Populate indirect members when showing a group object.

This is done by creating a new attribute, memberindirect, to hold this indirect membership. The new function get_members() can return all members or just indirect or direct. We are only using it to retrieve indirect members currently. This also: * Moves all member display attributes into baseldap.py to reduce duplication * Adds netgroup nesting * Use a unique object name in hbacsvc and hbacsvcgroup ticket 296
2025-02-25 18:55:28 -06:00 · 2010-10-04 17:45:40 -04:00
parent 47629a604d
commit c25d62965a
15 changed files with 557 additions and 138 deletions
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -83,12 +83,14 @@ class group(LDAPObject):
    object_class_config = 'ipagroupobjectclasses'
    search_attributes_config = 'ipagroupsearchfields'
    default_attributes = [
-        'cn', 'description', 'gidnumber', 'member', 'memberof'
+        'cn', 'description', 'gidnumber', 'member', 'memberof',
+        'memberindirect',
    ]
    uuid_attribute = 'ipauniqueid'
    attribute_members = {
        'member': ['user', 'group'],
        'memberof': ['group', 'netgroup', 'rolegroup', 'taskgroup'],
+        'memberindirect': ['user', 'group', 'netgroup', 'rolegroup', 'taskgroup'],
    }
    rdnattr = 'cn'

@@ -114,14 +116,6 @@ class group(LDAPObject):
            label=_('GID'),
            doc=_('GID (use this option to set it manually)'),
        ),
-        Str('member_group?',
-            label=_('Member groups'),
-            flags=['no_create', 'no_update', 'no_search'],
-        ),
-        Str('member_user?',
-            label=_('Member users'),
-            flags=['no_create', 'no_update', 'no_search'],
-        ),
    )

 api.register(group)