freeipa/ipaserver
Alexander Bokovoy 973e0c04e4 idviews: handle unqualified ID override lookups from Web UI
First part of the required changes to merge a plugin to manage IPA as
a trusted Active Directory user.

It is not possible to omit ID view in IPA API but a client might specify
empty ID view. Up right now the empty view was considered an error. This
prevented Web UI from resolving ID overrides in a group member adder
dialog.

Default to 'Default Trust View' if the ID view is None or empty string
(''). Do this only for user ID overrides, as we do not support adding
group ID overrides as group members in a plugin to manage IPA as a
trusted Active Directory user[1].

Being a group member means an object in LDAP must have an object class
that allows 'memberOf' attribute because 389-ds 'memberof' plugin will
attempt to link back to the object from the group. Allow use of
'nsMemberOf' object class in ID overrides.

Fixes: https://pagure.io/freeipa/issue/7255

[1] https://github.com/abbra/freeipa-adusers-admins

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2020-06-08 12:39:34 -04:00
..
advise ipa-advise: fallback to /usr/libexec/platform-python if python3 not found 2020-05-05 11:50:01 +02:00
dnssec opendnssec2.1 support: move all ods tasks to specific file 2020-03-12 21:48:25 +01:00
install Include named config files in backup 2020-06-08 15:53:40 +03:00
plugins idviews: handle unqualified ID override lookups from Web UI 2020-06-08 12:39:34 -04:00
secrets NSSWrappedCertDB: accept optional symmetric algorithm 2019-09-25 12:42:06 +10:00
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
dcerpc_common.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
dcerpc.py Prevent adding IPA objects as external members of external groups 2020-03-19 13:27:30 +01:00
dns_data_management.py Removed unnecessary imports after code review. 2019-09-27 09:38:32 +02:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
masters.py Add hidden replica feature 2019-03-28 17:57:58 +01:00
p11helper.py Add PKCS#11 module name to p11helper errors 2019-07-25 15:16:33 -04:00
rpcserver.py Handle DatabaseError in RPC-Server connect() 2020-06-07 10:33:15 +03:00
servroles.py Use api.env.container_sysaccounts 2020-04-28 11:28:29 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Move Custodia secrets handler to scripts 2019-04-26 12:09:22 +02:00
topology.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00