summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/baseldap.py
Commit message (Collapse)AuthorAgeFilesLines
...
* Add the --rights option to the LDAPUpdate base class.Rob Crittenden2010-11-051-10/+24
| | | | ticket 437
* user-enable/disable improvementsRob Crittenden2010-11-041-6/+6
| | | | | | | | | | | | | Always display the account enable/disable status. Don't ignore the exceptions when a user is already enabled or disabled. Fix the exception error messages to use the right terminology. In baseldap when retrieving all attributes include the default attributes in case they include some operational attributes. ticket 392
* Implement nested netgroups and include summaries for the commands.Rob Crittenden2010-10-291-8/+11
| | | | | | | Replace the existing netgroup test cases with Declarative tests. This triples the number of tests we were doing. ticket 209
* Return reason for failure when updating group membership fails.Rob Crittenden2010-10-281-9/+17
| | | | | | | | | | | We used to return a list of dns that failed to be added. We now return a list of tuples instead. The tuple looks like (dn, reason) where reason is the exception that was returned. Also made the label we use for failures to be singular instead of plural since we now print them out individually instead of as comma-separated. ticket 270
* Populate indirect members when showing a group object.Rob Crittenden2010-10-281-10/+98
| | | | | | | | | | | | | | | This is done by creating a new attribute, memberindirect, to hold this indirect membership. The new function get_members() can return all members or just indirect or direct. We are only using it to retrieve indirect members currently. This also: * Moves all member display attributes into baseldap.py to reduce duplication * Adds netgroup nesting * Use a unique object name in hbacsvc and hbacsvcgroup ticket 296
* Retrieve Get Effective Rights output with LDAPRetrieveRob Crittenden2010-10-281-0/+18
| | | | | | | The output is a pure python dict so is really only useful when used with --all so it is required. Updated to return a string for rights as opposed to a list. Terser, reducing the wire size by a factor of 3.5
* Allow RDN changes for users, groups, rolegroups and taskgroups.Rob Crittenden2010-10-281-0/+18
| | | | | | | | | | | | To do a change right now you have to perform a setattr like: ipa user-mod --setattr uid=newuser olduser The RDN change is performed before the rest of the mods. If the RDN change is the only change done then the EmptyModlist that update_entry() throws is ignored. ticket 323
* Add LDAPObject setting to handle different attributes for RDN and PKEY.Pavel Zuna2010-10-281-6/+44
|
* UUIDs: remove uuid python plugin and let DS always autogenerateSimo Sorce2010-10-281-2/+2
| | | | merge in remove uuid
* Disallow RDN change and single-value bypass using setattr/addattr.Pavel Zuna2010-10-181-1/+13
| | | | | | | | | | | When setting or adding an attribute wiht setatt/addattr check to see if there is a Param for the attribute and enforce the multi-value. If there is no Param check the LDAP schema for SINGLE-VALUE. Catch RDN mods and try to return a more reasonable error message. Ticket #230 Ticket #246
* Add 'continuous' mode to LDAPDelete. Fix *-del unit tests.Pavel Zuna2010-10-061-0/+9
| | | | Ticket #321
* Generate additional positional arguments for baseldap commands from takes_args.Pavel Zuna2010-10-061-0/+8
|
* Add LDAPMultiQuery base class and make it the base of LDAPDelete.Pavel Zuna2010-10-011-33/+65
| | | | | | | In other words: make *-del commands accept 1 or more primary keys of entries to be deleted. Ticket #20
* Use global time and size limit values when searching.Rob Crittenden2010-08-191-12/+10
| | | | | | Add test to verify that limit is honored and truncated flag set. ticket #48
* Fix Update function on details page.Pavel Zuna2010-08-171-4/+4
| | | | | | | | | | The problem was that parameters with no values are automatically set to None by the framework and it wasn't handled properly in baseldap.py:get_attributes function. Also, there were two logical bugs in details.js: 1) atttribute callback to update values were called for input elements instead of dt elements 2) it was always trying to update the primary key
* Change the behaviour of addattr/setattr parameters.Adam Young2010-08-131-29/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | setattr and addattr can now be used both to set all values of ANY attribute. the last setattr always resets the attribute to the specified value and all addattr append to it. Examples: user-mod testuser --setattr=title=msc title: msc user-mod testuser --setattr=title=msb title: msb user-mod testuser --addattr=title=msc title: msb, msc user-mod testuser --setattr=title= title: user-mod testuser --setattr=title=msc --addattr=msb title: msc, msb user-mod testuser --setattr=title=ing --addattr=bc title: ing, bc user-mod testuser --setattr=title=doc title: doc It's not very user friendly, but it's going to be used very very rarely in special conditions in the CLI and we can use it to save lots of JSON-RPC roundtrips in the webUI. This version includes calling the validation of Params during the setting of the attrs.
* Improve serialization to JSON.Pavel Zuna2010-08-121-1/+2
| | | | | | - Make it recursive. - Make Param classes serializable. - Take python native data types into account.
* Fix bug: not found exc. handler was failing for singleton objectsPavel Zuna2010-08-121-1/+4
|
* Add new parameters to LDAPSearch: timelimit and sizelimit.Pavel Zuna2010-08-121-2/+23
|
* Make LDAPObject classes JSON serializable.Pavel Zuna2010-08-121-0/+17
|
* Properly show the members when an add/remove operation fails.Rob Crittenden2010-08-061-4/+17
| | | | | | | | | | | | The remove member function in baseldap was not returning failures at all. The add member function was only showing them in the group object. Most of the magic is handled in baseldap. Each plugin just needs to define object_name and object_name_plural. object_name must be all lower-case because fake-attributes are created so membership can be broken out per-object type. I left the plural name lower case as well. ticket 85
* Add separate var for search attributes and config attribute for search fieldsRob Crittenden2010-07-131-1/+15
| | | | | | | | Add an optional search_attributes variable in case the attributes you want to display by default aren't what you want to search on. Also link in any cn=ipaconfig attributes that contain a comma-separated list of attributes to search on.
* Add exception callback (exc_callback) to baseldap.py classes.Pavel Zuna2010-05-141-33/+150
| | | | | | It enables plugin authors to supply their own handlers for ExecutionError exceptions generated by calls to ldap2 made from the execute method of baseldap.py classes that extend CallbackInterface.
* Enable LDAPObject subclasses to disable DN normalization in their methods.Pavel Zuna2010-04-161-11/+27
|
* Add interface for baseldap plugins to register additional callbacks.Pavel Zuna2010-04-161-27/+139
|
* Raise an error if no modifications were performed in an update.Rob Crittenden2010-03-191-2/+0
| | | | | | | This will alert the user that nothing was done and is handy when used with --attr=''. This can be used to delete a non-required attribute but can be set to any valid attribute, present or not. We should alert the user if they attempt to delete a non-existant value.
* Catch modifications with no updates and raise an errorRob Crittenden2010-03-171-0/+3
| | | | 569848
* Provide more detailed NotFound error messages from baseldap classes.Pavel Zuna2010-03-091-7/+55
|
* localize doc stringsJohn Dennis2010-03-081-4/+4
| | | | | | | | | | | | A number of doc strings were not localized, wrap them in _(). Some messages were not localized, wrap them in _() Fix a couple of failing tests: The method name in RPC should not be unicode. The doc attribute must use the .msg attribute for comparison. Also clean up imports of _() The import should come from ipalib or ipalib.text, not ugettext from request.
* Code cleanup: remove unused stuff, take 1.Pavel Zuna2010-03-011-117/+0
|
* Make the --all option work in Add/Remove Member commands.Pavel Zuna2010-02-241-2/+18
|
* Translatable Param.label, Param.docJason Gerard DeRose2010-02-241-24/+18
|
* Auto-generate --all and --raw for commands, that return entries.Pavel Zuna2010-02-171-64/+4
|
* Use the Output tuple to determine the order of outputRob Crittenden2010-02-151-6/+6
| | | | | | | | | | | | | | The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
* Enabled CRUDS in webUI using wehjit 0.2.0Jason Gerard DeRose2010-01-261-1/+6
|
* Temporary fix for name collision of textui.print_entry.Pavel Zuna2010-01-201-2/+2
| | | | Somehow there's two of them... rename old one to print_entry1.
* Add Kerberos Ticket Policy management plugin.Pavel Zuna2010-01-131-27/+23
|
* Add --all to LDAPCreate and make LDAP commands always display default ↵Pavel Zuna2010-01-111-8/+24
| | | | attributes.
* Convert to using new result output handlingRob Crittenden2009-12-141-0/+2
| | | | | This also inserts the dn into the response when adding a record. We need this in the ACI plugin when adding a taskgroup
* Take 2: Extensible return values and validation; steps toward a single ↵Jason Gerard DeRose2009-12-101-13/+76
| | | | output_for_cli(); enable more webUI stuff
* Add support for setting/adding arbitrary attributesRob Crittenden2009-11-171-0/+61
| | | | | | | | | | | | | | | | | | | | | | | This introduces 2 new params: --setattr and --addattr Both take a name/value pair, ala: ipa user-mod --setattr=postalcode=20601 jsmith --setattr replaces or sets the current attribute to the value --addattr adds the value to an attribute (or sets a new attribute) OptionsParser allows multiple versions of this, so you can have multiple setattr and addattr, either for the same attribute or for different attributes. ipa user-mod --addattr=postalcode=20601 --addattr=postalcode=30330 jsmith Values are silent dropped if either of these on an existing param: ipa user-mod --setattr=givenname=Jerry jsmith Is a no-op.
* Add mod_python adapter and some UI tuningJason Gerard DeRose2009-10-271-1/+1
|
* Fix typos and minor bugs in baseldap. Add --all to LDAPUpdate.Pavel Zuna2009-09-111-6/+17
| | | | | | | Also, member attributes are now mapped to 'member user', 'member group', etc. instead of 'member users', 'member groups'. In other words, the second word is now taken from LDAPObject.object_name instead of LDAPObject.object_name_plural.
* Improve ipalib.plugins.baseldap classes.Pavel Zuna2009-09-091-97/+72
| | | | | | | | | | - remove obsolete code related to PluginProxy - remove parent_key attribute, for the purpose of nested objects the parent's primary key is retrieved automatically - added support for auto-generating of UUIDs - make use of the improved attribute printing in CLI - make LDAPDelete delete all sub-entries, not just one-level - minor bug fixes
* Add options in baseldap classes to display unaltered LDAP entries.Pavel Zuna2009-08-051-10/+44
| | | | The options in question is '--raw'.
* All-around improvements to baseldap.py classes.Pavel Zuna2009-08-031-47/+245
| | | | | | | | | | | | | | - attribute re-mapping, ordering and hiding (Enables plugins to completely hide LDAP internals from users and full localisation of command output.) - translation of member DNs into object names (No more DNs when listing group members etc.) - support for "singleton" LDAP objects (Objects like "pwpolicy"; not accessed by primary key.) - new base classes for commands: LDAPModMember, LDAPAddMember and LDAPRemoveMember (Providing support for objects with 'member'-like attributes.) - LDAPSearch implicit exit code changed to 1 when nothing is found
* Fix minor bugs, typos, etc. discovered by unit tests in plugins.Pavel Zuna2009-07-021-3/+3
|
* Add new set of base classes for plugins using LDAP.Pavel Zuna2009-06-151-0/+398
generated by cgit (git 2.34.1) at 2024-06-21 09:41:41 +0000