diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-12-02 11:05:54 -0500 |
|---|---|---|
| committer | Adam Young <ayoung@redhat.com> | 2010-12-03 13:01:42 -0500 |
| commit | 8a63315ef30ac1a8fdab1394601cd588a105f66d (patch) | |
| tree | b6b149ee062c3c3ffcfc9e1246ce7ac03f86ca9e | |
| parent | 867ac1f03d77d72b25037ddf7cacccf407ff531e (diff) | |
| download | freeipa.git-8a63315ef30ac1a8fdab1394601cd588a105f66d.tar.gz freeipa.git-8a63315ef30ac1a8fdab1394601cd588a105f66d.tar.xz freeipa.git-8a63315ef30ac1a8fdab1394601cd588a105f66d.zip | |
Provide list of available attributes for use in ACI UI.
Also include flag indicating whether the object is bindable. This will
be used to determine if the object can have a selfservice ACI.
ticket 446
| -rw-r--r-- | install/share/bootstrap-template.ldif | 1 | ||||
| -rw-r--r-- | ipalib/plugins/baseldap.py | 23 | ||||
| -rw-r--r-- | ipalib/plugins/host.py | 1 | ||||
| -rw-r--r-- | ipalib/plugins/internal.py | 2 | ||||
| -rw-r--r-- | ipalib/plugins/service.py | 1 | ||||
| -rw-r--r-- | ipalib/plugins/user.py | 1 |
6 files changed, 26 insertions, 3 deletions
diff --git a/install/share/bootstrap-template.ldif b/install/share/bootstrap-template.ldif index 7946526b..4f10f070 100644 --- a/install/share/bootstrap-template.ldif +++ b/install/share/bootstrap-template.ldif @@ -218,7 +218,6 @@ ipaUserObjectClasses: inetuser ipaUserObjectClasses: posixaccount ipaUserObjectClasses: krbprincipalaux ipaUserObjectClasses: krbticketpolicyaux -ipaUserObjectClasses: radiusprofile ipaUserObjectClasses: ipaobject ipaDefaultEmailDomain: $DOMAIN ipaMigrationEnabled: FALSE diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index f6b992fd..00ca89f4 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -197,6 +197,8 @@ class LDAPObject(Object): uuid_attribute = '' attribute_members = {} rdnattr = None + # Can bind as this entry (has userPassword or krbPrincipalKey) + bindable = False container_not_found_msg = _('container entry (%(container)s) not found') parent_not_found_msg = _('%(parent)s: %(oname)s not found') @@ -293,14 +295,33 @@ class LDAPObject(Object): 'parent_object', 'container_dn', 'object_name', 'object_name_plural', 'object_class', 'object_class_config', 'default_attributes', 'label', 'hidden_attributes', 'uuid_attribute', 'attribute_members', 'name', - 'takes_params', 'rdn_attribute', + 'takes_params', 'rdn_attribute', 'bindable', ) + def __json__(self): + ldap = self.backend json_dict = dict( (a, getattr(self, a)) for a in self.json_friendly_attributes ) if self.primary_key: json_dict['primary_key'] = self.primary_key.name + objectclasses = self.object_class + if self.object_class_config: + config = ldap.get_ipa_config()[1] + objectclasses = config.get( + self.object_class_config, objectclasses + ) + # Get list of available attributes for this object for use + # in the ACI UI. + attrs = self.api.Backend.ldap2.schema.attribute_types(objectclasses) + attrlist = [] + # Go through the MUST first + for (oid, attr) in attrs[0].iteritems(): + attrlist.append(attr.names[0]) + # And now the MAY + for (oid, attr) in attrs[1].iteritems(): + attrlist.append(attr.names[0]) + json_dict['aciattrs'] = attrlist json_dict['methods'] = [m for m in self.methods] return json_dict diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index a9589c6e..437b7d52 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -165,6 +165,7 @@ class host(LDAPObject): 'memberof': ['hostgroup', 'netgroup', 'role'], 'managedby': ['host'], } + bindable = True label = _('Hosts') diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index 2e5d879b..1f2cf9fe 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -56,7 +56,7 @@ class json_metadata(Command): ((objname, json_serialize(self.api.Object[objname])), ) ) ) - retval= dict([("metadata",meta), ("messages",dict())]) + retval= dict([("metadata",meta)]) else: meta=dict( diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index fbb1ff2c..1e555998 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -237,6 +237,7 @@ class service(LDAPObject): attribute_members = { 'managedby': ['host'], } + bindable = True label = _('Services') diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 9c89c4da..c3246f5c 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -73,6 +73,7 @@ class user(LDAPObject): 'memberof': ['group', 'netgroup', 'role'], } rdnattr = 'uid' + bindable = True label = _('Users') |