diff options
Diffstat (limited to 'ipa-server')
-rw-r--r-- | ipa-server/ipa-gui/ipagui/controllers.py | 13 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/forms/user.py | 1 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/static/css/style.css | 2 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/usereditform.kid | 15 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/usernewform.kid | 15 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/usershow.kid | 10 | ||||
-rw-r--r-- | ipa-server/ipaserver/ipaldap.py | 8 | ||||
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 2 |
8 files changed, 59 insertions, 7 deletions
diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 5771ebe31..5fb4be06b 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -28,6 +28,8 @@ password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz client = ipa.ipaclient.IPAClient(True) client.set_principal("test@FREEIPA.ORG") +user_fields = ['*', 'nsAccountLock'] + def restrict_post(): if cherrypy.request.method != "POST": turbogears.flash("This method only accepts posts") @@ -77,6 +79,8 @@ class Root(controllers.RootController): new_user.setValue('sn', kw.get('sn')) new_user.setValue('mail', kw.get('mail')) new_user.setValue('telephonenumber', kw.get('telephonenumber')) + if kw.get('nsAccountLock'): + new_user.setValue('nsAccountLock', 'true') rv = client.add_user(new_user) turbogears.flash("%s added!" % kw['uid']) @@ -92,7 +96,7 @@ class Root(controllers.RootController): if tg_errors: turbogears.flash("There was a problem with the form!") - user = client.get_user_by_uid(uid) + user = client.get_user_by_uid(uid, user_fields) user_dict = user.toDict() # store a copy of the original user for the update later user_data = b64encode(dumps(user_dict)) @@ -120,6 +124,11 @@ class Root(controllers.RootController): new_user.setValue('sn', kw.get('sn')) new_user.setValue('mail', kw.get('mail')) new_user.setValue('telephonenumber', kw.get('telephonenumber')) + if kw.get('nsAccountLock'): + new_user.setValue('nsAccountLock', 'true') + else: + new_user.setValue('nsAccountLock', None) + # # this is a hack until we decide on the policy for names/cn/sn/givenName # @@ -161,7 +170,7 @@ class Root(controllers.RootController): def usershow(self, uid): """Retrieve a single user for display""" try: - user = client.get_user_by_uid(uid) + user = client.get_user_by_uid(uid, user_fields) return dict(user=user.toDict(), fields=forms.user.UserFields()) except ipaerror.IPAError, e: turbogears.flash("User show failed: " + str(e)) diff --git a/ipa-server/ipa-gui/ipagui/forms/user.py b/ipa-server/ipa-gui/ipagui/forms/user.py index 9ce512567..b9b6f33d4 100644 --- a/ipa-server/ipa-gui/ipagui/forms/user.py +++ b/ipa-server/ipa-gui/ipagui/forms/user.py @@ -10,6 +10,7 @@ class UserFields(): sn = widgets.TextField(name="sn", label="Last name") mail = widgets.TextField(name="mail", label="E-mail address") telephonenumber = widgets.TextField(name="telephonenumber", label="Phone") + nsAccountLock = widgets.CheckBox(name="nsAccountLock", label="Account Deactivated") uid.validator = validators.PlainText(not_empty=True) userpassword.validator = validators.String(not_empty=True) diff --git a/ipa-server/ipa-gui/ipagui/static/css/style.css b/ipa-server/ipa-gui/ipagui/static/css/style.css index 3c260c21b..9ea86ae01 100644 --- a/ipa-server/ipa-gui/ipagui/static/css/style.css +++ b/ipa-server/ipa-gui/ipagui/static/css/style.css @@ -122,7 +122,7 @@ body { } .formtable th { - width: 15%; + width: 20%; text-align: right; } diff --git a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid index cef7f116d..dc61f38c5 100644 --- a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid +++ b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid @@ -139,6 +139,21 @@ </tr> </table> + <div class="formsection">Account Status</div> + <table class="formtable" cellpadding="2" cellspacing="0" border="0"> + <tr> + <th> + <label class="fieldlabel" for="${user.nsAccountLock.field_id}" + py:content="user.nsAccountLock.label" />: + </th> + <td> + <span py:replace="user.nsAccountLock.display(value_for(user.nsAccountLock))" /> + <span py:if="tg.errors.get('nsAccountLock')" class="fielderror" + py:content="tg.errors.get('nsAccountLock')" /> + </td> + </tr> + </table> + <table class="formtable" cellpadding="2" cellspacing="0" border="0"> <tr> <th> diff --git a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid index c766327f0..d4863a3df 100644 --- a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid +++ b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid @@ -150,6 +150,21 @@ </tr> </table> + <div class="formsection">Account Status</div> + <table class="formtable" cellpadding="2" cellspacing="0" border="0"> + <tr> + <th> + <label class="fieldlabel" for="${user.nsAccountLock.field_id}" + py:content="user.nsAccountLock.label" />: + </th> + <td> + <span py:replace="user.nsAccountLock.display(value_for(user.nsAccountLock))" /> + <span py:if="tg.errors.get('nsAccountLock')" class="fielderror" + py:content="tg.errors.get('nsAccountLock')" /> + </td> + </tr> + </table> + <table class="formtable" cellpadding="2" cellspacing="0" border="0"> <tr> <th> diff --git a/ipa-server/ipa-gui/ipagui/templates/usershow.kid b/ipa-server/ipa-gui/ipagui/templates/usershow.kid index 2ffd1a4e9..4e73eba35 100644 --- a/ipa-server/ipa-gui/ipagui/templates/usershow.kid +++ b/ipa-server/ipa-gui/ipagui/templates/usershow.kid @@ -62,6 +62,16 @@ </tr> </table> + <div class="formsection">Account Status</div> + <table class="formtable" cellpadding="2" cellspacing="0" border="0"> + <tr> + <th> + <label class="fieldlabel" py:content="fields.nsAccountLock.label" />: + </th> + <td>${user.get("nsAccountLock")}</td> + </tr> + </table> + <a href="${tg.url('/useredit', uid=user.get('uid'))}">edit</a> </body> diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py index 4d0630eef..164509263 100644 --- a/ipa-server/ipaserver/ipaldap.py +++ b/ipa-server/ipaserver/ipaldap.py @@ -29,6 +29,7 @@ import urllib2 import socket import ldif import re +import string import ldap import cStringIO import time @@ -382,8 +383,11 @@ class IPAdmin(SimpleLDAPObject): REPLACE operations, to deal with multi-user updates more properly.""" modlist = [] - keys = set(old_entry.keys()) - keys.update(new_entry.keys()) + old_entry = ipautil.CIDict(old_entry) + new_entry = ipautil.CIDict(new_entry) + + keys = set(map(string.lower, old_entry.keys())) + keys.update(map(string.lower, new_entry.keys())) for key in keys: new_values = new_entry.get(key, []) diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index fd95470b0..4b1fe7edd 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -270,8 +270,6 @@ class IPAServer: if user.get('gn'): del user['gn'] - if user.get('givenname'): - del user['givenname'] # some required objectclasses entry.setValues('objectClass', 'top', 'posixAccount', 'shadowAccount', 'account', 'person', 'inetOrgPerson', 'organizationalPerson', 'krbPrincipalAux', 'krbTicketPolicyAux') |