diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-07-19 20:46:20 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-07-21 01:11:45 -0400 |
| commit | 506cbaa1fb24c9c5afd091582de0af1c44cc33ea (patch) | |
| tree | e7e6be53a6f6d56ccf42705cec88c4b463296ef9 /ipalib/plugins | |
| parent | 1554c9da6851a74f724ec01a513827e426cf776d (diff) | |
| download | freeipa-506cbaa1fb24c9c5afd091582de0af1c44cc33ea.tar.gz freeipa-506cbaa1fb24c9c5afd091582de0af1c44cc33ea.tar.xz freeipa-506cbaa1fb24c9c5afd091582de0af1c44cc33ea.zip | |
Hide the HBAC access type attribute now that deny is deprecated.
It won't appear in the UI/CLI but is still available via XML-RPC.
allow is the default and deny will be rejected.
https://fedorahosted.org/freeipa/ticket/1495
Diffstat (limited to 'ipalib/plugins')
| -rw-r--r-- | ipalib/plugins/hbacrule.py | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py index 2dcdddd58..0d8474fbd 100644 --- a/ipalib/plugins/hbacrule.py +++ b/ipalib/plugins/hbacrule.py @@ -36,7 +36,7 @@ EXAMPLES: Create a rule, "test1", that grants all users access to the host "server" from anywhere: - ipa hbacrule-add --type=allow --usercat=all --srchostcat=all test1 + ipa hbacrule-add --usercat=all --srchostcat=all test1 ipa hbacrule-add-host --hosts=server.example.com test1 Display the properties of a named HBAC rule: @@ -44,7 +44,7 @@ EXAMPLES: Create a rule for a specific service. This lets the user john access the sshd service on any machine from any machine: - ipa hbacrule-add --type=allow --hostcat=all --srchostcat=all john_sshd + ipa hbacrule-add --hostcat=all --srchostcat=all john_sshd ipa hbacrule-add-user --users=john john_sshd ipa hbacrule-add-service --hbacsvcs=sshd john_sshd @@ -53,7 +53,7 @@ EXAMPLES: ipa hbacsvcgroup-add ftpers ipa hbacsvc-add sftp ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers - ipa hbacrule-add --type=allow --hostcat=all --srchostcat=all john_ftp + ipa hbacrule-add --hostcat=all --srchostcat=all john_ftp ipa hbacrule-add-user --users=john john_ftp ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp @@ -112,7 +112,7 @@ class hbacrule(LDAPObject): object_name_plural = _('HBAC rules') object_class = ['ipaassociation', 'ipahbacrule'] default_attributes = [ - 'cn', 'accessruletype', 'ipaenabledflag', + 'cn', 'ipaenabledflag', 'description', 'usercategory', 'hostcategory', 'sourcehostcategory', 'servicecategory', 'ipaenabledflag', 'memberuser', 'sourcehost', 'memberhost', 'memberservice', @@ -143,6 +143,8 @@ class hbacrule(LDAPObject): values=(u'allow', u'deny'), default=u'allow', autofill=True, + exclude='webui', + flags=['no_option', 'no_output'], ), # FIXME: {user,host,sourcehost,service}categories should expand in the future StrEnum('usercategory?', |