summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ipalib/plugins/f_group.py144
1 files changed, 85 insertions, 59 deletions
diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py
index a07d314be..c2280a4e4 100644
--- a/ipalib/plugins/f_group.py
+++ b/ipalib/plugins/f_group.py
@@ -25,10 +25,7 @@ from ipalib import frontend
from ipalib import crud
from ipalib.frontend import Param
from ipalib import api
-from ipa_server import servercore
-from ipa_server import ipaldap
from ipa_server import ipautil
-import ldap
class group(frontend.Object):
@@ -71,7 +68,7 @@ class group_add(crud.Add):
kw['dn'] = ldap.make_group_dn(cn)
# Get our configuration
- config = servercore.get_ipa_config()
+ config = ldap.get_ipa_config()
# some required objectclasses
kw['objectClass'] = config.get('ipagroupobjectclasses')
@@ -90,87 +87,116 @@ api.register(group_add)
class group_del(crud.Del):
'Delete an existing group.'
- def execute(self, *args, **kw):
- """args[0] = dn of the group to remove
-
- Delete a group
-
- The memberOf plugin handles removing the group from any other
- groups.
+ def execute(self, cn, **kw):
"""
- group_dn = args[0]
+ Delete a group
- group = servercore.get_entry_by_dn(group_dn, ['dn', 'cn'])
- if group is None:
- raise errors.NotFound
-# logging.info("IPA: delete_group '%s'" % group_dn)
+ The memberOf plugin handles removing the group from any other
+ groups.
+ :param cn: The name of the group being removed
+ :param kw: Unused
+ """
# We have 2 special groups, don't allow them to be removed
- # FIXME
-# if "admins" in group.get('cn') or "editors" in group.get('cn'):
+# if "admins" == cn.lower() or "editors" == cn.lower():
# raise ipaerror.gen_exception(ipaerror.CONFIG_REQUIRED_GROUPS)
+ ldap = self.api.Backend.ldap
+ dn = ldap.find_entry_dn("cn", cn, "posixGroup")
+# logging.info("IPA: delete_group '%s'" % dn)
+
# Don't allow the default user group to be removed
- config=servercore.get_ipa_config()
- default_group = servercore.get_entry_by_cn(config.get('ipadefaultprimarygroup'), None)
- if group_dn == default_group.get('dn'):
+ config=ldap.get_ipa_config()
+ default_group = ldap.find_entry_dn("cn", config.get('ipadefaultprimarygroup'), "posixGroup")
+ if dn == default_group:
raise errors.DefaultGroup
- return servercore.delete_entry(group_dn)
- def forward(self, *args, **kw):
- group = self.api.Command['group_show'](ipautil.utf8_encode_value(args[0]))
- if not group:
- print "nothing found"
- return False
- a = group.get('dn')
- result = super(crud.Del, self).forward(a)
+ return ldap.delete(dn)
+
+ def output_for_cli(self, ret):
+ """
+ Output result of this command to command line interface.
+ """
+ if ret:
+ print "Group deleted"
+
api.register(group_del)
class group_mod(crud.Mod):
'Edit an existing group.'
- def execute(self, *args, **kw):
- group_cn=args[0]
- result = servercore.get_entry_by_cn(group_cn, ["*"])
+ def execute(self, cn, **kw):
+ """
+ Execute the user-mod operation.
- group = kw
- dn = result.get('dn')
- del result['dn']
- entry = ipaldap.Entry((dn, servercore.convert_scalar_values(result)))
+ The dn should not be passed as a keyword argument as it is constructed
+ by this method.
- for g in group:
- entry.setValues(g, group[g])
+ Returns the entry
- result = servercore.update_entry(entry.toDict())
+ :param cn: The name of the group to update.
+ :param kw: Keyword arguments for the other LDAP attributes.
+ """
+ assert 'cn' not in kw
+ assert 'dn' not in kw
+ ldap = self.api.Backend.ldap
+ dn = ldap.find_entry_dn("cn", cn, "posixGroup")
+ return ldap.update(dn, **kw)
+
+ def output_for_cli(self, ret):
+ """
+ Output result of this command to command line interface.
+ """
+ if ret:
+ print "Group updated"
- return result
- def forward(self, *args, **kw):
- result = super(crud.Mod, self).forward(*args, **kw)
- if result:
- print "Group %s modified" % args[0]
api.register(group_mod)
class group_find(crud.Find):
'Search the groups.'
- def execute(self, *args, **kw):
- cn=args[0]
- result = servercore.get_sub_entry(servercore.basedn, "cn=%s" % cn, ["*"])
- return result
- def forward(self, *args, **kw):
- result = super(crud.Find, self).forward(*args, **kw)
- for a in result:
- print a, ": ", result[a]
+ def execute(self, cn, **kw):
+ ldap = self.api.Backend.ldap
+ kw['cn'] = cn
+ return ldap.search(**kw)
+
+ def output_for_cli(self, groups):
+ if not groups:
+ return
+
+ counter = groups[0]
+ groups = groups[1:]
+ if counter == 0:
+ print "No entries found"
+ return
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+
+ for g in groups:
+ for a in g.keys():
+ print "%s: %s" % (a, g[a])
+
api.register(group_find)
class group_show(crud.Get):
'Examine an existing group.'
- def execute(self, *args, **kw):
- cn=args[0]
- result = servercore.get_sub_entry(servercore.basedn, "cn=%s" % cn, ["*"])
- return result
- def forward(self, *args, **kw):
- result = super(crud.Get, self).forward(*args, **kw)
- return result
+ def execute(self, cn, **kw):
+ """
+ Execute the group-show operation.
+
+ The dn should not be passed as a keyword argument as it is constructed
+ by this method.
+
+ Returns the entry
+
+ :param cn: The group name to retrieve.
+ :param kw: Not used.
+ """
+ ldap = self.api.Backend.ldap
+ dn = ldap.find_entry_dn("cn", cn, "posixGroup")
+ # FIXME: should kw contain the list of attributes to display?
+ return ldap.retrieve(dn)
+
api.register(group_show)