summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomas Babej <tbabej@redhat.com>2014-09-05 12:39:28 +0200
committerTomas Babej <tbabej@redhat.com>2014-09-17 14:41:51 +0200
commit8fb00a9d445c6af2a7fa189d4dd1d0ca4dde6d03 (patch)
tree3404c0c71f7f2215abff27da86c618e2548ab1fa
parent843031f016c7dfa791c010d080fd8c607e13ad8f (diff)
downloadfreeipa-8fb00a9d445c6af2a7fa189d4dd1d0ca4dde6d03.zip
freeipa-8fb00a9d445c6af2a7fa189d4dd1d0ca4dde6d03.tar.gz
freeipa-8fb00a9d445c6af2a7fa189d4dd1d0ca4dde6d03.tar.xz
idviews: Split the idoverride commands into iduseroverride and idgroupoverride
-rw-r--r--ACI.txt4
-rw-r--r--API.txt89
-rw-r--r--ipalib/plugins/idviews.py76
3 files changed, 146 insertions, 23 deletions
diff --git a/ACI.txt b/ACI.txt
index eb88d31..30ca95a 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -119,7 +119,9 @@ aci: (targetattr = "businesscategory || cn || createtimestamp || description ||
dn: cn=hostgroups,cn=accounts,dc=ipa,dc=example
aci: (targetfilter = "(objectclass=ipahostgroup)")(version 3.0;acl "permission:System: Remove Hostgroups";allow (delete) groupdn = "ldap:///cn=System: Remove Hostgroups,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=views,cn=accounts,dc=ipa,dc=example
-aci: (targetattr = "cn || createtimestamp || description || entryusn || gidnumber || homedirectory || ipaanchoruuid || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(objectclass=ipaOverrideAnchor)")(version 3.0;acl "permission:System: Read ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
+aci: (targetattr = "cn || createtimestamp || description || entryusn || gidnumber || ipaanchoruuid || modifytimestamp || objectclass")(targetfilter = "(|(objectclass=ipaGroupOverride)(objectclass=ipaOverrideAnchor))")(version 3.0;acl "permission:System: Read Group ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
+dn: cn=views,cn=accounts,dc=ipa,dc=example
+aci: (targetattr = "createtimestamp || description || entryusn || homedirectory || ipaanchoruuid || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(|(objectclass=ipaOverrideAnchor)(objectclass=ipaUserOverride))")(version 3.0;acl "permission:System: Read User ID Overrides";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=ranges,cn=etc,dc=ipa,dc=example
aci: (targetattr = "cn || createtimestamp || entryusn || ipabaseid || ipabaserid || ipaidrangesize || ipanttrusteddomainsid || iparangetype || ipasecondarybaserid || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaidrange)")(version 3.0;acl "permission:System: Read ID Ranges";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=views,cn=accounts,dc=ipa,dc=example
diff --git a/API.txt b/API.txt
index 122bf9e..09464db 100644
--- a/API.txt
+++ b/API.txt
@@ -2032,8 +2032,8 @@ command: i18n_messages
args: 0,1,1
option: Str('version?', exclude='webui')
output: Output('texts', <type 'dict'>, None)
-command: idoverride_add
-args: 2,11,3
+command: idoverridegroup_add
+args: 2,8,3
arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, required=True)
option: Str('addattr*', cli_name='addattr', exclude='webui')
@@ -2041,6 +2041,75 @@ option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui
option: Str('cn', attribute=True, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=True)
option: Int('gidnumber', attribute=True, cli_name='gid', minvalue=1, multivalue=False, required=False)
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('setattr*', cli_name='setattr', exclude='webui')
+option: Str('version?', exclude='webui')
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: PrimaryKey('value', None, None)
+command: idoverridegroup_del
+args: 2,2,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=True, primary_key=True, query=True, required=True)
+option: Flag('continue', autofill=True, cli_name='continue', default=False)
+option: Str('version?', exclude='webui')
+output: Output('result', <type 'dict'>, None)
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: ListOfPrimaryKeys('value', None, None)
+command: idoverridegroup_find
+args: 2,10,4
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('criteria?', noextrawhitespace=False)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', query=True, required=False)
+option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False)
+option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, query=True, required=False)
+option: Str('ipaanchoruuid', attribute=True, autofill=False, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=False)
+option: Flag('pkey_only?', autofill=True, default=False)
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Int('sizelimit?', autofill=False, minvalue=0)
+option: Int('timelimit?', autofill=False, minvalue=0)
+option: Str('version?', exclude='webui')
+output: Output('count', <type 'int'>, None)
+output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: Output('truncated', <type 'bool'>, None)
+command: idoverridegroup_mod
+args: 2,11,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
+option: Str('addattr*', cli_name='addattr', exclude='webui')
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
+option: Str('delattr*', cli_name='delattr', exclude='webui')
+option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
+option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, required=False)
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('rename', cli_name='rename', multivalue=False, primary_key=True, required=False)
+option: Flag('rights', autofill=True, default=False)
+option: Str('setattr*', cli_name='setattr', exclude='webui')
+option: Str('version?', exclude='webui')
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: PrimaryKey('value', None, None)
+command: idoverridegroup_show
+args: 2,4,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Flag('rights', autofill=True, default=False)
+option: Str('version?', exclude='webui')
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: PrimaryKey('value', None, None)
+command: idoverrideuser_add
+args: 2,9,3
+arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
+arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, required=True)
+option: Str('addattr*', cli_name='addattr', exclude='webui')
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('description', attribute=True, cli_name='desc', multivalue=False, required=True)
option: Str('homedirectory', attribute=True, cli_name='homedir', multivalue=False, required=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
option: Str('setattr*', cli_name='setattr', exclude='webui')
@@ -2050,7 +2119,7 @@ option: Str('version?', exclude='webui')
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: PrimaryKey('value', None, None)
-command: idoverride_del
+command: idoverrideuser_del
args: 2,2,3
arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=True, primary_key=True, query=True, required=True)
@@ -2059,14 +2128,12 @@ option: Str('version?', exclude='webui')
output: Output('result', <type 'dict'>, None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: ListOfPrimaryKeys('value', None, None)
-command: idoverride_find
-args: 2,13,4
+command: idoverrideuser_find
+args: 2,11,4
arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
arg: Str('criteria?', noextrawhitespace=False)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
-option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', query=True, required=False)
option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, query=True, required=False)
-option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, query=True, required=False)
option: Str('homedirectory', attribute=True, autofill=False, cli_name='homedir', multivalue=False, query=True, required=False)
option: Str('ipaanchoruuid', attribute=True, autofill=False, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=False)
option: Flag('pkey_only?', autofill=True, default=False)
@@ -2080,16 +2147,14 @@ output: Output('count', <type 'int'>, None)
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: Output('truncated', <type 'bool'>, None)
-command: idoverride_mod
-args: 2,14,3
+command: idoverrideuser_mod
+args: 2,12,3
arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
option: Str('addattr*', cli_name='addattr', exclude='webui')
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
-option: Str('cn', attribute=True, autofill=False, cli_name='group_name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', required=False)
option: Str('delattr*', cli_name='delattr', exclude='webui')
option: Str('description', attribute=True, autofill=False, cli_name='desc', multivalue=False, required=False)
-option: Int('gidnumber', attribute=True, autofill=False, cli_name='gid', minvalue=1, multivalue=False, required=False)
option: Str('homedirectory', attribute=True, autofill=False, cli_name='homedir', multivalue=False, required=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
option: Str('rename', cli_name='rename', multivalue=False, primary_key=True, required=False)
@@ -2101,7 +2166,7 @@ option: Str('version?', exclude='webui')
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: PrimaryKey('value', None, None)
-command: idoverride_show
+command: idoverrideuser_show
args: 2,4,3
arg: Str('idviewcn', cli_name='idview', multivalue=False, primary_key=True, query=True, required=True)
arg: Str('ipaanchoruuid', attribute=True, cli_name='anchor', multivalue=False, primary_key=True, query=True, required=True)
diff --git a/ipalib/plugins/idviews.py b/ipalib/plugins/idviews.py
index 1be4d9d..702d17d 100644
--- a/ipalib/plugins/idviews.py
+++ b/ipalib/plugins/idviews.py
@@ -493,8 +493,8 @@ class baseidoverride(LDAPObject):
object_name = self.resolve_anchor_to_object_name(anchor)
entry_attrs.single_value['ipaanchoruuid'] = object_name
-@register()
-class idoverride_add(LDAPCreate):
+
+class baseidoverride_add(LDAPCreate):
__doc__ = _('Add a new ID override.')
msg_summary = _('Added ID override "%(value)s"')
@@ -507,14 +507,12 @@ class idoverride_add(LDAPCreate):
return dn
-@register()
-class idoverride_del(LDAPDelete):
+class baseidoverride_del(LDAPDelete):
__doc__ = _('Delete an ID override.')
msg_summary = _('Deleted ID override "%(value)s"')
-@register()
-class idoverride_mod(LDAPUpdate):
+class baseidoverride_mod(LDAPUpdate):
__doc__ = _('Modify an ID override.')
msg_summary = _('Modified an ID override "%(value)s"')
@@ -523,8 +521,7 @@ class idoverride_mod(LDAPUpdate):
return dn
-@register()
-class idoverride_find(LDAPSearch):
+class baseidoverride_find(LDAPSearch):
__doc__ = _('Search for an ID override.')
msg_summary = ngettext('%(count)d ID override matched',
'%(count)d ID overrides matched', 0)
@@ -535,8 +532,7 @@ class idoverride_find(LDAPSearch):
return truncated
-@register()
-class idoverride_show(LDAPRetrieve):
+class baseidoverride_show(LDAPRetrieve):
__doc__ = _('Display information about an ID override.')
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
@@ -640,3 +636,63 @@ class idoverridegroup(baseidoverride):
)
override_object = 'group'
+
+
+@register()
+class idoverrideuser_add(baseidoverride_add):
+ __doc__ = _('Add a new User ID override.')
+ msg_summary = _('Added User ID override "%(value)s"')
+
+
+@register()
+class idoverrideuser_del(baseidoverride_del):
+ __doc__ = _('Delete an User ID override.')
+ msg_summary = _('Deleted User ID override "%(value)s"')
+
+
+@register()
+class idoverrideuser_mod(baseidoverride_mod):
+ __doc__ = _('Modify an User ID override.')
+ msg_summary = _('Modified an User ID override "%(value)s"')
+
+
+@register()
+class idoverrideuser_find(baseidoverride_find):
+ __doc__ = _('Search for an User ID override.')
+ msg_summary = ngettext('%(count)d User ID override matched',
+ '%(count)d User ID overrides matched', 0)
+
+
+@register()
+class idoverrideuser_show(baseidoverride_show):
+ __doc__ = _('Display information about an User ID override.')
+
+
+@register()
+class idoverridegroup_add(baseidoverride_add):
+ __doc__ = _('Add a new Group ID override.')
+ msg_summary = _('Added Group ID override "%(value)s"')
+
+
+@register()
+class idoverridegroup_del(baseidoverride_del):
+ __doc__ = _('Delete an Group ID override.')
+ msg_summary = _('Deleted Group ID override "%(value)s"')
+
+
+@register()
+class idoverridegroup_mod(baseidoverride_mod):
+ __doc__ = _('Modify an Group ID override.')
+ msg_summary = _('Modified an Group ID override "%(value)s"')
+
+
+@register()
+class idoverridegroup_find(baseidoverride_find):
+ __doc__ = _('Search for an Group ID override.')
+ msg_summary = ngettext('%(count)d Group ID override matched',
+ '%(count)d Group ID overrides matched', 0)
+
+
+@register()
+class idoverridegroup_show(baseidoverride_show):
+ __doc__ = _('Display information about an Group ID override.')