diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-02-24 14:39:56 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-02-27 00:06:44 -0500 |
commit | 7d7322de2eb0de61ea917d03662452d3efa4c834 (patch) | |
tree | b553e8fa4180f59db38ea3b01fcbd73bba0f09b7 | |
parent | a09063cbb83aa9c3c77886fe43d70ba15fe4ef48 (diff) | |
download | freeipa-7d7322de2eb0de61ea917d03662452d3efa4c834.tar.gz freeipa-7d7322de2eb0de61ea917d03662452d3efa4c834.tar.xz freeipa-7d7322de2eb0de61ea917d03662452d3efa4c834.zip |
Limit allowed characters in a netgroup name to alpha, digit, -, _ and .
Apply this to hostgroup names as well since they can be linked.
https://fedorahosted.org/freeipa/ticket/2221
-rw-r--r-- | API.txt | 28 | ||||
-rw-r--r-- | ipalib/plugins/hostgroup.py | 3 | ||||
-rw-r--r-- | ipalib/plugins/netgroup.py | 6 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_hostgroup_plugin.py | 9 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_netgroup_plugin.py | 9 |
5 files changed, 41 insertions, 14 deletions
@@ -1755,7 +1755,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: hostgroup_add args: 1,6,3 -arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, primary_key=True, required=True) +arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, required=True) option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=True) option: Str('setattr*', cli_name='setattr', exclude='webui') option: Str('addattr*', cli_name='addattr', exclude='webui') @@ -1767,7 +1767,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: hostgroup_add_member args: 1,5,3 -arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -1778,7 +1778,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('completed', <type 'int'>, None) command: hostgroup_del args: 1,1,3 -arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=True, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=True, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('continue', autofill=True, cli_name='continue', default=False) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('result', <type 'dict'>, None) @@ -1786,7 +1786,7 @@ output: Output('value', <type 'unicode'>, None) command: hostgroup_find args: 1,20,4 arg: Str('criteria?', noextrawhitespace=False) -option: Str('cn', attribute=True, autofill=False, cli_name='hostgroup_name', multivalue=False, primary_key=True, query=True, required=False) +option: Str('cn', attribute=True, autofill=False, cli_name='hostgroup_name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=False) option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False) option: Int('timelimit?', autofill=False, minvalue=0) option: Int('sizelimit?', autofill=False, minvalue=0) @@ -1812,7 +1812,7 @@ output: Output('count', <type 'int'>, None) output: Output('truncated', <type 'bool'>, None) command: hostgroup_mod args: 1,8,3 -arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False) option: Str('setattr*', cli_name='setattr', exclude='webui') option: Str('addattr*', cli_name='addattr', exclude='webui') @@ -1826,7 +1826,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: hostgroup_remove_member args: 1,5,3 -arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -1837,7 +1837,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('completed', <type 'int'>, None) command: hostgroup_show args: 1,4,3 -arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='hostgroup_name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('rights', autofill=True, default=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') @@ -1915,7 +1915,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('enabled', <type 'bool'>, None) command: netgroup_add args: 1,9,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, required=True) option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=True) option: Str('nisdomainname', attribute=True, cli_name='nisdomain', multivalue=False, required=False) option: StrEnum('usercategory', attribute=True, cli_name='usercat', multivalue=False, required=False, values=(u'all',)) @@ -1930,7 +1930,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: netgroup_add_member args: 1,8,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -1944,7 +1944,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('completed', <type 'int'>, None) command: netgroup_del args: 1,1,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=True, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=True, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('continue', autofill=True, cli_name='continue', default=False) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('result', <type 'dict'>, None) @@ -1952,7 +1952,7 @@ output: Output('value', <type 'unicode'>, None) command: netgroup_find args: 1,26,4 arg: Str('criteria?', noextrawhitespace=False) -option: Str('cn', attribute=True, autofill=False, cli_name='name', multivalue=False, primary_key=True, query=True, required=False) +option: Str('cn', attribute=True, autofill=False, cli_name='name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=False) option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False) option: Str('nisdomainname', attribute=True, autofill=False, cli_name='nisdomain', multivalue=False, query=True, required=False) option: Str('ipauniqueid', attribute=True, autofill=False, cli_name='uuid', multivalue=False, query=True, required=False) @@ -1984,7 +1984,7 @@ output: Output('count', <type 'int'>, None) output: Output('truncated', <type 'bool'>, None) command: netgroup_mod args: 1,11,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False) option: Str('nisdomainname', attribute=True, autofill=False, cli_name='nisdomain', multivalue=False, required=False) option: StrEnum('usercategory', attribute=True, autofill=False, cli_name='usercat', multivalue=False, required=False, values=(u'all',)) @@ -2001,7 +2001,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: netgroup_remove_member args: 1,8,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -2015,7 +2015,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('completed', <type 'int'>, None) command: netgroup_show args: 1,4,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$', pattern_errmsg='may only include letters, numbers, _, -, and .', primary_key=True, query=True, required=True) option: Flag('rights', autofill=True, default=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') diff --git a/ipalib/plugins/hostgroup.py b/ipalib/plugins/hostgroup.py index 28e3ef5dd..2a9a0a533 100644 --- a/ipalib/plugins/hostgroup.py +++ b/ipalib/plugins/hostgroup.py @@ -20,6 +20,7 @@ from ipalib.plugins.baseldap import * from ipalib import api, Int, _, ngettext, errors +from ipalib.plugins.netgroup import NETGROUP_PATTERN, NETGROUP_PATTERN_ERRMSG from ipalib.dn import DN __doc__ = _(""" @@ -76,6 +77,8 @@ class hostgroup(LDAPObject): takes_params = ( Str('cn', + pattern=NETGROUP_PATTERN, + pattern_errmsg=NETGROUP_PATTERN_ERRMSG, cli_name='hostgroup_name', label=_('Host-group'), doc=_('Name of host-group'), diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py index fd3478e9b..2ba154649 100644 --- a/ipalib/plugins/netgroup.py +++ b/ipalib/plugins/netgroup.py @@ -49,6 +49,10 @@ EXAMPLES: ipa netgroup-del admins """) + +NETGROUP_PATTERN='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$' +NETGROUP_PATTERN_ERRMSG='may only include letters, numbers, _, -, and .' + output_params = ( Str('memberuser_user?', label='Member User', @@ -101,6 +105,8 @@ class netgroup(LDAPObject): takes_params = ( Str('cn', + pattern=NETGROUP_PATTERN, + pattern_errmsg=NETGROUP_PATTERN_ERRMSG, cli_name='name', label=_('Netgroup name'), primary_key=True, diff --git a/tests/test_xmlrpc/test_hostgroup_plugin.py b/tests/test_xmlrpc/test_hostgroup_plugin.py index e0d115854..f5c2efb79 100644 --- a/tests/test_xmlrpc/test_hostgroup_plugin.py +++ b/tests/test_xmlrpc/test_hostgroup_plugin.py @@ -36,6 +36,8 @@ fqdn1 = u'testhost1.%s' % api.env.domain host_dn1 = DN(('fqdn',fqdn1),('cn','computers'),('cn','accounts'), api.env.basedn) +invalidhostgroup1 = u'@invalid' + class test_hostgroup(Declarative): @@ -70,6 +72,13 @@ class test_hostgroup(Declarative): dict( + desc='Test an invalid hostgroup name %r' % invalidhostgroup1, + command=('hostgroup_add', [invalidhostgroup1], dict(description=u'Test')), + expected=errors.ValidationError(name='cn', error='may only include letters, numbers, _, - and .'), + ), + + + dict( desc='Create %r' % hostgroup1, command=('hostgroup_add', [hostgroup1], dict(description=u'Test hostgroup 1') diff --git a/tests/test_xmlrpc/test_netgroup_plugin.py b/tests/test_xmlrpc/test_netgroup_plugin.py index 9194b5492..1c6b94bd2 100644 --- a/tests/test_xmlrpc/test_netgroup_plugin.py +++ b/tests/test_xmlrpc/test_netgroup_plugin.py @@ -56,6 +56,8 @@ user2 = u'pexample' group1 = u'testgroup' +invalidnetgroup1=u'+badnetgroup' + class test_netgroup(Declarative): """ Test the `netgroup` plugin. @@ -97,6 +99,13 @@ class test_netgroup(Declarative): dict( + desc='Test an invalid netgroup name %r' % invalidnetgroup1, + command=('netgroup_add', [invalidnetgroup1], dict(description=u'Test')), + expected=errors.ValidationError(name='cn', error='may only include letters, numbers, _, - and .'), + ), + + + dict( desc='Create %r' % netgroup1, command=('netgroup_add', [netgroup1], dict(description=u'Test netgroup 1') |