summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipa_server/ipaldap.py10
-rw-r--r--ipa_server/plugins/b_ldap.py8
-rw-r--r--ipalib/cli.py5
-rw-r--r--ipalib/errors.py4
-rw-r--r--ipalib/plugins/f_automount.py95
-rw-r--r--ipalib/plugins/f_group.py95
-rw-r--r--ipalib/plugins/f_hostgroup.py21
-rw-r--r--ipalib/plugins/f_user.py4
8 files changed, 147 insertions, 95 deletions
diff --git a/ipa_server/ipaldap.py b/ipa_server/ipaldap.py
index 7cfd6c41..215ef683 100644
--- a/ipa_server/ipaldap.py
+++ b/ipa_server/ipaldap.py
@@ -375,7 +375,7 @@ class IPAdmin(SimpleLDAPObject):
except ldap.ALREADY_EXISTS, e:
raise errors.DuplicateEntry, "Entry already exists"
except ldap.LDAPError, e:
- raise e
+ raise DatabaseError, e
return True
def updateRDN(self, dn, newrdn):
@@ -392,7 +392,7 @@ class IPAdmin(SimpleLDAPObject):
self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl)
self.modrdn_s(dn, newrdn, delold=1)
except ldap.LDAPError, e:
- raise e
+ raise DatabaseError, e
return True
def updateEntry(self,dn,oldentry,newentry):
@@ -474,7 +474,7 @@ class IPAdmin(SimpleLDAPObject):
self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl)
self.modify_s(dn, modlist)
except ldap.LDAPError, e:
- raise e
+ raise DatabaseError, e
return True
def deleteEntry(self,*args):
@@ -486,8 +486,10 @@ class IPAdmin(SimpleLDAPObject):
if sctrl is not None:
self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl)
self.delete_s(*args)
+ except ldap.INSUFFICIENT_ACCESS, e:
+ raise errors.InsufficientAccess, e
except ldap.LDAPError, e:
- raise e
+ raise errors.DatabaseError, e
return True
def modifyPassword(self,dn,oldpass,newpass):
diff --git a/ipa_server/plugins/b_ldap.py b/ipa_server/plugins/b_ldap.py
index 862de1d8..8042474f 100644
--- a/ipa_server/plugins/b_ldap.py
+++ b/ipa_server/plugins/b_ldap.py
@@ -267,12 +267,15 @@ class ldap(CrudBackend):
objectclass = kw.get('objectclass')
sfilter = kw.get('filter')
attributes = kw.get('attributes')
+ base = kw.get('base')
if attributes:
del kw['attributes']
else:
attributes = ['*']
if objectclass:
del kw['objectclass']
+ if base:
+ del kw['base']
if sfilter:
del kw['filter']
(exact_match_filter, partial_match_filter) = self._generate_search_filters(**kw)
@@ -283,7 +286,10 @@ class ldap(CrudBackend):
exact_match_filter = "(%s%s)" % (sfilter, exact_match_filter)
partial_match_filter = "(%s%s)" % (sfilter, partial_match_filter)
- search_base = "%s, %s" % (self.api.env.container_accounts, self.api.env.basedn)
+ if not base:
+ base = self.api.env.container_accounts
+
+ search_base = "%s, %s" % (base, self.api.env.basedn)
try:
exact_results = servercore.search(search_base,
exact_match_filter, attributes)
diff --git a/ipalib/cli.py b/ipalib/cli.py
index 37fdad44..af3eb6e3 100644
--- a/ipalib/cli.py
+++ b/ipalib/cli.py
@@ -691,7 +691,10 @@ class CLI(object):
if callable(cmd.output_for_cli):
for param in cmd.params():
if param.ispassword():
- del kw[param.name]
+ try:
+ del kw[param.name]
+ except KeyError:
+ pass
(args, options) = cmd.params_2_args_options(kw)
cmd.output_for_cli(self.api.Backend.textui, result, *args, **options)
diff --git a/ipalib/errors.py b/ipalib/errors.py
index 25f594f2..989721be 100644
--- a/ipalib/errors.py
+++ b/ipalib/errors.py
@@ -409,6 +409,10 @@ class HostService(ConfigurationError):
"""You must enroll a host in order to create a host service"""
faultCode = 1026
+class InsufficientAccess(GenericError):
+ """You do not have permission to perform this task"""
+ faultCode = 1027
+
class FunctionDeprecated(GenericError):
"""Raised by a deprecated function"""
faultCode = 2000
diff --git a/ipalib/plugins/f_automount.py b/ipalib/plugins/f_automount.py
index 7a251572..d2a70784 100644
--- a/ipalib/plugins/f_automount.py
+++ b/ipalib/plugins/f_automount.py
@@ -34,14 +34,14 @@ from ldap import explode_dn
map_attributes = ['automountMapName', 'description', ]
key_attributes = ['description', 'automountKey', 'automountInformation']
-def display_entry(entry):
+def display_entry(textui, entry):
# FIXME: for now delete dn here. In the future pass in the kw to
# output_for_cli()
attr = sorted(entry.keys())
for a in attr:
if a != 'dn':
- print "%s: %s" % (a, entry[a])
+ textui.print_plain("%s: %s" % (a, entry[a]))
def make_automount_dn(mapname):
"""
@@ -96,12 +96,11 @@ class automount_addmap(crud.Add):
kw['objectClass'] = ['automountMap']
return ldap.create(**kw)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, map, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Automount map added"
+ textui.print_plain("Automount map %s added" % map)
api.register(automount_addmap)
@@ -139,12 +138,11 @@ class automount_addkey(crud.Add):
kw['objectClass'] = ['automount']
return ldap.create(**kw)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Automount key added"
+ textui.print_plain("Automount key added")
api.register(automount_addkey)
@@ -161,18 +159,17 @@ class automount_delmap(crud.Del):
:param kw: Not used.
"""
ldap = self.api.Backend.ldap
- dn = ldap.find_entry_dn("automountmapname", mapname, "automountmap")
+ dn = ldap.find_entry_dn("automountmapname", mapname, "automountmap", api.env.container_automount)
keys = api.Command['automount_getkeys'](mapname)
if keys:
for k in keys:
ldap.delete(k.get('dn'))
return ldap.delete(dn)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Automount map and associated keys deleted"
+ print "Automount map and associated keys deleted"
api.register(automount_delmap)
@@ -205,12 +202,11 @@ class automount_delkey(crud.Del):
if not keydn:
raise errors.NotFound
return ldap.delete(keydn)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Automount key deleted"
+ print "Automount key deleted"
api.register(automount_delkey)
@@ -238,12 +234,11 @@ class automount_modmap(crud.Mod):
dn = ldap.find_entry_dn("automountmapname", mapname, "automountmap", api.env.container_automount)
return ldap.update(dn, **kw)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Automount map updated"
+ print "Automount map updated"
api.register(automount_modmap)
@@ -286,12 +281,12 @@ class automount_modkey(crud.Mod):
raise errors.NotFound
return ldap.update(keydn, **kw)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Automount key updated"
+ print "Automount key updated"
+
api.register(automount_modkey)
@@ -309,26 +304,27 @@ class automount_findmap(crud.Find):
kw[s] = term
kw['objectclass'] = 'automountMap'
+ kw['base'] = api.env.container_automount
if kw.get('all', False):
kw['attributes'] = ['*']
else:
kw['attributes'] = map_attributes
return ldap.search(**kw)
- def output_for_cli(self, entries):
- if not entries:
- return
- counter = entries[0]
- entries = entries[1:]
+
+ def output_for_cli(self, textui, result, *args, **options):
+ counter = result[0]
+ entries = result[1:]
if counter == 0:
- print "No entries found"
+ textui.print_plain("No entries found")
return
elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
+ textui.print_plain("These results are truncated.")
+ textui.print_plain("Please refine your search and try again.")
for e in entries:
- display_entry(e)
- print ""
+ display_entry(textui, e)
+ textui.print_plain("")
+
api.register(automount_findmap)
@@ -350,26 +346,26 @@ class automount_findkey(crud.Find):
kw[s] = term
kw['objectclass'] = 'automount'
+ kw['base'] = api.env.container_automount
if kw.get('all', False):
kw['attributes'] = ['*']
else:
kw['attributes'] = key_attributes
return ldap.search(**kw)
- def output_for_cli(self, entries):
- if not entries:
- return
- counter = entries[0]
- entries = entries[1:]
+ def output_for_cli(self, textui, result, *args, **options):
+ counter = result[0]
+ entries = result[1:]
if counter == 0:
- print "No entries found"
+ textui.print_plain("No entries found")
return
elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
+ textui.print_plain("These results are truncated.")
+ textui.print_plain("Please refine your search and try again.")
for e in entries:
- display_entry(e)
- print ""
+ display_entry(textui, e)
+ textui.print_plain("")
+
api.register(automount_findkey)
@@ -394,9 +390,9 @@ class automount_showmap(crud.Get):
return ldap.retrieve(dn)
else:
return ldap.retrieve(dn, map_attributes)
- def output_for_cli(self, entry):
- if entry:
- display_entry(entry)
+ def output_for_cli(self, textui, result, *args, **options):
+ if result:
+ display_entry(textui, result)
api.register(automount_showmap)
@@ -436,7 +432,7 @@ class automount_showkey(crud.Get):
return ldap.retrieve(keydn)
else:
return ldap.retrieve(keydn, key_attributes)
- def output_for_cli(self, entry):
+ def output_for_cli(self, textui, result, *args, **options):
# The automount map name associated with this key is available only
# in the dn. Add it as an attribute to display instead.
if entry and not entry.get('automountmapname'):
@@ -445,7 +441,7 @@ class automount_showkey(crud.Get):
(attr, value) = e.split('=',1)
if attr == 'automountmapname':
entry['automountmapname'] = value
- display_entry(entry)
+ display_entry(textui, entry)
api.register(automount_showkey)
@@ -475,9 +471,8 @@ class automount_getkeys(frontend.Command):
keys = []
return keys
- def output_for_cli(self, keys):
- if keys:
- for k in keys:
- print k.get('automountkey')
+ def output_for_cli(self, textui, result, *args, **options):
+ for k in result:
+ textui.print_plain('%s' % k.get('automountkey'))
api.register(automount_getkeys)
diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py
index 9df83a29..6fe95006 100644
--- a/ipalib/plugins/f_group.py
+++ b/ipalib/plugins/f_group.py
@@ -29,6 +29,19 @@ from ipalib import errors
from ipalib import ipa_types
+def get_members(members):
+ """
+ Return a list of members.
+
+ It is possible that the value passed in is None.
+ """
+ if members:
+ members = members.split(',')
+ else:
+ members = []
+
+ return members
+
class group(frontend.Object):
"""
Group object.
@@ -83,12 +96,13 @@ class group_add(crud.Add):
return ldap.create(**kw)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Group added"
+ textui.print_name(self.name)
+ textui.print_entry(result)
+ textui.print_dashed('Added group "%s"' % result['cn'])
api.register(group_add)
@@ -121,12 +135,11 @@ class group_del(crud.Del):
return ldap.delete(dn)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, cn):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Group deleted"
+ textui.print_plain("Deleted group %s" % cn)
api.register(group_del)
@@ -151,12 +164,12 @@ class group_mod(crud.Mod):
dn = ldap.find_entry_dn("cn", cn, "posixGroup")
return ldap.update(dn, **kw)
- def output_for_cli(self, ret):
+ def output_for_cli(self, textui, result, cn, **options):
"""
Output result of this command to command line interface.
"""
- if ret:
- print "Group updated"
+ if result:
+ textui.print_plain("Group updated")
api.register(group_mod)
@@ -179,22 +192,24 @@ class group_find(crud.Find):
kw['objectclass'] = object_type
return ldap.search(**kw)
- def output_for_cli(self, groups):
- if not groups:
+ def output_for_cli(self, textui, result, uid, **options):
+ counter = result[0]
+ groups = result[1:]
+ if counter == 0 or len(groups) == 0:
+ textui.print_plain("No entries found")
return
-
- counter = groups[0]
- groups = groups[1:]
- if counter == 0:
- print "No entries found"
+ if len(groups) == 1:
+ textui.print_entry(groups[0])
return
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
+ textui.print_name(self.name)
for g in groups:
- for a in g.keys():
- print "%s: %s" % (a, g[a])
+ textui.print_entry(g)
+ textui.print_plain('')
+ if counter == -1:
+ textui.print_plain("These results are truncated.")
+ textui.print_plain("Please refine your search and try again.")
+ textui.print_count(groups, '%d groups matched')
api.register(group_find)
@@ -218,12 +233,24 @@ class group_show(crud.Get):
# FIXME: should kw contain the list of attributes to display?
return ldap.retrieve(dn)
- def output_for_cli(self, group):
- if not group:
+ def output_for_cli(self, textui, result, *args, **options):
+ counter = result[0]
+ groups = result[1:]
+ if counter == 0 or len(groups) == 0:
+ textui.print_plain("No entries found")
return
-
- for a in group.keys():
- print "%s: %s" % (a, group[a])
+ if len(groups) == 1:
+ textui.print_entry(groups[0])
+ return
+ textui.print_name(self.name)
+ for u in groups:
+ textui.print_plain('%(givenname)s %(sn)s:' % u)
+ textui.print_entry(u)
+ textui.print_plain('')
+ if counter == -1:
+ textui.print_plain('These results are truncated.')
+ textui.print_plain('Please refine your search and try again.')
+ textui.print_count(groups, '%d groups matched')
api.register(group_show)
@@ -253,7 +280,7 @@ class group_add_member(frontend.Command):
to_add = []
completed = 0
- members = kw.get('groups', '').split(',')
+ members = get_members(kw.get('groups', ''))
for m in members:
if not m: continue
try:
@@ -263,7 +290,7 @@ class group_add_member(frontend.Command):
add_failed.append(m)
continue
- members = kw.get('users', '').split(',')
+ members = get_members(kw.get('users', ''))
for m in members:
if not m: continue
try:
@@ -282,11 +309,11 @@ class group_add_member(frontend.Command):
return add_failed
- def output_for_cli(self, add_failed):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if add_failed:
+ if result:
print "These entries failed to add to the group:"
for a in add_failed:
print "\t'%s'" % a
@@ -320,7 +347,7 @@ class group_remove_member(frontend.Command):
remove_failed = []
completed = 0
- members = kw.get('groups', '').split(',')
+ members = get_members(kw.get('groups', ''))
for m in members:
if not m: continue
try:
@@ -330,7 +357,7 @@ class group_remove_member(frontend.Command):
remove_failed.append(m)
continue
- members = kw.get('users', '').split(',')
+ members = get_members(kw.get('users', ''))
for m in members:
try:
member_dn = ldap.find_entry_dn("uid", m,)
@@ -348,11 +375,11 @@ class group_remove_member(frontend.Command):
return remove_failed
- def output_for_cli(self, remove_failed):
+ def output_for_cli(self, textui, result, *args, **options):
"""
Output result of this command to command line interface.
"""
- if remove_failed:
+ if result:
print "These entries failed to be removed from the group:"
for a in remove_failed:
print "\t'%s'" % a
diff --git a/ipalib/plugins/f_hostgroup.py b/ipalib/plugins/f_hostgroup.py
index 8e4c3740..6cbf4d51 100644
--- a/ipalib/plugins/f_hostgroup.py
+++ b/ipalib/plugins/f_hostgroup.py
@@ -30,6 +30,19 @@ from ipalib import ipa_types
hostgroup_filter = "groupofnames)(!(objectclass=posixGroup)"
+def get_members(members):
+ """
+ Return a list of members.
+
+ It is possible that the value passed in is None.
+ """
+ if members:
+ members = members.split(',')
+ else:
+ members = []
+
+ return members
+
class hostgroup(frontend.Object):
"""
Host Group object.
@@ -241,7 +254,7 @@ class hostgroup_add_member(frontend.Command):
to_add = []
completed = 0
- members = kw.get('groups', '').split(',')
+ members = get_members(kw.get('groups', ''))
for m in members:
if not m: continue
try:
@@ -251,7 +264,7 @@ class hostgroup_add_member(frontend.Command):
add_failed.append(m)
continue
- members = kw.get('hosts', '').split(',')
+ members = get_members(kw.get('hosts', ''))
for m in members:
if not m: continue
try:
@@ -309,7 +322,7 @@ class hostgroup_remove_member(frontend.Command):
remove_failed = []
completed = 0
- members = kw.get('groups', '').split(',')
+ members = get_members(kw.get('groups', ''))
for m in members:
if not m: continue
try:
@@ -319,7 +332,7 @@ class hostgroup_remove_member(frontend.Command):
remove_failed.append(m)
continue
- members = kw.get('hosts', '').split(',')
+ members = get_members(kw.get('hosts', ''))
for m in members:
if not m: continue
try:
diff --git a/ipalib/plugins/f_user.py b/ipalib/plugins/f_user.py
index e1076242..c8b819dd 100644
--- a/ipalib/plugins/f_user.py
+++ b/ipalib/plugins/f_user.py
@@ -305,7 +305,9 @@ class user_find(crud.Find):
return
textui.print_name(self.name)
for u in users:
- textui.print_plain('%(givenname)s %(sn)s:' % u)
+ gn = u.get('givenname', '')
+ sn= u.get('sn', '')
+ textui.print_plain('%s %s:' % (gn, sn))
textui.print_entry(u)
textui.print_plain('')
if counter == -1:
generated by cgit (git 2.34.1) at 2024-09-22 13:16:32 +0000