diff options
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/plugins/aci.py | 110 | ||||
-rw-r--r-- | ipalib/plugins/baseldap.py | 2 |
2 files changed, 85 insertions, 27 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index 4b5922798..ea5b3e46d 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -62,6 +62,8 @@ from ipalib import api, crud, errors from ipalib import Object, Command from ipalib import Flag, Int, List, Str, StrEnum from ipalib.aci import ACI +from ipalib import output +from ipalib import _, ngettext import logging _type_map = { @@ -74,6 +76,26 @@ _valid_permissions_values = [ u'read', u'write', u'add', u'delete', u'selfwrite', u'all' ] +class ListOfACI(output.Output): + type = (list, tuple) + doc = 'A list of ACI values' + + def validate(self, cmd, entries): + assert isinstance(entries, self.type) + for (i, entry) in enumerate(entries): + if not isinstance(entry, unicode): + raise TypeError(output.emsg % + (cmd.name, self.__class__.__name__, + self.name, i, unicode, type(entry), entry) + ) + +aci_output = ( + output.Output('result', unicode, 'A string representing the ACI'), + output.value, + output.summary, +) + + def _make_aci(current, aciname, kw): # Do some quick and dirty validation @@ -84,36 +106,40 @@ def _make_aci(current, aciname, kw): t5 = 'attrs' in kw t6 = 'memberof' in kw if t1 + t2 + t3 + t4 > 1: - raise errors.ValidationError(name='target', error='type, filter, subtree and targetgroup are mutually exclusive') + raise errors.ValidationError(name='target', error=_('type, filter, subtree and targetgroup are mutually exclusive')) if t1 + t2 + t3 + t4 + t5 + t6 == 0: - raise errors.ValidationError(name='target', error='at least one of: type, filter, subtree, targetgroup, attrs or memberof are required') + raise errors.ValidationError(name='target', error=_('at least one of: type, filter, subtree, targetgroup, attrs or memberof are required')) group = 'group' in kw taskgroup = 'taskgroup' in kw if group + taskgroup > 1: - raise errors.ValidationError(name='target', error='group and taskgroup are mutually exclusive') + raise errors.ValidationError(name='target', error=_('group and taskgroup are mutually exclusive')) elif group + taskgroup == 0: - raise errors.ValidationError(name='target', error='One of group or taskgroup is required') + raise errors.ValidationError(name='target', error=_('One of group or taskgroup is required')) # Grab the dn of the group we're granting access to. This group may be a # taskgroup or a user group. + entry_attrs = [] if taskgroup: try: - (dn, entry_attrs) = api.Command['taskgroup_show'](kw['taskgroup']) + entry_attrs = api.Command['taskgroup_show'](kw['taskgroup'])['result'] except errors.NotFound: # The task group doesn't exist, let's be helpful and add it tgkw = {'description': aciname} - (dn, entry_attrs) = api.Command['taskgroup_add']( + entry_attrs = api.Command['taskgroup_add']( kw['taskgroup'], **tgkw - ) + )['result'] + import pdb + pdb.set_trace() elif group: # Not so friendly with groups. This will raise try: - (dn, entry_attrs) = api.Command['group_show'](kw['group']) + entry_attrs = api.Command['group_show'](kw['group'])['result'] except errors.NotFound: - raise errors.NotFound(reason="Group '%s' does not exist" % kw['group']) + raise errors.NotFound(reason=_("Group '%s' does not exist") % kw['group']) + dn = entry_attrs['dn'] a = ACI(current) a.name = aciname a.permissions = kw['permissions'] @@ -155,7 +181,7 @@ def _find_aci_by_name(acis, aciname): for a in acis: if a.name.lower() == aciname.lower(): return a - raise errors.NotFound(reason='ACI with name "%s" not found' % aciname) + raise errors.NotFound(reason=_('ACI with name "%s" not found') % aciname) def _normalize_permissions(permissions): valid_permissions = [] @@ -225,6 +251,9 @@ class aci_add(crud.Create): """ Create new ACI. """ + has_output = aci_output + msg_summary = _('Created ACI "%(value)s"') + def execute(self, aciname, **kw): """ Execute the aci-create operation. @@ -246,17 +275,21 @@ class aci_add(crud.Create): if a.isequal(newaci): raise errors.DuplicateEntry() - newaci_str = str(newaci) + newaci_str = unicode(newaci) entry_attrs['aci'].append(newaci_str) ldap.update_entry(dn, entry_attrs) - return newaci_str + return dict( + result=newaci_str, + value=newaci.name + ) def output_for_cli(self, textui, result, aciname, **options): """ Display the newly created ACI and a success message. """ + result = result['result'] textui.print_name(self.name) textui.print_plain(result) textui.print_dashed('Created ACI "%s".' % aciname) @@ -268,6 +301,9 @@ class aci_del(crud.Delete): """ Delete ACI. """ + has_output = output.standard_delete + msg_summary = _('Deleted ACI "%(value)s"') + def execute(self, aciname, **kw): """ Execute the aci-delete operation. @@ -293,14 +329,10 @@ class aci_del(crud.Delete): ldap.update_entry(dn, entry_attrs) - return True - - def output_for_cli(self, textui, result, aciname, **options): - """ - Output result of this command to command line interface. - """ - textui.print_name(self.name) - textui.print_plain('Deleted ACI "%s".' % aciname) + return dict( + result=True, + value=aciname, + ) api.register(aci_del) @@ -309,6 +341,9 @@ class aci_mod(crud.Update): """ Modify ACI. """ + has_output = aci_output + msg_summary = _('Modified ACI "%(value)s"') + def execute(self, aciname, **kw): ldap = self.api.Backend.ldap2 @@ -334,6 +369,7 @@ class aci_mod(crud.Update): """ Display the updated ACI and a success message. """ + result = result['result'] textui.print_name(self.name) textui.print_plain(result) textui.print_dashed('Modified ACI "%s".' % aciname) @@ -361,6 +397,13 @@ class aci_find(crud.Search): have ipausers as a memberof. There may be other ACIs that apply to members of that group indirectly. """ + has_output = ( + ListOfACI('result'), + output.Output('count', int, 'Number of entries returned'), + output.summary, + ) + msg_summary = ngettext('%(count)d ACI matched', '%(count)d ACIs matched', 0) + def execute(self, term, **kw): ldap = self.api.Backend.ldap2 @@ -396,9 +439,9 @@ class aci_find(crud.Search): if 'taskgroup' in kw: try: - (dn, entry_attrs) = self.api.Command['taskgroup_show']( + self.api.Command['taskgroup_show']( kw['taskgroup'] - ) + )['result'] except errors.NotFound: pass else: @@ -417,7 +460,7 @@ class aci_find(crud.Search): if 'memberof' in kw: try: - (dn, entry_attrs) = self.api.Command['group_show']( + self.api.Command['group_show']( kw['memberof'] ) except errors.NotFound: @@ -436,18 +479,21 @@ class aci_find(crud.Search): # TODO: searching by: type, filter, subtree - return [str(aci) for aci in results] + return dict( + result=[unicode(aci) for aci in results], + count=len(results), + ) def output_for_cli(self, textui, result, term, **options): """ Display the search results """ textui.print_name(self.name) - for aci in result: + for aci in result['result']: textui.print_plain(aci) textui.print_plain('') textui.print_count( - len(result), '%i ACI matched.', '%i ACIs matched.' + result['count'], '%i ACI matched.', '%i ACIs matched.' ) api.register(aci_find) @@ -457,6 +503,12 @@ class aci_show(crud.Retrieve): """ Display a single ACI given an ACI name. """ + has_output = ( + output.Output('result', unicode, 'A string representing the ACI'), + output.value, + output.summary, + ) + def execute(self, aciname, **kw): """ Execute the aci-show operation. @@ -472,12 +524,16 @@ class aci_show(crud.Retrieve): acis = _convert_strings_to_acis(entry_attrs.get('aci', [])) - return str(_find_aci_by_name(acis, aciname)) + return dict( + result=unicode(_find_aci_by_name(acis, aciname)), + value=aciname, + ) def output_for_cli(self, textui, result, aciname, **options): """ Display the requested ACI """ + result = result['result'] textui.print_name(self.name) textui.print_plain(result) diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index bd6ce3010..94b006257 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -178,6 +178,8 @@ class LDAPCreate(crud.Create): dn = self.post_callback(ldap, dn, entry_attrs, *keys, **options) + entry_attrs['dn'] = dn + self.obj.convert_attribute_members(entry_attrs, *keys, **options) return dict( result=entry_attrs, |