From a1430dcb2c8e63e3077d00878431c0698944a07d Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 16 Sep 2011 09:35:48 -0400 Subject: Normalize uid in user principal to lower-case and do validation Use same normalization and validation in passwd plugin and add some tests for invalid principals https://fedorahosted.org/freeipa/ticket/1778 --- ipalib/plugins/passwd.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) (limited to 'ipalib/plugins/passwd.py') diff --git a/ipalib/plugins/passwd.py b/ipalib/plugins/passwd.py index 901a56f20..b7d82f355 100644 --- a/ipalib/plugins/passwd.py +++ b/ipalib/plugins/passwd.py @@ -22,6 +22,7 @@ from ipalib import Command from ipalib import Str, Password from ipalib import _ from ipalib import output +from ipalib.plugins.user import split_principal, validate_principal, normalize_principal __doc__ = _(""" Set a user's password @@ -46,12 +47,13 @@ class passwd(Command): __doc__ = _("Set a user's password.") takes_args = ( - Str('principal', + Str('principal', validate_principal, cli_name='user', label=_('User name'), primary_key=True, autofill=True, create_default=lambda **kw: util.get_current_principal(), + normalizer=lambda value: normalize_principal(value), ), Password('password', label=_('Password'), @@ -75,13 +77,6 @@ class passwd(Command): """ ldap = self.api.Backend.ldap2 - if principal.find('@') != -1: - principal_parts = principal.split('@') - if len(principal_parts) > 2: - raise errors.MalformedUserPrincipal(principal=principal) - else: - principal = '%s@%s' % (principal, self.api.env.realm) - (dn, entry_attrs) = ldap.find_entry_by_attr( 'krbprincipalname', principal, 'posixaccount', [''], ",".join([api.env.container_user, api.env.basedn]) -- cgit