diff options
| author | Martin Kosek <mkosek@redhat.com> | 2011-11-14 17:03:44 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-11-15 13:17:44 +0100 |
| commit | 2a3a4ae64a9c3fa41520058e24f20f4d3d941e48 (patch) | |
| tree | 3c51f7b993602df309269244c429f85974b86ec2 /ipalib/plugins/host.py | |
| parent | 714b0d11ec5e6d756739bfca2cdf3bad31979615 (diff) | |
| download | freeipa-2a3a4ae64a9c3fa41520058e24f20f4d3d941e48.tar.gz freeipa-2a3a4ae64a9c3fa41520058e24f20f4d3d941e48.tar.xz freeipa-2a3a4ae64a9c3fa41520058e24f20f4d3d941e48.zip | |
Fix LDAP object parameter encoding
Parameters in LDAP objects missed an information if they are real
LDAP attributes or not. Real LDAP attributes are written to
entry_attrs dictionary in plugin callbacks and are being encoded.
This causes issues when plugin callbacks does not expect that
the parameters values are already encoded for submission to LDAP.
This patch introduces a new flag "noattribute" used to mark that
a parameter is not an LDAP attribute and thus should not be encoded
or added to entry_attrs. Param documentation is improved to describe
the meaning of this and other Param flags or attributes.
https://fedorahosted.org/freeipa/ticket/2097
Diffstat (limited to 'ipalib/plugins/host.py')
| -rw-r--r-- | ipalib/plugins/host.py | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 6557880aa..33d60ad1c 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -290,12 +290,12 @@ class host(LDAPObject): ), Flag('random?', doc=_('Generate a random password to be used in bulk enrollment'), - flags=['no_search'], + flags=('no_search', 'virtual_attribute'), default=False, ), Str('randompassword?', label=_('Random password'), - flags=['no_create', 'no_update', 'no_search'], + flags=('no_create', 'no_update', 'no_search', 'virtual_attribute'), ), Bytes('usercertificate?', validate_certificate, cli_name='certificate', @@ -432,12 +432,10 @@ class host_add(LDAPCreate): entry_attrs['objectclass'].remove('krbprincipalaux') if 'krbprincipal' in entry_attrs['objectclass']: entry_attrs['objectclass'].remove('krbprincipal') - if 'random' in options: - if options.get('random'): - entry_attrs['userpassword'] = ipa_generate_password() - # save the password so it can be displayed in post_callback - setattr(context, 'randompassword', entry_attrs['userpassword']) - del entry_attrs['random'] + if options.get('random'): + entry_attrs['userpassword'] = ipa_generate_password() + # save the password so it can be displayed in post_callback + setattr(context, 'randompassword', entry_attrs['userpassword']) cert = options.get('usercertificate') if cert: cert = x509.normalize_certificate(cert) @@ -680,11 +678,9 @@ class host_mod(LDAPUpdate): raise nsprerr entry_attrs['usercertificate'] = cert - if 'random' in options: - if options.get('random'): - entry_attrs['userpassword'] = ipa_generate_password() - setattr(context, 'randompassword', entry_attrs['userpassword']) - del entry_attrs['random'] + if options.get('random'): + entry_attrs['userpassword'] = ipa_generate_password() + setattr(context, 'randompassword', entry_attrs['userpassword']) return dn |