diff options
Diffstat (limited to 'ipalib/plugins/user.py')
-rw-r--r-- | ipalib/plugins/user.py | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 086dc3933..536848b46 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -48,7 +48,7 @@ EXAMPLES: """ from ipalib import api, errors -from ipalib import Flag, Int, Password, Str +from ipalib import Flag, Int, Password, Str, Bool from ipalib.plugins.baseldap import * from ipalib import _, ngettext from ipalib.request import context @@ -66,7 +66,7 @@ class user(LDAPObject): search_attributes_config = 'ipausersearchfields' default_attributes = [ 'uid', 'givenname', 'sn', 'homedirectory', 'loginshell', 'ou', - 'telephonenumber', 'title', 'memberof', + 'telephonenumber', 'title', 'memberof', 'nsaccountlock', ] uuid_attribute = 'ipauniqueid' attribute_members = { @@ -149,6 +149,10 @@ class user(LDAPObject): Str('facsimiletelephonenumber*', cli_name='fax', label=_('Fax Number') ), + Bool('nsaccountlock?', + label=_('Account disabled'), + flags=['no_create', 'no_update', 'no_search'], + ), ) api.register(user) @@ -228,6 +232,11 @@ class user_mod(LDAPUpdate): msg_summary = _('Modified user "%(value)s"') + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): + if not 'nsaccountlock' in entry_attrs: + entry_attrs['nsaccountlock'] = [u'False'] + return dn + api.register(user_mod) @@ -248,6 +257,12 @@ class user_find(LDAPSearch): getattr(context, 'principal') return filter + def post_callback(self, ldap, entries, truncated, *args, **options): + for entry in entries: + (dn, attrs) = entry + if not 'nsaccountlock' in attrs: + attrs['nsaccountlock'] = [u'False'] + msg_summary = ngettext( '%(count)d user matched', '%(count)d users matched', 0 ) @@ -259,6 +274,10 @@ class user_show(LDAPRetrieve): """ Display information about a user. """ + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): + if not 'nsaccountlock' in entry_attrs: + entry_attrs['nsaccountlock'] = [u'False'] + return dn api.register(user_show) @@ -276,10 +295,7 @@ class user_disable(LDAPQuery): dn = self.obj.get_dn(*keys, **options) - try: - ldap.deactivate_entry(dn) - except errors.AlreadyInactive: - pass + ldap.deactivate_entry(dn) return dict( result=True, @@ -302,10 +318,7 @@ class user_enable(LDAPQuery): dn = self.obj.get_dn(*keys, **options) - try: - ldap.activate_entry(dn) - except errors.AlreadyActive: - pass + ldap.activate_entry(dn) return dict( result=True, |