diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-03-05 16:12:25 -0500 |
---|---|---|
committer | Jason Gerard DeRose <jderose@redhat.com> | 2010-03-19 04:36:56 -0600 |
commit | 00f27fe8c965590624847967ae85167f01fa5307 (patch) | |
tree | 354fc03f637c6e86ff7d252646683d8ef884cc2f | |
parent | b46f262a6080348b936d6439c45b1dbbca277895 (diff) | |
download | freeipa-00f27fe8c965590624847967ae85167f01fa5307.tar.gz freeipa-00f27fe8c965590624847967ae85167f01fa5307.tar.xz freeipa-00f27fe8c965590624847967ae85167f01fa5307.zip |
Fix a number of bugs in the pwpolicy plugin
This fixes:
- Consistent usage of priority vs cospriority in options
- Fixes bug introduced with recent patch where global policy couldn't be
updated
- Doesn't allow cospriority to be removed for groups (#570536)
- returns the priority with group policy so it can be displayed
- Properly unicode encode group names for display
-rw-r--r-- | ipalib/plugins/pwpolicy.py | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 447e1cef3..dbf636e65 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -227,6 +227,7 @@ class pwpolicy_mod(crud.Update): attribute=False, ), Int('cospriority?', + cli_name='priority', label=_('Priority'), doc=_('Priority of the policy (higher number equals lower priority)'), minvalue=0, @@ -237,29 +238,34 @@ class pwpolicy_mod(crud.Update): def execute(self, *args, **options): assert 'dn' not in options ldap = self.api.Backend.ldap2 + cospriority = None if 'group' in options: group_cn = options['group'] del options['group'] else: - group_cn = _global + group_cn = None if len(options) == 2: # 'all' and 'raw' are always sent raise errors.EmptyModlist() - if not 'group' in options: + if not group_cn: + group_cn = _global if 'cospriority' in options: raise errors.ValidationError(name='priority', error=_('priority cannot be set on global policy')) dn = self.api.env.container_accounts entry_attrs = self.args_options_2_entry(*args, **options) else: if 'cospriority' in options: - groupdn = find_group_dn(options['group']) + if options['cospriority'] is None: + raise errors.RequirementError(name='priority') + groupdn = find_group_dn(group_cn) cos_dn = 'cn="%s", cn=cosTemplates, cn=accounts, %s' % (groupdn, api.env.basedn) self.log.debug('%s' % cos_dn) ldap.update_entry(cos_dn, dict(cospriority = options['cospriority']), normalize=False) + cospriority = options['cospriority'] del options['cospriority'] entry_attrs = self.args_options_2_entry(*args, **options) - (dn, entry_attrs) = make_policy_entry(options['group'], entry_attrs) + (dn, entry_attrs) = make_policy_entry(group_cn, entry_attrs) _convert_time_on_input(entry_attrs) try: ldap.update_entry(dn, entry_attrs) @@ -268,6 +274,9 @@ class pwpolicy_mod(crud.Update): (dn, entry_attrs) = ldap.get_entry(dn, entry_attrs.keys()) + if cospriority: + entry_attrs['cospriority'] = cospriority + _convert_time_for_output(entry_attrs) return dict(result=entry_attrs, value=group_cn) @@ -331,6 +340,11 @@ class pwpolicy_show(Method): label=_('User'), doc=_('Display policy applied to a given user'), ), + Int('cospriority?', + cli_name='priority', + label=_('Priority'), + flags=['no_create', 'no_update', 'no_search'], + ), ) def execute(self, *args, **options): @@ -363,13 +377,13 @@ class pwpolicy_show(Method): groupdn = find_group_dn(options['group']) cos_dn = 'cn="%s", cn=cosTemplates, cn=accounts, %s' % (groupdn, api.env.basedn) (dn, cos_attrs) = ldap.get_entry(cos_dn, normalize=False) - entry_attrs['priority'] = cos_attrs['cospriority'] + entry_attrs['cospriority'] = cos_attrs['cospriority'] + else: + entry_attrs['cn'] = _global if 'user' in options: if group: - entry_attrs['group'] = group - else: - entry_attrs['group'] = _global + entry_attrs['cn'] = unicode(group) _convert_time_for_output(entry_attrs) return dict(result=entry_attrs) |