From 90d6fefe32bd3a9c574db585828fa52ebd710494 Mon Sep 17 00:00:00 2001 From: Karl MacMillan Date: Tue, 4 Dec 2007 22:23:01 -0500 Subject: Fix errors with ipautil.CalledProcessError and cleanup some imports. --- ipa-server/ipaserver/dsinstance.py | 75 +++++++++++++++++++------------------- 1 file changed, 37 insertions(+), 38 deletions(-) (limited to 'ipa-server') diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstance.py index 8735ebda..08b86035 100644 --- a/ipa-server/ipaserver/dsinstance.py +++ b/ipa-server/ipaserver/dsinstance.py @@ -18,16 +18,15 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -import subprocess -import string -import tempfile import shutil import logging import pwd import glob import sys +import os + +from ipa import ipautil -from ipa.ipautil import * import service import installutils @@ -36,7 +35,7 @@ SERVER_ROOT_32 = "/usr/lib/dirsrv" def ldap_mod(fd, dn, pwd): args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", "-D", dn, "-w", pwd, "-f", fd.name] - run(args) + ipautil.run(args) def realm_to_suffix(realm_name): s = realm_name.split(".") @@ -44,7 +43,7 @@ def realm_to_suffix(realm_name): return ",".join(terms) def find_server_root(): - if dir_exists(SERVER_ROOT_64): + if ipautil.dir_exists(SERVER_ROOT_64): return SERVER_ROOT_64 else: return SERVER_ROOT_32 @@ -83,7 +82,7 @@ def check_existing_installation(): sys.exit(1) try: - run(["/sbin/service", "dirsrv", "stop"]) + ipautil.run(["/sbin/service", "dirsrv", "stop"]) except: pass for d in dirs: @@ -185,25 +184,25 @@ class DsInstance(service.Service): logging.debug("adding ds user %s" % self.ds_user) args = ["/usr/sbin/useradd", "-c", "DS System User", "-d", "/var/lib/dirsrv", "-M", "-r", "-s", "/sbin/nologin", self.ds_user] try: - run(args) + ipautil.run(args) logging.debug("done adding user") except ipautil.CalledProcessError, e: logging.critical("failed to add user %s" % e) def __create_instance(self): self.step("creating directory server instance") - inf_txt = template_str(INF_TEMPLATE, self.sub_dict) + inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict) logging.debug(inf_txt) - inf_fd = write_tmp_file(inf_txt) + inf_fd = ipautil.write_tmp_file(inf_txt) logging.debug("writing inf template") - if file_exists("/usr/sbin/setup-ds.pl"): + if ipautil.file_exists("/usr/sbin/setup-ds.pl"): args = ["/usr/sbin/setup-ds.pl", "--silent", "--logfile", "-", "-f", inf_fd.name] logging.debug("calling setup-ds.pl") else: args = ["/usr/bin/ds_newinst.pl", inf_fd.name] logging.debug("calling ds_newinst.pl") try: - run(args) + ipautil.run(args) logging.debug("completed creating ds instance") except ipautil.CalledProcessError, e: logging.critical("failed to restart ds instance %s" % e) @@ -217,19 +216,19 @@ class DsInstance(service.Service): def __add_default_schemas(self): self.step("adding default schema") - shutil.copyfile(SHARE_DIR + "60kerberos.ldif", + shutil.copyfile(ipautil.SHARE_DIR + "60kerberos.ldif", schema_dirname(self.realm_name) + "60kerberos.ldif") - shutil.copyfile(SHARE_DIR + "60samba.ldif", + shutil.copyfile(ipautil.SHARE_DIR + "60samba.ldif", schema_dirname(self.realm_name) + "60samba.ldif") - shutil.copyfile(SHARE_DIR + "60radius.ldif", + shutil.copyfile(ipautil.SHARE_DIR + "60radius.ldif", schema_dirname(self.realm_name) + "60radius.ldif") - shutil.copyfile(SHARE_DIR + "60ipaconfig.ldif", + shutil.copyfile(ipautil.SHARE_DIR + "60ipaconfig.ldif", schema_dirname(self.realm_name) + "60ipaconfig.ldif") def __add_memberof_module(self): self.step("enabling memboerof plugin") - memberof_txt = template_file(SHARE_DIR + "memberof-conf.ldif", self.sub_dict) - memberof_fd = write_tmp_file(memberof_txt) + memberof_txt = ipautil.template_file(ipautil.SHARE_DIR + "memberof-conf.ldif", self.sub_dict) + memberof_fd = ipautil.write_tmp_file(memberof_txt) try: ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password) except ipautil.CalledProcessError, e: @@ -238,8 +237,8 @@ class DsInstance(service.Service): def __init_memberof(self): self.step("initializing group membership") - memberof_txt = template_file(SHARE_DIR + "memberof-task.ldif", self.sub_dict) - memberof_fd = write_tmp_file(memberof_txt) + memberof_txt = ipautil.template_file(ipautil.SHARE_DIR + "memberof-task.ldif", self.sub_dict) + memberof_fd = ipautil.write_tmp_file(memberof_txt) try: ldap_mod(memberof_fd, "cn=Directory Manager", self.dm_password) except ipautil.CalledProcessError, e: @@ -248,8 +247,8 @@ class DsInstance(service.Service): def __add_referint_module(self): self.step("enabling referential integrity plugin") - referint_txt = template_file(SHARE_DIR + "referint-conf.ldif", self.sub_dict) - referint_fd = write_tmp_file(referint_txt) + referint_txt = ipautil.template_file(ipautil.SHARE_DIR + "referint-conf.ldif", self.sub_dict) + referint_fd = ipautil.write_tmp_file(referint_txt) try: ldap_mod(referint_fd, "cn=Directory Manager", self.dm_password) except ipautil.CalledProcessError, e: @@ -258,8 +257,8 @@ class DsInstance(service.Service): def __add_dna_module(self): self.step("enabling distributed numeric assignment plugin") - dna_txt = template_file(SHARE_DIR + "dna-conf.ldif", self.sub_dict) - dna_fd = write_tmp_file(dna_txt) + dna_txt = ipautil.template_file(ipautil.SHARE_DIR + "dna-conf.ldif", self.sub_dict) + dna_fd = ipautil.write_tmp_file(dna_txt) try: ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password) except ipautil.CalledProcessError, e: @@ -268,8 +267,8 @@ class DsInstance(service.Service): def __config_uidgid_gen_first_master(self): self.step("configuring Posix uid/gid generation as first master") - dna_txt = template_file(SHARE_DIR + "dna-posix.ldif", self.sub_dict) - dna_fd = write_tmp_file(dna_txt) + dna_txt = ipautil.template_file(ipautil.SHARE_DIR + "dna-posix.ldif", self.sub_dict) + dna_fd = ipautil.write_tmp_file(dna_txt) try: ldap_mod(dna_fd, "cn=Directory Manager", self.dm_password) except ipautil.CalledProcessError, e: @@ -278,8 +277,8 @@ class DsInstance(service.Service): def __add_master_entry_first_master(self): self.step("adding master entry as first master") - master_txt = template_file(SHARE_DIR + "master-entry.ldif", self.sub_dict) - master_fd = write_tmp_file(master_txt) + master_txt = ipautil.template_file(ipautil.SHARE_DIR + "master-entry.ldif", self.sub_dict) + master_fd = ipautil.write_tmp_file(master_txt) try: ldap_mod(master_fd, "cn=Directory Manager", self.dm_password) except ipautil.CalledProcessError, e: @@ -292,20 +291,20 @@ class DsInstance(service.Service): args = ["/usr/share/ipa/ipa-server-setupssl", self.dm_password, dirname, self.host_name] try: - run(args) + ipautil.run(args) logging.debug("done configuring ssl for ds instance") except ipautil.CalledProcessError, e: logging.critical("Failed to configure ssl in ds instance %s" % e) def __add_default_layout(self): self.step("adding default layout") - txt = template_file(SHARE_DIR + "bootstrap-template.ldif", self.sub_dict) - inf_fd = write_tmp_file(txt) + txt = ipautil.template_file(ipautil.SHARE_DIR + "bootstrap-template.ldif", self.sub_dict) + inf_fd = ipautil.write_tmp_file(txt) logging.debug("adding default dfrom ipa.ipautil import *s layout") args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager", "-w", self.dm_password, "-f", inf_fd.name] try: - run(args) + ipautil.run(args) logging.debug("done adding default ds layout") except ipautil.CalledProcessError, e: print "Failed to add default ds layout", e @@ -313,13 +312,13 @@ class DsInstance(service.Service): def __create_indeces(self): self.step("creating indeces") - txt = template_file(SHARE_DIR + "indeces.ldif", self.sub_dict) - inf_fd = write_tmp_file(txt) + txt = ipautil.template_file(ipautil.SHARE_DIR + "indeces.ldif", self.sub_dict) + inf_fd = ipautil.write_tmp_file(txt) logging.debug("adding/updating indeces") args = ["/usr/bin/ldapmodify", "-xv", "-D", "cn=Directory Manager", "-w", self.dm_password, "-f", inf_fd.name] try: - run(args) + ipautil.run(args) logging.debug("done adding/updating indeces") except ipautil.CalledProcessError, e: logging.critical("Failed to add/update indeces %s" % str(e)) @@ -327,7 +326,7 @@ class DsInstance(service.Service): def __certmap_conf(self): self.step("configuring certmap.conf") dirname = config_dirname(self.realm_name) - certmap_conf = template_file(SHARE_DIR+"certmap.conf.template", self.sub_dict) + certmap_conf = ipautil.template_file(ipautil.SHARE_DIR + "certmap.conf.template", self.sub_dict) certmap_fd = open(dirname+"certmap.conf", "w+") certmap_fd.write(certmap_conf) certmap_fd.close() @@ -335,7 +334,7 @@ class DsInstance(service.Service): def change_admin_password(self, password): logging.debug("Changing admin password") dirname = config_dirname(self.realm_name) - if dir_exists("/usr/lib64/mozldap"): + if ipautil.dir_exists("/usr/lib64/mozldap"): app = "/usr/lib64/mozldap/ldappasswd" else: app = "/usr/lib/mozldap/ldappasswd" @@ -344,7 +343,7 @@ class DsInstance(service.Service): "-P", dirname+"/cert8.db", "-ZZZ", "-s", password, "uid=admin,cn=sysaccounts,cn=etc,"+self.suffix] try: - run(args) + ipautil.run(args) logging.debug("ldappasswd done") except ipautil.CalledProcessError, e: print "Unable to set admin password", e -- cgit From 69765f52ce54eacb704b7ff1ee4287a3ed787371 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 5 Dec 2007 15:12:24 -0500 Subject: Groups may be iterated over so should be an empty list, not None --- ipa-server/ipa-gui/ipagui/proxyprovider.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipa-server') diff --git a/ipa-server/ipa-gui/ipagui/proxyprovider.py b/ipa-server/ipa-gui/ipagui/proxyprovider.py index bd9cf87a..485a0f3b 100644 --- a/ipa-server/ipa-gui/ipagui/proxyprovider.py +++ b/ipa-server/ipa-gui/ipagui/proxyprovider.py @@ -83,7 +83,7 @@ class ProxyIdentity(object): return self._user.groups except AttributeError: # Groups haven't been computed yet - return None + return [] groups= property(_get_groups) def logout(self): -- cgit From 2fbe5cbf492597a87427b61f1e470052b77465b2 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 4 Dec 2007 13:18:37 -0500 Subject: Phase 1 of allowing admins to set the default object classes for users & groups This adds the UI and does error checking of the selected object classes but it doesn't actually use the values yet. It also generalizes some functions for doing multi-valued fields. --- ipa-server/ipa-gui/ipagui/forms/ipapolicy.py | 8 +++ ipa-server/ipa-gui/ipagui/helpers/ipahelper.py | 31 +++++++++ .../ipa-gui/ipagui/subcontrollers/ipapolicy.py | 20 ++++++ ipa-server/ipa-gui/ipagui/subcontrollers/user.py | 77 +++++++--------------- .../ipa-gui/ipagui/templates/ipapolicyeditform.kid | 75 +++++++++++++++++++++ .../ipa-gui/ipagui/templates/ipapolicyshow.kid | 40 +++++++++++ ipa-server/ipa-install/share/60ipaconfig.ldif | 8 ++- ipa-server/xmlrpc-server/funcs.py | 39 +++++++++++ 8 files changed, 243 insertions(+), 55 deletions(-) (limited to 'ipa-server') diff --git a/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py b/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py index 78acac66..1d48f8f3 100644 --- a/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py +++ b/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py @@ -1,5 +1,6 @@ import turbogears from turbogears import validators, widgets +from tg_expanding_form_widget.tg_expanding_form_widget import ExpandingForm class IPAPolicyFields(object): # From cn=ipaConfig @@ -12,6 +13,10 @@ class IPAPolicyFields(object): ipadefaultprimarygroup = widgets.TextField(name="ipadefaultprimarygroup", label="Default Users group") ipamaxusernamelength = widgets.TextField(name="ipamaxusernamelength", label="Max. Username Length", attrs=dict(size=3,maxlength=3)) ipapwdexpadvnotify = widgets.TextField(name="ipapwdexpadvnotify", label="Password Expiration Notification (days)", attrs=dict(size=3,maxlength=3)) + ipauserobjectclasses = widgets.TextField(name="ipauserobjectclasses", label="Default User Object Classes", attrs=dict(size=50)) + userobjectclasses = ExpandingForm(name="userobjectclasses", label="Default User Object Classes", fields=[ipauserobjectclasses]) + ipagroupobjectclasses = widgets.TextField(name="ipagroupobjectclasses", label="Default Group Object Classes", attrs=dict(size=50)) + groupobjectclasses = ExpandingForm(name="groupobjectclasses", label="Default User Object Classes", fields=[ipagroupobjectclasses]) ipapolicy_orig = widgets.HiddenField(name="ipapolicy_orig") @@ -34,6 +39,9 @@ class IPAPolicyValidator(validators.Schema): ipahomesrootdir = validators.String(not_empty=True) ipadefaultloginshell = validators.String(not_empty=True) ipadefaultprimarygroup = validators.String(not_empty=True) + ipauserobjectclasses = validators.ForEach(validators.String(not_empty=True)) + ipagroupobjectclasses = validators.ForEach(validators.String(not_empty=True)) + krbmaxpwdlife = validators.Number(not_empty=True) krbminpwdlife = validators.Number(not_empty=True) krbpwdmindiffchars = validators.Number(not_empty=True) diff --git a/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py b/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py index 9ea6b48a..e5c2bd37 100644 --- a/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py +++ b/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py @@ -7,3 +7,34 @@ def javascript_string_escape(input): return re.sub(r'[\'\"\\]', lambda match: "\\%s" % match.group(), input) + +def setup_mv_fields(field, fieldname): + """Given a field (must be a list) and field name, convert that + field into a list of dictionaries of the form: + [ { fieldname : v1}, { fieldname : v2 }, .. ] + + This is how we pre-fill values for multi-valued fields. + """ + mvlist = [] + if field: + for v in field: + if v: + mvlist.append({ fieldname : v } ) + if len(mvlist) == 0: + # We need to return an empty value so something can be + # displayed on the edit page. Otherwise only an Add link + # will show, not an empty field. + mvlist.append({ fieldname : '' } ) + return mvlist + +def fix_incoming_fields(fields, fieldname, multifieldname): + """This is called by the update() function. It takes the incoming + list of dictionaries and converts it into back into the original + field, then removes the multiple field. + """ + fields[fieldname] = [] + for i in range(len(fields[multifieldname])): + fields[fieldname].append(fields[multifieldname][i][fieldname]) + del(fields[multifieldname]) + + return fields diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py b/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py index a82b9888..d8237331 100644 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py +++ b/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py @@ -17,6 +17,7 @@ from ipa.entity import utf8_encode_values from ipa import ipaerror import ipa.entity import ipagui.forms.ipapolicy +from ipagui.helpers import ipahelper import ldap.dn @@ -71,6 +72,15 @@ class IPAPolicyController(IPAController): # Combine the 2 dicts to make the form easier ipapolicy_dict.update(password_dict) + # Load potential multi-valued fields + if isinstance(ipapolicy_dict.get('ipauserobjectclasses',''), str): + ipapolicy_dict['ipauserobjectclasses'] = [ipapolicy_dict.get('ipauserobjectclasses')] + ipapolicy_dict['userobjectclasses'] = ipahelper.setup_mv_fields(ipapolicy_dict.get('ipauserobjectclasses'), 'ipauserobjectclasses') + + if isinstance(ipapolicy_dict.get('ipagroupobjectclasses',''), str): + ipapolicy_dict['ipagroupobjectclasses'] = [ipapolicy_dict.get('ipagroupobjectclasses')] + ipapolicy_dict['groupobjectclasses'] = ipahelper.setup_mv_fields(ipapolicy_dict.get('ipagroupobjectclasses'), 'ipagroupobjectclasses') + return dict(form=ipapolicy_edit_form, ipapolicy=ipapolicy_dict) except ipaerror.IPAError, e: turbogears.flash("IPA Policy edit failed: " + str(e) + "
" + str(e.detail)) @@ -88,6 +98,10 @@ class IPAPolicyController(IPAController): turbogears.flash("Edit policy cancelled") raise turbogears.redirect('/ipapolicy/show') + # Fix incoming multi-valued fields we created for the form + kw = ipahelper.fix_incoming_fields(kw, 'ipauserobjectclasses', 'userobjectclasses') + kw = ipahelper.fix_incoming_fields(kw, 'ipagroupobjectclasses', 'groupobjectclasses') + tg_errors, kw = self.ipapolicyupdatevalidate(**kw) if tg_errors: turbogears.flash("There were validation errors.
" + @@ -132,6 +146,12 @@ class IPAPolicyController(IPAController): if new_ipapolicy.ipadefaultprimarygroup != kw.get('ipadefaultprimarygroup'): policy_modified = True new_ipapolicy.setValue('ipadefaultprimarygroup', kw.get('ipadefaultprimarygroup')) + if new_ipapolicy.ipauserobjectclasses != kw.get('ipauserobjectclasses'): + policy_modified = True + new_ipapolicy.setValue('ipauserobjectclasses', kw.get('ipauserobjectclasses')) + if new_ipapolicy.ipagroupobjectclasses != kw.get('ipagroupobjectclasses'): + policy_modified = True + new_ipapolicy.setValue('ipagroupobjectclasses', kw.get('ipagroupobjectclasses')) if policy_modified: rv = client.update_ipa_config(new_ipapolicy) diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py index 39343b59..eda0966b 100644 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py +++ b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py @@ -18,6 +18,7 @@ from ipa.entity import utf8_encode_values from ipa import ipaerror import ipagui.forms.user import ipa.config +from ipagui.helpers import ipahelper log = logging.getLogger(__name__) @@ -83,36 +84,6 @@ class UserController(IPAController): user_new_form.validator.add_field(s['field'], validator) user_edit_form.validator.add_field(s['field'], validator) - def setup_mv_fields(self, field, fieldname): - """Given a field (must be a list) and field name, convert that - field into a list of dictionaries of the form: - [ { fieldname : v1}, { fieldname : v2 }, .. ] - - This is how we pre-fill values for multi-valued fields. - """ - mvlist = [] - if field is not None: - for v in field: - mvlist.append({ fieldname : v } ) - else: - # We need to return an empty value so something can be - # displayed on the edit page. Otherwise only an Add link - # will show, not an empty field. - mvlist.append({ fieldname : '' } ) - return mvlist - - def fix_incoming_fields(self, fields, fieldname, multifieldname): - """This is called by the update() function. It takes the incoming - list of dictionaries and converts it into back into the original - field, then removes the multiple field. - """ - fields[fieldname] = [] - for i in range(len(fields[multifieldname])): - fields[fieldname].append(fields[multifieldname][i][fieldname]) - del(fields[multifieldname]) - - return fields - @expose() def index(self): raise turbogears.redirect("/user/list") @@ -142,12 +113,12 @@ class UserController(IPAController): tg_errors, kw = self.usercreatevalidate(**kw) # Fix incoming multi-valued fields we created for the form - kw = self.fix_incoming_fields(kw, 'cn', 'cns') - kw = self.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') - kw = self.fix_incoming_fields(kw, 'facsimiletelephonenumber', 'facsimiletelephonenumbers') - kw = self.fix_incoming_fields(kw, 'mobile', 'mobiles') - kw = self.fix_incoming_fields(kw, 'pager', 'pagers') - kw = self.fix_incoming_fields(kw, 'homephone', 'homephones') + kw = ipahelper.fix_incoming_fields(kw, 'cn', 'cns') + kw = ipahelper.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') + kw = ipahelper.fix_incoming_fields(kw, 'facsimiletelephonenumber', 'facsimiletelephonenumbers') + kw = ipahelper.fix_incoming_fields(kw, 'mobile', 'mobiles') + kw = ipahelper.fix_incoming_fields(kw, 'pager', 'pagers') + kw = ipahelper.fix_incoming_fields(kw, 'homephone', 'homephones') if tg_errors: turbogears.flash("There were validation errors.
" + @@ -325,27 +296,27 @@ class UserController(IPAController): # Load potential multi-valued fields if isinstance(user_dict['cn'], str): user_dict['cn'] = [user_dict['cn']] - user_dict['cns'] = self.setup_mv_fields(user_dict['cn'], 'cn') + user_dict['cns'] = ipahelper.setup_mv_fields(user_dict['cn'], 'cn') if isinstance(user_dict.get('telephonenumber',''), str): - user_dict['telephonenumber'] = [user_dict.get('telephonenumber'),''] - user_dict['telephonenumbers'] = self.setup_mv_fields(user_dict.get('telephonenumber'), 'telephonenumber') + user_dict['telephonenumber'] = [user_dict.get('telephonenumber')] + user_dict['telephonenumbers'] = ipahelper.setup_mv_fields(user_dict.get('telephonenumber'), 'telephonenumber') if isinstance(user_dict.get('facsimiletelephonenumber',''), str): - user_dict['facsimiletelephonenumber'] = [user_dict.get('facsimiletelephonenumber'),''] - user_dict['facsimiletelephonenumbers'] = self.setup_mv_fields(user_dict.get('facsimiletelephonenumber'), 'facsimiletelephonenumber') + user_dict['facsimiletelephonenumber'] = [user_dict.get('facsimiletelephonenumber')] + user_dict['facsimiletelephonenumbers'] = ipahelper.setup_mv_fields(user_dict.get('facsimiletelephonenumber'), 'facsimiletelephonenumber') if isinstance(user_dict.get('mobile',''), str): - user_dict['mobile'] = [user_dict.get('mobile'),''] - user_dict['mobiles'] = self.setup_mv_fields(user_dict.get('mobile'), 'mobile') + user_dict['mobile'] = [user_dict.get('mobile')] + user_dict['mobiles'] = ipahelper.setup_mv_fields(user_dict.get('mobile'), 'mobile') if isinstance(user_dict.get('pager',''), str): - user_dict['pager'] = [user_dict.get('pager'),''] - user_dict['pagers'] = self.setup_mv_fields(user_dict.get('pager'), 'pager') + user_dict['pager'] = [user_dict.get('pager')] + user_dict['pagers'] = ipahelper.setup_mv_fields(user_dict.get('pager'), 'pager') if isinstance(user_dict.get('homephone',''), str): - user_dict['homephone'] = [user_dict.get('homephone'),''] - user_dict['homephones'] = self.setup_mv_fields(user_dict.get('homephone'), 'homephone') + user_dict['homephone'] = [user_dict.get('homephone')] + user_dict['homephones'] = ipahelper.setup_mv_fields(user_dict.get('homephone'), 'homephone') # Edit shouldn't fill in the password field. if user_dict.has_key('userpassword'): @@ -403,12 +374,12 @@ class UserController(IPAController): raise turbogears.redirect('/user/show', uid=kw.get('uid')) # Fix incoming multi-valued fields we created for the form - kw = self.fix_incoming_fields(kw, 'cn', 'cns') - kw = self.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') - kw = self.fix_incoming_fields(kw, 'facsimiletelephonenumber', 'facsimiletelephonenumbers') - kw = self.fix_incoming_fields(kw, 'mobile', 'mobiles') - kw = self.fix_incoming_fields(kw, 'pager', 'pagers') - kw = self.fix_incoming_fields(kw, 'homephone', 'homephones') + kw = ipahelper.fix_incoming_fields(kw, 'cn', 'cns') + kw = ipahelper.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') + kw = ipahelper.fix_incoming_fields(kw, 'facsimiletelephonenumber', 'facsimiletelephonenumbers') + kw = ipahelper.fix_incoming_fields(kw, 'mobile', 'mobiles') + kw = ipahelper.fix_incoming_fields(kw, 'pager', 'pagers') + kw = ipahelper.fix_incoming_fields(kw, 'homephone', 'homephones') # admins and editors can update anybody. A user can only update # themselves. We need this check because it is very easy to guess diff --git a/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid b/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid index 10665763..9584e445 100644 --- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid +++ b/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid @@ -15,6 +15,8 @@ from ipagui.helpers import ipahelper +
+ + +
diff --git a/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid b/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid index 089fb494..6e49e555 100644 --- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid +++ b/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid @@ -109,6 +109,46 @@ edit_url = tg.url('/ipapolicy/edit') ${ipapolicy.get("ipadefaultprimarygroup")} + + +