From 255cbb49763ff579feed935a5a725fc2b272749c Mon Sep 17 00:00:00 2001 From: Nathaniel McCallum Date: Tue, 10 Jun 2014 11:27:51 -0400 Subject: Update all remaining plugins to the new Registry API Reviewed-By: Petr Vobornik --- ipalib/plugins/automount.py | 64 +++++++++++++++------------------------- ipalib/plugins/batch.py | 5 +++- ipalib/plugins/cert.py | 15 ++++++---- ipalib/plugins/config.py | 9 ++++-- ipalib/plugins/delegation.py | 15 ++++++---- ipalib/plugins/dns.py | 47 +++++++++++++++-------------- ipalib/plugins/group.py | 21 +++++++------ ipalib/plugins/hbacrule.py | 34 +++++++++++---------- ipalib/plugins/hbacsvc.py | 15 ++++++---- ipalib/plugins/hbacsvcgroup.py | 19 +++++++----- ipalib/plugins/hbactest.py | 5 +++- ipalib/plugins/host.py | 21 +++++++------ ipalib/plugins/hostgroup.py | 19 +++++++----- ipalib/plugins/idrange.py | 14 +++++---- ipalib/plugins/internal.py | 7 +++-- ipalib/plugins/kerberos.py | 5 +++- ipalib/plugins/migration.py | 5 +++- ipalib/plugins/misc.py | 7 +++-- ipalib/plugins/netgroup.py | 18 ++++++----- ipalib/plugins/passwd.py | 5 +++- ipalib/plugins/pkinit.py | 7 +++-- ipalib/plugins/realmdomains.py | 8 +++-- ipalib/plugins/role.py | 23 ++++++++------- ipalib/plugins/selfservice.py | 15 ++++++---- ipalib/plugins/selinuxusermap.py | 27 +++++++++-------- ipalib/plugins/service.py | 21 +++++++------ ipalib/plugins/sudocmd.py | 15 ++++++---- ipalib/plugins/sudocmdgroup.py | 19 +++++++----- ipalib/plugins/sudorule.py | 47 +++++++++++++++-------------- ipalib/plugins/trust.py | 45 +++++++++++++++------------- ipalib/plugins/user.py | 30 ++++++++----------- 31 files changed, 333 insertions(+), 274 deletions(-) (limited to 'ipalib/plugins') diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py index 7b426b688..9912e0ae6 100644 --- a/ipalib/plugins/automount.py +++ b/ipalib/plugins/automount.py @@ -23,6 +23,7 @@ import os from ipalib import api, errors from ipalib import Object, Command from ipalib import Flag, Str, IA5Str +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext @@ -193,10 +194,13 @@ automountInformation: -ro,soft,rsize=8192,wsize=8192 nfs.example.com:/vol/arch """ +register = Registry() + DIRECT_MAP_KEY = u'/-' DEFAULT_MAPS = (u'auto.direct', ) DEFAULT_KEYS = (u'/-', ) +@register() class automountlocation(LDAPObject): """ Location container for automount maps. @@ -233,9 +237,8 @@ class automountlocation(LDAPObject): ), ) -api.register(automountlocation) - +@register() class automountlocation_add(LDAPCreate): __doc__ = _('Create a new automount location.') @@ -255,23 +258,19 @@ class automountlocation_add(LDAPCreate): return dn -api.register(automountlocation_add) - - +@register() class automountlocation_del(LDAPDelete): __doc__ = _('Delete an automount location.') msg_summary = _('Deleted automount location "%(value)s"') -api.register(automountlocation_del) - +@register() class automountlocation_show(LDAPRetrieve): __doc__ = _('Display an automount location.') -api.register(automountlocation_show) - +@register() class automountlocation_find(LDAPSearch): __doc__ = _('Search for an automount location.') @@ -280,9 +279,8 @@ class automountlocation_find(LDAPSearch): '%(count)d automount locations matched', 0 ) -api.register(automountlocation_find) - +@register() class automountlocation_tofiles(LDAPQuery): __doc__ = _('Generate automount files for a specific location.') @@ -376,9 +374,8 @@ class automountlocation_tofiles(LDAPQuery): ) ) -api.register(automountlocation_tofiles) - +@register() class automountlocation_import(LDAPQuery): __doc__ = _('Import automount files for a specific location.') @@ -569,8 +566,7 @@ class automountlocation_import(LDAPQuery): ) -api.register(automountlocation_import) - +@register() class automountmap(LDAPObject): """ Automount map object. @@ -598,17 +594,15 @@ class automountmap(LDAPObject): label = _('Automount Maps') label_singular = _('Automount Map') -api.register(automountmap) - +@register() class automountmap_add(LDAPCreate): __doc__ = _('Create a new automount map.') msg_summary = _('Added automount map "%(value)s"') -api.register(automountmap_add) - +@register() class automountmap_del(LDAPDelete): __doc__ = _('Delete an automount map.') @@ -627,17 +621,15 @@ class automountmap_del(LDAPDelete): pass return True -api.register(automountmap_del) - +@register() class automountmap_mod(LDAPUpdate): __doc__ = _('Modify an automount map.') msg_summary = _('Modified automount map "%(value)s"') -api.register(automountmap_mod) - +@register() class automountmap_find(LDAPSearch): __doc__ = _('Search for an automount map.') @@ -646,15 +638,13 @@ class automountmap_find(LDAPSearch): '%(count)d automount maps matched', 0 ) -api.register(automountmap_find) - +@register() class automountmap_show(LDAPRetrieve): __doc__ = _('Display an automount map.') -api.register(automountmap_show) - +@register() class automountkey(LDAPObject): __doc__ = _('Automount key object.') @@ -800,9 +790,8 @@ class automountkey(LDAPObject): else: return self.handle_duplicate_entry(location, map, self.get_pk(key, info)) -api.register(automountkey) - +@register() class automountkey_add(LDAPCreate): __doc__ = _('Create a new automount key.') @@ -830,9 +819,8 @@ class automountkey_add(LDAPCreate): result['value'] = pkey_to_value(options['automountkey'], options) return result -api.register(automountkey_add) - +@register() class automountmap_add_indirect(LDAPCreate): __doc__ = _('Create a new indirect mount point.') @@ -884,9 +872,8 @@ class automountmap_add_indirect(LDAPCreate): raise return result -api.register(automountmap_add_indirect) - +@register() class automountkey_del(LDAPDelete): __doc__ = _('Delete an automount key.') @@ -926,9 +913,8 @@ class automountkey_del(LDAPDelete): result['value'] = pkey_to_value([options['automountkey']], options) return result -api.register(automountkey_del) - +@register() class automountkey_mod(LDAPUpdate): __doc__ = _('Modify an automount key.') @@ -985,9 +971,8 @@ class automountkey_mod(LDAPUpdate): result['value'] = pkey_to_value(options['automountkey'], options) return result -api.register(automountkey_mod) - +@register() class automountkey_find(LDAPSearch): __doc__ = _('Search for an automount key.') @@ -996,9 +981,8 @@ class automountkey_find(LDAPSearch): '%(count)d automount keys matched', 0 ) -api.register(automountkey_find) - +@register() class automountkey_show(LDAPRetrieve): __doc__ = _('Display an automount key.') @@ -1028,5 +1012,3 @@ class automountkey_show(LDAPRetrieve): result = super(automountkey_show, self).execute(*keys, **options) result['value'] = pkey_to_value(options['automountkey'], options) return result - -api.register(automountkey_show) diff --git a/ipalib/plugins/batch.py b/ipalib/plugins/batch.py index 5fd5943f6..2002eef88 100644 --- a/ipalib/plugins/batch.py +++ b/ipalib/plugins/batch.py @@ -52,8 +52,12 @@ from ipalib.output import Output from ipalib import output from ipalib.text import _ from ipalib.request import context +from ipalib.plugable import Registry from ipapython.version import API_VERSION +register = Registry() + +@register() class batch(Command): NO_CLI = True @@ -124,4 +128,3 @@ class batch(Command): results.append(result) return dict(count=len(results) , results=results) -api.register(batch) diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index 27686e7c9..b1fa32b7c 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -31,6 +31,7 @@ from ipalib import pkcs10 from ipalib import x509 from ipalib import util from ipalib import ngettext +from ipalib.plugable import Registry from ipalib.plugins.virtual import * from ipalib.plugins.service import split_principal import base64 @@ -122,6 +123,8 @@ http://www.ietf.org/rfc/rfc5280.txt """) +register = Registry() + def validate_pkidate(ugettext, value): """ A date in the format of %Y-%m-%d @@ -221,6 +224,7 @@ def get_host_from_principal(principal): return hostname +@register() class cert_request(VirtualCommand): __doc__ = _('Submit a certificate signing request.') @@ -419,9 +423,9 @@ class cert_request(VirtualCommand): result=result ) -api.register(cert_request) +@register() class cert_status(VirtualCommand): __doc__ = _('Check the status of a certificate signing request.') @@ -445,7 +449,6 @@ class cert_status(VirtualCommand): result=self.Backend.ra.check_request_status(request_id) ) -api.register(cert_status) _serial_number = Str('serial_number', @@ -455,6 +458,7 @@ _serial_number = Str('serial_number', normalizer=normalize_serial_number, ) +@register() class cert_show(VirtualCommand): __doc__ = _('Retrieve an existing certificate.') @@ -540,9 +544,9 @@ class cert_show(VirtualCommand): return super(cert_show, self).forward(*keys, **options) -api.register(cert_show) +@register() class cert_revoke(VirtualCommand): __doc__ = _('Revoke a certificate.') @@ -587,9 +591,9 @@ class cert_revoke(VirtualCommand): serial_number, revocation_reason=revocation_reason) ) -api.register(cert_revoke) +@register() class cert_remove_hold(VirtualCommand): __doc__ = _('Take a revoked certificate off hold.') @@ -611,9 +615,9 @@ class cert_remove_hold(VirtualCommand): result=self.Backend.ra.take_certificate_off_hold(serial_number) ) -api.register(cert_remove_hold) +@register() class cert_find(Command): __doc__ = _('Search for existing certificates.') @@ -712,4 +716,3 @@ class cert_find(Command): ret['truncated'] = False return ret -api.register(cert_find) diff --git a/ipalib/plugins/config.py b/ipalib/plugins/config.py index 4ac411c74..077ef2c42 100644 --- a/ipalib/plugins/config.py +++ b/ipalib/plugins/config.py @@ -20,6 +20,7 @@ from ipalib import api from ipalib import Bool, Int, Str, IA5Str, StrEnum, DNParam +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib.plugins.selinuxusermap import validate_selinuxuser from ipalib import _ @@ -75,11 +76,14 @@ EXAMPLES: ipa config-mod --ipaselinuxusermaporder='guest_u:s0$xguest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023' """) +register = Registry() + def validate_searchtimelimit(ugettext, limit): if limit == 0: raise ValidationError(name='ipasearchtimelimit', error=_('searchtimelimit must be -1 or > 1.')) return None +@register() class config(LDAPObject): """ IPA configuration object @@ -232,9 +236,9 @@ class config(LDAPObject): def get_dn(self, *keys, **kwargs): return DN(('cn', 'ipaconfig'), ('cn', 'etc'), api.env.basedn) -api.register(config) +@register() class config_mod(LDAPUpdate): __doc__ = _('Modify configuration options.') @@ -338,10 +342,9 @@ class config_mod(LDAPUpdate): return dn -api.register(config_mod) +@register() class config_show(LDAPRetrieve): __doc__ = _('Show the current configuration.') -api.register(config_show) diff --git a/ipalib/plugins/delegation.py b/ipalib/plugins/delegation.py index 93129fbc4..e96114626 100644 --- a/ipalib/plugins/delegation.py +++ b/ipalib/plugins/delegation.py @@ -24,6 +24,7 @@ from ipalib.request import context from ipalib import api, crud, errors from ipalib import output from ipalib import Object, Command +from ipalib.plugable import Registry from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value __doc__ = _(""" @@ -52,6 +53,8 @@ EXAMPLES: ipa delegation-del "managers edit employees' street" """) +register = Registry() + ACI_PREFIX=u"delegation" output_params = ( @@ -60,6 +63,7 @@ output_params = ( ), ) +@register() class delegation(Object): """ Delegation object. @@ -123,9 +127,9 @@ class delegation(Object): except KeyError: pass -api.register(delegation) +@register() class delegation_add(crud.Create): __doc__ = _('Add a new delegation.') @@ -144,9 +148,9 @@ class delegation_add(crud.Create): value=pkey_to_value(aciname, kw), ) -api.register(delegation_add) +@register() class delegation_del(crud.Delete): __doc__ = _('Delete a delegation.') @@ -162,9 +166,9 @@ class delegation_del(crud.Delete): value=pkey_to_value(aciname, kw), ) -api.register(delegation_del) +@register() class delegation_mod(crud.Update): __doc__ = _('Modify a delegation.') @@ -181,9 +185,9 @@ class delegation_mod(crud.Update): value=pkey_to_value(aciname, kw), ) -api.register(delegation_mod) +@register() class delegation_find(crud.Search): __doc__ = _('Search for delegations.') @@ -207,9 +211,9 @@ class delegation_find(crud.Search): truncated=False, ) -api.register(delegation_find) +@register() class delegation_show(crud.Retrieve): __doc__ = _('Display information about a delegation.') @@ -223,4 +227,3 @@ class delegation_show(crud.Retrieve): value=pkey_to_value(aciname, kw), ) -api.register(delegation_show) diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 211efb872..c3870f8a2 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -33,6 +33,7 @@ from ipalib import api, errors, output from ipalib import Command from ipalib.parameters import (Flag, Bool, Int, Decimal, Str, StrEnum, Any, DeprecatedParam, DNSNameParam) +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext from ipalib.util import (validate_zonemgr, normalize_zonemgr, @@ -229,6 +230,8 @@ server: ipa dnsconfig-mod --forwarder=10.0.0.1 """) +register = Registry() + # supported resource record types _record_types = ( u'A', u'AAAA', u'A6', u'AFSDB', u'APL', u'CERT', u'CNAME', u'DHCID', u'DLV', @@ -1666,6 +1669,7 @@ def _records_idn_postprocess(record, **options): record[attr] = rrs +@register() class dnszone(LDAPObject): """ DNS Zone, container for resource records. @@ -1887,9 +1891,9 @@ class dnszone(LDAPObject): return _records_idn_postprocess(record, **options) -api.register(dnszone) +@register() class dnszone_add(LDAPCreate): __doc__ = _('Create new DNS zone (SOA record).') @@ -2006,9 +2010,9 @@ class dnszone_add(LDAPCreate): self.obj._rr_zone_postprocess(entry_attrs, **options) return dn -api.register(dnszone_add) +@register() class dnszone_del(LDAPDelete): __doc__ = _('Delete DNS zone (SOA record).') @@ -2035,9 +2039,9 @@ class dnszone_del(LDAPDelete): return True -api.register(dnszone_del) +@register() class dnszone_mod(LDAPUpdate): __doc__ = _('Modify DNS zone (SOA record).') @@ -2062,9 +2066,9 @@ class dnszone_mod(LDAPUpdate): self.obj._rr_zone_postprocess(entry_attrs, **options) return dn -api.register(dnszone_mod) +@register() class dnszone_find(LDAPSearch): __doc__ = _('Search for DNS zones (SOA records).') @@ -2124,9 +2128,9 @@ class dnszone_find(LDAPSearch): self.obj._rr_zone_postprocess(entry_attrs, **options) return truncated -api.register(dnszone_find) +@register() class dnszone_show(LDAPRetrieve): __doc__ = _('Display information about a DNS zone (SOA record).') @@ -2137,9 +2141,9 @@ class dnszone_show(LDAPRetrieve): self.obj._rr_zone_postprocess(entry_attrs, **options) return dn -api.register(dnszone_show) +@register() class dnszone_disable(LDAPQuery): __doc__ = _('Disable DNS Zone.') @@ -2161,9 +2165,9 @@ class dnszone_disable(LDAPQuery): return dict(result=True, value=pkey_to_value(keys[-1], options)) -api.register(dnszone_disable) +@register() class dnszone_enable(LDAPQuery): __doc__ = _('Enable DNS Zone.') @@ -2185,8 +2189,8 @@ class dnszone_enable(LDAPQuery): return dict(result=True, value=pkey_to_value(keys[-1], options)) -api.register(dnszone_enable) +@register() class dnszone_add_permission(LDAPQuery): __doc__ = _('Add a permission for per-zone access delegation.') @@ -2223,8 +2227,8 @@ class dnszone_add_permission(LDAPQuery): value=pkey_to_value(permission_name, options), ) -api.register(dnszone_add_permission) +@register() class dnszone_remove_permission(LDAPQuery): __doc__ = _('Remove a permission for per-zone access delegation.') @@ -2256,8 +2260,8 @@ class dnszone_remove_permission(LDAPQuery): value=pkey_to_value(permission_name, options), ) -api.register(dnszone_remove_permission) +@register() class dnsrecord(LDAPObject): """ DNS record. @@ -2749,9 +2753,9 @@ class dnsrecord(LDAPObject): dns_name = entry_name[1].derelativize(dns_domain) self.wait_for_modified_attrs(entry, dns_name, dns_domain) -api.register(dnsrecord) +@register() class dnsrecord_add(LDAPCreate): __doc__ = _('Add new DNS resource record.') @@ -2956,9 +2960,9 @@ class dnsrecord_add(LDAPCreate): self.obj.wait_for_modified_entries(context.dnsrecord_entry_mods) return dn -api.register(dnsrecord_add) +@register() class dnsrecord_mod(LDAPUpdate): __doc__ = _('Modify a DNS resource record.') @@ -3124,9 +3128,9 @@ class dnsrecord_mod(LDAPUpdate): 0) % dict(count=len(rec_values), type=param.rrtype)) break -api.register(dnsrecord_mod) +@register() class dnsrecord_delentry(LDAPDelete): """ Delete DNS record entry. @@ -3134,9 +3138,9 @@ class dnsrecord_delentry(LDAPDelete): msg_summary = _('Deleted record "%(value)s"') NO_CLI = True -api.register(dnsrecord_delentry) +@register() class dnsrecord_del(LDAPUpdate): __doc__ = _('Delete DNS resource record.') @@ -3303,9 +3307,9 @@ class dnsrecord_del(LDAPUpdate): if deleted_values: kw[param.name] = tuple(deleted_values) -api.register(dnsrecord_del) +@register() class dnsrecord_show(LDAPRetrieve): __doc__ = _('Display DNS resource.') @@ -3320,9 +3324,9 @@ class dnsrecord_show(LDAPRetrieve): self.obj.postprocess_record(entry_attrs, **options) return dn -api.register(dnsrecord_show) +@register() class dnsrecord_find(LDAPSearch): __doc__ = _('Search for DNS resources.') @@ -3357,8 +3361,8 @@ class dnsrecord_find(LDAPSearch): return truncated -api.register(dnsrecord_find) +@register() class dns_resolve(Command): __doc__ = _('Resolve a host name in DNS.') @@ -3385,8 +3389,8 @@ class dns_resolve(Command): return dict(result=True, value=query) -api.register(dns_resolve) +@register() class dns_is_enabled(Command): """ Checks if any of the servers has the DNS service enabled. @@ -3410,9 +3414,9 @@ class dns_is_enabled(Command): return dict(result=dns_enabled, value=pkey_to_value(None, options)) -api.register(dns_is_enabled) +@register() class dnsconfig(LDAPObject): """ DNS global configuration object @@ -3464,9 +3468,9 @@ class dnsconfig(LDAPObject): if not any(param in result['result'] for param in self.params): result['summary'] = unicode(_('Global DNS configuration is empty')) -api.register(dnsconfig) +@register() class dnsconfig_mod(LDAPUpdate): __doc__ = _('Modify global DNS configuration.') @@ -3475,9 +3479,9 @@ class dnsconfig_mod(LDAPUpdate): self.obj.postprocess_result(result) return result -api.register(dnsconfig_mod) +@register() class dnsconfig_show(LDAPRetrieve): __doc__ = _('Show the current global DNS configuration.') @@ -3486,4 +3490,3 @@ class dnsconfig_show(LDAPRetrieve): self.obj.postprocess_result(result) return result -api.register(dnsconfig_show) diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 2cbd7e57a..0de577dd0 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -20,6 +20,7 @@ from ipalib import api from ipalib import Int, Str +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib.plugins import baseldap from ipalib import _, ngettext @@ -110,8 +111,11 @@ Example: ipa group-show ad_admins_external """) +register = Registry() + PROTECTED_GROUPS = (u'admins', u'trust admins', u'default smb group') +@register() class group(LDAPObject): """ Group object. @@ -184,7 +188,6 @@ class group(LDAPObject): ), ) -api.register(group) ipaexternalmember_param = Str('ipaexternalmember*', cli_name='external', @@ -194,6 +197,7 @@ ipaexternalmember_param = Str('ipaexternalmember*', flags=['no_create', 'no_update', 'no_search'], ) +@register() class group_add(LDAPCreate): __doc__ = _('Create a new group.') @@ -228,9 +232,9 @@ class group_add(LDAPCreate): return dn -api.register(group_add) +@register() class group_del(LDAPDelete): __doc__ = _('Delete group.') @@ -262,9 +266,9 @@ class group_del(LDAPDelete): return True -api.register(group_del) +@register() class group_mod(LDAPUpdate): __doc__ = _('Modify a group.') @@ -334,9 +338,9 @@ class group_mod(LDAPUpdate): raise errors.RequirementError(name='gid') raise exc -api.register(group_mod) +@register() class group_find(LDAPSearch): __doc__ = _('Search for groups.') @@ -404,9 +408,9 @@ class group_find(LDAPSearch): filter = ldap.combine_filters(filters, rules=ldap.MATCH_ALL) return (filter, base_dn, scope) -api.register(group_find) +@register() class group_show(LDAPRetrieve): __doc__ = _('Display information about a named group.') has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,) @@ -425,9 +429,9 @@ class group_show(LDAPRetrieve): except ValueError: pass return dn -api.register(group_show) +@register() class group_add_member(LDAPAddMember): __doc__ = _('Add members to a group.') @@ -467,9 +471,9 @@ class group_add_member(LDAPAddMember): failed['member']['group'] += restore + failed_sids return result -api.register(group_add_member) +@register() class group_remove_member(LDAPRemoveMember): __doc__ = _('Remove members from a group.') @@ -521,9 +525,9 @@ class group_remove_member(LDAPRemoveMember): failed['member']['group'] += restore + failed_sids return result -api.register(group_remove_member) +@register() class group_detach(LDAPQuery): __doc__ = _('Detach a managed group from a user.') @@ -592,4 +596,3 @@ class group_detach(LDAPQuery): value=pkey_to_value(keys[0], options), ) -api.register(group_detach) diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py index 06e9c4e6b..b9b5cc87f 100644 --- a/ipalib/plugins/hbacrule.py +++ b/ipalib/plugins/hbacrule.py @@ -19,6 +19,7 @@ from ipalib import api, errors from ipalib import AccessTime, Password, Str, StrEnum, Bool, DeprecatedParam +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext @@ -70,6 +71,7 @@ EXAMPLES: ipa hbacrule-del allow_server """) +register = Registry() # AccessTime support is being removed for now. # @@ -107,6 +109,7 @@ def is_all(options, attribute): return False +@register() class hbacrule(LDAPObject): """ HBAC object. @@ -226,9 +229,9 @@ class hbacrule(LDAPObject): external_host_param, ) -api.register(hbacrule) +@register() class hbacrule_add(LDAPCreate): __doc__ = _('Create a new HBAC rule.') @@ -240,9 +243,9 @@ class hbacrule_add(LDAPCreate): entry_attrs['ipaenabledflag'] = 'TRUE' return dn -api.register(hbacrule_add) +@register() class hbacrule_del(LDAPDelete): __doc__ = _('Delete an HBAC rule.') @@ -257,9 +260,9 @@ class hbacrule_del(LDAPDelete): return dn -api.register(hbacrule_del) +@register() class hbacrule_mod(LDAPUpdate): __doc__ = _('Modify an HBAC rule.') @@ -281,9 +284,9 @@ class hbacrule_mod(LDAPUpdate): raise errors.MutuallyExclusiveError(reason=_("service category cannot be set to 'all' while there are allowed services")) return dn -api.register(hbacrule_mod) +@register() class hbacrule_find(LDAPSearch): __doc__ = _('Search for HBAC rules.') @@ -291,15 +294,15 @@ class hbacrule_find(LDAPSearch): '%(count)d HBAC rule matched', '%(count)d HBAC rules matched', 0 ) -api.register(hbacrule_find) +@register() class hbacrule_show(LDAPRetrieve): __doc__ = _('Display the properties of an HBAC rule.') -api.register(hbacrule_show) +@register() class hbacrule_enable(LDAPQuery): __doc__ = _('Enable an HBAC rule.') @@ -327,9 +330,9 @@ class hbacrule_enable(LDAPQuery): value=pkey_to_value(cn, options), ) -api.register(hbacrule_enable) +@register() class hbacrule_disable(LDAPQuery): __doc__ = _('Disable an HBAC rule.') @@ -357,7 +360,6 @@ class hbacrule_disable(LDAPQuery): value=pkey_to_value(cn, options), ) -api.register(hbacrule_disable) class hbacrule_add_accesstime(LDAPQuery): @@ -441,6 +443,7 @@ class hbacrule_remove_accesstime(LDAPQuery): #api.register(hbacrule_remove_accesstime) +@register() class hbacrule_add_user(LDAPAddMember): __doc__ = _('Add users and groups to an HBAC rule.') @@ -460,18 +463,18 @@ class hbacrule_add_user(LDAPAddMember): reason=_("users cannot be added when user category='all'")) return dn -api.register(hbacrule_add_user) +@register() class hbacrule_remove_user(LDAPRemoveMember): __doc__ = _('Remove users and groups from an HBAC rule.') member_attributes = ['memberuser'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(hbacrule_remove_user) +@register() class hbacrule_add_host(LDAPAddMember): __doc__ = _('Add target hosts and hostgroups to an HBAC rule.') @@ -491,18 +494,18 @@ class hbacrule_add_host(LDAPAddMember): reason=_("hosts cannot be added when host category='all'")) return dn -api.register(hbacrule_add_host) +@register() class hbacrule_remove_host(LDAPRemoveMember): __doc__ = _('Remove target hosts and hostgroups from an HBAC rule.') member_attributes = ['memberhost'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(hbacrule_remove_host) +@register() class hbacrule_add_sourcehost(LDAPAddMember): NO_CLI = True @@ -512,9 +515,9 @@ class hbacrule_add_sourcehost(LDAPAddMember): def validate(self, **kw): raise errors.DeprecationError(name='hbacrule_add_sourcehost') -api.register(hbacrule_add_sourcehost) +@register() class hbacrule_remove_sourcehost(LDAPRemoveMember): NO_CLI = True @@ -524,9 +527,9 @@ class hbacrule_remove_sourcehost(LDAPRemoveMember): def validate(self, **kw): raise errors.DeprecationError(name='hbacrule_remove_sourcehost') -api.register(hbacrule_remove_sourcehost) +@register() class hbacrule_add_service(LDAPAddMember): __doc__ = _('Add services to an HBAC rule.') @@ -546,13 +549,12 @@ class hbacrule_add_service(LDAPAddMember): "services cannot be added when service category='all'")) return dn -api.register(hbacrule_add_service) +@register() class hbacrule_remove_service(LDAPRemoveMember): __doc__ = _('Remove service and service groups from an HBAC rule.') member_attributes = ['memberservice'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(hbacrule_remove_service) diff --git a/ipalib/plugins/hbacsvc.py b/ipalib/plugins/hbacsvc.py index 58861fcfa..9d974f487 100644 --- a/ipalib/plugins/hbacsvc.py +++ b/ipalib/plugins/hbacsvc.py @@ -19,6 +19,7 @@ from ipalib import api from ipalib import Str +from ipalib.plugable import Registry from ipalib.plugins.baseldap import LDAPObject, LDAPCreate, LDAPDelete from ipalib.plugins.baseldap import LDAPUpdate, LDAPSearch, LDAPRetrieve @@ -47,8 +48,11 @@ EXAMPLES: """) +register = Registry() + topic = ('hbac', _('Host based access control commands')) +@register() class hbacsvc(LDAPObject): """ HBAC Service object. @@ -92,33 +96,33 @@ class hbacsvc(LDAPObject): ), ) -api.register(hbacsvc) +@register() class hbacsvc_add(LDAPCreate): __doc__ = _('Add a new HBAC service.') msg_summary = _('Added HBAC service "%(value)s"') -api.register(hbacsvc_add) +@register() class hbacsvc_del(LDAPDelete): __doc__ = _('Delete an existing HBAC service.') msg_summary = _('Deleted HBAC service "%(value)s"') -api.register(hbacsvc_del) +@register() class hbacsvc_mod(LDAPUpdate): __doc__ = _('Modify an HBAC service.') msg_summary = _('Modified HBAC service "%(value)s"') -api.register(hbacsvc_mod) +@register() class hbacsvc_find(LDAPSearch): __doc__ = _('Search for HBAC services.') @@ -126,10 +130,9 @@ class hbacsvc_find(LDAPSearch): '%(count)d HBAC service matched', '%(count)d HBAC services matched', 0 ) -api.register(hbacsvc_find) +@register() class hbacsvc_show(LDAPRetrieve): __doc__ = _('Display information about an HBAC service.') -api.register(hbacsvc_show) diff --git a/ipalib/plugins/hbacsvcgroup.py b/ipalib/plugins/hbacsvcgroup.py index 5e3ef5b70..9884f2658 100644 --- a/ipalib/plugins/hbacsvcgroup.py +++ b/ipalib/plugins/hbacsvcgroup.py @@ -18,6 +18,7 @@ # along with this program. If not, see . from ipalib import api, errors +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext @@ -42,8 +43,11 @@ EXAMPLES: ipa hbacsvcgroup-del login """) +register = Registry() + topic = ('hbac', _('Host based access control commands')) +@register() class hbacsvcgroup(LDAPObject): """ HBAC service group object. @@ -87,33 +91,33 @@ class hbacsvcgroup(LDAPObject): ), ) -api.register(hbacsvcgroup) +@register() class hbacsvcgroup_add(LDAPCreate): __doc__ = _('Add a new HBAC service group.') msg_summary = _('Added HBAC service group "%(value)s"') -api.register(hbacsvcgroup_add) +@register() class hbacsvcgroup_del(LDAPDelete): __doc__ = _('Delete an HBAC service group.') msg_summary = _('Deleted HBAC service group "%(value)s"') -api.register(hbacsvcgroup_del) +@register() class hbacsvcgroup_mod(LDAPUpdate): __doc__ = _('Modify an HBAC service group.') msg_summary = _('Modified HBAC service group "%(value)s"') -api.register(hbacsvcgroup_mod) +@register() class hbacsvcgroup_find(LDAPSearch): __doc__ = _('Search for an HBAC service group.') @@ -121,22 +125,21 @@ class hbacsvcgroup_find(LDAPSearch): '%(count)d HBAC service group matched', '%(count)d HBAC service groups matched', 0 ) -api.register(hbacsvcgroup_find) +@register() class hbacsvcgroup_show(LDAPRetrieve): __doc__ = _('Display information about an HBAC service group.') -api.register(hbacsvcgroup_show) +@register() class hbacsvcgroup_add_member(LDAPAddMember): __doc__ = _('Add members to an HBAC service group.') -api.register(hbacsvcgroup_add_member) +@register() class hbacsvcgroup_remove_member(LDAPRemoveMember): __doc__ = _('Remove members from an HBAC service group.') -api.register(hbacsvcgroup_remove_member) diff --git a/ipalib/plugins/hbactest.py b/ipalib/plugins/hbactest.py index 6fbf1fbe2..068190310 100644 --- a/ipalib/plugins/hbactest.py +++ b/ipalib/plugins/hbactest.py @@ -23,6 +23,7 @@ from types import NoneType from ipalib.cli import to_cli from ipalib import _, ngettext from ipapython.dn import DN +from ipalib.plugable import Registry if api.env.in_server and api.env.context in ['lite', 'server']: try: import ipaserver.dcerpc @@ -205,6 +206,8 @@ EXAMPLES: Not matched rules: can_login """) +register = Registry() + def convert_to_ipa_rule(rule): # convert a dict with a rule to an pyhbac rule ipa_rule = pyhbac.HbacRule(rule['cn'][0]) @@ -237,6 +240,7 @@ def convert_to_ipa_rule(rule): return ipa_rule +@register() class hbactest(Command): __doc__ = _('Simulate use of Host-based access controls') @@ -510,4 +514,3 @@ class hbactest(Command): # Propagate integer value for result. It will give proper command line result for scripts return int(not output['value']) -api.register(hbactest) diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 133d55356..062db8fbb 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -28,6 +28,7 @@ import string from ipalib import api, errors, util from ipalib import Str, Flag, Bytes +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib.plugins.service import (split_principal, validate_certificate, set_certificate_attrs, ticket_flags_params, update_krbticketflags, @@ -103,6 +104,8 @@ EXAMPLES: ipa host-add-managedby --hosts=test2 test """) +register = Registry() + # Characters to be used by random password generator # The set was chosen to avoid the need for escaping the characters by user host_pwd_chars=string.digits + string.ascii_letters + '_,.@+-=' @@ -223,6 +226,7 @@ def _hostname_validator(ugettext, value): return None +@register() class host(LDAPObject): """ Host object. @@ -421,9 +425,9 @@ class host(LDAPObject): else: entry_attrs['memberofindirect'].remove(member) -api.register(host) +@register() class host_add(LDAPCreate): __doc__ = _('Add a new host.') @@ -541,9 +545,9 @@ class host_add(LDAPCreate): return dn -api.register(host_add) +@register() class host_del(LDAPDelete): __doc__ = _('Delete a host.') @@ -653,9 +657,9 @@ class host_del(LDAPDelete): return dn -api.register(host_del) +@register() class host_mod(LDAPUpdate): __doc__ = _('Modify information about a host.') @@ -801,9 +805,9 @@ class host_mod(LDAPUpdate): return dn -api.register(host_mod) +@register() class host_find(LDAPSearch): __doc__ = _('Search for hosts.') @@ -886,9 +890,9 @@ class host_find(LDAPSearch): return truncated -api.register(host_find) +@register() class host_show(LDAPRetrieve): __doc__ = _('Display information about a host.') @@ -934,9 +938,9 @@ class host_show(LDAPRetrieve): else: return super(host_show, self).forward(*keys, **options) -api.register(host_show) +@register() class host_disable(LDAPQuery): __doc__ = _('Disable the Kerberos key, SSL certificate and all services of a host.') @@ -1032,8 +1036,8 @@ class host_disable(LDAPQuery): self.obj.suppress_netgroup_memberof(ldap, entry_attrs) return dn -api.register(host_disable) +@register() class host_add_managedby(LDAPAddMember): __doc__ = _('Add hosts that can manage this host.') @@ -1046,9 +1050,9 @@ class host_add_managedby(LDAPAddMember): self.obj.suppress_netgroup_memberof(ldap, entry_attrs) return (completed, dn) -api.register(host_add_managedby) +@register() class host_remove_managedby(LDAPRemoveMember): __doc__ = _('Remove hosts that can manage this host.') @@ -1060,4 +1064,3 @@ class host_remove_managedby(LDAPRemoveMember): self.obj.suppress_netgroup_memberof(ldap, entry_attrs) return (completed, dn) -api.register(host_remove_managedby) diff --git a/ipalib/plugins/hostgroup.py b/ipalib/plugins/hostgroup.py index 9c125131d..6420fb3ad 100644 --- a/ipalib/plugins/hostgroup.py +++ b/ipalib/plugins/hostgroup.py @@ -18,6 +18,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import api, Int, _, ngettext, errors from ipalib.plugins.netgroup import NETGROUP_PATTERN, NETGROUP_PATTERN_ERRMSG @@ -53,6 +54,9 @@ EXAMPLES: ipa hostgroup-del baltimore """) +register = Registry() + +@register() class hostgroup(LDAPObject): """ Hostgroup object. @@ -131,9 +135,9 @@ class hostgroup(LDAPObject): else: entry_attrs['memberof'].remove(member) -api.register(hostgroup) +@register() class hostgroup_add(LDAPCreate): __doc__ = _('Add a new hostgroup.') @@ -172,17 +176,17 @@ class hostgroup_add(LDAPCreate): return dn -api.register(hostgroup_add) +@register() class hostgroup_del(LDAPDelete): __doc__ = _('Delete a hostgroup.') msg_summary = _('Deleted hostgroup "%(value)s"') -api.register(hostgroup_del) +@register() class hostgroup_mod(LDAPUpdate): __doc__ = _('Modify a hostgroup.') @@ -193,9 +197,9 @@ class hostgroup_mod(LDAPUpdate): self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs) return dn -api.register(hostgroup_mod) +@register() class hostgroup_find(LDAPSearch): __doc__ = _('Search for hostgroups.') @@ -211,9 +215,9 @@ class hostgroup_find(LDAPSearch): self.obj.suppress_netgroup_memberof(ldap, entry.dn, entry) return truncated -api.register(hostgroup_find) +@register() class hostgroup_show(LDAPRetrieve): __doc__ = _('Display information about a hostgroup.') @@ -222,9 +226,9 @@ class hostgroup_show(LDAPRetrieve): self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs) return dn -api.register(hostgroup_show) +@register() class hostgroup_add_member(LDAPAddMember): __doc__ = _('Add members to a hostgroup.') @@ -233,9 +237,9 @@ class hostgroup_add_member(LDAPAddMember): self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs) return (completed, dn) -api.register(hostgroup_add_member) +@register() class hostgroup_remove_member(LDAPRemoveMember): __doc__ = _('Remove members from a hostgroup.') @@ -244,4 +248,3 @@ class hostgroup_remove_member(LDAPRemoveMember): self.obj.suppress_netgroup_memberof(ldap, dn, entry_attrs) return (completed, dn) -api.register(hostgroup_remove_member) diff --git a/ipalib/plugins/idrange.py b/ipalib/plugins/idrange.py index 5cc2786ce..8ffe7bf9a 100644 --- a/ipalib/plugins/idrange.py +++ b/ipalib/plugins/idrange.py @@ -17,6 +17,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +from ipalib.plugable import Registry from ipalib.plugins.baseldap import (LDAPObject, LDAPCreate, LDAPDelete, LDAPRetrieve, LDAPSearch, LDAPUpdate) from ipalib import api, Int, Str, DeprecatedParam, StrEnum, _, ngettext @@ -150,7 +151,9 @@ IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be modified to match the new range. """) +register = Registry() +@register() class idrange(LDAPObject): """ Range object. @@ -353,6 +356,7 @@ class idrange(LDAPObject): return True +@register() class idrange_add(LDAPCreate): __doc__ = _(""" Add new ID range. @@ -557,6 +561,7 @@ class idrange_add(LDAPCreate): return dn +@register() class idrange_del(LDAPDelete): __doc__ = _('Delete an ID range.') @@ -604,6 +609,7 @@ class idrange_del(LDAPDelete): return dn +@register() class idrange_find(LDAPSearch): __doc__ = _('Search for ranges.') @@ -625,6 +631,7 @@ class idrange_find(LDAPSearch): return truncated +@register() class idrange_show(LDAPRetrieve): __doc__ = _('Display information about a range.') @@ -639,6 +646,7 @@ class idrange_show(LDAPRetrieve): return dn +@register() class idrange_mod(LDAPUpdate): __doc__ = _('Modify ID range.') @@ -761,9 +769,3 @@ class idrange_mod(LDAPUpdate): return dn -api.register(idrange) -api.register(idrange_add) -api.register(idrange_mod) -api.register(idrange_del) -api.register(idrange_find) -api.register(idrange_show) diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index c693b3395..e3c0faff1 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -31,7 +31,11 @@ from ipalib import Str from ipalib.output import Output from ipalib.text import _ from ipalib.util import json_serialize +from ipalib.plugable import Registry +register = Registry() + +@register() class json_metadata(Command): """ Export plugin meta-data for the webUI. @@ -136,8 +140,8 @@ class json_metadata(Command): def output_for_cli(self, textui, result, *args, **options): print json.dumps(result, default=json_serialize) -api.register(json_metadata) +@register() class i18n_messages(Command): NO_CLI = True @@ -730,4 +734,3 @@ class i18n_messages(Command): print json.dumps(result, default=json_serialize) -api.register(i18n_messages) diff --git a/ipalib/plugins/kerberos.py b/ipalib/plugins/kerberos.py index 7ae63b930..3ed6d7671 100644 --- a/ipalib/plugins/kerberos.py +++ b/ipalib/plugins/kerberos.py @@ -26,11 +26,15 @@ This wraps the python-kerberos and python-krbV bindings. import sys from ipalib import api from ipalib.backend import Backend +from ipalib.plugable import Registry import krbV +register = Registry() + ENCODING = 'UTF-8' +@register() class krb(Backend): """ Kerberos backend plugin. @@ -119,4 +123,3 @@ class krb(Backend): return self.__get_principal(ccname).realm.decode(ENCODING) -api.register(krb) diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 94b4a02e9..8c44ccc27 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -22,6 +22,7 @@ import re from ipalib import api, errors, output from ipalib import Command, Password, Str, Flag, StrEnum, DNParam, File from ipalib.cli import to_cli +from ipalib.plugable import Registry from ipalib.plugins.user import NO_UPG_MAGIC if api.env.in_server and api.env.context in ['lite', 'server']: try: @@ -126,6 +127,8 @@ for each user added plus a summary when the default user group is updated. """) +register = Registry() + # USER MIGRATION CALLBACKS AND VARS _krb_err_msg = _('Kerberos principal %s already exists. Use \'ipa user-mod\' to set it manually.') @@ -441,6 +444,7 @@ def validate_ldapuri(ugettext, ldapuri): raise errors.ValidationError(name='ldap_uri', error=err_msg) +@register() class migrate_ds(Command): __doc__ = _('Migrate users and groups from DS to IPA.') @@ -928,4 +932,3 @@ can use their Kerberos accounts.''') textui.print_plain('-' * len(self.name)) textui.print_plain(unicode(self.pwd_migration_msg)) -api.register(migrate_ds) diff --git a/ipalib/plugins/misc.py b/ipalib/plugins/misc.py index 716797806..2c932ca6c 100644 --- a/ipalib/plugins/misc.py +++ b/ipalib/plugins/misc.py @@ -21,17 +21,21 @@ import re from ipalib import api, LocalOrRemote, _, ngettext from ipalib.output import Output, summary from ipalib import Flag +from ipalib.plugable import Registry __doc__ = _(""" Misc plug-ins """) +register = Registry() + # FIXME: We should not let env return anything in_server # when mode == 'production'. This would allow an attacker to see the # configuration of the server, potentially revealing compromising # information. However, it's damn handy for testing/debugging. +@register() class env(LocalOrRemote): __doc__ = _('Show environment variables.') @@ -99,9 +103,9 @@ class env(LocalOrRemote): ret['summary'] = None return ret -api.register(env) +@register() class plugins(LocalOrRemote): __doc__ = _('Show all loaded plugins.') @@ -137,4 +141,3 @@ class plugins(LocalOrRemote): count=len(plugins), ) -api.register(plugins) diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py index 7136c18f9..50f139990 100644 --- a/ipalib/plugins/netgroup.py +++ b/ipalib/plugins/netgroup.py @@ -21,6 +21,7 @@ from ipalib import api, errors from ipalib import Str, StrEnum +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext from ipalib.plugins.hbacrule import is_all @@ -49,6 +50,7 @@ EXAMPLES: ipa netgroup-del admins """) +register = Registry() NETGROUP_PATTERN='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]*$' NETGROUP_PATTERN_ERRMSG='may only include letters, numbers, _, -, and .' @@ -73,6 +75,7 @@ output_params = ( ), ) +@register() class netgroup(LDAPObject): """ Netgroup object. @@ -169,9 +172,9 @@ class netgroup(LDAPObject): external_host_param, ) -api.register(netgroup) +@register() class netgroup_add(LDAPCreate): __doc__ = _('Add a new netgroup.') @@ -206,17 +209,17 @@ class netgroup_add(LDAPCreate): return dn -api.register(netgroup_add) +@register() class netgroup_del(LDAPDelete): __doc__ = _('Delete a netgroup.') msg_summary = _('Deleted netgroup "%(value)s"') -api.register(netgroup_del) +@register() class netgroup_mod(LDAPUpdate): __doc__ = _('Modify a netgroup.') @@ -236,9 +239,9 @@ class netgroup_mod(LDAPUpdate): raise errors.MutuallyExclusiveError(reason=_("host category cannot be set to 'all' while there are allowed hosts")) return dn -api.register(netgroup_mod) +@register() class netgroup_find(LDAPSearch): __doc__ = _('Search for a netgroup.') @@ -274,17 +277,17 @@ class netgroup_find(LDAPSearch): filter = ldap.combine_filters((local_filter, filter), rules=ldap.MATCH_ALL) return (filter, base_dn, scope) -api.register(netgroup_find) +@register() class netgroup_show(LDAPRetrieve): __doc__ = _('Display information about a netgroup.') has_output_params = LDAPRetrieve.has_output_params + output_params -api.register(netgroup_show) +@register() class netgroup_add_member(LDAPAddMember): __doc__ = _('Add members to a netgroup.') @@ -298,9 +301,9 @@ class netgroup_add_member(LDAPAddMember): assert isinstance(dn, DN) return add_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(netgroup_add_member) +@register() class netgroup_remove_member(LDAPRemoveMember): __doc__ = _('Remove members from a netgroup.') @@ -310,4 +313,3 @@ class netgroup_remove_member(LDAPRemoveMember): assert isinstance(dn, DN) return remove_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(netgroup_remove_member) diff --git a/ipalib/plugins/passwd.py b/ipalib/plugins/passwd.py index 2581a46ee..95b9b6017 100644 --- a/ipalib/plugins/passwd.py +++ b/ipalib/plugins/passwd.py @@ -22,6 +22,7 @@ from ipalib import Command from ipalib import Str, Password from ipalib import _ from ipalib import output +from ipalib.plugable import Registry from ipalib.plugins.user import split_principal, validate_principal, normalize_principal from ipalib.request import context from ipapython.dn import DN @@ -45,6 +46,8 @@ EXAMPLES: ipa passwd tuser1 """) +register = Registry() + # We only need to prompt for the current password when changing a password # for yourself, but the parameter is still required MAGIC_VALUE = u'CHANGING_PASSWORD_FOR_ANOTHER_USER' @@ -61,6 +64,7 @@ def get_current_password(principal): else: return MAGIC_VALUE +@register() class passwd(Command): __doc__ = _("Set a user's password.") @@ -124,4 +128,3 @@ class passwd(Command): value=principal, ) -api.register(passwd) diff --git a/ipalib/plugins/pkinit.py b/ipalib/plugins/pkinit.py index 30c9120e8..5f00b2b46 100644 --- a/ipalib/plugins/pkinit.py +++ b/ipalib/plugins/pkinit.py @@ -21,6 +21,7 @@ from ipalib import api, errors from ipalib import Int, Str from ipalib import Object, Command from ipalib import _ +from ipalib.plugable import Registry from ipapython.dn import DN __doc__ = _(""" @@ -43,6 +44,9 @@ For more information on anonymous pkinit see: http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit """) +register = Registry() + +@register() class pkinit(Object): """ PKINIT Options @@ -51,7 +55,6 @@ class pkinit(Object): label=_('PKINIT') -api.register(pkinit) def valid_arg(ugettext, action): """ @@ -64,6 +67,7 @@ def valid_arg(ugettext, action): error=_('Unknown command %s') % action ) +@register() class pkinit_anonymous(Command): __doc__ = _('Enable or Disable Anonymous PKINIT.') @@ -99,4 +103,3 @@ class pkinit_anonymous(Command): return dict(result=True) -api.register(pkinit_anonymous) diff --git a/ipalib/plugins/realmdomains.py b/ipalib/plugins/realmdomains.py index 2c47ce186..08d3a6a78 100644 --- a/ipalib/plugins/realmdomains.py +++ b/ipalib/plugins/realmdomains.py @@ -20,6 +20,7 @@ from ipalib import api, errors from ipalib import Str, Flag from ipalib import _ +from ipalib.plugable import Registry from ipalib.plugins.baseldap import LDAPObject, LDAPUpdate, LDAPRetrieve from ipalib.util import has_soa_or_ns_record, validate_domain_name from ipapython.dn import DN @@ -47,6 +48,7 @@ EXAMPLES: ipa realmdomains-mod --del-domain=olddomain.com """) +register = Registry() def _domain_name_normalizer(d): return d.lower().rstrip('.') @@ -58,6 +60,7 @@ def _domain_name_validator(ugettext, value): return unicode(e) +@register() class realmdomains(LDAPObject): """ List of domains associated with IPA realm. @@ -102,9 +105,9 @@ class realmdomains(LDAPObject): ), ) -api.register(realmdomains) +@register() class realmdomains_mod(LDAPUpdate): __doc__ = _('Modify realm domains.') @@ -199,10 +202,9 @@ class realmdomains_mod(LDAPUpdate): return result -api.register(realmdomains_mod) +@register() class realmdomains_show(LDAPRetrieve): __doc__ = _('Display the list of realm domains.') -api.register(realmdomains_show) diff --git a/ipalib/plugins/role.py b/ipalib/plugins/role.py index 04088b82a..66a77227d 100644 --- a/ipalib/plugins/role.py +++ b/ipalib/plugins/role.py @@ -18,6 +18,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import api, Str, _, ngettext from ipalib import Command @@ -58,6 +59,9 @@ EXAMPLES: add users, reset passwords or add a user to the default IPA user group. """) +register = Registry() + +@register() class role(LDAPObject): """ Role object. @@ -107,33 +111,33 @@ class role(LDAPObject): ), ) -api.register(role) +@register() class role_add(LDAPCreate): __doc__ = _('Add a new role.') msg_summary = _('Added role "%(value)s"') -api.register(role_add) +@register() class role_del(LDAPDelete): __doc__ = _('Delete a role.') msg_summary = _('Deleted role "%(value)s"') -api.register(role_del) +@register() class role_mod(LDAPUpdate): __doc__ = _('Modify a role.') msg_summary = _('Modified role "%(value)s"') -api.register(role_mod) +@register() class role_find(LDAPSearch): __doc__ = _('Search for roles.') @@ -141,27 +145,27 @@ class role_find(LDAPSearch): '%(count)d role matched', '%(count)d roles matched', 0 ) -api.register(role_find) +@register() class role_show(LDAPRetrieve): __doc__ = _('Display information about a role.') -api.register(role_show) +@register() class role_add_member(LDAPAddMember): __doc__ = _('Add members to a role.') -api.register(role_add_member) +@register() class role_remove_member(LDAPRemoveMember): __doc__ = _('Remove members from a role.') -api.register(role_remove_member) +@register() class role_add_privilege(LDAPAddReverseMember): __doc__ = _('Add privileges to a role.') @@ -182,9 +186,9 @@ class role_add_privilege(LDAPAddReverseMember): ), ) -api.register(role_add_privilege) +@register() class role_remove_privilege(LDAPRemoveReverseMember): __doc__ = _('Remove privileges from a role.') @@ -205,4 +209,3 @@ class role_remove_privilege(LDAPRemoveReverseMember): ), ) -api.register(role_remove_privilege) diff --git a/ipalib/plugins/selfservice.py b/ipalib/plugins/selfservice.py index a1fd9d355..9cf6900d1 100644 --- a/ipalib/plugins/selfservice.py +++ b/ipalib/plugins/selfservice.py @@ -23,6 +23,7 @@ from ipalib.request import context from ipalib import api, crud, errors from ipalib import output from ipalib import Object, Command +from ipalib.plugable import Registry from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value __doc__ = _(""" @@ -53,6 +54,8 @@ EXAMPLES: ipa selfservice-del "Users manage their own address" """) +register = Registry() + ACI_PREFIX=u"selfservice" output_params = ( @@ -62,6 +65,7 @@ output_params = ( ) +@register() class selfservice(Object): """ Selfservice object. @@ -116,9 +120,9 @@ class selfservice(Object): except KeyError: pass -api.register(selfservice) +@register() class selfservice_add(crud.Create): __doc__ = _('Add a new self-service permission.') @@ -138,9 +142,9 @@ class selfservice_add(crud.Create): value=pkey_to_value(aciname, kw), ) -api.register(selfservice_add) +@register() class selfservice_del(crud.Delete): __doc__ = _('Delete a self-service permission.') @@ -156,9 +160,9 @@ class selfservice_del(crud.Delete): value=pkey_to_value(aciname, kw), ) -api.register(selfservice_del) +@register() class selfservice_mod(crud.Update): __doc__ = _('Modify a self-service permission.') @@ -178,9 +182,9 @@ class selfservice_mod(crud.Update): value=pkey_to_value(aciname, kw), ) -api.register(selfservice_mod) +@register() class selfservice_find(crud.Search): __doc__ = _('Search for a self-service permission.') @@ -205,9 +209,9 @@ class selfservice_find(crud.Search): truncated=False, ) -api.register(selfservice_find) +@register() class selfservice_show(crud.Retrieve): __doc__ = _('Display information about a self-service permission.') @@ -221,4 +225,3 @@ class selfservice_show(crud.Retrieve): value=pkey_to_value(aciname, kw), ) -api.register(selfservice_show) diff --git a/ipalib/plugins/selinuxusermap.py b/ipalib/plugins/selinuxusermap.py index cf1d55d9a..7efabaaa6 100644 --- a/ipalib/plugins/selinuxusermap.py +++ b/ipalib/plugins/selinuxusermap.py @@ -19,6 +19,7 @@ from ipalib import api, errors from ipalib import Str, StrEnum, Bool +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext from ipalib.plugins.hbacrule import is_all @@ -68,6 +69,8 @@ SEEALSO: and the default SELinux user are available in the config-show command. """) +register = Registry() + notboth_err = _('HBAC rule and local members cannot both be set') @@ -126,6 +129,7 @@ def validate_selinuxuser_inlist(ldap, user): return +@register() class selinuxusermap(LDAPObject): """ SELinux User Map object. @@ -254,9 +258,9 @@ class selinuxusermap(LDAPObject): hbac_attrs = ldap.get_entry(entry_attrs['seealso'][0], ['cn']) entry_attrs['seealso'] = hbac_attrs['cn'][0] -api.register(selinuxusermap) +@register() class selinuxusermap_add(LDAPCreate): __doc__ = _('Create a new SELinux User Map.') @@ -291,17 +295,17 @@ class selinuxusermap_add(LDAPCreate): return dn -api.register(selinuxusermap_add) +@register() class selinuxusermap_del(LDAPDelete): __doc__ = _('Delete a SELinux User Map.') msg_summary = _('Deleted SELinux User Map "%(value)s"') -api.register(selinuxusermap_del) +@register() class selinuxusermap_mod(LDAPUpdate): __doc__ = _('Modify a SELinux User Map.') @@ -355,9 +359,9 @@ class selinuxusermap_mod(LDAPUpdate): self.obj._convert_seealso(ldap, entry_attrs, **options) return dn -api.register(selinuxusermap_mod) +@register() class selinuxusermap_find(LDAPSearch): __doc__ = _('Search for SELinux User Maps.') @@ -387,9 +391,9 @@ all=True)['result'] self.obj._convert_seealso(ldap, attrs, **options) return truncated -api.register(selinuxusermap_find) +@register() class selinuxusermap_show(LDAPRetrieve): __doc__ = _('Display the properties of a SELinux User Map rule.') @@ -398,9 +402,9 @@ class selinuxusermap_show(LDAPRetrieve): self.obj._convert_seealso(ldap, entry_attrs, **options) return dn -api.register(selinuxusermap_show) +@register() class selinuxusermap_enable(LDAPQuery): __doc__ = _('Enable an SELinux User Map rule.') @@ -428,9 +432,9 @@ class selinuxusermap_enable(LDAPQuery): value=pkey_to_value(cn, options), ) -api.register(selinuxusermap_enable) +@register() class selinuxusermap_disable(LDAPQuery): __doc__ = _('Disable an SELinux User Map rule.') @@ -458,9 +462,9 @@ class selinuxusermap_disable(LDAPQuery): value=pkey_to_value(cn, options), ) -api.register(selinuxusermap_disable) +@register() class selinuxusermap_add_user(LDAPAddMember): __doc__ = _('Add users and groups to an SELinux User Map rule.') @@ -482,18 +486,18 @@ class selinuxusermap_add_user(LDAPAddMember): raise errors.MutuallyExclusiveError(reason=notboth_err) return dn -api.register(selinuxusermap_add_user) +@register() class selinuxusermap_remove_user(LDAPRemoveMember): __doc__ = _('Remove users and groups from an SELinux User Map rule.') member_attributes = ['memberuser'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(selinuxusermap_remove_user) +@register() class selinuxusermap_add_host(LDAPAddMember): __doc__ = _('Add target hosts and hostgroups to an SELinux User Map rule.') @@ -515,13 +519,12 @@ class selinuxusermap_add_host(LDAPAddMember): raise errors.MutuallyExclusiveError(reason=notboth_err) return dn -api.register(selinuxusermap_add_host) +@register() class selinuxusermap_remove_host(LDAPRemoveMember): __doc__ = _('Remove target hosts and hostgroups from an SELinux User Map rule.') member_attributes = ['memberhost'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(selinuxusermap_remove_host) diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index 592c4cfd0..0572a0ae2 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -24,6 +24,7 @@ import os from ipalib import api, errors, util from ipalib import Str, Flag, Bytes, StrEnum, Bool +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import x509 from ipalib import _, ngettext @@ -91,6 +92,8 @@ EXAMPLES: """) +register = Registry() + output_params = ( Flag('has_keytab', label=_('Keytab'), @@ -287,6 +290,7 @@ def set_kerberos_attrs(entry_attrs, options): if name in options or all_opt: entry_attrs[name] = bool(ticket_flags & value) +@register() class service(LDAPObject): """ Service object. @@ -371,9 +375,9 @@ class service(LDAPObject): raise errors.ValidationError(name='ipakrbauthzdata', error=_('NONE value cannot be combined with other PAC types')) -api.register(service) +@register() class service_add(LDAPCreate): __doc__ = _('Add a new IPA new service.') @@ -433,9 +437,9 @@ class service_add(LDAPCreate): set_kerberos_attrs(entry_attrs, options) return dn -api.register(service_add) +@register() class service_del(LDAPDelete): __doc__ = _('Delete an IPA service.') @@ -478,9 +482,9 @@ class service_del(LDAPDelete): raise nsprerr return dn -api.register(service_del) +@register() class service_mod(LDAPUpdate): __doc__ = _('Modify an existing IPA service.') @@ -525,9 +529,9 @@ class service_mod(LDAPUpdate): set_kerberos_attrs(entry_attrs, options) return dn -api.register(service_mod) +@register() class service_find(LDAPSearch): __doc__ = _('Search for IPA services.') @@ -562,9 +566,9 @@ class service_find(LDAPSearch): set_kerberos_attrs(entry_attrs, options) return truncated -api.register(service_find) +@register() class service_show(LDAPRetrieve): __doc__ = _('Display information about an IPA service.') @@ -598,26 +602,26 @@ class service_show(LDAPRetrieve): else: return super(service_show, self).forward(*keys, **options) -api.register(service_show) +@register() class service_add_host(LDAPAddMember): __doc__ = _('Add hosts that can manage this service.') member_attributes = ['managedby'] has_output_params = LDAPAddMember.has_output_params + output_params -api.register(service_add_host) +@register() class service_remove_host(LDAPRemoveMember): __doc__ = _('Remove hosts that can manage this service.') member_attributes = ['managedby'] has_output_params = LDAPRemoveMember.has_output_params + output_params -api.register(service_remove_host) +@register() class service_disable(LDAPQuery): __doc__ = _('Disable the Kerberos key and SSL certificate of a service.') @@ -679,4 +683,3 @@ class service_disable(LDAPQuery): value=pkey_to_value(keys[0], options), ) -api.register(service_disable) diff --git a/ipalib/plugins/sudocmd.py b/ipalib/plugins/sudocmd.py index 4c7ea7f88..4a81f06af 100644 --- a/ipalib/plugins/sudocmd.py +++ b/ipalib/plugins/sudocmd.py @@ -23,6 +23,7 @@ import sys from ipalib import api, errors, util from ipalib import Str +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext @@ -41,8 +42,11 @@ EXAMPLES: """) +register = Registry() + topic = ('sudo', _('commands for controlling sudo configuration')) +@register() class sudocmd(LDAPObject): """ Sudo Command object. @@ -108,15 +112,15 @@ class sudocmd(LDAPObject): pass return dn -api.register(sudocmd) +@register() class sudocmd_add(LDAPCreate): __doc__ = _('Create new Sudo Command.') msg_summary = _('Added Sudo Command "%(value)s"') -api.register(sudocmd_add) +@register() class sudocmd_del(LDAPDelete): __doc__ = _('Delete Sudo Command.') @@ -148,15 +152,15 @@ class sudocmd_del(LDAPDelete): dependent=', '.join(dependent_sudorules)) return dn -api.register(sudocmd_del) +@register() class sudocmd_mod(LDAPUpdate): __doc__ = _('Modify Sudo Command.') msg_summary = _('Modified Sudo Command "%(value)s"') -api.register(sudocmd_mod) +@register() class sudocmd_find(LDAPSearch): __doc__ = _('Search for Sudo Commands.') @@ -164,9 +168,8 @@ class sudocmd_find(LDAPSearch): '%(count)d Sudo Command matched', '%(count)d Sudo Commands matched', 0 ) -api.register(sudocmd_find) +@register() class sudocmd_show(LDAPRetrieve): __doc__ = _('Display Sudo Command.') -api.register(sudocmd_show) diff --git a/ipalib/plugins/sudocmdgroup.py b/ipalib/plugins/sudocmdgroup.py index 471c8b858..44883f430 100644 --- a/ipalib/plugins/sudocmdgroup.py +++ b/ipalib/plugins/sudocmdgroup.py @@ -19,6 +19,7 @@ from ipalib import api from ipalib import Str +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib import _, ngettext @@ -45,8 +46,11 @@ EXAMPLES: ipa group-show localadmins """) +register = Registry() + topic = ('sudo', _('commands for controlling sudo configuration')) +@register() class sudocmdgroup(LDAPObject): """ Sudo Command Group object. @@ -100,33 +104,33 @@ class sudocmdgroup(LDAPObject): ), ) -api.register(sudocmdgroup) +@register() class sudocmdgroup_add(LDAPCreate): __doc__ = _('Create new Sudo Command Group.') msg_summary = _('Added Sudo Command Group "%(value)s"') -api.register(sudocmdgroup_add) +@register() class sudocmdgroup_del(LDAPDelete): __doc__ = _('Delete Sudo Command Group.') msg_summary = _('Deleted Sudo Command Group "%(value)s"') -api.register(sudocmdgroup_del) +@register() class sudocmdgroup_mod(LDAPUpdate): __doc__ = _('Modify Sudo Command Group.') msg_summary = _('Modified Sudo Command Group "%(value)s"') -api.register(sudocmdgroup_mod) +@register() class sudocmdgroup_find(LDAPSearch): __doc__ = _('Search for Sudo Command Groups.') @@ -135,22 +139,21 @@ class sudocmdgroup_find(LDAPSearch): '%(count)d Sudo Command Groups matched', 0 ) -api.register(sudocmdgroup_find) +@register() class sudocmdgroup_show(LDAPRetrieve): __doc__ = _('Display Sudo Command Group.') -api.register(sudocmdgroup_show) +@register() class sudocmdgroup_add_member(LDAPAddMember): __doc__ = _('Add members to Sudo Command Group.') -api.register(sudocmdgroup_add_member) +@register() class sudocmdgroup_remove_member(LDAPRemoveMember): __doc__ = _('Remove members from Sudo Command Group.') -api.register(sudocmdgroup_remove_member) diff --git a/ipalib/plugins/sudorule.py b/ipalib/plugins/sudorule.py index 09b9a97e5..98353c029 100644 --- a/ipalib/plugins/sudorule.py +++ b/ipalib/plugins/sudorule.py @@ -19,6 +19,7 @@ from ipalib import api, errors from ipalib import Str, StrEnum, Bool +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib.plugins.hbacrule import is_all from ipalib import _, ngettext @@ -74,6 +75,8 @@ EXAMPLES: ipa sudorule-add-option defaults --sudooption '!authenticate' """) +register = Registry() + topic = ('sudo', _('Commands for controlling sudo configuration')) def deprecated(attribute): @@ -88,6 +91,7 @@ def validate_runasextuser(ugettext, value): def validate_runasextgroup(ugettext, value): deprecated('runasexternalgroup') +@register() class sudorule(LDAPObject): """ Sudo Rule object. @@ -323,9 +327,9 @@ class sudorule(LDAPObject): } ) -api.register(sudorule) +@register() class sudorule_add(LDAPCreate): __doc__ = _('Create new Sudo Rule.') @@ -338,17 +342,17 @@ class sudorule_add(LDAPCreate): msg_summary = _('Added Sudo Rule "%(value)s"') -api.register(sudorule_add) +@register() class sudorule_del(LDAPDelete): __doc__ = _('Delete Sudo Rule.') msg_summary = _('Deleted Sudo Rule "%(value)s"') -api.register(sudorule_del) +@register() class sudorule_mod(LDAPUpdate): __doc__ = _('Modify Sudo Rule.') @@ -383,9 +387,9 @@ class sudorule_mod(LDAPUpdate): return dn -api.register(sudorule_mod) +@register() class sudorule_find(LDAPSearch): __doc__ = _('Search for Sudo Rule.') @@ -393,15 +397,15 @@ class sudorule_find(LDAPSearch): '%(count)d Sudo Rule matched', '%(count)d Sudo Rules matched', 0 ) -api.register(sudorule_find) +@register() class sudorule_show(LDAPRetrieve): __doc__ = _('Display Sudo Rule.') -api.register(sudorule_show) +@register() class sudorule_enable(LDAPQuery): __doc__ = _('Enable a Sudo Rule.') @@ -426,9 +430,9 @@ class sudorule_enable(LDAPQuery): def output_for_cli(self, textui, result, cn, **options): textui.print_dashed(_('Enabled Sudo Rule "%s"') % cn) -api.register(sudorule_enable) +@register() class sudorule_disable(LDAPQuery): __doc__ = _('Disable a Sudo Rule.') @@ -453,9 +457,9 @@ class sudorule_disable(LDAPQuery): def output_for_cli(self, textui, result, cn, **options): textui.print_dashed(_('Disabled Sudo Rule "%s"') % cn) -api.register(sudorule_disable) +@register() class sudorule_add_allow_command(LDAPAddMember): __doc__ = _('Add commands and sudo command groups affected by Sudo Rule.') @@ -473,18 +477,18 @@ class sudorule_add_allow_command(LDAPAddMember): return dn -api.register(sudorule_add_allow_command) +@register() class sudorule_remove_allow_command(LDAPRemoveMember): __doc__ = _('Remove commands and sudo command groups affected by Sudo Rule.') member_attributes = ['memberallowcmd'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(sudorule_remove_allow_command) +@register() class sudorule_add_deny_command(LDAPAddMember): __doc__ = _('Add commands and sudo command groups affected by Sudo Rule.') @@ -501,18 +505,18 @@ class sudorule_add_deny_command(LDAPAddMember): raise errors.MutuallyExclusiveError(reason=_("commands cannot be added when command category='all'")) return dn -api.register(sudorule_add_deny_command) +@register() class sudorule_remove_deny_command(LDAPRemoveMember): __doc__ = _('Remove commands and sudo command groups affected by Sudo Rule.') member_attributes = ['memberdenycmd'] member_count_out = ('%i object removed.', '%i objects removed.') -api.register(sudorule_remove_deny_command) +@register() class sudorule_add_user(LDAPAddMember): __doc__ = _('Add users and groups affected by Sudo Rule.') @@ -533,9 +537,9 @@ class sudorule_add_user(LDAPAddMember): assert isinstance(dn, DN) return add_external_post_callback('memberuser', 'user', 'externaluser', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_add_user) +@register() class sudorule_remove_user(LDAPRemoveMember): __doc__ = _('Remove users and groups affected by Sudo Rule.') @@ -546,9 +550,9 @@ class sudorule_remove_user(LDAPRemoveMember): assert isinstance(dn, DN) return remove_external_post_callback('memberuser', 'user', 'externaluser', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_remove_user) +@register() class sudorule_add_host(LDAPAddMember): __doc__ = _('Add hosts and hostgroups affected by Sudo Rule.') @@ -569,9 +573,9 @@ class sudorule_add_host(LDAPAddMember): assert isinstance(dn, DN) return add_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_add_host) +@register() class sudorule_remove_host(LDAPRemoveMember): __doc__ = _('Remove hosts and hostgroups affected by Sudo Rule.') @@ -582,8 +586,8 @@ class sudorule_remove_host(LDAPRemoveMember): assert isinstance(dn, DN) return remove_external_post_callback('memberhost', 'host', 'externalhost', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_remove_host) +@register() class sudorule_add_runasuser(LDAPAddMember): __doc__ = _('Add users and groups for Sudo to execute as.') @@ -625,9 +629,9 @@ class sudorule_add_runasuser(LDAPAddMember): assert isinstance(dn, DN) return add_external_post_callback('ipasudorunas', 'user', 'ipasudorunasextuser', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_add_runasuser) +@register() class sudorule_remove_runasuser(LDAPRemoveMember): __doc__ = _('Remove users and groups for Sudo to execute as.') @@ -638,9 +642,9 @@ class sudorule_remove_runasuser(LDAPRemoveMember): assert isinstance(dn, DN) return remove_external_post_callback('ipasudorunas', 'user', 'ipasudorunasextuser', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_remove_runasuser) +@register() class sudorule_add_runasgroup(LDAPAddMember): __doc__ = _('Add group for Sudo to execute as.') @@ -676,9 +680,9 @@ class sudorule_add_runasgroup(LDAPAddMember): assert isinstance(dn, DN) return add_external_post_callback('ipasudorunasgroup', 'group', 'ipasudorunasextgroup', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_add_runasgroup) +@register() class sudorule_remove_runasgroup(LDAPRemoveMember): __doc__ = _('Remove group for Sudo to execute as.') @@ -689,9 +693,9 @@ class sudorule_remove_runasgroup(LDAPRemoveMember): assert isinstance(dn, DN) return remove_external_post_callback('ipasudorunasgroup', 'group', 'ipasudorunasextgroup', ldap, completed, failed, dn, entry_attrs, keys, options) -api.register(sudorule_remove_runasgroup) +@register() class sudorule_add_option(LDAPQuery): __doc__ = _('Add an option to the Sudo Rule.') @@ -742,9 +746,9 @@ class sudorule_add_option(LDAPQuery): -api.register(sudorule_add_option) +@register() class sudorule_remove_option(LDAPQuery): __doc__ = _('Remove an option from Sudo Rule.') @@ -796,4 +800,3 @@ class sudorule_remove_option(LDAPQuery): dict(option=options['ipasudoopt'], rule=cn)) super(sudorule_remove_option, self).output_for_cli(textui, result, cn, **options) -api.register(sudorule_remove_option) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 9799e4c41..987fb7476 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -18,6 +18,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib.plugins.dns import dns_container_exists from ipapython.ipautil import realm_to_suffix @@ -129,6 +130,8 @@ particular type. ipa trustconfig-mod --type ad --fallback-primary-group "Default SMB Group" """) +register = Registry() + trust_output_params = ( Str('trustdirection', label=_('Trust direction')), @@ -296,6 +299,7 @@ def add_range(self, range_name, dom_sid, *keys, **options): return range_type, range_size, base_id +@register() class trust(LDAPObject): """ Trust object. @@ -389,6 +393,7 @@ class trust(LDAPObject): dn=make_trust_dn(self.env, trust_type, DN(*sdn)) return dn +@register() class trust_add(LDAPCreate): __doc__ = _(''' Add new trust to use. @@ -726,11 +731,13 @@ sides. raise errors.ValidationError(name=_('AD Trust setup'), error=_('Not enough arguments specified to perform trust setup')) +@register() class trust_del(LDAPDelete): __doc__ = _('Delete a trust.') msg_summary = _('Deleted trust "%(value)s"') +@register() class trust_mod(LDAPUpdate): __doc__ = _(""" Modify a trust (for future use). @@ -749,6 +756,7 @@ class trust_mod(LDAPUpdate): return dn +@register() class trust_find(LDAPSearch): __doc__ = _('Search for trusts.') has_output_params = LDAPSearch.has_output_params + trust_output_params +\ @@ -779,6 +787,7 @@ class trust_find(LDAPSearch): return truncated +@register() class trust_show(LDAPRetrieve): __doc__ = _('Display information about a trust.') has_output_params = LDAPRetrieve.has_output_params + trust_output_params +\ @@ -804,18 +813,13 @@ class trust_show(LDAPRetrieve): return dn -api.register(trust) -api.register(trust_add) -api.register(trust_mod) -api.register(trust_del) -api.register(trust_find) -api.register(trust_show) _trustconfig_dn = { u'ad': DN(('cn', api.env.domain), api.env.container_cifsdomains, api.env.basedn), } +@register() class trustconfig(LDAPObject): """ Trusts global configuration object @@ -920,8 +924,8 @@ class trustconfig(LDAPObject): entry_attrs['ipantfallbackprimarygroup'] = [groupdn[0][0].value] -api.register(trustconfig) +@register() class trustconfig_mod(LDAPUpdate): __doc__ = _('Modify global trust configuration.') @@ -941,9 +945,9 @@ class trustconfig_mod(LDAPUpdate): self.obj._convert_groupdn(entry_attrs, options) return dn -api.register(trustconfig_mod) +@register() class trustconfig_show(LDAPRetrieve): __doc__ = _('Show global trust configuration.') @@ -958,7 +962,6 @@ class trustconfig_show(LDAPRetrieve): self.obj._convert_groupdn(entry_attrs, options) return dn -api.register(trustconfig_show) if _nss_idmap_installed: _idmap_type_dict = { @@ -970,6 +973,7 @@ if _nss_idmap_installed: string = _idmap_type_dict.get(int(level), 'unknown') return unicode(string) +@register() class trust_resolve(Command): NO_CLI = True __doc__ = _('Resolve security identifiers of users and groups in trusted domains') @@ -1008,9 +1012,9 @@ class trust_resolve(Command): return dict(result=result) -api.register(trust_resolve) +@register() class adtrust_is_enabled(Command): NO_CLI = True @@ -1035,9 +1039,9 @@ class adtrust_is_enabled(Command): return dict(result=True) -api.register(adtrust_is_enabled) +@register() class compat_is_enabled(Command): NO_CLI = True @@ -1079,9 +1083,9 @@ class compat_is_enabled(Command): return dict(result=True) -api.register(compat_is_enabled) +@register() class sidgen_was_run(Command): """ This command tries to determine whether the sidgen task was run during @@ -1123,8 +1127,8 @@ class sidgen_was_run(Command): return dict(result=True) -api.register(sidgen_was_run) +@register() class trustdomain(LDAPObject): """ Object representing a domain of the AD trust. @@ -1172,8 +1176,8 @@ class trustdomain(LDAPObject): dn=make_trust_dn(self.env, trust_type, DN(*sdn)) return dn -api.register(trustdomain) +@register() class trustdomain_find(LDAPSearch): __doc__ = _('Search domains of the trust') @@ -1202,15 +1206,15 @@ class trustdomain_find(LDAPSearch): return truncated -api.register(trustdomain_find) +@register() class trustdomain_mod(LDAPUpdate): __doc__ = _('Modify trustdomain of the trust') NO_CLI = True takes_options = LDAPUpdate.takes_options + (_trust_type_option,) -api.register(trustdomain_mod) +@register() class trustdomain_add(LDAPCreate): __doc__ = _('Allow access from the trusted domain') NO_CLI = True @@ -1220,8 +1224,8 @@ class trustdomain_add(LDAPCreate): if 'ipanttrustpartner' in options: entry_attrs['ipanttrustpartner'] = [options['ipanttrustpartner']] return dn -api.register(trustdomain_add) +@register() class trustdomain_del(LDAPDelete): __doc__ = _('Remove infromation about the domain associated with the trust.') @@ -1244,7 +1248,6 @@ class trustdomain_del(LDAPDelete): return result -api.register(trustdomain_del) def fetch_domains_from_trust(self, trustinstance, trust_entry, **options): @@ -1293,6 +1296,7 @@ def fetch_domains_from_trust(self, trustinstance, trust_entry, **options): pass return result +@register() class trust_fetch_domains(LDAPRetrieve): __doc__ = _('Refresh list of the domains associated with the trust') @@ -1333,8 +1337,8 @@ class trust_fetch_domains(LDAPRetrieve): result['truncated'] = False return result -api.register(trust_fetch_domains) +@register() class trustdomain_enable(LDAPQuery): __doc__ = _('Allow use of IPA resources by the domain of the trust') @@ -1373,8 +1377,8 @@ class trustdomain_enable(LDAPQuery): value=pkey_to_value(keys[1], options), ) -api.register(trustdomain_enable) +@register() class trustdomain_disable(LDAPQuery): __doc__ = _('Disable use of IPA resources by the domain of the trust') @@ -1413,4 +1417,3 @@ class trustdomain_disable(LDAPQuery): value=pkey_to_value(keys[1], options), ) -api.register(trustdomain_disable) diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 4eb35bd84..73203405e 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -25,6 +25,7 @@ import os from ipalib import api, errors from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime +from ipalib.plugable import Registry from ipalib.plugins.baseldap import * from ipalib.plugins import baseldap from ipalib.request import context @@ -81,6 +82,7 @@ EXAMPLES: ipa user-del tuser1 """) +register = Registry() NO_UPG_MAGIC = '__no_upg__' @@ -216,6 +218,7 @@ def fix_addressbook_permission_bindrule(name, template, is_new, template['ipapermbindruletype'] = 'anonymous' +@register() class user(LDAPObject): """ User object. @@ -675,9 +678,8 @@ class user(LDAPObject): for m in xrange(len(entry_attrs['manager'])): entry_attrs['manager'][m] = self.get_primary_key_from_dn(entry_attrs['manager'][m]) -api.register(user) - +@register() class user_add(LDAPCreate): __doc__ = _('Add a new user.') @@ -851,9 +853,8 @@ class user_add(LDAPCreate): radius_dn2pk(self.api, entry_attrs) return dn -api.register(user_add) - +@register() class user_del(LDAPDelete): __doc__ = _('Delete a user.') @@ -872,9 +873,8 @@ class user_del(LDAPDelete): return dn -api.register(user_del) - +@register() class user_mod(LDAPUpdate): __doc__ = _('Modify a user.') @@ -946,9 +946,8 @@ class user_mod(LDAPUpdate): radius_dn2pk(self.api, entry_attrs) return dn -api.register(user_mod) - +@register() class user_find(LDAPSearch): __doc__ = _('Search for users.') @@ -997,9 +996,8 @@ class user_find(LDAPSearch): '%(count)d user matched', '%(count)d users matched', 0 ) -api.register(user_find) - +@register() class user_show(LDAPRetrieve): __doc__ = _('Display information about a user.') @@ -1014,9 +1012,8 @@ class user_show(LDAPRetrieve): radius_dn2pk(self.api, entry_attrs) return dn -api.register(user_show) - +@register() class user_disable(LDAPQuery): __doc__ = _('Disable a user account.') @@ -1036,9 +1033,8 @@ class user_disable(LDAPQuery): value=pkey_to_value(keys[0], options), ) -api.register(user_disable) - +@register() class user_enable(LDAPQuery): __doc__ = _('Enable a user account.') @@ -1058,8 +1054,8 @@ class user_enable(LDAPQuery): value=pkey_to_value(keys[0], options), ) -api.register(user_enable) +@register() class user_unlock(LDAPQuery): __doc__ = _(""" Unlock a user account @@ -1087,8 +1083,8 @@ class user_unlock(LDAPQuery): value=pkey_to_value(keys[0], options), ) -api.register(user_unlock) +@register() class user_status(LDAPQuery): __doc__ = _(""" Lockout status of a user account @@ -1197,5 +1193,3 @@ class user_status(LDAPQuery): summary=unicode(_('Account disabled: %(disabled)s' % dict(disabled=disabled))), ) - -api.register(user_status) -- cgit