Enable group inactivation by using the Class of Service plugin.

This adds 2 new groups: activated and inactivated. If you, or a group you are a member of, is in inactivated then you are too. If you, or a group you are a member of, is in the activated group, then you are too. In a fight between activated and inactivated, activated wins. The DNs for doing this matching is case and white space sensitive. The goal is to never have to actually set nsAccountLock in a user directly but move them between these groups. We need to decide where in the CLI this will happen. Right it is split between ipa-deluser and ipa-usermod. To inactivate groups for now just add the group to inactivate or active.
author: Rob Crittenden <rcritten@redhat.com> 2007-11-20 22:45:29 -0500
committer: Rob Crittenden <rcritten@redhat.com> 2007-11-20 22:45:29 -0500
commit: f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42 (patch)
tree: 5e3907c33efe15f9a7f04bc973a341d0851b6dd4 /ipa-python
parent: 56d67b86e18112c9f059e7bcd3ac51fc21f941af (diff)
download: freeipa-f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42.tar.gz
freeipa-f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42.tar.xz
freeipa-f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42.zip
2 files changed, 67 insertions, 5 deletions
diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index f8c70974a..0eeb2f36f 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -177,10 +177,16 @@ class IPAClient:
 
         return result
 
-    def mark_user_deleted(self,uid):
+    def mark_user_active(self,uid):
+        """Set a user as active by uid."""
+
+        result = self.transport.mark_user_active(uid)
+        return result
+
+    def mark_user_inactive(self,uid):
         """Set a user as inactive by uid."""
 
-        result = self.transport.mark_user_deleted(uid)
+        result = self.transport.mark_user_inactive(uid)
         return result
 
 # Groups support
@@ -335,6 +341,20 @@ class IPAClient:
                 entries.append(user.User(e))
 
         return entries
+ 
+     def mark_group_active(self,cn):
+         """Set a group as active by cn."""
+ 
+         result = self.transport.mark_group_active(cn)
+         return result
+ 
+     def mark_group_inactive(self,cn):
+         """Set a group as inactive by cn."""
+ 
+         result = self.transport.mark_group_inactive(cn)
+         return result
+
+# Configuration
 
     def get_ipa_config(self):
         """Get the IPA configuration"""
diff --git a/ipa-python/rpcclient.py b/ipa-python/rpcclient.py
index c4ca2ff3e..d4c3dcc8e 100644
--- a/ipa-python/rpcclient.py
+++ b/ipa-python/rpcclient.py
@@ -318,12 +318,12 @@ class RPCClient:
 
         return result
 
-    def mark_user_deleted(self,uid):
-        """Mark a user as deleted/inactive"""
+    def mark_user_active(self,uid):
+        """Mark a user as active"""
         server = self.setup_server()
     
         try:
-            result = server.mark_user_deleted(uid)
+            result = server.mark_user_active(uid)
         except xmlrpclib.Fault, fault:
             raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
         except socket.error, (value, msg):
@@ -331,6 +331,20 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
+    def mark_user_inactive(self,uid):
+        """Mark a user as inactive"""
+        server = self.setup_server()
+    
+        try:
+            result = server.mark_user_inactive(uid)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+
 # Group support
 
     def get_groups_by_member(self,member_dn,sattrs=None):
@@ -601,6 +615,34 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
+    def mark_group_active(self,cn):
+        """Mark a group as active"""
+        server = self.setup_server()
+    
+        try:
+            result = server.mark_group_active(cn)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def mark_group_inactive(self,cn):
+        """Mark a group as inactive"""
+        server = self.setup_server()
+    
+        try:
+            result = server.mark_group_inactive(cn)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+# Configuration support
+
     def get_ipa_config(self):
         """Get the IPA configuration"""
         server = self.setup_server()
author	Rob Crittenden <rcritten@redhat.com>	2007-11-20 22:45:29 -0500
committer	Rob Crittenden <rcritten@redhat.com>	2007-11-20 22:45:29 -0500
commit	f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42 (patch)
tree	5e3907c33efe15f9a7f04bc973a341d0851b6dd4 /ipa-python
parent	56d67b86e18112c9f059e7bcd3ac51fc21f941af (diff)
download	freeipa-f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42.tar.gz freeipa-f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42.tar.xz freeipa-f42f1f44c81e15ac9ecbc6684cbc4dfc9395fd42.zip