summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-03-05 16:12:25 -0500
committerJason Gerard DeRose <jderose@redhat.com>2010-03-19 04:36:56 -0600
commit00f27fe8c965590624847967ae85167f01fa5307 (patch)
tree354fc03f637c6e86ff7d252646683d8ef884cc2f
parentb46f262a6080348b936d6439c45b1dbbca277895 (diff)
downloadfreeipa-00f27fe8c965590624847967ae85167f01fa5307.tar.gz
freeipa-00f27fe8c965590624847967ae85167f01fa5307.tar.xz
freeipa-00f27fe8c965590624847967ae85167f01fa5307.zip
Fix a number of bugs in the pwpolicy plugin
This fixes: - Consistent usage of priority vs cospriority in options - Fixes bug introduced with recent patch where global policy couldn't be updated - Doesn't allow cospriority to be removed for groups (#570536) - returns the priority with group policy so it can be displayed - Properly unicode encode group names for display
-rw-r--r--ipalib/plugins/pwpolicy.py30
1 files changed, 22 insertions, 8 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py
index 447e1cef3..dbf636e65 100644
--- a/ipalib/plugins/pwpolicy.py
+++ b/ipalib/plugins/pwpolicy.py
@@ -227,6 +227,7 @@ class pwpolicy_mod(crud.Update):
attribute=False,
),
Int('cospriority?',
+ cli_name='priority',
label=_('Priority'),
doc=_('Priority of the policy (higher number equals lower priority)'),
minvalue=0,
@@ -237,29 +238,34 @@ class pwpolicy_mod(crud.Update):
def execute(self, *args, **options):
assert 'dn' not in options
ldap = self.api.Backend.ldap2
+ cospriority = None
if 'group' in options:
group_cn = options['group']
del options['group']
else:
- group_cn = _global
+ group_cn = None
if len(options) == 2: # 'all' and 'raw' are always sent
raise errors.EmptyModlist()
- if not 'group' in options:
+ if not group_cn:
+ group_cn = _global
if 'cospriority' in options:
raise errors.ValidationError(name='priority', error=_('priority cannot be set on global policy'))
dn = self.api.env.container_accounts
entry_attrs = self.args_options_2_entry(*args, **options)
else:
if 'cospriority' in options:
- groupdn = find_group_dn(options['group'])
+ if options['cospriority'] is None:
+ raise errors.RequirementError(name='priority')
+ groupdn = find_group_dn(group_cn)
cos_dn = 'cn="%s", cn=cosTemplates, cn=accounts, %s' % (groupdn, api.env.basedn)
self.log.debug('%s' % cos_dn)
ldap.update_entry(cos_dn, dict(cospriority = options['cospriority']), normalize=False)
+ cospriority = options['cospriority']
del options['cospriority']
entry_attrs = self.args_options_2_entry(*args, **options)
- (dn, entry_attrs) = make_policy_entry(options['group'], entry_attrs)
+ (dn, entry_attrs) = make_policy_entry(group_cn, entry_attrs)
_convert_time_on_input(entry_attrs)
try:
ldap.update_entry(dn, entry_attrs)
@@ -268,6 +274,9 @@ class pwpolicy_mod(crud.Update):
(dn, entry_attrs) = ldap.get_entry(dn, entry_attrs.keys())
+ if cospriority:
+ entry_attrs['cospriority'] = cospriority
+
_convert_time_for_output(entry_attrs)
return dict(result=entry_attrs, value=group_cn)
@@ -331,6 +340,11 @@ class pwpolicy_show(Method):
label=_('User'),
doc=_('Display policy applied to a given user'),
),
+ Int('cospriority?',
+ cli_name='priority',
+ label=_('Priority'),
+ flags=['no_create', 'no_update', 'no_search'],
+ ),
)
def execute(self, *args, **options):
@@ -363,13 +377,13 @@ class pwpolicy_show(Method):
groupdn = find_group_dn(options['group'])
cos_dn = 'cn="%s", cn=cosTemplates, cn=accounts, %s' % (groupdn, api.env.basedn)
(dn, cos_attrs) = ldap.get_entry(cos_dn, normalize=False)
- entry_attrs['priority'] = cos_attrs['cospriority']
+ entry_attrs['cospriority'] = cos_attrs['cospriority']
+ else:
+ entry_attrs['cn'] = _global
if 'user' in options:
if group:
- entry_attrs['group'] = group
- else:
- entry_attrs['group'] = _global
+ entry_attrs['cn'] = unicode(group)
_convert_time_for_output(entry_attrs)
return dict(result=entry_attrs)