mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
idviews: Add ipaAssignedIDVIew reference to the host object
Part of: https://fedorahosted.org/freeipa/ticket/3979 Reviewed-By: Petr Viktorin <pviktori@redhat.com> Reviewed-By: Petr Vobornik <pvoborni@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Tomas Babej
Martin Kosek
parent
6b14030e90
commit
be36525dc5
4
ACI.txt
4
ACI.txt
@ -97,13 +97,13 @@ aci: (targetattr = "krblastpwdchange || krbprincipalkey")(targetfilter = "(objec
|
||||
dn: cn=computers,cn=accounts,dc=ipa,dc=example
|
||||
aci: (targetattr = "ipasshpubkey")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Manage Host SSH Public Keys";allow (write) groupdn = "ldap:///cn=System: Manage Host SSH Public Keys,cn=permissions,cn=pbac,dc=ipa,dc=example";)
|
||||
dn: cn=computers,cn=accounts,dc=ipa,dc=example
|
||||
aci: (targetattr = "description || l || macaddress || nshardwareplatform || nshostlocation || nsosversion || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Modify Hosts";allow (write) groupdn = "ldap:///cn=System: Modify Hosts,cn=permissions,cn=pbac,dc=ipa,dc=example";)
|
||||
aci: (targetattr = "description || ipaassignedidview || l || macaddress || nshardwareplatform || nshostlocation || nsosversion || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Modify Hosts";allow (write) groupdn = "ldap:///cn=System: Modify Hosts,cn=permissions,cn=pbac,dc=ipa,dc=example";)
|
||||
dn: dc=ipa,dc=example
|
||||
aci: (targetattr = "cn || createtimestamp || entryusn || macaddress || modifytimestamp || objectclass")(target = "ldap:///cn=computers,cn=compat,dc=ipa,dc=example")(version 3.0;acl "permission:System: Read Host Compat Tree";allow (compare,read,search) userdn = "ldap:///anyone";)
|
||||
dn: cn=computers,cn=accounts,dc=ipa,dc=example
|
||||
aci: (targetattr = "memberof")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Read Host Membership";allow (compare,read,search) userdn = "ldap:///all";)
|
||||
dn: cn=computers,cn=accounts,dc=ipa,dc=example
|
||||
aci: (targetattr = "cn || createtimestamp || description || enrolledby || entryusn || fqdn || ipaclientversion || ipakrbauthzdata || ipasshpubkey || ipauniqueid || krbcanonicalname || krblastpwdchange || krbpasswordexpiration || krbprincipalaliases || krbprincipalexpiration || krbprincipalname || l || macaddress || managedby || modifytimestamp || nshardwareplatform || nshostlocation || nsosversion || objectclass || serverhostname || usercertificate || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Read Hosts";allow (compare,read,search) userdn = "ldap:///all";)
|
||||
aci: (targetattr = "cn || createtimestamp || description || enrolledby || entryusn || fqdn || ipaassignedidview || ipaclientversion || ipakrbauthzdata || ipasshpubkey || ipauniqueid || krbcanonicalname || krblastpwdchange || krbpasswordexpiration || krbprincipalaliases || krbprincipalexpiration || krbprincipalname || l || macaddress || managedby || modifytimestamp || nshardwareplatform || nshostlocation || nsosversion || objectclass || serverhostname || usercertificate || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Read Hosts";allow (compare,read,search) userdn = "ldap:///all";)
|
||||
dn: cn=computers,cn=accounts,dc=ipa,dc=example
|
||||
aci: (targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Remove Hosts";allow (delete) groupdn = "ldap:///cn=System: Remove Hosts,cn=permissions,cn=pbac,dc=ipa,dc=example";)
|
||||
dn: cn=hostgroups,cn=accounts,dc=ipa,dc=example
|
||||
|
||||
9
API.txt
9
API.txt
@ -1780,13 +1780,14 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
||||
output: Output('value', <type 'bool'>, None)
|
||||
output: Output('warning', (<type 'list'>, <type 'tuple'>, <type 'NoneType'>), None)
|
||||
command: host_add
|
||||
args: 1,22,3
|
||||
args: 1,23,3
|
||||
arg: Str('fqdn', attribute=True, cli_name='hostname', multivalue=False, primary_key=True, required=True)
|
||||
option: Str('addattr*', cli_name='addattr', exclude='webui')
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
|
||||
option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=False)
|
||||
option: Flag('force', autofill=True, default=False)
|
||||
option: Str('ip_address?')
|
||||
option: DNParam('ipaassignedidview', attribute=True, cli_name='ipaassignedidview', multivalue=False, required=False)
|
||||
option: Bool('ipakrbokasdelegate', attribute=False, cli_name='ok_as_delegate', multivalue=False, required=False)
|
||||
option: Bool('ipakrbrequirespreauth', attribute=False, cli_name='requires_pre_auth', multivalue=False, required=False)
|
||||
option: Str('ipasshpubkey', attribute=True, cli_name='sshpubkey', csv=True, multivalue=True, required=False)
|
||||
@ -1835,7 +1836,7 @@ output: Output('result', <type 'bool'>, None)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
||||
output: PrimaryKey('value', None, None)
|
||||
command: host_find
|
||||
args: 1,33,4
|
||||
args: 1,34,4
|
||||
arg: Str('criteria?', noextrawhitespace=False)
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
|
||||
option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False)
|
||||
@ -1846,6 +1847,7 @@ option: Str('in_hostgroup*', cli_name='in_hostgroups', csv=True)
|
||||
option: Str('in_netgroup*', cli_name='in_netgroups', csv=True)
|
||||
option: Str('in_role*', cli_name='in_roles', csv=True)
|
||||
option: Str('in_sudorule*', cli_name='in_sudorules', csv=True)
|
||||
option: DNParam('ipaassignedidview', attribute=True, autofill=False, cli_name='ipaassignedidview', multivalue=False, query=True, required=False)
|
||||
option: Str('l', attribute=True, autofill=False, cli_name='locality', multivalue=False, query=True, required=False)
|
||||
option: Str('macaddress', attribute=True, autofill=False, cli_name='macaddress', csv=True, multivalue=True, pattern='^([a-fA-F0-9]{2}[:|\\-]?){5}[a-fA-F0-9]{2}$', query=True, required=False)
|
||||
option: Str('man_by_host*', cli_name='man_by_hosts', csv=True)
|
||||
@ -1875,12 +1877,13 @@ output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
||||
output: Output('truncated', <type 'bool'>, None)
|
||||
command: host_mod
|
||||
args: 1,23,3
|
||||
args: 1,24,3
|
||||
arg: Str('fqdn', attribute=True, cli_name='hostname', multivalue=False, primary_key=True, query=True, required=True)
|
||||
option: Str('addattr*', cli_name='addattr', exclude='webui')
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
|
||||
option: Str('delattr*', cli_name='delattr', exclude='webui')
|
||||
option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
|
||||
option: DNParam('ipaassignedidview', attribute=True, autofill=False, cli_name='ipaassignedidview', multivalue=False, required=False)
|
||||
option: Bool('ipakrbokasdelegate', attribute=False, autofill=False, cli_name='ok_as_delegate', multivalue=False, required=False)
|
||||
option: Bool('ipakrbrequirespreauth', attribute=False, autofill=False, cli_name='requires_pre_auth', multivalue=False, required=False)
|
||||
option: Str('ipasshpubkey', attribute=True, autofill=False, cli_name='sshpubkey', csv=True, multivalue=True, required=False)
|
||||
|
||||
@ -27,7 +27,7 @@ import netaddr
|
||||
import string
|
||||
|
||||
from ipalib import api, errors, util
|
||||
from ipalib import Str, Flag, Bytes
|
||||
from ipalib import Str, Flag, Bytes, DNParam
|
||||
from ipalib.plugable import Registry
|
||||
from ipalib.plugins.baseldap import *
|
||||
from ipalib.plugins.service import (split_principal, validate_certificate,
|
||||
@ -276,7 +276,7 @@ class host(LDAPObject):
|
||||
'krbprincipalname', 'l', 'macaddress', 'nshardwareplatform',
|
||||
'nshostlocation', 'nsosversion', 'objectclass',
|
||||
'serverhostname', 'usercertificate', 'userclass',
|
||||
'enrolledby', 'managedby',
|
||||
'enrolledby', 'managedby', 'ipaassignedidview',
|
||||
'krbprincipalname', 'krbcanonicalname', 'krbprincipalaliases',
|
||||
'krbprincipalexpiration', 'krbpasswordexpiration',
|
||||
'krblastpwdchange',
|
||||
@ -342,7 +342,7 @@ class host(LDAPObject):
|
||||
'ipapermright': {'write'},
|
||||
'ipapermdefaultattr': {
|
||||
'description', 'l', 'nshardwareplatform', 'nshostlocation',
|
||||
'nsosversion', 'macaddress', 'userclass',
|
||||
'nsosversion', 'macaddress', 'userclass', 'ipaassignedidview',
|
||||
},
|
||||
'replaces': [
|
||||
'(targetattr = "description || l || nshostlocation || nshardwareplatform || nsosversion")(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "permission:Modify Hosts";allow (write) groupdn = "ldap:///cn=Modify Hosts,cn=permissions,cn=pbac,$SUFFIX";)',
|
||||
@ -459,6 +459,9 @@ class host(LDAPObject):
|
||||
doc=_('Host category (semantics placed on this attribute are for '
|
||||
'local interpretation)'),
|
||||
),
|
||||
DNParam('ipaassignedidview?',
|
||||
flags=['no_option'],
|
||||
),
|
||||
) + ticket_flags_params
|
||||
|
||||
def get_dn(self, *keys, **options):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user