summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins
Commit message (Collapse)AuthorAgeFilesLines
* Clean up imports of hbacsvc pluginRob Crittenden2010-07-061-6/+4
| | | | I used pylint to identify a bunch of unnecessary and too-broad imports
* Add support for User-Private GroupsRob Crittenden2010-07-062-10/+20
| | | | | | | | | | | | | | | This uses a new 389-ds plugin, Managed Entries, to automatically create a group entry when a user is created. The DNA plugin ensures that the group has a gidNumber that matches the users uidNumber. When the user is removed the group is automatically removed as well. If the managed entries plugin is not available or if a specific, separate range for gidNumber is passed in at install time then User-Private Groups will not be configured. The code checking for the Managed Entries plugin may be removed at some point. This is there because this plugin is only available in a 389-ds alpha release currently (1.2.6-a4).
* Fix aci_mod command. It should handle more complex operations now.Rob Crittenden2010-06-241-12/+64
| | | | | | | | | | | The problem was trying to operate directly on the ACI itself. I introduced a new function, _aci_to_kw(), that converts an ACI into a set of keywords. We can take these keywords, like those passed in when an ACI is created, to merge in any changes and then re-create the ACI. I also switched the ACI tests to be declarative and added a lot more cases around the modify operation.
* First pass at per-command documentationRob Crittenden2010-06-2217-7/+432
|
* Add ipaUniqueID to HBAC services and service groupsRob Crittenden2010-05-272-4/+4
| | | | Also fix the memberOf attribute for the HBAC services
* Remove local get_dn() from hbacsvcgroup and add tests for hbacsvcgroupRob Crittenden2010-05-201-18/+6
|
* Try to clear up that uid is a number, not the login nameRob Crittenden2010-05-171-1/+1
|
* Enforce that max password lifetime is greater than the min lifetimeRob Crittenden2010-05-171-3/+28
| | | | 461325
* Replace old pwpolicy plugin with new one using baseldap, fix tests.Rob Crittenden2010-05-173-718/+230
| | | | Fix deletion of policy when a group is removed.
* Add groups of services to HBACRob Crittenden2010-05-173-9/+303
| | | | | | | Replace serviceName with memberService so we can assign individual services or groups of services to an HBAC rule. 588574
* Remove left-over debugging statementRob Crittenden2010-05-141-2/+0
|
* Correctly handle EmptyModlist exception in pwpolicy2-mod.Pavel Zuna2010-05-141-7/+15
| | | | | | | | | | | EmptyModlist exception was generated by pwpolicy2-mod when modifying policy priority only. It was because the priority attribute is stored outside of the policy entry (in a CoS entry) and there was nothing left to be changed in the policy entry. This patch uses the new exception callbacks in baseldap.py classes to catch the EmptyModlist exception and checks if there was really nothing to be modified before reraising the exception.
* Add exception callback (exc_callback) to baseldap.py classes.Pavel Zuna2010-05-141-33/+150
| | | | | | It enables plugin authors to supply their own handlers for ExecutionError exceptions generated by calls to ldap2 made from the execute method of baseldap.py classes that extend CallbackInterface.
* Add new password policy plugin based on baseldap.py classes.root2010-05-051-0/+351
|
* Increase the attributes we display by default and fix up some labels.Rob Crittenden2010-05-051-2/+8
|
* Add forgotten trailing dots in DNS recordsMartin Nagy2010-04-231-1/+8
| | | | 583023
* Use escapes in DNs instead of quoting.Rob Crittenden2010-04-191-15/+28
| | | | Based on initial patch from Pavel Zuna.
* Fix DNS plugin: proper output definitions, --all, dns-add-rr overwrittingPavel Zuna2010-04-191-14/+15
| | | | | | | | | | | | | | The DNS plugin is getting old, tired and already looking forward to his pension in the Carribean. It will be replaced soon by a younger, faster, safer, shorter (in terms of code) and more maintainable version. Until that happens, here's some medicine for the old guy: - proper output definitions: the DNS plugin was created before we had the has_output attribute in place - --all: this is related to the output definitions as Command.get_options() adds the --all and --raw options automatically if has_output contains entries - dns-add-rr overwritting: missing .lower() caused records to be overwritten everytime a new one was added from the CLI
* Enable LDAPObject subclasses to disable DN normalization in their methods.Pavel Zuna2010-04-161-11/+27
|
* Add interface for baseldap plugins to register additional callbacks.Pavel Zuna2010-04-161-27/+139
|
* Fix output of env plugin. It displayed more than it should.Pavel Zuna2010-04-161-0/+2
|
* Deleting a non-fully-qualified hostname should still delete its servicesRob Crittenden2010-03-301-3/+9
| | | | | We were being left with orphan services if the host entry was not removed using the FQDN.
* Fix cut-and-paste error in pwpolicy pluginRob Crittenden2010-03-231-2/+2
|
* Do a better query so we can optimize seeing if a cospriority is uniqueRob Crittenden2010-03-231-7/+11
|
* Use ldap2.make_*dn* methods in pwpolicy plugin.Pavel Zuna2010-03-221-1/+5
| | | | Fixes #572423.
* Raise an error if no modifications were performed in an update.Rob Crittenden2010-03-191-2/+0
| | | | | | | This will alert the user that nothing was done and is handy when used with --attr=''. This can be used to delete a non-required attribute but can be set to any valid attribute, present or not. We should alert the user if they attempt to delete a non-existant value.
* Ensure that the group policy priority is unique.Rob Crittenden2010-03-191-10/+54
| | | | | | We use CoS to determine the order in which group policy is applied. The behavior in CoS is undefined for multiple entries with the same cospriority.
* Fix a number of bugs in the pwpolicy pluginRob Crittenden2010-03-191-8/+22
| | | | | | | | | | This fixes: - Consistent usage of priority vs cospriority in options - Fixes bug introduced with recent patch where global policy couldn't be updated - Doesn't allow cospriority to be removed for groups (#570536) - returns the priority with group policy so it can be displayed - Properly unicode encode group names for display
* Catch modifications with no updates and raise an errorRob Crittenden2010-03-172-2/+11
| | | | 569848
* Retrieve the LDAP schema using kerberos credentials.Rob Crittenden2010-03-171-1/+2
| | | | This is required so we can disable anonymous access in 389-ds.
* Fix typo in automount doc message.Rob Crittenden2010-03-161-1/+1
| | | | | | Update the po to pick up this change too. 573979
* Provide more detailed NotFound error messages from baseldap classes.Pavel Zuna2010-03-091-7/+55
|
* localize doc stringsJohn Dennis2010-03-0810-36/+40
| | | | | | | | | | | | A number of doc strings were not localized, wrap them in _(). Some messages were not localized, wrap them in _() Fix a couple of failing tests: The method name in RPC should not be unicode. The doc attribute must use the .msg attribute for comparison. Also clean up imports of _() The import should come from ipalib or ipalib.text, not ugettext from request.
* Don't calculate min/max lifetime if None is passed in.Rob Crittenden2010-03-071-2/+2
| | | | | | | | None is passed if the option is set with --minlife=''. This is a valid use case to delete a non-required attribute. In this case we simply don't do the math on None and things work as expected. 569847
* Code cleanup: remove unused stuff, take 1.Pavel Zuna2010-03-0113-245/+12
|
* Don't try to revoke a cert that is already revoked.Rob Crittenden2010-02-262-5/+22
| | | | | We get a bit of an unusual error message back from dogtag when trying to revoke a revoked cert so check its status first.
* Make the --all option work in Add/Remove Member commands.Pavel Zuna2010-02-241-2/+18
|
* Translatable Param.label, Param.docJason Gerard DeRose2010-02-2419-250/+268
|
* Complete netgroup attributes.Pavel Zuna2010-02-231-1/+22
|
* Replace incorrect use of str.index with str.find in host plugin.Pavel Zuna2010-02-231-1/+1
|
* Make error message in migration plugin unicode.Pavel Zuna2010-02-171-2/+2
|
* Expand the types of groups that can be migrated to support IPA v1 migrationsRob Crittenden2010-02-171-1/+1
|
* Convert password policy integer values to unicode instead of str.Pavel Zuna2010-02-171-2/+2
|
* Auto-generate --all and --raw for commands, that return entries.Pavel Zuna2010-02-172-97/+4
|
* Fix the pwpolicy plugin to work better with new output system.Rob Crittenden2010-02-171-9/+24
|
* Use the Output tuple to determine the order of outputRob Crittenden2010-02-1510-46/+195
| | | | | | | | | | | | | | The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
* Fix the automountlocation-tofiles command and add some labelsRob Crittenden2010-02-151-8/+18
|
* Add Object.label class attribute, enable in webUIJason Gerard DeRose2010-02-1212-3/+31
|
* Add default automount location. Auto-create auto.direct in new locations.Pavel Zuna2010-02-121-0/+3
|
* Implement pwplicy_find to show all group password policiesRob Crittenden2010-02-031-0/+32
| | | | | find is a bit of a misnomer here because we consider no search terms, it is all or nothing.
generated by cgit (git 2.34.1) at 2024-06-11 12:14:49 +0000