summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipalib/plugins/automount.py64
-rw-r--r--ipalib/plugins/batch.py5
-rw-r--r--ipalib/plugins/cert.py15
-rw-r--r--ipalib/plugins/config.py9
-rw-r--r--ipalib/plugins/delegation.py15
-rw-r--r--ipalib/plugins/dns.py47
-rw-r--r--ipalib/plugins/group.py21
-rw-r--r--ipalib/plugins/hbacrule.py34
-rw-r--r--ipalib/plugins/hbacsvc.py15
-rw-r--r--ipalib/plugins/hbacsvcgroup.py19
-rw-r--r--ipalib/plugins/hbactest.py5
-rw-r--r--ipalib/plugins/host.py21
-rw-r--r--ipalib/plugins/hostgroup.py19
-rw-r--r--ipalib/plugins/idrange.py14
-rw-r--r--ipalib/plugins/internal.py7
-rw-r--r--ipalib/plugins/kerberos.py5
-rw-r--r--ipalib/plugins/migration.py5
-rw-r--r--ipalib/plugins/misc.py7
-rw-r--r--ipalib/plugins/netgroup.py18
-rw-r--r--ipalib/plugins/passwd.py5
-rw-r--r--ipalib/plugins/pkinit.py7
-rw-r--r--ipalib/plugins/realmdomains.py8
-rw-r--r--ipalib/plugins/role.py23
-rw-r--r--ipalib/plugins/selfservice.py15
-rw-r--r--ipalib/plugins/selinuxusermap.py27
-rw-r--r--ipalib/plugins/service.py21
-rw-r--r--ipalib/plugins/sudocmd.py15
-rw-r--r--ipalib/plugins/sudocmdgroup.py19
-rw-r--r--ipalib/plugins/sudorule.py47
-rw-r--r--ipalib/plugins/trust.py45
-rw-r--r--ipalib/plugins/user.py30
31 files changed, 333 insertions, 274 deletions
diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py
index 7b426b688..9912e0ae6 100644
--- a/ipalib/plugins/automount.py
+++ b/ipalib/plugins/automount.py
@@ -23,6 +23,7 @@ import os
from ipalib import api, errors
from ipalib import Object, Command
from ipalib import Flag, Str, IA5Str
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -193,10 +194,13 @@ automountInformation: -ro,soft,rsize=8192,wsize=8192 nfs.example.com:/vol/arch
"""
+register = Registry()
+
DIRECT_MAP_KEY = u'/-'
DEFAULT_MAPS = (u'auto.direct', )
DEFAULT_KEYS = (u'/-', )
+@register()
class automountlocation(LDAPObject):
"""
Location container for automount maps.
@@ -233,9 +237,8 @@ class automountlocation(LDAPObject):
),
)
-api.register(automountlocation)
-
+@register()
class automountlocation_add(LDAPCreate):
__doc__ = _('Create a new automount location.')
@@ -255,23 +258,19 @@ class automountlocation_add(LDAPCreate):
return dn
-api.register(automountlocation_add)
-
-
+@register()
class automountlocation_del(LDAPDelete):
__doc__ = _('Delete an automount location.')
msg_summary = _('Deleted automount location "%(value)s"')
-api.register(automountlocation_del)
-
+@register()
class automountlocation_show(LDAPRetrieve):
__doc__ = _('Display an automount location.')
-api.register(automountlocation_show)
-
+@register()
class automountlocation_find(LDAPSearch):
__doc__ = _('Search for an automount location.')
@@ -280,9 +279,8 @@ class automountlocation_find(LDAPSearch):
'%(count)d automount locations matched', 0
)
-api.register(automountlocation_find)
-
+@register()
class automountlocation_tofiles(LDAPQuery):
__doc__ = _('Generate automount files for a specific location.')
@@ -376,9 +374,8 @@ class automountlocation_tofiles(LDAPQuery):
)
)
-api.register(automountlocation_tofiles)
-
+@register()
class automountlocation_import(LDAPQuery):
__doc__ = _('Import automount files for a specific location.')
@@ -569,8 +566,7 @@ class automountlocation_import(LDAPQuery):
)
-api.register(automountlocation_import)
-
+@register()
class automountmap(LDAPObject):
"""
Automount map object.
@@ -598,17 +594,15 @@ class automountmap(LDAPObject):
label = _('Automount Maps')
label_singular = _('Automount Map')
-api.register(automountmap)
-
+@register()
class automountmap_add(LDAPCreate):
__doc__ = _('Create a new automount map.')
msg_summary = _('Added automount map "%(value)s"')
-api.register(automountmap_add)
-
+@register()
class automountmap_del(LDAPDelete):
__doc__ = _('Delete an automount map.')
@@ -627,17 +621,15 @@ class automountmap_del(LDAPDelete):
pass
return True
-api.register(automountmap_del)
-
+@register()
class automountmap_mod(LDAPUpdate):
__doc__ = _('Modify an automount map.')
msg_summary = _('Modified automount map "%(value)s"')
-api.register(automountmap_mod)
-
+@register()
class automountmap_find(LDAPSearch):
__doc__ = _('Search for an automount map.')
@@ -646,15 +638,13 @@ class automountmap_find(LDAPSearch):
'%(count)d automount maps matched', 0
)
-api.register(automountmap_find)
-
+@register()
class automountmap_show(LDAPRetrieve):
__doc__ = _('Display an automount map.')
-api.register(automountmap_show)
-
+@register()
class automountkey(LDAPObject):
__doc__ = _('Automount key object.')
@@ -800,9 +790,8 @@ class automountkey(LDAPObject):
else: return
self.handle_duplicate_entry(location, map, self.get_pk(key, info))
-api.register(automountkey)
-
+@register()
class automountkey_add(LDAPCreate):
__doc__ = _('Create a new automount key.')
@@ -830,9 +819,8 @@ class automountkey_add(LDAPCreate):
result['value'] = pkey_to_value(options['automountkey'], options)
return result
-api.register(automountkey_add)
-
+@register()
class automountmap_add_indirect(LDAPCreate):
__doc__ = _('Create a new indirect mount point.')
@@ -884,9 +872,8 @@ class automountmap_add_indirect(LDAPCreate):
raise
return result
-api.register(automountmap_add_indirect)
-
+@register()
class automountkey_del(LDAPDelete):
__doc__ = _('Delete an automount key.')
@@ -926,9 +913,8 @@ class automountkey_del(LDAPDelete):
result['value'] = pkey_to_value([options['automountkey']], options)
return result
-api.register(automountkey_del)
-
+@register()
class automountkey_mod(LDAPUpdate):
__doc__ = _('Modify an automount key.')
@@ -985,9 +971,8 @@ class automountkey_mod(LDAPUpdate):
result['value'] = pkey_to_value(options['automountkey'], options)
return result
-api.register(automountkey_mod)
-
+@register()
class automountkey_find(LDAPSearch):
__doc__ = _('Search for an automount key.')
@@ -996,9 +981,8 @@ class automountkey_find(LDAPSearch):
'%(count)d automount keys matched', 0
)
-api.register(automountkey_find)
-
+@register()
class automountkey_show(LDAPRetrieve):
__doc__ = _('Display an automount key.')
@@ -1028,5 +1012,3 @@ class automountkey_show(LDAPRetrieve):
result = super(automountkey_show, self).execute(*keys, **options)
result['value'] = pkey_to_value(options['automountkey'], options)
return result
-
-api.register(automountkey_show)
diff --git a/ipalib/plugins/batch.py b/ipalib/plugins/batch.py
index 5fd5943f6..2002eef88 100644
--- a/ipalib/plugins/batch.py
+++ b/ipalib/plugins/batch.py
@@ -52,8 +52,12 @@ from ipalib.output import Output
from ipalib import output
from ipalib.text import _
from ipalib.request import context
+from ipalib.plugable import Registry
from ipapython.version import API_VERSION
+register = Registry()
+
+@register()
class batch(Command):
NO_CLI = True
@@ -124,4 +128,3 @@ class batch(Command):
results.append(result)
return dict(count=len(results) , results=results)
-api.register(batch)
diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py
index 27686e7c9..b1fa32b7c 100644
--- a/ipalib/plugins/cert.py
+++ b/ipalib/plugins/cert.py
@@ -31,6 +31,7 @@ from ipalib import pkcs10
from ipalib import x509
from ipalib import util
from ipalib import ngettext
+from ipalib.plugable import Registry
from ipalib.plugins.virtual import *
from ipalib.plugins.service import split_principal
import base64
@@ -122,6 +123,8 @@ http://www.ietf.org/rfc/rfc5280.txt
""")
+register = Registry()
+
def validate_pkidate(ugettext, value):
"""
A date in the format of %Y-%m-%d
@@ -221,6 +224,7 @@ def get_host_from_principal(principal):
return hostname
+@register()
class cert_request(VirtualCommand):
__doc__ = _('Submit a certificate signing request.')
@@ -419,9 +423,9 @@ class cert_request(VirtualCommand):
result=result
)
-api.register(cert_request)
+@register()
class cert_status(VirtualCommand):
__doc__ = _('Check the status of a certificate signing request.')
@@ -445,7 +449,6 @@ class cert_status(VirtualCommand):
result=self.Backend.ra.check_request_status(request_id)
)
-api.register(cert_status)
_serial_number = Str('serial_number',
@@ -455,6 +458,7 @@ _serial_number = Str('serial_number',
normalizer=normalize_serial_number,
)
+@register()
class cert_show(VirtualCommand):
__doc__ = _('Retrieve an existing certificate.')
@@ -540,9 +544,9 @@ class cert_show(VirtualCommand):
return super(cert_show, self).forward(*keys, **options)
-api.register(cert_show)
+@register()
class cert_revoke(VirtualCommand):
__doc__ = _('Revoke a certificate.')
@@ -587,9 +591,9 @@ class cert_revoke(VirtualCommand):
serial_number, revocation_reason=revocation_reason)
)
-api.register(cert_revoke)
+@register()
class cert_remove_hold(VirtualCommand):
__doc__ = _('Take a revoked certificate off hold.')
@@ -611,9 +615,9 @@ class cert_remove_hold(VirtualCommand):
result=self.Backend.ra.take_certificate_off_hold(serial_number)
)
-api.register(cert_remove_hold)
+@register()
class cert_find(Command):
__doc__ = _('Search for existing certificates.')
@@ -712,4 +716,3 @@ class cert_find(Command):
ret['truncated'] = False
return ret
-api.register(cert_find)
diff --git a/ipalib/plugins/config.py b/ipalib/plugins/config.py
index 4ac411c74..077ef2c42 100644
--- a/ipalib/plugins/config.py
+++ b/ipalib/plugins/config.py
@@ -20,6 +20,7 @@
from ipalib import api
from ipalib import Bool, Int, Str, IA5Str, StrEnum, DNParam
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.selinuxusermap import validate_selinuxuser
from ipalib import _
@@ -75,11 +76,14 @@ EXAMPLES:
ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'
""")
+register = Registry()
+
def validate_searchtimelimit(ugettext, limit):
if limit == 0:
raise ValidationError(name='ipasearchtimelimit', error=_('searchtimelimit must be -1 or > 1.'))
return None
+@register()
class config(LDAPObject):
"""
IPA configuration object
@@ -232,9 +236,9 @@ class config(LDAPObject):
def get_dn(self, *keys, **kwargs):
return DN(('cn', 'ipaconfig'), ('cn', 'etc'), api.env.basedn)
-api.register(config)
+@register()
class config_mod(LDAPUpdate):
__doc__ = _('Modify configuration options.')
@@ -338,10 +342,9 @@ class config_mod(LDAPUpdate):
return dn
-api.register(config_mod)
+@register()
class config_show(LDAPRetrieve):
__doc__ = _('Show the current configuration.')
-api.register(config_show)
diff --git a/ipalib/plugins/delegation.py b/ipalib/plugins/delegation.py
index 93129fbc4..e96114626 100644
--- a/ipalib/plugins/delegation.py
+++ b/ipalib/plugins/delegation.py
@@ -24,6 +24,7 @@ from ipalib.request import context
from ipalib import api, crud, errors
from ipalib import output
from ipalib import Object, Command
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
__doc__ = _("""
@@ -52,6 +53,8 @@ EXAMPLES:
ipa delegation-del "managers edit employees' street"
""")
+register = Registry()
+
ACI_PREFIX=u"delegation"
output_params = (
@@ -60,6 +63,7 @@ output_params = (
),
)
+@register()
class delegation(Object):
"""
Delegation object.
@@ -123,9 +127,9 @@ class delegation(Object):
except KeyError:
pass
-api.register(delegation)
+@register()
class delegation_add(crud.Create):
__doc__ = _('Add a new delegation.')
@@ -144,9 +148,9 @@ class delegation_add(crud.Create):
value=pkey_to_value(aciname, kw),
)
-api.register(delegation_add)
+@register()
class delegation_del(crud.Delete):
__doc__ = _('Delete a delegation.')
@@ -162,9 +166,9 @@ class delegation_del(crud.Delete):
value=pkey_to_value(aciname, kw),
)
-api.register(delegation_del)
+@register()
class delegation_mod(crud.Update):
__doc__ = _('Modify a delegation.')
@@ -181,9 +185,9 @@ class delegation_mod(crud.Update):
value=pkey_to_value(aciname, kw),
)
-api.register(delegation_mod)
+@register()
class delegation_find(crud.Search):
__doc__ = _('Search for delegations.')
@@ -207,9 +211,9 @@ class delegation_find(crud.Search):
truncated=False,
)
-api.register(delegation_find)
+@register()
class delegation_show(crud.Retrieve):
__doc__ = _('Display information about a delegation.')
@@ -223,4 +227,3 @@ class delegation_show(crud.Retrieve):
value=pkey_to_value(aciname, kw),
)
-api.register(delegation_show)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 211efb872..c3870f8a2 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -33,6 +33,7 @@ from ipalib import api, errors, output
from ipalib import Command
from ipalib.parameters import (Flag, Bool, Int, Decimal, Str, StrEnum, Any,
DeprecatedParam, DNSNameParam)
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
from ipalib.util import (validate_zonemgr, normalize_zonemgr,
@@ -229,6 +230,8 @@ server:
ipa dnsconfig-mod --forwarder=10.0.0.1
""")
+register = Registry()
+
# supported resource record types
_record_types = (
u'A', u'AAAA', u'A6', u'AFSDB', u'APL', u'CERT', u'CNAME', u'DHCID', u'DLV',
@@ -1666,6 +1669,7 @@ def _records_idn_postprocess(record, **options):
record[attr] = rrs
+@register()
class dnszone(LDAPObject):
"""
DNS Zone, container for resource records.
@@ -1887,9 +1891,9 @@ class dnszone(LDAPObject):
return
_records_idn_postprocess(record, **options)
-api.register(dnszone)
+@register()
class dnszone_add(LDAPCreate):
__doc__ = _('Create new DNS zone (SOA record).')
@@ -2006,9 +2010,9 @@ class dnszone_add(LDAPCreate):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return dn
-api.register(dnszone_add)
+@register()
class dnszone_del(LDAPDelete):
__doc__ = _('Delete DNS zone (SOA record).')
@@ -2035,9 +2039,9 @@ class dnszone_del(LDAPDelete):
return True
-api.register(dnszone_del)
+@register()
class dnszone_mod(LDAPUpdate):
__doc__ = _('Modify DNS zone (SOA record).')
@@ -2062,9 +2066,9 @@ class dnszone_mod(LDAPUpdate):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return dn
-api.register(dnszone_mod)
+@register()
class dnszone_find(LDAPSearch):
__doc__ = _('Search for DNS zones (SOA records).')
@@ -2124,9 +2128,9 @@ class dnszone_find(LDAPSearch):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return truncated
-api.register(dnszone_find)
+@register()
class dnszone_show(LDAPRetrieve):
__doc__ = _('Display information about a DNS zone (SOA record).')
@@ -2137,9 +2141,9 @@ class dnszone_show(LDAPRetrieve):
self.obj._rr_zone_postprocess(entry_attrs, **options)
return dn
-api.register(dnszone_show)
+@register()
class dnszone_disable(LDAPQuery):
__doc__ = _('Disable DNS Zone.')
@@ -2161,9 +2165,9 @@ class dnszone_disable(LDAPQuery):
return dict(result=True, value=pkey_to_value(keys[-1], options))
-api.register(dnszone_disable)
+@register()
class dnszone_enable(LDAPQuery):
__doc__ = _('Enable DNS Zone.')
@@ -2185,8 +2189,8 @@ class dnszone_enable(LDAPQuery):
return dict(result=True, value=pkey_to_value(keys[-1], options))
-api.register(dnszone_enable)
+@register()
class dnszone_add_permission(LDAPQuery):
__doc__ = _('Add a permission for per-zone access delegation.')
@@ -2223,8 +2227,8 @@ class dnszone_add_permission(LDAPQuery):
value=pkey_to_value(permission_name, options),
)
-api.register(dnszone_add_permission)
+@register()
class dnszone_remove_permission(LDAPQuery):
__doc__ = _('Remove a permission for per-zone access delegation.')
@@ -2256,8 +2260,8 @@ class dnszone_remove_permission(LDAPQuery):
value=pkey_to_value(permission_name, options),
)
-api.register(dnszone_remove_permission)
+@register()
class dnsrecord(LDAPObject):
"""
DNS record.
@@ -2749,9 +2753,9 @@ class dnsrecord(LDAPObject):
dns_name = entry_name[1].derelativize(dns_domain)
self.wait_for_modified_attrs(entry, dns_name, dns_domain)
-api.register(dnsrecord)
+@register()
class dnsrecord_add(LDAPCreate):
__doc__ = _('Add new DNS resource record.')
@@ -2956,9 +2960,9 @@ class dnsrecord_add(LDAPCreate):
self.obj.wait_for_modified_entries(context.dnsrecord_entry_mods)
return dn
-api.register(dnsrecord_add)
+@register()
class dnsrecord_mod(LDAPUpdate):
__doc__ = _('Modify a DNS resource record.')
@@ -3124,9 +3128,9 @@ class dnsrecord_mod(LDAPUpdate):
0) % dict(count=len(rec_values), type=param.rrtype))
break
-api.register(dnsrecord_mod)
+@register()
class dnsrecord_delentry(LDAPDelete):
"""
Delete DNS record entry.
@@ -3134,9 +3138,9 @@ class dnsrecord_delentry(LDAPDelete):
msg_summary = _('Deleted record "%(value)s"')
NO_CLI = True
-api.register(dnsrecord_delentry)
+@register()
class dnsrecord_del(LDAPUpdate):
__doc__ = _('Delete DNS resource record.')
@@ -3303,9 +3307,9 @@ class dnsrecord_del(LDAPUpdate):
if deleted_values:
kw[param.name] = tuple(deleted_values)
-api.register(dnsrecord_del)
+@register()
class dnsrecord_show(LDAPRetrieve):
__doc__ = _('Display DNS resource.')
@@ -3320,9 +3324,9 @@ class dnsrecord_show(LDAPRetrieve):
self.obj.postprocess_record(entry_attrs, **options)
return dn
-api.register(dnsrecord_show)
+@register()
class dnsrecord_find(LDAPSearch):
__doc__ = _('Search for DNS resources.')
@@ -3357,8 +3361,8 @@ class dnsrecord_find(LDAPSearch):
return truncated
-api.register(dnsrecord_find)
+@register()
class dns_resolve(Command):
__doc__ = _('Resolve a host name in DNS.')
@@ -3385,8 +3389,8 @@ class dns_resolve(Command):
return dict(result=True, value=query)
-api.register(dns_resolve)
+@register()
class dns_is_enabled(Command):
"""
Checks if any of the servers has the DNS service enabled.
@@ -3410,9 +3414,9 @@ class dns_is_enabled(Command):
return dict(result=dns_enabled, value=pkey_to_value(None, options))
-api.register(dns_is_enabled)
+@register()
class dnsconfig(LDAPObject):
"""
DNS global configuration object
@@ -3464,9 +3468,9 @@ class dnsconfig(LDAPObject):
if not any(param in result['result'] for param in self.params):
result['summary'] = unicode(_('Global DNS configuration is empty'))
-api.register(dnsconfig)
+@register()
class dnsconfig_mod(LDAPUpdate):
__doc__ = _('Modify global DNS configuration.')
@@ -3475,9 +3479,9 @@ class dnsconfig_mod(LDAPUpdate):
self.obj.postprocess_result(result)
return result
-api.register(dnsconfig_mod)
+@register()
class dnsconfig_show(LDAPRetrieve):
__doc__ = _('Show the current global DNS configuration.')
@@ -3486,4 +3490,3 @@ class dnsconfig_show(LDAPRetrieve):
self.obj.postprocess_result(result)
return result
-api.register(dnsconfig_show)
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 2cbd7e57a..0de577dd0 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -20,6 +20,7 @@
from ipalib import api
from ipalib import Int, Str
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins import baseldap
from ipalib import _, ngettext
@@ -110,8 +111,11 @@ Example:
ipa group-show ad_admins_external
""")
+register = Registry()
+
PROTECTED_GROUPS = (u'admins', u'trust admins', u'default smb group')
+@register()
class group(LDAPObject):
"""
Group object.
@@ -184,7 +188,6 @@ class group(LDAPObject):
),
)
-api.register(group)
ipaexternalmember_param = Str('ipaexternalmember*',
cli_name='external',
@@ -194,6 +197,7 @@ ipaexternalmember_param = Str('ipaexternalmember*',
flags=['no_create', 'no_update', 'no_search'],
)
+@register()
class group_add(LDAPCreate):
__doc__ = _('Create a new group.')
@@ -228,9 +232,9 @@ class group_add(LDAPCreate):
return dn
-api.register(group_add)
+@register()
class group_del(LDAPDelete):
__doc__ = _('Delete group.')
@@ -262,9 +266,9 @@ class group_del(LDAPDelete):
return True
-api.register(group_del)
+@register()
class group_mod(LDAPUpdate):
__doc__ = _('Modify a group.')
@@ -334,9 +338,9 @@ class group_mod(LDAPUpdate):
raise errors.RequirementError(name='gid')
raise exc
-api.register(group_mod)
+@register()
class group_find(LDAPSearch):
__doc__ = _('Search for groups.')
@@ -404,9 +408,9 @@ class group_find(LDAPSearch):
filter = ldap.combine_filters(filters, rules=ldap.MATCH_ALL)
return (filter, base_dn, scope)
-api.register(group_find)
+@register()
class group_show(LDAPRetrieve):
__doc__ = _('Display information about a named group.')
has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,)
@@ -425,9 +429,9 @@ class group_show(LDAPRetrieve):
except ValueError:
pass
return dn
-api.register(group_show)
+@register()
class group_add_member(LDAPAddMember):
__doc__ = _('Add members to a group.')
@@ -467,9 +471,9 @@ class group_add_member(LDAPAddMember):
failed['member']['group'] += restore + failed_sids
return result
-api.register(group_add_member)
+@register()
class group_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a group.')
@@ -521,9 +525,9 @@ class group_remove_member(LDAPRemoveMember):
failed['member']['group'] += restore + failed_sids
return result
-api.register(group_remove_member)
+@register()
class group_detach(LDAPQuery):
__doc__ = _('Detach a managed group from a user.')
@@ -592,4 +596,3 @@ class group_detach(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
-api.register(group_detach)
diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py
index 06e9c4e6b..b9b5cc87f 100644
--- a/ipalib/plugins/hbacrule.py
+++ b/ipalib/plugins/hbacrule.py
@@ -19,6 +19,7 @@
from ipalib import api, errors
from ipalib import AccessTime, Password, Str, StrEnum, Bool, DeprecatedParam
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -70,6 +71,7 @@ EXAMPLES:
ipa hbacrule-del allow_server
""")
+register = Registry()
# AccessTime support is being removed for now.
#
@@ -107,6 +109,7 @@ def is_all(options, attribute):
return False
+@register()
class hbacrule(LDAPObject):
"""
HBAC object.
@@ -226,9 +229,9 @@ class hbacrule(LDAPObject):
external_host_param,
)
-api.register(hbacrule)
+@register()
class hbacrule_add(LDAPCreate):
__doc__ = _('Create a new HBAC rule.')
@@ -240,9 +243,9 @@ class hbacrule_add(LDAPCreate):
entry_attrs['ipaenabledflag'] = 'TRUE'
return dn
-api.register(hbacrule_add)
+@register()
class hbacrule_del(LDAPDelete):
__doc__ = _('Delete an HBAC rule.')
@@ -257,9 +260,9 @@ class hbacrule_del(LDAPDelete):
return dn
-api.register(hbacrule_del)
+@register()
class hbacrule_mod(LDAPUpdate):
__doc__ = _('Modify an HBAC rule.')
@@ -281,9 +284,9 @@ class hbacrule_mod(LDAPUpdate):
raise errors.MutuallyExclusiveError(reason=_("service category cannot be set to 'all' while there are allowed services"))
return dn
-api.register(hbacrule_mod)
+@register()
class hbacrule_find(LDAPSearch):
__doc__ = _('Search for HBAC rules.')
@@ -291,15 +294,15 @@ class hbacrule_find(LDAPSearch):
'%(count)d HBAC rule matched', '%(count)d HBAC rules matched', 0
)
-api.register(hbacrule_find)
+@register()
class hbacrule_show(LDAPRetrieve):
__doc__ = _('Display the properties of an HBAC rule.')
-api.register(hbacrule_show)
+@register()
class hbacrule_enable(LDAPQuery):
__doc__ = _('Enable an HBAC rule.')
@@ -327,9 +330,9 @@ class hbacrule_enable(LDAPQuery):
value=pkey_to_value(cn, options),
)
-api.register(hbacrule_enable)
+@register()
class hbacrule_disable(LDAPQuery):
__doc__ = _('Disable an HBAC rule.')
@@ -357,7 +360,6 @@ class hbacrule_disable(LDAPQuery):
value=pkey_to_value(cn, options),
)
-api.register(hbacrule_disable)
class hbacrule_add_accesstime(LDAPQuery):
@@ -441,6 +443,7 @@ class hbacrule_remove_accesstime(LDAPQuery):
#api.register(hbacrule_remove_accesstime)
+@register()
class hbacrule_add_user(LDAPAddMember):
__doc__ = _('Add users and groups to an HBAC rule.')
@@ -460,18 +463,18 @@ class hbacrule_add_user(LDAPAddMember):
reason=_("users cannot be added when user category='all'"))
return dn
-api.register(hbacrule_add_user)
+@register()
class hbacrule_remove_user(LDAPRemoveMember):
__doc__ = _('Remove users and groups from an HBAC rule.')
member_attributes = ['memberuser']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(hbacrule_remove_user)
+@register()
class hbacrule_add_host(LDAPAddMember):
__doc__ = _('Add target hosts and hostgroups to an HBAC rule.')
@@ -491,18 +494,18 @@ class hbacrule_add_host(LDAPAddMember):
reason=_("hosts cannot be added when host category='all'"))
return dn
-api.register(hbacrule_add_host)
+@register()
class hbacrule_remove_host(LDAPRemoveMember):
__doc__ = _('Remove target hosts and hostgroups from an HBAC rule.')
member_attributes = ['memberhost']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(hbacrule_remove_host)
+@register()
class hbacrule_add_sourcehost(LDAPAddMember):
NO_CLI = True
@@ -512,9 +515,9 @@ class hbacrule_add_sourcehost(LDAPAddMember):
def validate(self, **kw):
raise errors.DeprecationError(name='hbacrule_add_sourcehost')
-api.register(hbacrule_add_sourcehost)
+@register()
class hbacrule_remove_sourcehost(LDAPRemoveMember):
NO_CLI = True
@@ -524,9 +527,9 @@ class hbacrule_remove_sourcehost(LDAPRemoveMember):
def validate(self, **kw):
raise errors.DeprecationError(name='hbacrule_remove_sourcehost')
-api.register(hbacrule_remove_sourcehost)
+@register()
class hbacrule_add_service(LDAPAddMember):
__doc__ = _('Add services to an HBAC rule.')
@@ -546,13 +549,12 @@ class hbacrule_add_service(LDAPAddMember):
"services cannot be added when service category='all'"))
return dn
-api.register(hbacrule_add_service)
+@register()
class hbacrule_remove_service(LDAPRemoveMember):
__doc__ = _('Remove service and service groups from an HBAC rule.')
member_attributes = ['memberservice']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(hbacrule_remove_service)
diff --git a/ipalib/plugins/hbacsvc.py b/ipalib/plugins/hbacsvc.py
index 58861fcfa..9d974f487 100644
--- a/ipalib/plugins/hbacsvc.py
+++ b/ipalib/plugins/hbacsvc.py
@@ -19,6 +19,7 @@
from ipalib import api
from ipalib import Str
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import LDAPObject, LDAPCreate, LDAPDelete
from ipalib.plugins.baseldap import LDAPUpdate, LDAPSearch, LDAPRetrieve
@@ -47,8 +48,11 @@ EXAMPLES:
""")
+register = Registry()
+
topic = ('hbac', _('Host based access control commands'))
+@register()
class hbacsvc(LDAPObject):
"""
HBAC Service object.
@@ -92,33 +96,33 @@ class hbacsvc(LDAPObject):
),
)
-api.register(hbacsvc)
+@register()
class hbacsvc_add(LDAPCreate):
__doc__ = _('Add a new HBAC service.')
msg_summary = _('Added HBAC service "%(value)s"')
-api.register(hbacsvc_add)
+@register()
class hbacsvc_del(LDAPDelete):
__doc__ = _('Delete an existing HBAC service.')
msg_summary = _('Deleted HBAC service "%(value)s"')
-api.register(hbacsvc_del)
+@register()
class hbacsvc_mod(LDAPUpdate):
__doc__ = _('Modify an HBAC service.')
msg_summary = _('Modified HBAC service "%(value)s"')
-api.register(hbacsvc_mod)
+@register()
class hbacsvc_find(LDAPSearch):
__doc__ = _('Search for HBAC services.')
@@ -126,10 +130,9 @@ class hbacsvc_find(LDAPSearch):
'%(count)d HBAC service matched', '%(count)d HBAC services matched', 0
)
-api.register(hbacsvc_find)
+@register()
class hbacsvc_show(LDAPRetrieve):
__doc__ = _('Display information about an HBAC service.')
-api.register(hbacsvc_show)
diff --git a/ipalib/plugins/hbacsvcgroup.py b/ipalib/plugins/hbacsvcgroup.py
index 5e3ef5b70..9884f2658 100644
--- a/ipalib/plugins/hbacsvcgroup.py
+++ b/ipalib/plugins/hbacsvcgroup.py
@@ -18,6 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib import api, errors
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -42,8 +43,11 @@ EXAMPLES:
ipa hbacsvcgroup-del login
""")
+register = Registry()
+
topic = ('hbac', _('Host based access control commands'))
+@register()
class hbacsvcgroup(LDAPObject):
"""
HBAC service group object.
@@ -87,33 +91,33 @@ class hbacsvcgroup(LDAPObject):
),
)
-api.register(hbacsvcgroup)
+@register()
class hbacsvcgroup_add(LDAPCreate):
__doc__ = _('Add a new HBAC service group.')
msg_summary = _('Added HBAC service group "%(value)s"')
-api.register(hbacsvcgroup_add)
+@register()
class hbacsvcgroup_del(LDAPDelete):
__doc__ = _('Delete an HBAC service group.')
msg_summary = _('Deleted HBAC service group "%(value)s"')
-api.register(hbacsvcgroup_del)
+@register()
class hbacsvcgroup_mod(LDAPUpdate):
__doc__ = _('Modify an HBAC service group.')
msg_summary = _('Modified HBAC service group "%(value)s"')
-api.register(hbacsvcgroup_mod)
+@register()
class hbacsvcgroup_find(LDAPSearch):
__doc__ = _('Search for an HBAC service group.')
@@ -121,22 +125,21 @@ class hbacsvcgroup_find(LDAPSearch):
'%(count)d HBAC service group matched', '%(count)d HBAC service groups matched', 0
)
-api.register(hbacsvcgroup_find)
+@register()
class hbacsvcgroup_show(LDAPRetrieve):
__doc__ = _('Display information about an HBAC service group.')
-api.register(hbacsvcgroup_show)
+@register()
class hbacsvcgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to an HBAC service group.')
-api.register(hbacsvcgroup_add_member)
+@register()
class hbacsvcgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from an HBAC service group.')
-api.register(hbacsvcgroup_remove_member)
diff --git a/ipalib/plugins/hbactest.py b/ipalib/plugins/hbactest.py
index 6fbf1fbe2..068190310 100644
--- a/ipalib/plugins/hbactest.py
+++ b/ipalib/plugins/hbactest.py
@@ -23,6 +23,7 @@ from types import NoneType
from ipalib.cli import to_cli
from ipalib import _, ngettext
from ipapython.dn import DN
+from ipalib.plugable import Registry
if api.env.in_server and api.env.context in ['lite', 'server']:
try:
import ipaserver.dcerpc
@@ -205,6 +206,8 @@ EXAMPLES:
Not matched rules: can_login
""")
+register = Registry()
+
def convert_to_ipa_rule(rule):
# convert a dict with a rule to an pyhbac rule
ipa_rule = pyhbac.HbacRule(rule['cn'][0])
@@ -237,6 +240,7 @@ def convert_to_ipa_rule(rule):
return ipa_rule
+@register()
class hbactest(Command):
__doc__ = _('Simulate use of Host-based access controls')
@@ -510,4 +514,3 @@ class hbactest(Command):
# Propagate integer value for result. It will give proper command line result for scripts
return int(not output['value'])
-api.register(hbactest)
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 133d55356..062db8fbb 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -28,6 +28,7 @@ import string
from ipalib import api, errors, util
from ipalib import Str, Flag, Bytes
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.service import (split_principal, validate_certificate,
set_certificate_attrs, ticket_flags_params, update_krbticketflags,
@@ -103,6 +104,8 @@ EXAMPLES:
ipa host-add-managedby --hosts=test2 test
""")
+register = Registry()
+
# Characters to be used by random password generator
# The set was chosen to avoid the need for escaping the characters by user
host_pwd_chars=string.digits + string.ascii_letters + '_,.@+-='
@@ -223,6 +226,7 @@ def _hostname_validator(ugettext, value):
return None
+@register()
class host(LDAPObject):
"""
Host object.
@@ -421,9 +425,9 @@ class host(LDAPObject):
else:
entry_attrs['memberofindirect'].remove(member)
-api.register(host)
+@register()
class host_add(LDAPCreate):
__doc__ = _('Add a new host.')
@@ -541,9 +545,9 @@ class host_add(LDAPCreate):
return dn
-api.register(host_add)
+@register()
class host_del(LDAPDelete):
__doc__ = _('Delete a host.')
@@ -653,9 +657,9 @@ class host_del(LDAPDelete):
return dn
-api.register(host_del)
+@register()
class host_mod(LDAPUpdate):
__doc__ = _('Modify information about a host.')
@@ -801,9 +805,9 @@ class host_mod(LDAPUpdate):
return dn
-api.register(host_mod)
+@register()
class host_find(LDAPSearch):
__doc__ = _('Search for hosts.')
@@ -886,9 +890,9 @@ class host_find(LDAPSearch):
return truncated
-api.register(host_find)
+@register()
class host_show(LDAPRetrieve):
__doc__ = _('Display information about a host.')
@@ -934,9 +938,9 @@ class host_show(LDAPRetrieve):
else:
return super(host_show, self).forward(*keys, **options)
-api.register(host_show)
+@register()
class host_disable(LDAPQuery):
__doc__ = _('Disable the Kerberos key, SSL certificate and all services of a host.')
@@ -1032,8 +1036,8 @@ class host_disable(LDAPQuery):
self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
return dn
-api.register(host_disable)
+@register()
class host_add_managedby(LDAPAddMember):
__doc__ = _('Add hosts that can manage this host.')
@@ -1046,9 +1050,9 @@ class host_add_managedby(LDAPAddMember):
self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
return (completed, dn)
-api.register(host_add_managedby)
+@register()
class host_remove_managedby(LDAPRemoveMember):
__doc__ = _('Remove hosts that can manage this host.')
@@ -1060,4 +1064,3 @@ class host_remove_managedby(LDAPRemoveMember):
self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
return (completed, dn)
-api.register(host_remove_managedby)
diff --git a/ipalib/plugins/hostgroup.py b/ipalib/plugins/hostgroup.py
index 9c125131d..6420fb3ad 100644
--- a/ipalib/plugins/hostgroup.py
+++ b/ipalib/plugins/hostgroup.py
@@ -18,6 +18,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import api, Int, _, ngettext, errors
from ipalib.plugins.netgroup import NETGROUP_PATTERN, NETGROUP_PATTERN_ERRMSG
@@ -53,6 +54,9 @@ EXAMPLES:
ipa hostgroup-del baltimore
""")
+register = Registry()
+
+@register()
class hostgroup(LDAPObject):
"""
Hostgroup object.
@@ -131,9 +135,9 @@ class hostgroup(LDAPObject):
else:
entry_attrs['memberof'].remove(member)
-api.register(hostgroup)
+@register()
class hostgroup_add(LDAPCreate):
__doc__ = _('Add a new hostgroup.')
@@ -172,17 +176,17 @@ class hostgroup_add(LDAPCreate):
return dn
-api.register(hostgroup_add)
+@register()
class hostgroup_del(LDAPDelete):
__doc__ = _('Delete a hostgroup.')
msg_summary = _('Deleted hostgroup "%(value)s"')
-api.register(hostgroup_del)
+@register()
class hostgroup_mod(LDAPUpdate):
__doc__ = _('Modify a hostgroup.')
@@ -193,9 +197,9 @@ class hostgroup_mod(LDAPUpdate):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return dn
-api.register(hostgroup_mod)
+@register()
class hostgroup_find(LDAPSearch):
__doc__ = _('Search for hostgroups.')
@@ -211,9 +215,9 @@ class hostgroup_find(LDAPSearch):
self.obj.suppress_netgroup_memberof(ldap, entry.dn, entry)
return truncated
-api.register(hostgroup_find)
+@register()
class hostgroup_show(LDAPRetrieve):
__doc__ = _('Display information about a hostgroup.')
@@ -222,9 +226,9 @@ class hostgroup_show(LDAPRetrieve):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return dn
-api.register(hostgroup_show)
+@register()
class hostgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to a hostgroup.')
@@ -233,9 +237,9 @@ class hostgroup_add_member(LDAPAddMember):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return (completed, dn)
-api.register(hostgroup_add_member)
+@register()
class hostgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a hostgroup.')
@@ -244,4 +248,3 @@ class hostgroup_remove_member(LDAPRemoveMember):
self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs)
return (completed, dn)
-api.register(hostgroup_remove_member)
diff --git a/ipalib/plugins/idrange.py b/ipalib/plugins/idrange.py
index 5cc2786ce..8ffe7bf9a 100644
--- a/ipalib/plugins/idrange.py
+++ b/ipalib/plugins/idrange.py
@@ -17,6 +17,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import (LDAPObject, LDAPCreate, LDAPDelete,
LDAPRetrieve, LDAPSearch, LDAPUpdate)
from ipalib import api, Int, Str, DeprecatedParam, StrEnum, _, ngettext
@@ -150,7 +151,9 @@ IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be
modified to match the new range.
""")
+register = Registry()
+@register()
class idrange(LDAPObject):
"""
Range object.
@@ -353,6 +356,7 @@ class idrange(LDAPObject):
return True
+@register()
class idrange_add(LDAPCreate):
__doc__ = _("""
Add new ID range.
@@ -557,6 +561,7 @@ class idrange_add(LDAPCreate):
return dn
+@register()
class idrange_del(LDAPDelete):
__doc__ = _('Delete an ID range.')
@@ -604,6 +609,7 @@ class idrange_del(LDAPDelete):
return dn
+@register()
class idrange_find(LDAPSearch):
__doc__ = _('Search for ranges.')
@@ -625,6 +631,7 @@ class idrange_find(LDAPSearch):
return truncated
+@register()
class idrange_show(LDAPRetrieve):
__doc__ = _('Display information about a range.')
@@ -639,6 +646,7 @@ class idrange_show(LDAPRetrieve):
return dn
+@register()
class idrange_mod(LDAPUpdate):
__doc__ = _('Modify ID range.')
@@ -761,9 +769,3 @@ class idrange_mod(LDAPUpdate):
return dn
-api.register(idrange)
-api.register(idrange_add)
-api.register(idrange_mod)
-api.register(idrange_del)
-api.register(idrange_find)
-api.register(idrange_show)
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index c693b3395..e3c0faff1 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -31,7 +31,11 @@ from ipalib import Str
from ipalib.output import Output
from ipalib.text import _
from ipalib.util import json_serialize
+from ipalib.plugable import Registry
+register = Registry()
+
+@register()
class json_metadata(Command):
"""
Export plugin meta-data for the webUI.
@@ -136,8 +140,8 @@ class json_metadata(Command):
def output_for_cli(self, textui, result, *args, **options):
print json.dumps(result, default=json_serialize)
-api.register(json_metadata)
+@register()
class i18n_messages(Command):
NO_CLI = True
@@ -730,4 +734,3 @@ class i18n_messages(Command):
print json.dumps(result, default=json_serialize)
-api.register(i18n_messages)
diff --git a/ipalib/plugins/kerberos.py b/ipalib/plugins/kerberos.py
index 7ae63b930..3ed6d7671 100644
--- a/ipalib/plugins/kerberos.py
+++ b/ipalib/plugins/kerberos.py
@@ -26,11 +26,15 @@ This wraps the python-kerberos and python-krbV bindings.
import sys
from ipalib import api
from ipalib.backend import Backend
+from ipalib.plugable import Registry
import krbV
+register = Registry()
+
ENCODING = 'UTF-8'
+@register()
class krb(Backend):
"""
Kerberos backend plugin.
@@ -119,4 +123,3 @@ class krb(Backend):
return self.__get_principal(ccname).realm.decode(ENCODING)
-api.register(krb)
diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py
index 94b4a02e9..8c44ccc27 100644
--- a/ipalib/plugins/migration.py
+++ b/ipalib/plugins/migration.py
@@ -22,6 +22,7 @@ import re
from ipalib import api, errors, output
from ipalib import Command, Password, Str, Flag, StrEnum, DNParam, File
from ipalib.cli import to_cli
+from ipalib.plugable import Registry
from ipalib.plugins.user import NO_UPG_MAGIC
if api.env.in_server and api.env.context in ['lite', 'server']:
try:
@@ -126,6 +127,8 @@ for each user added plus a summary when the default user group is
updated.
""")
+register = Registry()
+
# USER MIGRATION CALLBACKS AND VARS
_krb_err_msg = _('Kerberos principal %s already exists. Use \'ipa user-mod\' to set it manually.')
@@ -441,6 +444,7 @@ def validate_ldapuri(ugettext, ldapuri):
raise errors.ValidationError(name='ldap_uri', error=err_msg)
+@register()
class migrate_ds(Command):
__doc__ = _('Migrate users and groups from DS to IPA.')
@@ -928,4 +932,3 @@ can use their Kerberos accounts.''')
textui.print_plain('-' * len(self.name))
textui.print_plain(unicode(self.pwd_migration_msg))
-api.register(migrate_ds)
diff --git a/ipalib/plugins/misc.py b/ipalib/plugins/misc.py
index 716797806..2c932ca6c 100644
--- a/ipalib/plugins/misc.py
+++ b/ipalib/plugins/misc.py
@@ -21,17 +21,21 @@ import re
from ipalib import api, LocalOrRemote, _, ngettext
from ipalib.output import Output, summary
from ipalib import Flag
+from ipalib.plugable import Registry
__doc__ = _("""
Misc plug-ins
""")
+register = Registry()
+
# FIXME: We should not let env return anything in_server
# when mode == 'production'. This would allow an attacker to see the
# configuration of the server, potentially revealing compromising
# information. However, it's damn handy for testing/debugging.
+@register()
class env(LocalOrRemote):
__doc__ = _('Show environment variables.')
@@ -99,9 +103,9 @@ class env(LocalOrRemote):
ret['summary'] = None
return ret
-api.register(env)
+@register()
class plugins(LocalOrRemote):
__doc__ = _('Show all loaded plugins.')
@@ -137,4 +141,3 @@ class plugins(LocalOrRemote):
count=len(plugins),
)
-api.register(plugins)
diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py
index 7136c18f9..50f139990 100644
--- a/ipalib/plugins/netgroup.py
+++ b/ipalib/plugins/netgroup.py
@@ -21,6 +21,7 @@
from ipalib import api, errors
from ipalib import Str, StrEnum
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
from ipalib.plugins.hbacrule import is_all
@@ -49,6 +50,7 @@ EXAMPLES:
ipa netgroup-del admins
""")
+register = Registry()
NETGROUP_PATTERN='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*$'
NETGROUP_PATTERN_ERRMSG='may only include letters, numbers, _, -, and .'
@@ -73,6 +75,7 @@ output_params = (
),
)
+@register()
class netgroup(LDAPObject):
"""
Netgroup object.
@@ -169,9 +172,9 @@ class netgroup(LDAPObject):
external_host_param,
)
-api.register(netgroup)
+@register()
class netgroup_add(LDAPCreate):
__doc__ = _('Add a new netgroup.')
@@ -206,17 +209,17 @@ class netgroup_add(LDAPCreate):
return dn
-api.register(netgroup_add)
+@register()
class netgroup_del(LDAPDelete):
__doc__ = _('Delete a netgroup.')
msg_summary = _('Deleted netgroup "%(value)s"')
-api.register(netgroup_del)
+@register()
class netgroup_mod(LDAPUpdate):
__doc__ = _('Modify a netgroup.')
@@ -236,9 +239,9 @@ class netgroup_mod(LDAPUpdate):
raise errors.MutuallyExclusiveError(reason=_("host category cannot be set to 'all' while there are allowed hosts"))
return dn
-api.register(netgroup_mod)
+@register()
class netgroup_find(LDAPSearch):
__doc__ = _('Search for a netgroup.')
@@ -274,17 +277,17 @@ class netgroup_find(LDAPSearch):
filter = ldap.combine_filters((local_filter, filter), rules=ldap.MATCH_ALL)
return (filter, base_dn, scope)
-api.register(netgroup_find)
+@register()
class netgroup_show(LDAPRetrieve):
__doc__ = _('Display information about a netgroup.')
has_output_params = LDAPRetrieve.has_output_params + output_params
-api.register(netgroup_show)
+@register()
class netgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to a netgroup.')
@@ -298,9 +301,9 @@ class netgroup_add_member(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(netgroup_add_member)
+@register()
class netgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a netgroup.')
@@ -310,4 +313,3 @@ class netgroup_remove_member(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(netgroup_remove_member)
diff --git a/ipalib/plugins/passwd.py b/ipalib/plugins/passwd.py
index 2581a46ee..95b9b6017 100644
--- a/ipalib/plugins/passwd.py
+++ b/ipalib/plugins/passwd.py
@@ -22,6 +22,7 @@ from ipalib import Command
from ipalib import Str, Password
from ipalib import _
from ipalib import output
+from ipalib.plugable import Registry
from ipalib.plugins.user import split_principal, validate_principal, normalize_principal
from ipalib.request import context
from ipapython.dn import DN
@@ -45,6 +46,8 @@ EXAMPLES:
ipa passwd tuser1
""")
+register = Registry()
+
# We only need to prompt for the current password when changing a password
# for yourself, but the parameter is still required
MAGIC_VALUE = u'CHANGING_PASSWORD_FOR_ANOTHER_USER'
@@ -61,6 +64,7 @@ def get_current_password(principal):
else:
return MAGIC_VALUE
+@register()
class passwd(Command):
__doc__ = _("Set a user's password.")
@@ -124,4 +128,3 @@ class passwd(Command):
value=principal,
)
-api.register(passwd)
diff --git a/ipalib/plugins/pkinit.py b/ipalib/plugins/pkinit.py
index 30c9120e8..5f00b2b46 100644
--- a/ipalib/plugins/pkinit.py
+++ b/ipalib/plugins/pkinit.py
@@ -21,6 +21,7 @@ from ipalib import api, errors
from ipalib import Int, Str
from ipalib import Object, Command
from ipalib import _
+from ipalib.plugable import Registry
from ipapython.dn import DN
__doc__ = _("""
@@ -43,6 +44,9 @@ For more information on anonymous pkinit see:
http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit
""")
+register = Registry()
+
+@register()
class pkinit(Object):
"""
PKINIT Options
@@ -51,7 +55,6 @@ class pkinit(Object):
label=_('PKINIT')
-api.register(pkinit)
def valid_arg(ugettext, action):
"""
@@ -64,6 +67,7 @@ def valid_arg(ugettext, action):
error=_('Unknown command %s') % action
)
+@register()
class pkinit_anonymous(Command):
__doc__ = _('Enable or Disable Anonymous PKINIT.')
@@ -99,4 +103,3 @@ class pkinit_anonymous(Command):
return dict(result=True)
-api.register(pkinit_anonymous)
diff --git a/ipalib/plugins/realmdomains.py b/ipalib/plugins/realmdomains.py
index 2c47ce186..08d3a6a78 100644
--- a/ipalib/plugins/realmdomains.py
+++ b/ipalib/plugins/realmdomains.py
@@ -20,6 +20,7 @@
from ipalib import api, errors
from ipalib import Str, Flag
from ipalib import _
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import LDAPObject, LDAPUpdate, LDAPRetrieve
from ipalib.util import has_soa_or_ns_record, validate_domain_name
from ipapython.dn import DN
@@ -47,6 +48,7 @@ EXAMPLES:
ipa realmdomains-mod --del-domain=olddomain.com
""")
+register = Registry()
def _domain_name_normalizer(d):
return d.lower().rstrip('.')
@@ -58,6 +60,7 @@ def _domain_name_validator(ugettext, value):
return unicode(e)
+@register()
class realmdomains(LDAPObject):
"""
List of domains associated with IPA realm.
@@ -102,9 +105,9 @@ class realmdomains(LDAPObject):
),
)
-api.register(realmdomains)
+@register()
class realmdomains_mod(LDAPUpdate):
__doc__ = _('Modify realm domains.')
@@ -199,10 +202,9 @@ class realmdomains_mod(LDAPUpdate):
return result
-api.register(realmdomains_mod)
+@register()
class realmdomains_show(LDAPRetrieve):
__doc__ = _('Display the list of realm domains.')
-api.register(realmdomains_show)
diff --git a/ipalib/plugins/role.py b/ipalib/plugins/role.py
index 04088b82a..66a77227d 100644
--- a/ipalib/plugins/role.py
+++ b/ipalib/plugins/role.py
@@ -18,6 +18,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import api, Str, _, ngettext
from ipalib import Command
@@ -58,6 +59,9 @@ EXAMPLES:
add users, reset passwords or add a user to the default IPA user group.
""")
+register = Registry()
+
+@register()
class role(LDAPObject):
"""
Role object.
@@ -107,33 +111,33 @@ class role(LDAPObject):
),
)
-api.register(role)
+@register()
class role_add(LDAPCreate):
__doc__ = _('Add a new role.')
msg_summary = _('Added role "%(value)s"')
-api.register(role_add)
+@register()
class role_del(LDAPDelete):
__doc__ = _('Delete a role.')
msg_summary = _('Deleted role "%(value)s"')
-api.register(role_del)
+@register()
class role_mod(LDAPUpdate):
__doc__ = _('Modify a role.')
msg_summary = _('Modified role "%(value)s"')
-api.register(role_mod)
+@register()
class role_find(LDAPSearch):
__doc__ = _('Search for roles.')
@@ -141,27 +145,27 @@ class role_find(LDAPSearch):
'%(count)d role matched', '%(count)d roles matched', 0
)
-api.register(role_find)
+@register()
class role_show(LDAPRetrieve):
__doc__ = _('Display information about a role.')
-api.register(role_show)
+@register()
class role_add_member(LDAPAddMember):
__doc__ = _('Add members to a role.')
-api.register(role_add_member)
+@register()
class role_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from a role.')
-api.register(role_remove_member)
+@register()
class role_add_privilege(LDAPAddReverseMember):
__doc__ = _('Add privileges to a role.')
@@ -182,9 +186,9 @@ class role_add_privilege(LDAPAddReverseMember):
),
)
-api.register(role_add_privilege)
+@register()
class role_remove_privilege(LDAPRemoveReverseMember):
__doc__ = _('Remove privileges from a role.')
@@ -205,4 +209,3 @@ class role_remove_privilege(LDAPRemoveReverseMember):
),
)
-api.register(role_remove_privilege)
diff --git a/ipalib/plugins/selfservice.py b/ipalib/plugins/selfservice.py
index a1fd9d355..9cf6900d1 100644
--- a/ipalib/plugins/selfservice.py
+++ b/ipalib/plugins/selfservice.py
@@ -23,6 +23,7 @@ from ipalib.request import context
from ipalib import api, crud, errors
from ipalib import output
from ipalib import Object, Command
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
__doc__ = _("""
@@ -53,6 +54,8 @@ EXAMPLES:
ipa selfservice-del "Users manage their own address"
""")
+register = Registry()
+
ACI_PREFIX=u"selfservice"
output_params = (
@@ -62,6 +65,7 @@ output_params = (
)
+@register()
class selfservice(Object):
"""
Selfservice object.
@@ -116,9 +120,9 @@ class selfservice(Object):
except KeyError:
pass
-api.register(selfservice)
+@register()
class selfservice_add(crud.Create):
__doc__ = _('Add a new self-service permission.')
@@ -138,9 +142,9 @@ class selfservice_add(crud.Create):
value=pkey_to_value(aciname, kw),
)
-api.register(selfservice_add)
+@register()
class selfservice_del(crud.Delete):
__doc__ = _('Delete a self-service permission.')
@@ -156,9 +160,9 @@ class selfservice_del(crud.Delete):
value=pkey_to_value(aciname, kw),
)
-api.register(selfservice_del)
+@register()
class selfservice_mod(crud.Update):
__doc__ = _('Modify a self-service permission.')
@@ -178,9 +182,9 @@ class selfservice_mod(crud.Update):
value=pkey_to_value(aciname, kw),
)
-api.register(selfservice_mod)
+@register()
class selfservice_find(crud.Search):
__doc__ = _('Search for a self-service permission.')
@@ -205,9 +209,9 @@ class selfservice_find(crud.Search):
truncated=False,
)
-api.register(selfservice_find)
+@register()
class selfservice_show(crud.Retrieve):
__doc__ = _('Display information about a self-service permission.')
@@ -221,4 +225,3 @@ class selfservice_show(crud.Retrieve):
value=pkey_to_value(aciname, kw),
)
-api.register(selfservice_show)
diff --git a/ipalib/plugins/selinuxusermap.py b/ipalib/plugins/selinuxusermap.py
index cf1d55d9a..7efabaaa6 100644
--- a/ipalib/plugins/selinuxusermap.py
+++ b/ipalib/plugins/selinuxusermap.py
@@ -19,6 +19,7 @@
from ipalib import api, errors
from ipalib import Str, StrEnum, Bool
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
from ipalib.plugins.hbacrule import is_all
@@ -68,6 +69,8 @@ SEEALSO:
and the default SELinux user are available in the config-show command.
""")
+register = Registry()
+
notboth_err = _('HBAC rule and local members cannot both be set')
@@ -126,6 +129,7 @@ def validate_selinuxuser_inlist(ldap, user):
return
+@register()
class selinuxusermap(LDAPObject):
"""
SELinux User Map object.
@@ -254,9 +258,9 @@ class selinuxusermap(LDAPObject):
hbac_attrs = ldap.get_entry(entry_attrs['seealso'][0], ['cn'])
entry_attrs['seealso'] = hbac_attrs['cn'][0]
-api.register(selinuxusermap)
+@register()
class selinuxusermap_add(LDAPCreate):
__doc__ = _('Create a new SELinux User Map.')
@@ -291,17 +295,17 @@ class selinuxusermap_add(LDAPCreate):
return dn
-api.register(selinuxusermap_add)
+@register()
class selinuxusermap_del(LDAPDelete):
__doc__ = _('Delete a SELinux User Map.')
msg_summary = _('Deleted SELinux User Map "%(value)s"')
-api.register(selinuxusermap_del)
+@register()
class selinuxusermap_mod(LDAPUpdate):
__doc__ = _('Modify a SELinux User Map.')
@@ -355,9 +359,9 @@ class selinuxusermap_mod(LDAPUpdate):
self.obj._convert_seealso(ldap, entry_attrs, **options)
return dn
-api.register(selinuxusermap_mod)
+@register()
class selinuxusermap_find(LDAPSearch):
__doc__ = _('Search for SELinux User Maps.')
@@ -387,9 +391,9 @@ all=True)['result']
self.obj._convert_seealso(ldap, attrs, **options)
return truncated
-api.register(selinuxusermap_find)
+@register()
class selinuxusermap_show(LDAPRetrieve):
__doc__ = _('Display the properties of a SELinux User Map rule.')
@@ -398,9 +402,9 @@ class selinuxusermap_show(LDAPRetrieve):
self.obj._convert_seealso(ldap, entry_attrs, **options)
return dn
-api.register(selinuxusermap_show)
+@register()
class selinuxusermap_enable(LDAPQuery):
__doc__ = _('Enable an SELinux User Map rule.')
@@ -428,9 +432,9 @@ class selinuxusermap_enable(LDAPQuery):
value=pkey_to_value(cn, options),
)
-api.register(selinuxusermap_enable)
+@register()
class selinuxusermap_disable(LDAPQuery):
__doc__ = _('Disable an SELinux User Map rule.')
@@ -458,9 +462,9 @@ class selinuxusermap_disable(LDAPQuery):
value=pkey_to_value(cn, options),
)
-api.register(selinuxusermap_disable)
+@register()
class selinuxusermap_add_user(LDAPAddMember):
__doc__ = _('Add users and groups to an SELinux User Map rule.')
@@ -482,18 +486,18 @@ class selinuxusermap_add_user(LDAPAddMember):
raise errors.MutuallyExclusiveError(reason=notboth_err)
return dn
-api.register(selinuxusermap_add_user)
+@register()
class selinuxusermap_remove_user(LDAPRemoveMember):
__doc__ = _('Remove users and groups from an SELinux User Map rule.')
member_attributes = ['memberuser']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(selinuxusermap_remove_user)
+@register()
class selinuxusermap_add_host(LDAPAddMember):
__doc__ = _('Add target hosts and hostgroups to an SELinux User Map rule.')
@@ -515,13 +519,12 @@ class selinuxusermap_add_host(LDAPAddMember):
raise errors.MutuallyExclusiveError(reason=notboth_err)
return dn
-api.register(selinuxusermap_add_host)
+@register()
class selinuxusermap_remove_host(LDAPRemoveMember):
__doc__ = _('Remove target hosts and hostgroups from an SELinux User Map rule.')
member_attributes = ['memberhost']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(selinuxusermap_remove_host)
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py
index 592c4cfd0..0572a0ae2 100644
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@@ -24,6 +24,7 @@ import os
from ipalib import api, errors, util
from ipalib import Str, Flag, Bytes, StrEnum, Bool
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import x509
from ipalib import _, ngettext
@@ -91,6 +92,8 @@ EXAMPLES:
""")
+register = Registry()
+
output_params = (
Flag('has_keytab',
label=_('Keytab'),
@@ -287,6 +290,7 @@ def set_kerberos_attrs(entry_attrs, options):
if name in options or all_opt:
entry_attrs[name] = bool(ticket_flags & value)
+@register()
class service(LDAPObject):
"""
Service object.
@@ -371,9 +375,9 @@ class service(LDAPObject):
raise errors.ValidationError(name='ipakrbauthzdata',
error=_('NONE value cannot be combined with other PAC types'))
-api.register(service)
+@register()
class service_add(LDAPCreate):
__doc__ = _('Add a new IPA new service.')
@@ -433,9 +437,9 @@ class service_add(LDAPCreate):
set_kerberos_attrs(entry_attrs, options)
return dn
-api.register(service_add)
+@register()
class service_del(LDAPDelete):
__doc__ = _('Delete an IPA service.')
@@ -478,9 +482,9 @@ class service_del(LDAPDelete):
raise nsprerr
return dn
-api.register(service_del)
+@register()
class service_mod(LDAPUpdate):
__doc__ = _('Modify an existing IPA service.')
@@ -525,9 +529,9 @@ class service_mod(LDAPUpdate):
set_kerberos_attrs(entry_attrs, options)
return dn
-api.register(service_mod)
+@register()
class service_find(LDAPSearch):
__doc__ = _('Search for IPA services.')
@@ -562,9 +566,9 @@ class service_find(LDAPSearch):
set_kerberos_attrs(entry_attrs, options)
return truncated
-api.register(service_find)
+@register()
class service_show(LDAPRetrieve):
__doc__ = _('Display information about an IPA service.')
@@ -598,26 +602,26 @@ class service_show(LDAPRetrieve):
else:
return super(service_show, self).forward(*keys, **options)
-api.register(service_show)
+@register()
class service_add_host(LDAPAddMember):
__doc__ = _('Add hosts that can manage this service.')
member_attributes = ['managedby']
has_output_params = LDAPAddMember.has_output_params + output_params
-api.register(service_add_host)
+@register()
class service_remove_host(LDAPRemoveMember):
__doc__ = _('Remove hosts that can manage this service.')
member_attributes = ['managedby']
has_output_params = LDAPRemoveMember.has_output_params + output_params
-api.register(service_remove_host)
+@register()
class service_disable(LDAPQuery):
__doc__ = _('Disable the Kerberos key and SSL certificate of a service.')
@@ -679,4 +683,3 @@ class service_disable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
-api.register(service_disable)
diff --git a/ipalib/plugins/sudocmd.py b/ipalib/plugins/sudocmd.py
index 4c7ea7f88..4a81f06af 100644
--- a/ipalib/plugins/sudocmd.py
+++ b/ipalib/plugins/sudocmd.py
@@ -23,6 +23,7 @@ import sys
from ipalib import api, errors, util
from ipalib import Str
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -41,8 +42,11 @@ EXAMPLES:
""")
+register = Registry()
+
topic = ('sudo', _('commands for controlling sudo configuration'))
+@register()
class sudocmd(LDAPObject):
"""
Sudo Command object.
@@ -108,15 +112,15 @@ class sudocmd(LDAPObject):
pass
return dn
-api.register(sudocmd)
+@register()
class sudocmd_add(LDAPCreate):
__doc__ = _('Create new Sudo Command.')
msg_summary = _('Added Sudo Command "%(value)s"')
-api.register(sudocmd_add)
+@register()
class sudocmd_del(LDAPDelete):
__doc__ = _('Delete Sudo Command.')
@@ -148,15 +152,15 @@ class sudocmd_del(LDAPDelete):
dependent=', '.join(dependent_sudorules))
return dn
-api.register(sudocmd_del)
+@register()
class sudocmd_mod(LDAPUpdate):
__doc__ = _('Modify Sudo Command.')
msg_summary = _('Modified Sudo Command "%(value)s"')
-api.register(sudocmd_mod)
+@register()
class sudocmd_find(LDAPSearch):
__doc__ = _('Search for Sudo Commands.')
@@ -164,9 +168,8 @@ class sudocmd_find(LDAPSearch):
'%(count)d Sudo Command matched', '%(count)d Sudo Commands matched', 0
)
-api.register(sudocmd_find)
+@register()
class sudocmd_show(LDAPRetrieve):
__doc__ = _('Display Sudo Command.')
-api.register(sudocmd_show)
diff --git a/ipalib/plugins/sudocmdgroup.py b/ipalib/plugins/sudocmdgroup.py
index 471c8b858..44883f430 100644
--- a/ipalib/plugins/sudocmdgroup.py
+++ b/ipalib/plugins/sudocmdgroup.py
@@ -19,6 +19,7 @@
from ipalib import api
from ipalib import Str
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
@@ -45,8 +46,11 @@ EXAMPLES:
ipa group-show localadmins
""")
+register = Registry()
+
topic = ('sudo', _('commands for controlling sudo configuration'))
+@register()
class sudocmdgroup(LDAPObject):
"""
Sudo Command Group object.
@@ -100,33 +104,33 @@ class sudocmdgroup(LDAPObject):
),
)
-api.register(sudocmdgroup)
+@register()
class sudocmdgroup_add(LDAPCreate):
__doc__ = _('Create new Sudo Command Group.')
msg_summary = _('Added Sudo Command Group "%(value)s"')
-api.register(sudocmdgroup_add)
+@register()
class sudocmdgroup_del(LDAPDelete):
__doc__ = _('Delete Sudo Command Group.')
msg_summary = _('Deleted Sudo Command Group "%(value)s"')
-api.register(sudocmdgroup_del)
+@register()
class sudocmdgroup_mod(LDAPUpdate):
__doc__ = _('Modify Sudo Command Group.')
msg_summary = _('Modified Sudo Command Group "%(value)s"')
-api.register(sudocmdgroup_mod)
+@register()
class sudocmdgroup_find(LDAPSearch):
__doc__ = _('Search for Sudo Command Groups.')
@@ -135,22 +139,21 @@ class sudocmdgroup_find(LDAPSearch):
'%(count)d Sudo Command Groups matched', 0
)
-api.register(sudocmdgroup_find)
+@register()
class sudocmdgroup_show(LDAPRetrieve):
__doc__ = _('Display Sudo Command Group.')
-api.register(sudocmdgroup_show)
+@register()
class sudocmdgroup_add_member(LDAPAddMember):
__doc__ = _('Add members to Sudo Command Group.')
-api.register(sudocmdgroup_add_member)
+@register()
class sudocmdgroup_remove_member(LDAPRemoveMember):
__doc__ = _('Remove members from Sudo Command Group.')
-api.register(sudocmdgroup_remove_member)
diff --git a/ipalib/plugins/sudorule.py b/ipalib/plugins/sudorule.py
index 09b9a97e5..98353c029 100644
--- a/ipalib/plugins/sudorule.py
+++ b/ipalib/plugins/sudorule.py
@@ -19,6 +19,7 @@
from ipalib import api, errors
from ipalib import Str, StrEnum, Bool
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.hbacrule import is_all
from ipalib import _, ngettext
@@ -74,6 +75,8 @@ EXAMPLES:
ipa sudorule-add-option defaults --sudooption '!authenticate'
""")
+register = Registry()
+
topic = ('sudo', _('Commands for controlling sudo configuration'))
def deprecated(attribute):
@@ -88,6 +91,7 @@ def validate_runasextuser(ugettext, value):
def validate_runasextgroup(ugettext, value):
deprecated('runasexternalgroup')
+@register()
class sudorule(LDAPObject):
"""
Sudo Rule object.
@@ -323,9 +327,9 @@ class sudorule(LDAPObject):
}
)
-api.register(sudorule)
+@register()
class sudorule_add(LDAPCreate):
__doc__ = _('Create new Sudo Rule.')
@@ -338,17 +342,17 @@ class sudorule_add(LDAPCreate):
msg_summary = _('Added Sudo Rule "%(value)s"')
-api.register(sudorule_add)
+@register()
class sudorule_del(LDAPDelete):
__doc__ = _('Delete Sudo Rule.')
msg_summary = _('Deleted Sudo Rule "%(value)s"')
-api.register(sudorule_del)
+@register()
class sudorule_mod(LDAPUpdate):
__doc__ = _('Modify Sudo Rule.')
@@ -383,9 +387,9 @@ class sudorule_mod(LDAPUpdate):
return dn
-api.register(sudorule_mod)
+@register()
class sudorule_find(LDAPSearch):
__doc__ = _('Search for Sudo Rule.')
@@ -393,15 +397,15 @@ class sudorule_find(LDAPSearch):
'%(count)d Sudo Rule matched', '%(count)d Sudo Rules matched', 0
)
-api.register(sudorule_find)
+@register()
class sudorule_show(LDAPRetrieve):
__doc__ = _('Display Sudo Rule.')
-api.register(sudorule_show)
+@register()
class sudorule_enable(LDAPQuery):
__doc__ = _('Enable a Sudo Rule.')
@@ -426,9 +430,9 @@ class sudorule_enable(LDAPQuery):
def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Enabled Sudo Rule "%s"') % cn)
-api.register(sudorule_enable)
+@register()
class sudorule_disable(LDAPQuery):
__doc__ = _('Disable a Sudo Rule.')
@@ -453,9 +457,9 @@ class sudorule_disable(LDAPQuery):
def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Disabled Sudo Rule "%s"') % cn)
-api.register(sudorule_disable)
+@register()
class sudorule_add_allow_command(LDAPAddMember):
__doc__ = _('Add commands and sudo command groups affected by Sudo Rule.')
@@ -473,18 +477,18 @@ class sudorule_add_allow_command(LDAPAddMember):
return dn
-api.register(sudorule_add_allow_command)
+@register()
class sudorule_remove_allow_command(LDAPRemoveMember):
__doc__ = _('Remove commands and sudo command groups affected by Sudo Rule.')
member_attributes = ['memberallowcmd']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(sudorule_remove_allow_command)
+@register()
class sudorule_add_deny_command(LDAPAddMember):
__doc__ = _('Add commands and sudo command groups affected by Sudo Rule.')
@@ -501,18 +505,18 @@ class sudorule_add_deny_command(LDAPAddMember):
raise errors.MutuallyExclusiveError(reason=_("commands cannot be added when command category='all'"))
return dn
-api.register(sudorule_add_deny_command)
+@register()
class sudorule_remove_deny_command(LDAPRemoveMember):
__doc__ = _('Remove commands and sudo command groups affected by Sudo Rule.')
member_attributes = ['memberdenycmd']
member_count_out = ('%i object removed.', '%i objects removed.')
-api.register(sudorule_remove_deny_command)
+@register()
class sudorule_add_user(LDAPAddMember):
__doc__ = _('Add users and groups affected by Sudo Rule.')
@@ -533,9 +537,9 @@ class sudorule_add_user(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('memberuser', 'user', 'externaluser', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_add_user)
+@register()
class sudorule_remove_user(LDAPRemoveMember):
__doc__ = _('Remove users and groups affected by Sudo Rule.')
@@ -546,9 +550,9 @@ class sudorule_remove_user(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('memberuser', 'user', 'externaluser', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_remove_user)
+@register()
class sudorule_add_host(LDAPAddMember):
__doc__ = _('Add hosts and hostgroups affected by Sudo Rule.')
@@ -569,9 +573,9 @@ class sudorule_add_host(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_add_host)
+@register()
class sudorule_remove_host(LDAPRemoveMember):
__doc__ = _('Remove hosts and hostgroups affected by Sudo Rule.')
@@ -582,8 +586,8 @@ class sudorule_remove_host(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_remove_host)
+@register()
class sudorule_add_runasuser(LDAPAddMember):
__doc__ = _('Add users and groups for Sudo to execute as.')
@@ -625,9 +629,9 @@ class sudorule_add_runasuser(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('ipasudorunas', 'user', 'ipasudorunasextuser', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_add_runasuser)
+@register()
class sudorule_remove_runasuser(LDAPRemoveMember):
__doc__ = _('Remove users and groups for Sudo to execute as.')
@@ -638,9 +642,9 @@ class sudorule_remove_runasuser(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('ipasudorunas', 'user', 'ipasudorunasextuser', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_remove_runasuser)
+@register()
class sudorule_add_runasgroup(LDAPAddMember):
__doc__ = _('Add group for Sudo to execute as.')
@@ -676,9 +680,9 @@ class sudorule_add_runasgroup(LDAPAddMember):
assert isinstance(dn, DN)
return add_external_post_callback('ipasudorunasgroup', 'group', 'ipasudorunasextgroup', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_add_runasgroup)
+@register()
class sudorule_remove_runasgroup(LDAPRemoveMember):
__doc__ = _('Remove group for Sudo to execute as.')
@@ -689,9 +693,9 @@ class sudorule_remove_runasgroup(LDAPRemoveMember):
assert isinstance(dn, DN)
return remove_external_post_callback('ipasudorunasgroup', 'group', 'ipasudorunasextgroup', ldap, completed, failed, dn, entry_attrs, keys, options)
-api.register(sudorule_remove_runasgroup)
+@register()
class sudorule_add_option(LDAPQuery):
__doc__ = _('Add an option to the Sudo Rule.')
@@ -742,9 +746,9 @@ class sudorule_add_option(LDAPQuery):
-api.register(sudorule_add_option)
+@register()
class sudorule_remove_option(LDAPQuery):
__doc__ = _('Remove an option from Sudo Rule.')
@@ -796,4 +800,3 @@ class sudorule_remove_option(LDAPQuery):
dict(option=options['ipasudoopt'], rule=cn))
super(sudorule_remove_option, self).output_for_cli(textui, result, cn, **options)
-api.register(sudorule_remove_option)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index 9799e4c41..987fb7476 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -18,6 +18,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins.dns import dns_container_exists
from ipapython.ipautil import realm_to_suffix
@@ -129,6 +130,8 @@ particular type.
ipa trustconfig-mod --type ad --fallback-primary-group "Default SMB Group"
""")
+register = Registry()
+
trust_output_params = (
Str('trustdirection',
label=_('Trust direction')),
@@ -296,6 +299,7 @@ def add_range(self, range_name, dom_sid, *keys, **options):
return range_type, range_size, base_id
+@register()
class trust(LDAPObject):
"""
Trust object.
@@ -389,6 +393,7 @@ class trust(LDAPObject):
dn=make_trust_dn(self.env, trust_type, DN(*sdn))
return dn
+@register()
class trust_add(LDAPCreate):
__doc__ = _('''
Add new trust to use.
@@ -726,11 +731,13 @@ sides.
raise errors.ValidationError(name=_('AD Trust setup'),
error=_('Not enough arguments specified to perform trust setup'))
+@register()
class trust_del(LDAPDelete):
__doc__ = _('Delete a trust.')
msg_summary = _('Deleted trust "%(value)s"')
+@register()
class trust_mod(LDAPUpdate):
__doc__ = _("""
Modify a trust (for future use).
@@ -749,6 +756,7 @@ class trust_mod(LDAPUpdate):
return dn
+@register()
class trust_find(LDAPSearch):
__doc__ = _('Search for trusts.')
has_output_params = LDAPSearch.has_output_params + trust_output_params +\
@@ -779,6 +787,7 @@ class trust_find(LDAPSearch):
return truncated
+@register()
class trust_show(LDAPRetrieve):
__doc__ = _('Display information about a trust.')
has_output_params = LDAPRetrieve.has_output_params + trust_output_params +\
@@ -804,18 +813,13 @@ class trust_show(LDAPRetrieve):
return dn
-api.register(trust)
-api.register(trust_add)
-api.register(trust_mod)
-api.register(trust_del)
-api.register(trust_find)
-api.register(trust_show)
_trustconfig_dn = {
u'ad': DN(('cn', api.env.domain), api.env.container_cifsdomains, api.env.basedn),
}
+@register()
class trustconfig(LDAPObject):
"""
Trusts global configuration object
@@ -920,8 +924,8 @@ class trustconfig(LDAPObject):
entry_attrs['ipantfallbackprimarygroup'] = [groupdn[0][0].value]
-api.register(trustconfig)
+@register()
class trustconfig_mod(LDAPUpdate):
__doc__ = _('Modify global trust configuration.')
@@ -941,9 +945,9 @@ class trustconfig_mod(LDAPUpdate):
self.obj._convert_groupdn(entry_attrs, options)
return dn
-api.register(trustconfig_mod)
+@register()
class trustconfig_show(LDAPRetrieve):
__doc__ = _('Show global trust configuration.')
@@ -958,7 +962,6 @@ class trustconfig_show(LDAPRetrieve):
self.obj._convert_groupdn(entry_attrs, options)
return dn
-api.register(trustconfig_show)
if _nss_idmap_installed:
_idmap_type_dict = {
@@ -970,6 +973,7 @@ if _nss_idmap_installed:
string = _idmap_type_dict.get(int(level), 'unknown')
return unicode(string)
+@register()
class trust_resolve(Command):
NO_CLI = True
__doc__ = _('Resolve security identifiers of users and groups in trusted domains')
@@ -1008,9 +1012,9 @@ class trust_resolve(Command):
return dict(result=result)
-api.register(trust_resolve)
+@register()
class adtrust_is_enabled(Command):
NO_CLI = True
@@ -1035,9 +1039,9 @@ class adtrust_is_enabled(Command):
return dict(result=True)
-api.register(adtrust_is_enabled)
+@register()
class compat_is_enabled(Command):
NO_CLI = True
@@ -1079,9 +1083,9 @@ class compat_is_enabled(Command):
return dict(result=True)
-api.register(compat_is_enabled)
+@register()
class sidgen_was_run(Command):
"""
This command tries to determine whether the sidgen task was run during
@@ -1123,8 +1127,8 @@ class sidgen_was_run(Command):
return dict(result=True)
-api.register(sidgen_was_run)
+@register()
class trustdomain(LDAPObject):
"""
Object representing a domain of the AD trust.
@@ -1172,8 +1176,8 @@ class trustdomain(LDAPObject):
dn=make_trust_dn(self.env, trust_type, DN(*sdn))
return dn
-api.register(trustdomain)
+@register()
class trustdomain_find(LDAPSearch):
__doc__ = _('Search domains of the trust')
@@ -1202,15 +1206,15 @@ class trustdomain_find(LDAPSearch):
return truncated
-api.register(trustdomain_find)
+@register()
class trustdomain_mod(LDAPUpdate):
__doc__ = _('Modify trustdomain of the trust')
NO_CLI = True
takes_options = LDAPUpdate.takes_options + (_trust_type_option,)
-api.register(trustdomain_mod)
+@register()
class trustdomain_add(LDAPCreate):
__doc__ = _('Allow access from the trusted domain')
NO_CLI = True
@@ -1220,8 +1224,8 @@ class trustdomain_add(LDAPCreate):
if 'ipanttrustpartner' in options:
entry_attrs['ipanttrustpartner'] = [options['ipanttrustpartner']]
return dn
-api.register(trustdomain_add)
+@register()
class trustdomain_del(LDAPDelete):
__doc__ = _('Remove infromation about the domain associated with the trust.')
@@ -1244,7 +1248,6 @@ class trustdomain_del(LDAPDelete):
return result
-api.register(trustdomain_del)
def fetch_domains_from_trust(self, trustinstance, trust_entry, **options):
@@ -1293,6 +1296,7 @@ def fetch_domains_from_trust(self, trustinstance, trust_entry, **options):
pass
return result
+@register()
class trust_fetch_domains(LDAPRetrieve):
__doc__ = _('Refresh list of the domains associated with the trust')
@@ -1333,8 +1337,8 @@ class trust_fetch_domains(LDAPRetrieve):
result['truncated'] = False
return result
-api.register(trust_fetch_domains)
+@register()
class trustdomain_enable(LDAPQuery):
__doc__ = _('Allow use of IPA resources by the domain of the trust')
@@ -1373,8 +1377,8 @@ class trustdomain_enable(LDAPQuery):
value=pkey_to_value(keys[1], options),
)
-api.register(trustdomain_enable)
+@register()
class trustdomain_disable(LDAPQuery):
__doc__ = _('Disable use of IPA resources by the domain of the trust')
@@ -1413,4 +1417,3 @@ class trustdomain_disable(LDAPQuery):
value=pkey_to_value(keys[1], options),
)
-api.register(trustdomain_disable)
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 4eb35bd84..73203405e 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -25,6 +25,7 @@ import os
from ipalib import api, errors
from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime
+from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins import baseldap
from ipalib.request import context
@@ -81,6 +82,7 @@ EXAMPLES:
ipa user-del tuser1
""")
+register = Registry()
NO_UPG_MAGIC = '__no_upg__'
@@ -216,6 +218,7 @@ def fix_addressbook_permission_bindrule(name, template, is_new,
template['ipapermbindruletype'] = 'anonymous'
+@register()
class user(LDAPObject):
"""
User object.
@@ -675,9 +678,8 @@ class user(LDAPObject):
for m in xrange(len(entry_attrs['manager'])):
entry_attrs['manager'][m] = self.get_primary_key_from_dn(entry_attrs['manager'][m])
-api.register(user)
-
+@register()
class user_add(LDAPCreate):
__doc__ = _('Add a new user.')
@@ -851,9 +853,8 @@ class user_add(LDAPCreate):
radius_dn2pk(self.api, entry_attrs)
return dn
-api.register(user_add)
-
+@register()
class user_del(LDAPDelete):
__doc__ = _('Delete a user.')
@@ -872,9 +873,8 @@ class user_del(LDAPDelete):
return dn
-api.register(user_del)
-
+@register()
class user_mod(LDAPUpdate):
__doc__ = _('Modify a user.')
@@ -946,9 +946,8 @@ class user_mod(LDAPUpdate):
radius_dn2pk(self.api, entry_attrs)
return dn
-api.register(user_mod)
-
+@register()
class user_find(LDAPSearch):
__doc__ = _('Search for users.')
@@ -997,9 +996,8 @@ class user_find(LDAPSearch):
'%(count)d user matched', '%(count)d users matched', 0
)
-api.register(user_find)
-
+@register()
class user_show(LDAPRetrieve):
__doc__ = _('Display information about a user.')
@@ -1014,9 +1012,8 @@ class user_show(LDAPRetrieve):
radius_dn2pk(self.api, entry_attrs)
return dn
-api.register(user_show)
-
+@register()
class user_disable(LDAPQuery):
__doc__ = _('Disable a user account.')
@@ -1036,9 +1033,8 @@ class user_disable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
-api.register(user_disable)
-
+@register()
class user_enable(LDAPQuery):
__doc__ = _('Enable a user account.')
@@ -1058,8 +1054,8 @@ class user_enable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
-api.register(user_enable)
+@register()
class user_unlock(LDAPQuery):
__doc__ = _("""
Unlock a user account
@@ -1087,8 +1083,8 @@ class user_unlock(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
-api.register(user_unlock)
+@register()
class user_status(LDAPQuery):
__doc__ = _("""
Lockout status of a user account
@@ -1197,5 +1193,3 @@ class user_status(LDAPQuery):
summary=unicode(_('Account disabled: %(disabled)s' %
dict(disabled=disabled))),
)
-
-api.register(user_status)
generated by cgit (git 2.34.1) at 2024-06-20 23:25:02 +0000