freeipa/ipaserver/plugins
Florence Blanc-Renaud 5d603fce5d radiusproxy: add permission for reading radius proxy servers
A non-admin user which has the "User Administrator" role cannot
add a user with ipa user-add --radius=<proxy> because the
call needs to read the radius proxy server entries.

The fix adds a System permission for reading radius proxy server
entries (all attributes except the ipatokenradiussecret). This
permission is added to the already existing privileges "User
Administrators" and "Stage User Administrators", so that the role
"User Administrator" can call ipa [stage]user-add|mod --radius=<proxy>

Fixes: https://pagure.io/freeipa/issue/7570
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
2018-11-13 12:40:44 +01:00
..
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
aci.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
automember.py Find orphan automember rules 2018-10-10 09:56:40 +02:00
automount.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
baseldap.py Py3: Replace six.string_types with str 2018-09-27 16:11:18 +02:00
baseuser.py ipa user-add: add optional objectclass for radius-username 2018-11-13 12:40:44 +01:00
batch.py Fix translation of commands description in API Browser 2018-06-12 08:38:56 +02:00
ca.py ldap2: fix implementation of can_add 2018-02-09 08:57:41 +01:00
caacl.py LGTM: raise handle_not_found() 2018-01-09 07:53:28 +01:00
cert.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
certmap.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
certprofile.py Sprinkle raw strings across the code base 2018-09-27 10:23:03 +02:00
config.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
delegation.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
dns.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
dnsserver.py dnsserver.py: dnsserver-find no longer returns internal server error 2017-06-15 13:51:06 +02:00
dogtag.py Sprinkle raw strings across the code base 2018-09-27 10:23:03 +02:00
domainlevel.py Fix formatted translations in domainlevel plugin 2018-06-21 15:30:58 +02:00
group.py Py3: Replace six.string_types with str 2018-09-27 16:11:18 +02:00
hbac.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
hbacrule.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
hbacsvc.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbacsvcgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbactest.py logging: remove object-specific loggers 2017-07-14 15:55:59 +02:00
host.py ipa host-add: do not raise exception when reverse record not added 2018-02-23 14:39:34 +01:00
hostgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
idrange.py Fix translation of idrange_* commands description 2018-06-21 15:30:58 +02:00
idviews.py Idviews: fix objectclass violation on idview-add 2018-01-09 07:58:52 +01:00
internal.py Add title to 'add' dialog for 'association_table' widget of Topology entity 2018-10-02 16:37:17 +02:00
join.py Fix some untranslatable commands in Web UI API Browser 2018-06-21 18:42:05 +02:00
krbtpolicy.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
ldap2.py Handle races in replica config 2018-07-12 15:26:25 +02:00
location.py DNS Location: add list of roles and DNS servers to location-show 2016-06-17 18:05:03 +02:00
migration.py Sprinkle raw strings across the code base 2018-09-27 10:23:03 +02:00
misc.py Make env and plugins commands local again 2016-12-02 13:00:06 +01:00
netgroup.py LGTM: raise handle_not_found() 2018-01-09 07:53:28 +01:00
otp.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
otpconfig.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
otptoken.py Py3: Replace six.moves imports 2018-10-05 12:06:19 +02:00
passwd.py logging: remove object-specific loggers 2017-07-14 15:55:59 +02:00
permission.py Copy-paste error in permssions plugin, CID 323649 2018-11-08 13:16:26 +01:00
ping.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
pkinit.py pkinit: don't fail when no pkinit servers found 2017-09-12 15:59:20 +02:00
privilege.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
pwpolicy.py Fix translation of commands description in API Browser 2018-06-12 08:38:56 +02:00
rabase.py Add absolute_import future imports 2018-04-20 09:43:37 +02:00
radiusproxy.py radiusproxy: add permission for reading radius proxy servers 2018-11-13 12:40:44 +01:00
realmdomains.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
role.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
schema.py Fix translation of commands description in API Browser 2018-06-12 08:38:56 +02:00
selfservice.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
selinuxusermap.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
server.py Query for server role IPA master 2018-07-06 13:26:43 +02:00
serverrole.py Delay enabling services until end of installer 2018-07-06 13:26:43 +02:00
serverroles.py Fix formatted translations of error messages in serverroles plugin 2018-06-21 15:30:58 +02:00
service.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
servicedelegation.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
session.py Fix some untranslatable commands in Web UI API Browser 2018-06-21 18:42:05 +02:00
stageuser.py Add absolute_import future imports 2018-04-20 09:43:37 +02:00
sudo.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
sudocmd.py sudocmd: fix unsupported assignment 2017-09-08 15:42:07 +02:00
sudocmdgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
sudorule.py Convert members into types in sudorule-*-option 2018-08-15 12:52:52 +02:00
topology.py Fix formatted translations of error messages in topology plugin 2018-06-21 15:30:58 +02:00
trust.py Fix formatted translations in trust plugin 2018-06-21 15:30:58 +02:00
user.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
vault.py Fix translation of commands description in API Browser 2018-06-12 08:38:56 +02:00
virtual.py logging: remove object-specific loggers 2017-07-14 15:55:59 +02:00
whoami.py whoami.py: Type error when running tests 2017-07-07 14:44:42 +02:00
xmlserver.py Add endpoint for serving i18n requests 2018-07-17 15:32:28 -04:00