summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2011-07-28 18:46:22 -0400
committerMartin Kosek <mkosek@redhat.com>2011-07-29 15:40:01 +0200
commitd8c479731e6f985f4c4be1e1e4fee858e9eae901 (patch)
tree636d269cb33f76801b5c033ccf1514ec026af658
parentdd296eec13e3b436b0c608fdddd53089ed5c78e5 (diff)
downloadfreeipa-d8c479731e6f985f4c4be1e1e4fee858e9eae901.tar.gz
freeipa-d8c479731e6f985f4c4be1e1e4fee858e9eae901.tar.xz
freeipa-d8c479731e6f985f4c4be1e1e4fee858e9eae901.zip
Deprecated managing users and runas user/group in sudorule add/mod
We have helpers to manage these values so they shouldn't be available via add/mod. There is no logic behind them to do the right thing. https://fedorahosted.org/freeipa/ticket/1307 https://fedorahosted.org/freeipa/ticket/1320
-rw-r--r--API.txt18
-rw-r--r--ipalib/plugins/sudorule.py24
2 files changed, 27 insertions, 15 deletions
diff --git a/API.txt b/API.txt
index 5c4a7fe93..d78e3529c 100644
--- a/API.txt
+++ b/API.txt
@@ -2384,9 +2384,9 @@ option: StrEnum('hostcategory', attribute=True, cli_name='hostcat', label=Gettex
option: StrEnum('cmdcategory', attribute=True, cli_name='cmdcat', label=Gettext('Command category', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'all',))
option: StrEnum('ipasudorunasusercategory', attribute=True, cli_name='runasusercat', label=Gettext('RunAs User category', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'all',))
option: StrEnum('ipasudorunasgroupcategory', attribute=True, cli_name='runasgroupcat', label=Gettext('RunAs Group category', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'all',))
-option: Str('externaluser', attribute=True, cli_name='externaluser', label=Gettext('External User', domain='ipa', localedir=None), multivalue=False, required=False)
-option: Str('ipasudorunasextuser', attribute=True, cli_name='runasexternaluser', label=Gettext('RunAs External User', domain='ipa', localedir=None), multivalue=False, required=False)
-option: Str('ipasudorunasextgroup', attribute=True, cli_name='runasexternalgroup', label=Gettext('RunAs External Group', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Str('externaluser', validate_externaluser, attribute=True, cli_name='externaluser', label=Gettext('External User', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Str('ipasudorunasextuser', validate_runasextuser, attribute=True, cli_name='runasexternaluser', label=Gettext('RunAs External User', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Str('ipasudorunasextgroup', validate_runasextgroup, attribute=True, cli_name='runasexternalgroup', label=Gettext('RunAs External Group', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
@@ -2490,9 +2490,9 @@ option: StrEnum('hostcategory', attribute=True, autofill=False, cli_name='hostca
option: StrEnum('cmdcategory', attribute=True, autofill=False, cli_name='cmdcat', label=Gettext('Command category', domain='ipa', localedir=None), multivalue=False, query=True, required=False, values=(u'all',))
option: StrEnum('ipasudorunasusercategory', attribute=True, autofill=False, cli_name='runasusercat', label=Gettext('RunAs User category', domain='ipa', localedir=None), multivalue=False, query=True, required=False, values=(u'all',))
option: StrEnum('ipasudorunasgroupcategory', attribute=True, autofill=False, cli_name='runasgroupcat', label=Gettext('RunAs Group category', domain='ipa', localedir=None), multivalue=False, query=True, required=False, values=(u'all',))
-option: Str('externaluser', attribute=True, autofill=False, cli_name='externaluser', label=Gettext('External User', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
-option: Str('ipasudorunasextuser', attribute=True, autofill=False, cli_name='runasexternaluser', label=Gettext('RunAs External User', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
-option: Str('ipasudorunasextgroup', attribute=True, autofill=False, cli_name='runasexternalgroup', label=Gettext('RunAs External Group', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
+option: Str('externaluser', validate_externaluser, attribute=True, autofill=False, cli_name='externaluser', label=Gettext('External User', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
+option: Str('ipasudorunasextuser', validate_runasextuser, attribute=True, autofill=False, cli_name='runasexternaluser', label=Gettext('RunAs External User', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
+option: Str('ipasudorunasextgroup', validate_runasextgroup, attribute=True, autofill=False, cli_name='runasexternalgroup', label=Gettext('RunAs External Group', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
option: Int('timelimit?', autofill=False, flags=['no_display'], label=Gettext('Time Limit', domain='ipa', localedir=None), minvalue=0)
option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('Size Limit', domain='ipa', localedir=None), minvalue=0)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
@@ -2511,9 +2511,9 @@ option: StrEnum('hostcategory', attribute=True, autofill=False, cli_name='hostca
option: StrEnum('cmdcategory', attribute=True, autofill=False, cli_name='cmdcat', label=Gettext('Command category', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'all',))
option: StrEnum('ipasudorunasusercategory', attribute=True, autofill=False, cli_name='runasusercat', label=Gettext('RunAs User category', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'all',))
option: StrEnum('ipasudorunasgroupcategory', attribute=True, autofill=False, cli_name='runasgroupcat', label=Gettext('RunAs Group category', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'all',))
-option: Str('externaluser', attribute=True, autofill=False, cli_name='externaluser', label=Gettext('External User', domain='ipa', localedir=None), multivalue=False, required=False)
-option: Str('ipasudorunasextuser', attribute=True, autofill=False, cli_name='runasexternaluser', label=Gettext('RunAs External User', domain='ipa', localedir=None), multivalue=False, required=False)
-option: Str('ipasudorunasextgroup', attribute=True, autofill=False, cli_name='runasexternalgroup', label=Gettext('RunAs External Group', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Str('externaluser', validate_externaluser, attribute=True, autofill=False, cli_name='externaluser', label=Gettext('External User', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Str('ipasudorunasextuser', validate_runasextuser, attribute=True, autofill=False, cli_name='runasexternaluser', label=Gettext('RunAs External User', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Str('ipasudorunasextgroup', validate_runasextgroup, attribute=True, autofill=False, cli_name='runasexternalgroup', label=Gettext('RunAs External Group', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
option: Flag('rights', autofill=True, default=False, label=Gettext('Rights', domain='ipa', localedir=None))
diff --git a/ipalib/plugins/sudorule.py b/ipalib/plugins/sudorule.py
index 8b415e72e..0c9a8c7e9 100644
--- a/ipalib/plugins/sudorule.py
+++ b/ipalib/plugins/sudorule.py
@@ -40,6 +40,18 @@ from ipalib import _, ngettext
topic = ('sudo', 'Commands for controlling sudo configuration')
+def deprecated(attribute):
+ raise errors.ValidationError(name=attribute, error=_('this option has been deprecated.'))
+
+def validate_externaluser(ugettext, value):
+ deprecated('externaluser')
+
+def validate_runasextuser(ugettext, value):
+ deprecated('runasexternaluser')
+
+def validate_runasextgroup(ugettext, value):
+ deprecated('runasexternalgroup')
+
class sudorule(LDAPObject):
"""
Sudo Rule management
@@ -152,20 +164,20 @@ class sudorule(LDAPObject):
label=_('RunAs Group'),
flags=['no_create', 'no_update', 'no_search'],
),
- Str('externaluser?',
+ Str('externaluser?', validate_externaluser,
cli_name='externaluser',
label=_('External User'),
- doc=_('External User the rule applies to'),
+ doc=_('External User the rule applies to (sudorule-find only)'),
),
- Str('ipasudorunasextuser?',
+ Str('ipasudorunasextuser?', validate_runasextuser,
cli_name='runasexternaluser',
label=_('RunAs External User'),
- doc=_('External User the commands can run as'),
+ doc=_('External User the commands can run as (sudorule-find only)'),
),
- Str('ipasudorunasextgroup?',
+ Str('ipasudorunasextgroup?', validate_runasextgroup,
cli_name='runasexternalgroup',
label=_('RunAs External Group'),
- doc=_('External Group the commands can run as'),
+ doc=_('External Group the commands can run as (sudorule-find only)'),
),
)