "%(value)s"')
msg_summary_existing = _('Re-established trust to domain "%(value)s"')
has_output_params = LDAPCreate.has_output_params + trust_output_params
def execute(self, *keys, **options):
ldap = self.obj.backend
@ -1063,8 +1067,8 @@ class trust_mod(LDAPUpdate):
@register()
class trust_find(LDAPSearch):
__doc__ = _('Search for trusts.')
has_output_params = LDAPSearch.has_output_params + trust_output_params +\
(Str('ipanttrusttype'), Str('ipanttrustattributes'))
has_output_params = (LDAPSearch.has_output_params +
(Str('ipanttrusttype'), Str('ipanttrustattributes')))
msg_summary = ngettext(
'%(count)d trust matched', '%(count)d trusts matched', 0
@ -1102,8 +1106,10 @@ class trust_find(LDAPSearch):
@register()
class trust_show(LDAPRetrieve):
__doc__ = _('Display information about a trust.')
has_output_params = LDAPRetrieve.has_output_params + trust_output_params +\
(Str('ipanttrusttype'), Str('ipanttrustdirection'), Str('ipanttrustattributes'))
has_output_params = (LDAPRetrieve.has_output_params +
(Str('ipanttrusttype'),
Str('ipanttrustdirection'),
Str('ipanttrustattributes')))
def execute(self, *keys, **options):
result = super(trust_show, self).execute(*keys, **options)
@ -1514,6 +1520,10 @@ class trustdomain(LDAPObject):
cli_name='sid',
label=_('Domain Security Identifier'),
),
Flag('domain_enabled',
label=_('Domain enabled'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
)
# LDAPObject.get_dn() only passes all but last element of keys and no kwargs
@ -1533,10 +1543,6 @@ class trustdomain(LDAPObject):
class trustdomain_find(LDAPSearch):
__doc__ = _('Search domains of the trust')
has_output_params = LDAPSearch.has_output_params + trust_output_params + (
Flag('domain_enabled', label= _('Domain enabled')),
)
def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options):
return (filters, base_dn, ldap.SCOPE_SUBTREE)