summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-01-28 17:20:16 -0500
committerRob Crittenden <rcritten@redhat.com>2010-02-03 13:27:46 -0500
commite672510c064558b08bd288f590d620dce96a23c5 (patch)
treec45120346c586be84ab84574c6692ff54f0462da
parent5760170bb3f7bfbd86be56284a7990e17c9b1bba (diff)
downloadfreeipa.git-e672510c064558b08bd288f590d620dce96a23c5.tar.gz
freeipa.git-e672510c064558b08bd288f590d620dce96a23c5.tar.xz
freeipa.git-e672510c064558b08bd288f590d620dce96a23c5.zip
Implement pwplicy_find to show all group password policies
find is a bit of a misnomer here because we consider no search terms, it is all or nothing.
-rw-r--r--ipalib/plugins/pwpolicy.py32
1 files changed, 32 insertions, 0 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py
index 44c28e78..a13f445f 100644
--- a/ipalib/plugins/pwpolicy.py
+++ b/ipalib/plugins/pwpolicy.py
@@ -349,3 +349,35 @@ class pwpolicy_show(Command):
return dict(result=entry_attrs)
api.register(pwpolicy_show)
+
+class pwpolicy_find(Command):
+ """
+ Display all groups with a password policy.
+ """
+
+ has_output = output.standard_list_of_entries
+
+ def execute(self, *args, **options):
+ ldap = self.api.Backend.ldap2
+ attrs = ('cn','krbminpwdlife', 'krbmaxpwdlife', 'krbpwdmindiffchars', 'krbpwdminlength', 'krbpwdhistorylength',)
+
+ attr_filter = ldap.make_filter({'objectclass':'krbpwdpolicy'}, rules=ldap.MATCH_ALL)
+
+ try:
+ (entries, truncated) = ldap.find_entries(
+ attr_filter, attrs, 'cn=%s,cn=kerberos,%s' % (api.env.realm, api.env.basedn), scope=ldap.SCOPE_ONELEVEL
+ )
+ except errors.NotFound:
+ (entries, truncated) = (tuple(), False)
+
+ for e in entries:
+ _convert_time_for_output(e[1])
+ e[1]['dn'] = e[0]
+ entries = tuple(e for (dn, e) in entries)
+
+ return dict(result=entries,
+ count=len(entries),
+ truncated=truncated,
+ )
+
+api.register(pwpolicy_find)