IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Port user-show to new CrudBackend framework

Browse Source
This commit is contained in:
Rob Crittenden 2008-10-14 22:22:01 -04:00
parent 1c3f81852c
commit cfc8450efd
5 changed files with 63 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
ipa_server/plugins/b_ldap.py
View File

@ -29,7 +29,6 @@ from ipalib import errors
from ipalib.crud import CrudBackend from ipalib.crud import CrudBackend
from ipa_server import servercore from ipa_server import servercore
from ipa_server import ipaldap from ipa_server import ipaldap
import ldap
class ldap(CrudBackend): class ldap(CrudBackend):
@ -39,7 +38,7 @@ class ldap(CrudBackend):
dn = _ldap.dn dn = _ldap.dn
def get_user_dn(self, uid): def make_user_dn(self, uid):
""" """
Construct user dn from uid. Construct user dn from uid.
""" """
@ -49,6 +48,35 @@ class ldap(CrudBackend):
self.api.env.basedn, self.api.env.basedn,
) )
def find_entry_dn(self, key_attribute, primary_key, attributes=None,
object_type=None):
"""
Find an existing entry's dn from an attribute
"""
key_attribute = key_attribute.lower()
if not object_type:
if key_attribute == "uid": # User
filter = "posixAccount"
elif key_attribute == "cn": # Group
object_type = "posixGroup"
elif key_attribute == "krbprincipal": # Service
object_type = "krbPrincipal"
if not object_type:
return None
filter = "(&(%s=%s)(objectclass=%s))" % (
key_attribute,
self.dn.escape_dn_chars(primary_key),
object_type
)
search_base = "%s, %s" % (self.api.env.container_accounts, self.api.env.basedn)
entry = servercore.get_sub_entry(search_base, filter, attributes)
return entry['dn']
def create(self, **kw): def create(self, **kw):
if servercore.entry_exists(kw['dn']): if servercore.entry_exists(kw['dn']):
raise errors.DuplicateEntry("entry already exists") raise errors.DuplicateEntry("entry already exists")
@ -64,4 +92,10 @@ class ldap(CrudBackend):
return servercore.add_entry(entry) return servercore.add_entry(entry)
def retrieve(self, dn, attributes=None):
return servercore.get_entry_by_dn(dn, attributes)
def delete(self, dn):
return servercore.delete_entry(dn)
api.register(ldap) api.register(ldap)

3
ipalib/config.py
View File

@ -25,8 +25,11 @@ DEFAULT_CONF='/etc/ipa/ipa.conf'
def generate_env(d={}): def generate_env(d={}):
default = dict( default = dict(
container_accounts = 'cn=accounts',
basedn = 'dc=example,dc=com', basedn = 'dc=example,dc=com',
container_user = 'cn=users,cn=accounts', container_user = 'cn=users,cn=accounts',
container_group = 'cn=groups,cn=accounts',
container_service = 'cn=services,cn=accounts',
domain = LazyProp(get_domain), domain = LazyProp(get_domain),
interactive = True, interactive = True,
query_dns = True, query_dns = True,

8
ipalib/crud.py
View File

@ -87,12 +87,14 @@ class CrudBackend(backend.Backend):
""" """
raise NotImplementedError('%s.create()' % self.name) raise NotImplementedError('%s.create()' % self.name)
def retrieve(self, primary_key): def retrieve(self, primary_key, attributes):
""" """
Retrieve an existing entry. Retrieve an existing entry.
This method should take a single argument, the primary_key of the This method should take a two arguments: the primary_key of the
entry in question. entry in question and a list of the attributes to be retrieved.
If the list of attributes is None then all non-operational
attributes will be returned.
If such an entry exists, this method should return a dict If such an entry exists, this method should return a dict
representing that entry. If no such entry exists, this method representing that entry. If no such entry exists, this method

2
ipalib/plugins/b_xmlrpc.py
View File

@ -58,6 +58,6 @@ class xmlrpc(Backend):
print "%s: %s" % (code, getattr(err,'__doc__','')) print "%s: %s" % (code, getattr(err,'__doc__',''))
else: else:
raise err raise err
return False return {}
api.register(xmlrpc) api.register(xmlrpc)

31
ipalib/plugins/f_user.py
View File

@ -110,7 +110,7 @@ class user_add(crud.Add):
assert 'dn' not in kw assert 'dn' not in kw
ldap = self.api.Backend.ldap ldap = self.api.Backend.ldap
kw['uid'] = uid kw['uid'] = uid
kw['dn'] = ldap.get_user_dn(uid) kw['dn'] = ldap.make_user_dn(uid)
if servercore.uid_too_long(kw['uid']): if servercore.uid_too_long(kw['uid']):
raise errors.UsernameTooLong raise errors.UsernameTooLong
@ -244,18 +244,23 @@ api.register(user_find)
class user_show(crud.Get): class user_show(crud.Get):
'Examine an existing user.' 'Examine an existing user.'
def execute(self, *args, **kw): def execute(self, uid, **kw):
uid=args[0] """
result = servercore.get_user_by_uid(uid, ["*"]) Execute the user-show operation.
return result
def forward(self, *args, **kw): The dn should not be passed as a keyword argument as it is constructed
try: by this method.
result = super(crud.Get, self).forward(*args, **kw)
if not result: return Returns the entry
for a in result:
print a, ": ", result[a] :param uid: The login name of the user to retrieve.
except errors.NotFound: :param kw: Not used.
print "User %s not found" % args[0] """
ldap = self.api.Backend.ldap
dn = ldap.find_entry_dn("uid", uid, ["*"], "posixAccount")
# FIXME: should kw contain the list of attributes?
return ldap.retrieve(dn)
api.register(user_show) api.register(user_show)
class user_lock(frontend.Command): class user_lock(frontend.Command):