summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomas Babej <tbabej@redhat.com>2014-07-31 12:08:05 +0200
committerTomas Babej <tbabej@redhat.com>2014-09-17 14:41:50 +0200
commit59925e9bfc8156ffc356810d3ec57a1bdf5c8fc4 (patch)
tree3a69d090d6d298a9243fa19062b6200ac842d187
parent6200b8786fc4db9623aaefe728b768d119767096 (diff)
downloadfreeipa-59925e9bfc8156ffc356810d3ec57a1bdf5c8fc4.zip
freeipa-59925e9bfc8156ffc356810d3ec57a1bdf5c8fc4.tar.gz
freeipa-59925e9bfc8156ffc356810d3ec57a1bdf5c8fc4.tar.xz
idviews: Add ipaAssignedIDVIew reference to the host object
Part of: https://fedorahosted.org/freeipa/ticket/3979
-rw-r--r--ACI.txt4
-rw-r--r--API.txt9
-rw-r--r--ipalib/plugins/host.py9
3 files changed, 14 insertions, 8 deletions
diff --git a/ACI.txt b/ACI.txt
index 1e6bec0..80b555d 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -97,13 +97,13 @@ aci: (targetattr = "krblastpwdchange || krbprincipalkey")(targetfilter = "(objec
dn: cn=computers,cn=accounts,dc=ipa,dc=example
aci: (targetattr = "ipasshpubkey")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Manage Host SSH Public Keys";allow (write) groupdn = "ldap:///cn=System: Manage Host SSH Public Keys,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=computers,cn=accounts,dc=ipa,dc=example
-aci: (targetattr = "description || l || macaddress || nshardwareplatform || nshostlocation || nsosversion || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Modify Hosts";allow (write) groupdn = "ldap:///cn=System: Modify Hosts,cn=permissions,cn=pbac,dc=ipa,dc=example";)
+aci: (targetattr = "description || ipaassignedidview || l || macaddress || nshardwareplatform || nshostlocation || nsosversion || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Modify Hosts";allow (write) groupdn = "ldap:///cn=System: Modify Hosts,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: dc=ipa,dc=example
aci: (targetattr = "cn || createtimestamp || entryusn || macaddress || modifytimestamp || objectclass")(target = "ldap:///cn=computers,cn=compat,dc=ipa,dc=example")(version 3.0;acl "permission:System: Read Host Compat Tree";allow (compare,read,search) userdn = "ldap:///anyone";)
dn: cn=computers,cn=accounts,dc=ipa,dc=example
aci: (targetattr = "memberof")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Read Host Membership";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=computers,cn=accounts,dc=ipa,dc=example
-aci: (targetattr = "cn || createtimestamp || description || enrolledby || entryusn || fqdn || ipaclientversion || ipakrbauthzdata || ipasshpubkey || ipauniqueid || krbcanonicalname || krblastpwdchange || krbpasswordexpiration || krbprincipalaliases || krbprincipalexpiration || krbprincipalname || l || macaddress || managedby || modifytimestamp || nshardwareplatform || nshostlocation || nsosversion || objectclass || serverhostname || usercertificate || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Read Hosts";allow (compare,read,search) userdn = "ldap:///all";)
+aci: (targetattr = "cn || createtimestamp || description || enrolledby || entryusn || fqdn || ipaassignedidview || ipaclientversion || ipakrbauthzdata || ipasshpubkey || ipauniqueid || krbcanonicalname || krblastpwdchange || krbpasswordexpiration || krbprincipalaliases || krbprincipalexpiration || krbprincipalname || l || macaddress || managedby || modifytimestamp || nshardwareplatform || nshostlocation || nsosversion || objectclass || serverhostname || usercertificate || userclass")(targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Read Hosts";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=computers,cn=accounts,dc=ipa,dc=example
aci: (targetfilter = "(objectclass=ipahost)")(version 3.0;acl "permission:System: Remove Hosts";allow (delete) groupdn = "ldap:///cn=System: Remove Hosts,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=hostgroups,cn=accounts,dc=ipa,dc=example
diff --git a/API.txt b/API.txt
index bbd0f50..2c99fd6 100644
--- a/API.txt
+++ b/API.txt
@@ -1780,13 +1780,14 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: Output('value', <type 'bool'>, None)
output: Output('warning', (<type 'list'>, <type 'tuple'>, <type 'NoneType'>), None)
command: host_add
-args: 1,22,3
+args: 1,23,3
arg: Str('fqdn', attribute=True, cli_name='hostname', multivalue=False, primary_key=True, required=True)
option: Str('addattr*', cli_name='addattr', exclude='webui')
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=False)
option: Flag('force', autofill=True, default=False)
option: Str('ip_address?')
+option: DNParam('ipaassignedidview', attribute=True, cli_name='ipaassignedidview', multivalue=False, required=False)
option: Bool('ipakrbokasdelegate', attribute=False, cli_name='ok_as_delegate', multivalue=False, required=False)
option: Bool('ipakrbrequirespreauth', attribute=False, cli_name='requires_pre_auth', multivalue=False, required=False)
option: Str('ipasshpubkey', attribute=True, cli_name='sshpubkey', csv=True, multivalue=True, required=False)
@@ -1835,7 +1836,7 @@ output: Output('result', <type 'bool'>, None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: PrimaryKey('value', None, None)
command: host_find
-args: 1,33,4
+args: 1,34,4
arg: Str('criteria?', noextrawhitespace=False)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False)
@@ -1846,6 +1847,7 @@ option: Str('in_hostgroup*', cli_name='in_hostgroups', csv=True)
option: Str('in_netgroup*', cli_name='in_netgroups', csv=True)
option: Str('in_role*', cli_name='in_roles', csv=True)
option: Str('in_sudorule*', cli_name='in_sudorules', csv=True)
+option: DNParam('ipaassignedidview', attribute=True, autofill=False, cli_name='ipaassignedidview', multivalue=False, query=True, required=False)
option: Str('l', attribute=True, autofill=False, cli_name='locality', multivalue=False, query=True, required=False)
option: Str('macaddress', attribute=True, autofill=False, cli_name='macaddress', csv=True, multivalue=True, pattern='^([a-fA-F0-9]{2}[:|\\-]?){5}[a-fA-F0-9]{2}$', query=True, required=False)
option: Str('man_by_host*', cli_name='man_by_hosts', csv=True)
@@ -1875,12 +1877,13 @@ output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: Output('truncated', <type 'bool'>, None)
command: host_mod
-args: 1,23,3
+args: 1,24,3
arg: Str('fqdn', attribute=True, cli_name='hostname', multivalue=False, primary_key=True, query=True, required=True)
option: Str('addattr*', cli_name='addattr', exclude='webui')
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
option: Str('delattr*', cli_name='delattr', exclude='webui')
option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
+option: DNParam('ipaassignedidview', attribute=True, autofill=False, cli_name='ipaassignedidview', multivalue=False, required=False)
option: Bool('ipakrbokasdelegate', attribute=False, autofill=False, cli_name='ok_as_delegate', multivalue=False, required=False)
option: Bool('ipakrbrequirespreauth', attribute=False, autofill=False, cli_name='requires_pre_auth', multivalue=False, required=False)
option: Str('ipasshpubkey', attribute=True, autofill=False, cli_name='sshpubkey', csv=True, multivalue=True, required=False)
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 570bbe5..ce904b7 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -27,7 +27,7 @@ import netaddr
import string
from ipalib import api, errors, util
-from ipalib import Str, Flag, Bytes
+from ipalib import Str, Flag, Bytes, DNParam
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.service import (split_principal, validate_certificate,
@@ -276,7 +276,7 @@ class host(LDAPObject):
'krbprincipalname', 'l', 'macaddress', 'nshardwareplatform',
'nshostlocation', 'nsosversion', 'objectclass',
'serverhostname', 'usercertificate', 'userclass',
- 'enrolledby', 'managedby',
+ 'enrolledby', 'managedby', 'ipaassignedidview',
'krbprincipalname', 'krbcanonicalname', 'krbprincipalaliases',
'krbprincipalexpiration', 'krbpasswordexpiration',
'krblastpwdchange',
@@ -342,7 +342,7 @@ class host(LDAPObject):
'ipapermright': {'write'},
'ipapermdefaultattr': {
'description', 'l', 'nshardwareplatform', 'nshostlocation',
- 'nsosversion', 'macaddress', 'userclass',
+ 'nsosversion', 'macaddress', 'userclass', 'ipaassignedidview',
},
'replaces': [
'(targetattr = "description || l || nshostlocation || nshardwareplatform || nsosversion")(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "permission:Modify Hosts";allow (write) groupdn = "ldap:///cn=Modify Hosts,cn=permissions,cn=pbac,$SUFFIX";)',
@@ -459,6 +459,9 @@ class host(LDAPObject):
doc=_('Host category (semantics placed on this attribute are for '
'local interpretation)'),
),
+ DNParam('ipaassignedidview?',
+ flags=['no_option'],
+ ),
) + ticket_flags_params
def get_dn(self, *keys, **options):