IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Convert manager from userid to dn for storage and back for displaying.

Browse Source 
ticket 1151
This commit is contained in:
Rob Crittenden
2011-04-22 09:43:31 -04:00
committed by Adam Young
parent cc0e6680b9
commit f746121824
2 changed files with 70 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
ipalib/plugins/user.py
View File

@@ -243,6 +243,40 @@ class user(LDAPObject):
return email return email
def _normalize_manager(self, manager):
"""
Given a userid verify the user's existence and return the dn.
"""
if not manager:
return None
if isinstance(manager, basestring):
manager = [manager]
try:
for m in xrange(len(manager)):
if manager[m].endswith('%s,%s' % (self.container_dn, api.env.basedn)):
continue
(dn, entry_attrs) = self.backend.find_entry_by_attr(
self.primary_key.name, manager[m], self.object_class, [''],
self.container_dn
)
manager[m] = dn
except errors.NotFound:
raise errors.NotFound(reason=_('manager %(manager)s not found') % dict(manager=manager[m]))
return manager
def _convert_manager(self, entry_attrs, **options):
"""
Convert a manager dn into a userid
"""
if options.get('raw', False):
return
if 'manager' in entry_attrs:
for m in xrange(len(entry_attrs['manager'])):
entry_attrs['manager'][m] = self.get_primary_key_from_dn(entry_attrs['manager'][m])
api.register(user) api.register(user)
@@ -309,6 +343,9 @@ class user_add(LDAPCreate):
if 'mail' in entry_attrs: if 'mail' in entry_attrs:
entry_attrs['mail'] = self.obj._normalize_email(entry_attrs['mail'], config) entry_attrs['mail'] = self.obj._normalize_email(entry_attrs['mail'], config)
if 'manager' in entry_attrs:
entry_attrs['manager'] = self.obj._normalize_manager(entry_attrs['manager'])
return dn return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options): def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
@@ -317,6 +354,7 @@ class user_add(LDAPCreate):
def_primary_group = config.get('ipadefaultprimarygroup') def_primary_group = config.get('ipadefaultprimarygroup')
group_dn = self.api.Object['group'].get_dn(def_primary_group) group_dn = self.api.Object['group'].get_dn(def_primary_group)
ldap.add_entry_to_group(dn, group_dn) ldap.add_entry_to_group(dn, group_dn)
self.obj._convert_manager(entry_attrs, **options)
return dn return dn
api.register(user_add) api.register(user_add)
@@ -345,12 +383,15 @@ class user_mod(LDAPUpdate):
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
if 'mail' in entry_attrs: if 'mail' in entry_attrs:
entry_attrs['mail'] = self.obj._normalize_email(entry_attrs['mail']) entry_attrs['mail'] = self.obj._normalize_email(entry_attrs['mail'])
if 'manager' in entry_attrs:
entry_attrs['manager'] = self.obj._normalize_manager(entry_attrs['manager'])
validate_nsaccountlock(entry_attrs) validate_nsaccountlock(entry_attrs)
return dn return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options): def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
if not 'nsaccountlock' in entry_attrs: if not 'nsaccountlock' in entry_attrs:
entry_attrs['nsaccountlock'] = [u'False'] entry_attrs['nsaccountlock'] = [u'False']
self.obj._convert_manager(entry_attrs, **options)
return dn return dn
api.register(user_mod) api.register(user_mod)
@@ -379,6 +420,7 @@ class user_find(LDAPSearch):
def post_callback(self, ldap, entries, truncated, *args, **options): def post_callback(self, ldap, entries, truncated, *args, **options):
for entry in entries: for entry in entries:
(dn, attrs) = entry (dn, attrs) = entry
self.obj._convert_manager(attrs, **options)
if not 'nsaccountlock' in attrs: if not 'nsaccountlock' in attrs:
attrs['nsaccountlock'] = [u'False'] attrs['nsaccountlock'] = [u'False']
@@ -396,6 +438,7 @@ class user_show(LDAPRetrieve):
def post_callback(self, ldap, dn, entry_attrs, *keys, **options): def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
if not 'nsaccountlock' in entry_attrs: if not 'nsaccountlock' in entry_attrs:
entry_attrs['nsaccountlock'] = [u'False'] entry_attrs['nsaccountlock'] = [u'False']
self.obj._convert_manager(entry_attrs, **options)
return dn return dn
api.register(user_show) api.register(user_show)

27
tests/test_xmlrpc/test_user_plugin.py
View File

@@ -440,6 +440,33 @@ class test_user(Declarative):
), ),
dict(
desc='Make non-existent %r the manager of %r' % (renameduser1, user2),
command=('user_mod', [user2], dict(manager=renameduser1)),
expected=errors.NotFound(reason='no such entry'),
),
dict(
desc='Make %r the manager of %r' % (user1, user2),
command=('user_mod', [user2], dict(manager=user1)),
expected=dict(
result=dict(
givenname=[u'Test'],
homedirectory=[u'/home/tuser2'],
loginshell=[u'/bin/sh'],
sn=[u'User2'],
uid=[user2],
memberof_group=[u'ipausers'],
nsaccountlock=[u'False'],
manager=user1,
),
summary=u'Modified user "%s"' % user2,
value=user2,
),
),
dict( dict(
desc='Delete %r and %r at the same time' % (user1, user2), desc='Delete %r and %r at the same time' % (user1, user2),
command=('user_del', [user1, user2], {}), command=('user_del', [user1, user2], {}),