idviews: Split the idoverride commands into iduseroverride and idgroupoverride

Part of: https://fedorahosted.org/freeipa/ticket/3979 Reviewed-By: Petr Viktorin <pviktori@redhat.com> Reviewed-By: Petr Vobornik <pvoborni@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-02-25 18:55:28 -06:00 · 2014-09-05 12:39:28 +02:00 · 2014-09-05 12:39:28 +02:00 · cbf1ad84f1
commit cbf1ad84f1
parent b4a13aeea8
3 changed files with 146 additions and 23 deletions
--- a/ACI.txt
+++ b/ACI.txt
@ -119,7 +119,9 @@ aci: (targetattr = "businesscategory || cn || createtimestamp || description ||
 dn: cn=hostgroups,cn=accounts,dc=ipa,dc=example
 aci: (targetfilter = "(objectclass=ipahostgroup)")(version 3.0;acl "permission:System: Remove Hostgroups";allow (delete) groupdn = "ldap:///cn=System: Remove Hostgroups,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: cn=views,cn=accounts,dc=ipa,dc=example
-aci: (targetattr = "cn || createtimestamp || description || entryusn || gidnumber || homedirectory || ipaanchoruuid || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(objectclass=ipaOverrideAnchor)")(version 3.0;acl "permission:System: Read ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
+aci: (targetattr = "cn || createtimestamp || description || entryusn || gidnumber || ipaanchoruuid || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaGroupOverride)")(version 3.0;acl "permission:System: Read Group ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
+dn: cn=views,cn=accounts,dc=ipa,dc=example
+aci: (targetattr = "createtimestamp || description || entryusn || homedirectory || ipaanchoruuid || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(objectclass=ipaUserOverride)")(version 3.0;acl "permission:System: Read User ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
 dn: cn=ranges,cn=etc,dc=ipa,dc=example
 aci: (targetattr = "cn || createtimestamp || entryusn || ipabaseid || ipabaserid || ipaidrangesize || ipanttrusteddomainsid || iparangetype || ipasecondarybaserid || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaidrange)")(version 3.0;acl "permission:System: Read ID Ranges";allow (compare,read,search) userdn = "ldap:///all";)
 dn: cn=views,cn=accounts,dc=ipa,dc=example
--- a/API.txt
+++ b/API.txt
@ -2032,8 +2032,8 @@ command: i18n_messages
 args: 0,1,1
 option: Str('version?', exclude='webui')
 output: Output('texts', <type 'dict'>, None)
-command: idoverride_add
-args: 2,11,3
+command: idoverridegroup_add
+args: 2,8,3
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, required=True)
 option: Str('addattr*', cli_name='addattr', exclude='webui')
@ -2041,6 +2041,75 @@ option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui
 option: Str('cn', attribute=True, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
 option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=True)
 option: Int('gidnumber', attribute=True, cli_name='gid', minvalue=1, multivalue=False, required=False)
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('setattr*', cli_name='setattr', exclude='webui')
+option: Str('version?', exclude='webui')
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: PrimaryKey('value', None, None)
+command: idoverridegroup_del
+args: 2,2,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=True, primary_key=True, query=True, required=True)
+option: Flag('continue', autofill=True, cli_name='continue', default=False)
+option: Str('version?', exclude='webui')
+output: Output('result', <type 'dict'>, None)
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: ListOfPrimaryKeys('value', None, None)
+command: idoverridegroup_find
+args: 2,10,4
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('criteria?', noextrawhitespace=False)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', query=True, required=False)
+option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False)
+option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, query=True, required=False)
+option: Str('ipaanchoruuid', attribute=True, autofill=False, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=False)
+option: Flag('pkey_only?', autofill=True, default=False)
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Int('sizelimit?', autofill=False, minvalue=0)
+option: Int('timelimit?', autofill=False, minvalue=0)
+option: Str('version?', exclude='webui')
+output: Output('count', <type 'int'>, None)
+output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: Output('truncated', <type 'bool'>, None)
+command: idoverridegroup_mod
+args: 2,11,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
+option: Str('addattr*', cli_name='addattr', exclude='webui')
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
+option: Str('delattr*', cli_name='delattr', exclude='webui')
+option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
+option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, required=False)
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('rename', cli_name='rename', multivalue=False, primary_key=True, required=False)
+option: Flag('rights', autofill=True, default=False)
+option: Str('setattr*', cli_name='setattr', exclude='webui')
+option: Str('version?', exclude='webui')
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: PrimaryKey('value', None, None)
+command: idoverridegroup_show
+args: 2,4,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Flag('rights', autofill=True, default=False)
+option: Str('version?', exclude='webui')
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: PrimaryKey('value', None, None)
+command: idoverrideuser_add
+args: 2,9,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, required=True)
+option: Str('addattr*', cli_name='addattr', exclude='webui')
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=True)
 option: Str('homedirectory', attribute=True, cli_name='homedir', multivalue=False, required=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Str('setattr*', cli_name='setattr', exclude='webui')
@ -2050,7 +2119,7 @@ option: Str('version?', exclude='webui')
 output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: PrimaryKey('value', None, None)
-command: idoverride_del
+command: idoverrideuser_del
 args: 2,2,3
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=True, primary_key=True, query=True, required=True)
@ -2059,14 +2128,12 @@ option: Str('version?', exclude='webui')
 output: Output('result', <type 'dict'>, None)
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: ListOfPrimaryKeys('value', None, None)
-command: idoverride_find
-args: 2,13,4
+command: idoverrideuser_find
+args: 2,11,4
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('criteria?', noextrawhitespace=False)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
-option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', query=True, required=False)
 option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False)
-option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, query=True, required=False)
 option: Str('homedirectory', attribute=True, autofill=False, cli_name='homedir', multivalue=False, query=True, required=False)
 option: Str('ipaanchoruuid', attribute=True, autofill=False, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=False)
 option: Flag('pkey_only?', autofill=True, default=False)
@ -2080,16 +2147,14 @@ output: Output('count', <type 'int'>, None)
 output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Output('truncated', <type 'bool'>, None)
-command: idoverride_mod
-args: 2,14,3
+command: idoverrideuser_mod
+args: 2,12,3
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
 option: Str('addattr*', cli_name='addattr', exclude='webui')
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
-option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
 option: Str('delattr*', cli_name='delattr', exclude='webui')
 option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
-option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, required=False)
 option: Str('homedirectory', attribute=True, autofill=False, cli_name='homedir', multivalue=False, required=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Str('rename', cli_name='rename', multivalue=False, primary_key=True, required=False)
@ -2101,7 +2166,7 @@ option: Str('version?', exclude='webui')
 output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: PrimaryKey('value', None, None)
-command: idoverride_show
+command: idoverrideuser_show
 args: 2,4,3
 arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
 arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
--- a/ipalib/plugins/idviews.py
+++ b/ipalib/plugins/idviews.py
@ -495,8 +495,8 @@ class baseidoverride(LDAPObject):
                object_name = self.resolve_anchor_to_object_name(anchor)
                entry_attrs.single_value['ipaanchoruuid'] = object_name

-@register()
-class idoverride_add(LDAPCreate):
+
+class baseidoverride_add(LDAPCreate):
    __doc__ = _('Add a new ID override.')
    msg_summary = _('Added ID override "%(value)s"')

@ -509,14 +509,12 @@ class idoverride_add(LDAPCreate):
        return dn


-@register()
-class idoverride_del(LDAPDelete):
+class baseidoverride_del(LDAPDelete):
    __doc__ = _('Delete an ID override.')
    msg_summary = _('Deleted ID override "%(value)s"')


-@register()
-class idoverride_mod(LDAPUpdate):
+class baseidoverride_mod(LDAPUpdate):
    __doc__ = _('Modify an ID override.')
    msg_summary = _('Modified an ID override "%(value)s"')

@ -525,8 +523,7 @@ class idoverride_mod(LDAPUpdate):
        return dn


-@register()
-class idoverride_find(LDAPSearch):
+class baseidoverride_find(LDAPSearch):
    __doc__ = _('Search for an ID override.')
    msg_summary = ngettext('%(count)d ID override matched',
                           '%(count)d ID overrides matched', 0)
@ -537,8 +534,7 @@ class idoverride_find(LDAPSearch):
        return truncated


-@register()
-class idoverride_show(LDAPRetrieve):
+class baseidoverride_show(LDAPRetrieve):
    __doc__ = _('Display information about an ID override.')

    def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
@ -642,3 +638,63 @@ class idoverridegroup(baseidoverride):
    )

    override_object = 'group'
+
+
+@register()
+class idoverrideuser_add(baseidoverride_add):
+    __doc__ = _('Add a new User ID override.')
+    msg_summary = _('Added User ID override "%(value)s"')
+
+
+@register()
+class idoverrideuser_del(baseidoverride_del):
+    __doc__ = _('Delete an User ID override.')
+    msg_summary = _('Deleted User ID override "%(value)s"')
+
+
+@register()
+class idoverrideuser_mod(baseidoverride_mod):
+    __doc__ = _('Modify an User ID override.')
+    msg_summary = _('Modified an User ID override "%(value)s"')
+
+
+@register()
+class idoverrideuser_find(baseidoverride_find):
+    __doc__ = _('Search for an User ID override.')
+    msg_summary = ngettext('%(count)d User ID override matched',
+                           '%(count)d User ID overrides matched', 0)
+
+
+@register()
+class idoverrideuser_show(baseidoverride_show):
+    __doc__ = _('Display information about an User ID override.')
+
+
+@register()
+class idoverridegroup_add(baseidoverride_add):
+    __doc__ = _('Add a new Group ID override.')
+    msg_summary = _('Added Group ID override "%(value)s"')
+
+
+@register()
+class idoverridegroup_del(baseidoverride_del):
+    __doc__ = _('Delete an Group ID override.')
+    msg_summary = _('Deleted Group ID override "%(value)s"')
+
+
+@register()
+class idoverridegroup_mod(baseidoverride_mod):
+    __doc__ = _('Modify an Group ID override.')
+    msg_summary = _('Modified an Group ID override "%(value)s"')
+
+
+@register()
+class idoverridegroup_find(baseidoverride_find):
+    __doc__ = _('Search for an Group ID override.')
+    msg_summary = ngettext('%(count)d Group ID override matched',
+                           '%(count)d Group ID overrides matched', 0)
+
+
+@register()
+class idoverridegroup_show(baseidoverride_show):
+    __doc__ = _('Display information about an Group ID override.')