summaryrefslogtreecommitdiffstats
path: root/ipa-server
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-server')
-rw-r--r--ipa-server/ipa-gui/ipagui/subcontrollers/principal.py45
-rw-r--r--ipa-server/ipa-gui/ipagui/templates/principallist.kid6
-rw-r--r--ipa-server/ipa-gui/ipagui/templates/principalshow.kid53
-rw-r--r--ipa-server/xmlrpc-server/funcs.py20
-rw-r--r--ipa-server/xmlrpc-server/ipaxmlrpc.py1
5 files changed, 123 insertions, 2 deletions
diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py b/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py
index 27c4f9d63..47deb8879 100644
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py
@@ -125,6 +125,51 @@ class PrincipalController(IPAController):
return dict(principals=principals, hostname=hostname, fields=ipagui.forms.principal.PrincipalFields())
+ @expose("ipagui.templates.principalshow")
+ @identity.require(identity.not_anonymous())
+ def show(self, **kw):
+ """Display a single service principal"""
+
+ try:
+ princ = kw['principal']
+ princ_dn = kw['principal_dn']
+ except KeyError, e:
+ turbogears.flash("Principal show failed. Unable to find key %s" % e)
+ raise turbogears.redirect("/principal/list")
+
+ principal = {}
+
+ try:
+ # The principal info is passed in. Not going to both to re-query this.
+ (service,host) = princ.split('/')
+ h = host.split('@')
+ principal['service'] = service
+ principal['hostname'] = h[0]
+ principal['principal_dn'] = princ_dn
+
+ return dict(principal=principal)
+ except:
+ turbogears.flash("Principal show failed %s" % princ)
+ raise turbogears.redirect("/")
+
+ @expose()
+ @identity.require(identity.in_group("admins"))
+ def delete(self, principal):
+ """Delete a service principal"""
+ self.restrict_post()
+ client = self.get_ipaclient()
+
+ print "Deleting %s" % principal
+
+ try:
+ client.delete_service_principal(principal)
+
+ turbogears.flash("Service principal deleted")
+ raise turbogears.redirect('/principal/list')
+ except (SyntaxError, ipaerror.IPAError), e:
+ turbogears.flash("Service principal deletion failed: " + str(e) + "<br/>" + e.detail[0]['desc'])
+ raise turbogears.redirect('/principal/list')
+
@validate(form=principal_new_form)
@identity.require(identity.not_anonymous())
def principalcreatevalidate(self, tg_errors=None, **kw):
diff --git a/ipa-server/ipa-gui/ipagui/templates/principallist.kid b/ipa-server/ipa-gui/ipagui/templates/principallist.kid
index ae8bdda46..8da9c15e3 100644
--- a/ipa-server/ipa-gui/ipagui/templates/principallist.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/principallist.kid
@@ -33,10 +33,12 @@
<tbody>
<tr py:for="principal in principals">
<td>
- ${principal.hostname}
+ <a href="${tg.url('/principal/show',principal=principal.krbprincipalname,principal_dn=principal.dn)}"
+ >${principal.hostname}</a>
</td>
<td>
- ${principal.service}
+ <a href="${tg.url('/principal/show',principal=principal.krbprincipalname,principal_dn=principal.dn)}"
+ >${principal.service}</a>
</td>
</tr>
</tbody>
diff --git a/ipa-server/ipa-gui/ipagui/templates/principalshow.kid b/ipa-server/ipa-gui/ipagui/templates/principalshow.kid
new file mode 100644
index 000000000..c93622d3f
--- /dev/null
+++ b/ipa-server/ipa-gui/ipagui/templates/principalshow.kid
@@ -0,0 +1,53 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"
+ py:extends="'policylayout.kid'">
+<head>
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/>
+<title>View Service Principal</title>
+</head>
+<body>
+
+ <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script>
+
+ <script type="text/javascript" charset="utf-8">
+ function confirmDelete() {
+ if (confirm("Are you sure you want to delete this service principal?")) {
+ $('deleteform').submit();
+ }
+ return false;
+ }
+ </script>
+
+ <form id='deleteform'
+ method="post" action="${tg.url('/principal/delete')}">
+
+ <input type="hidden" name="principal" value="${principal.get('principal_dn')}" />
+
+ <input type="submit" class="submitbutton"
+ value="Delete Principal"
+ onclick="return confirmDelete();"
+ />
+
+ <h1>View Service Principal</h1>
+
+ <h2 class="formsection">Principal</h2>
+ <table class="formtable" cellpadding="2" cellspacing="0" border="0">
+ <tr>
+ <th>
+ <label class="fieldlabel">Host</label>:
+ </th>
+ <td>${principal.get("hostname")}</td>
+ </tr>
+ <tr>
+ <th>
+ <label class="fieldlabel">Service</label>:
+ </th>
+ <td>${principal.get("service")}</td>
+ </tr>
+ </table>
+ </form>
+
+<hr />
+
+</body>
+</html>
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py
index a4ebfcded..d0600b51a 100644
--- a/ipa-server/xmlrpc-server/funcs.py
+++ b/ipa-server/xmlrpc-server/funcs.py
@@ -1724,6 +1724,26 @@ class IPAServer:
self.releaseConnection(conn)
return res
+ def delete_service_principal (self, principal, opts=None):
+ """Delete a service principal.
+
+ principal is the full DN of the entry to delete.
+
+ This should be called with much care.
+ """
+ if not principal:
+ raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER)
+ entry = self.get_entry_by_dn(principal, ['dn', 'objectclass'], opts)
+ if entry is None:
+ raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND)
+
+ conn = self.getConnection(opts)
+ try:
+ res = conn.deleteEntry(entry['dn'])
+ finally:
+ self.releaseConnection(conn)
+ return res
+
def find_service_principal(self, criteria, sattrs, searchlimit=-1,
timelimit=-1, opts=None):
"""Returns a list: counter followed by the results.
diff --git a/ipa-server/xmlrpc-server/ipaxmlrpc.py b/ipa-server/xmlrpc-server/ipaxmlrpc.py
index abf6aed7e..3f3e38b8e 100644
--- a/ipa-server/xmlrpc-server/ipaxmlrpc.py
+++ b/ipa-server/xmlrpc-server/ipaxmlrpc.py
@@ -365,6 +365,7 @@ def handler(req, profiling=False):
h.register_function(f.get_password_policy)
h.register_function(f.update_password_policy)
h.register_function(f.add_service_principal)
+ h.register_function(f.delete_service_principal)
h.register_function(f.find_service_principal)
h.register_function(f.get_radius_client_by_ip_addr)
h.register_function(f.add_radius_client)
generated by cgit (git 2.34.1) at 2024-06-30 09:11:26 +0000