diff options
-rw-r--r-- | API.txt | 26 | ||||
-rw-r--r-- | VERSION | 2 | ||||
-rw-r--r-- | ipalib/plugins/permission.py | 4 | ||||
-rw-r--r-- | ipalib/plugins/selfservice.py | 4 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_permission_plugin.py | 11 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_selfservice_plugin.py | 13 |
6 files changed, 46 insertions, 14 deletions
@@ -2039,7 +2039,7 @@ output: Output('result', <type 'bool'>, None) output: Output('value', <type 'unicode'>, None) command: permission_add args: 1,12,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, required=True) option: Str('permissions', attribute=True, cli_name='permissions', csv=True, multivalue=True, required=True) option: Str('attrs', alwaysask=True, attribute=True, autofill=False, cli_name='attrs', csv=True, multivalue=True, query=False, required=False) option: StrEnum('type', alwaysask=True, attribute=True, autofill=False, cli_name='type', multivalue=False, query=False, required=False, values=(u'user', u'group', u'host', u'service', u'hostgroup', u'netgroup', u'dnsrecord')) @@ -2057,7 +2057,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: permission_add_member args: 1,4,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -2067,7 +2067,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('completed', <type 'int'>, None) command: permission_del args: 1,1,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=True, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=True, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Flag('continue', autofill=True, cli_name='continue', default=False) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('result', <type 'dict'>, None) @@ -2075,7 +2075,7 @@ output: Output('value', <type 'unicode'>, None) command: permission_find args: 1,14,4 arg: Str('criteria?', noextrawhitespace=False) -option: Str('cn', attribute=True, autofill=False, cli_name='name', multivalue=False, primary_key=True, query=True, required=False) +option: Str('cn', attribute=True, autofill=False, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=False) option: Str('permissions', attribute=True, autofill=False, cli_name='permissions', csv=True, multivalue=True, query=True, required=False) option: Str('attrs', attribute=True, autofill=False, cli_name='attrs', csv=True, multivalue=True, query=True, required=False) option: StrEnum('type', attribute=True, autofill=False, cli_name='type', multivalue=False, query=True, required=False, values=(u'user', u'group', u'host', u'service', u'hostgroup', u'netgroup', u'dnsrecord')) @@ -2095,7 +2095,7 @@ output: Output('count', <type 'int'>, None) output: Output('truncated', <type 'bool'>, None) command: permission_mod args: 1,15,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Str('permissions', attribute=True, autofill=False, cli_name='permissions', csv=True, multivalue=True, required=False) option: Str('attrs', alwaysask=True, attribute=True, autofill=False, cli_name='attrs', csv=True, multivalue=True, query=False, required=False) option: StrEnum('type', alwaysask=True, attribute=True, autofill=False, cli_name='type', multivalue=False, query=False, required=False, values=(u'user', u'group', u'host', u'service', u'hostgroup', u'netgroup', u'dnsrecord')) @@ -2110,13 +2110,13 @@ option: Flag('rights', autofill=True, default=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') -option: Str('rename', cli_name='rename', multivalue=False, primary_key=True, required=False) +option: Str('rename', cli_name='rename', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, required=False) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Output('value', <type 'unicode'>, None) command: permission_remove_member args: 1,4,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -2126,7 +2126,7 @@ output: Output('failed', <type 'dict'>, None) output: Output('completed', <type 'int'>, None) command: permission_show args: 1,4,3 -arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('cn', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Flag('rights', autofill=True, default=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') @@ -2437,7 +2437,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: selfservice_add args: 1,5,3 -arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, primary_key=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, required=True) option: Str('permissions', attribute=True, cli_name='permissions', csv=True, multivalue=True, required=False) option: Str('attrs', attribute=True, cli_name='attrs', csv=True, multivalue=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') @@ -2448,14 +2448,14 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: selfservice_del args: 1,0,3 -arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('result', <type 'bool'>, None) output: Output('value', <type 'unicode'>, None) command: selfservice_find args: 1,7,4 arg: Str('criteria?') -option: Str('aciname', attribute=True, autofill=False, cli_name='name', multivalue=False, primary_key=True, query=True, required=False) +option: Str('aciname', attribute=True, autofill=False, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=False) option: Str('permissions', attribute=True, autofill=False, cli_name='permissions', csv=True, multivalue=True, query=True, required=False) option: Str('attrs', attribute=True, autofill=False, cli_name='attrs', csv=True, multivalue=True, query=True, required=False) option: Flag('pkey_only?', autofill=True, default=False) @@ -2468,7 +2468,7 @@ output: Output('count', <type 'int'>, None) output: Output('truncated', <type 'bool'>, None) command: selfservice_mod args: 1,5,3 -arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Str('permissions', attribute=True, autofill=False, cli_name='permissions', csv=True, multivalue=True, required=False) option: Str('attrs', attribute=True, autofill=False, cli_name='attrs', csv=True, multivalue=True, required=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') @@ -2479,7 +2479,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA output: Output('value', <type 'unicode'>, None) command: selfservice_show args: 1,3,3 -arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', multivalue=False, pattern='^[-_ a-zA-Z0-9]+$', pattern_errmsg='May only contain letters, numbers, -, _, and space', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Str('version?', exclude='webui') @@ -79,4 +79,4 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=33 +IPA_API_VERSION_MINOR=34 diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index ce2536d99..9b669d9f5 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -18,6 +18,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import copy + from ipalib.plugins.baseldap import * from ipalib import api, _, ngettext from ipalib import Flag, Str, StrEnum @@ -92,6 +93,7 @@ output_params = ( dn_ipaconfig = str(DN('cn=ipaconfig,cn=etc,%s' % api.env.basedn)) + def check_attrs(attrs, type): # Trying to delete attributes - no need for validation if attrs is None: @@ -154,6 +156,8 @@ class permission(LDAPObject): cli_name='name', label=_('Permission name'), primary_key=True, + pattern='^[-_ a-zA-Z0-9]+$', + pattern_errmsg="May only contain letters, numbers, -, _, and space", ), Str('permissions+', cli_name='permissions', diff --git a/ipalib/plugins/selfservice.py b/ipalib/plugins/selfservice.py index 6f843d469..a60475b7c 100644 --- a/ipalib/plugins/selfservice.py +++ b/ipalib/plugins/selfservice.py @@ -18,6 +18,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import copy + from ipalib import api, _, ngettext from ipalib import Flag, Str from ipalib.request import context @@ -60,6 +61,7 @@ output_params = ( ), ) + class selfservice(Object): """ Selfservice object. @@ -77,6 +79,8 @@ class selfservice(Object): label=_('Self-service name'), doc=_('Self-service name'), primary_key=True, + pattern='^[-_ a-zA-Z0-9]+$', + pattern_errmsg="May only contain letters, numbers, -, _, and space", ), Str('permissions*', cli_name='permissions', diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py index 51546732c..ab2858860 100644 --- a/tests/test_xmlrpc/test_permission_plugin.py +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -45,6 +45,8 @@ privilege1 = u'testpriv1' privilege1_dn = DN(('cn',privilege1), api.env.container_privilege,api.env.basedn) +invalid_permission1 = u'bad;perm' + class test_permission(Declarative): @@ -712,5 +714,14 @@ class test_permission(Declarative): ), ), + dict( + desc='Try to create invalid %r' % invalid_permission1, + command=('permission_add', [invalid_permission1], dict( + type=u'user', + permissions=u'write', + )), + expected=errors.ValidationError(name='name', + error='May only contain letters, numbers, -, _, and space'), + ), ] diff --git a/tests/test_xmlrpc/test_selfservice_plugin.py b/tests/test_xmlrpc/test_selfservice_plugin.py index d457627c5..3546701d5 100644 --- a/tests/test_xmlrpc/test_selfservice_plugin.py +++ b/tests/test_xmlrpc/test_selfservice_plugin.py @@ -26,6 +26,7 @@ from tests.test_xmlrpc import objectclasses from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid selfservice1 = u'testself' +invalid_selfservice1 = u'bad+name' class test_selfservice(Declarative): @@ -270,4 +271,16 @@ class test_selfservice(Declarative): ) ), + dict( + desc='Create invalid %r' % invalid_selfservice1, + command=( + 'selfservice_add', [invalid_selfservice1], dict( + attrs=[u'street', u'c', u'l', u'st', u'postalcode'], + permissions=u'write', + ) + ), + expected=errors.ValidationError(name='name', + error='May only contain letters, numbers, -, _, and space'), + ), + ] |