diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-01-28 17:20:16 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-02-03 13:27:46 -0500 |
commit | e672510c064558b08bd288f590d620dce96a23c5 (patch) | |
tree | c45120346c586be84ab84574c6692ff54f0462da | |
parent | 5760170bb3f7bfbd86be56284a7990e17c9b1bba (diff) | |
download | freeipa.git-e672510c064558b08bd288f590d620dce96a23c5.tar.gz freeipa.git-e672510c064558b08bd288f590d620dce96a23c5.tar.xz freeipa.git-e672510c064558b08bd288f590d620dce96a23c5.zip |
Implement pwplicy_find to show all group password policies
find is a bit of a misnomer here because we consider no search terms, it
is all or nothing.
-rw-r--r-- | ipalib/plugins/pwpolicy.py | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 44c28e78..a13f445f 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -349,3 +349,35 @@ class pwpolicy_show(Command): return dict(result=entry_attrs) api.register(pwpolicy_show) + +class pwpolicy_find(Command): + """ + Display all groups with a password policy. + """ + + has_output = output.standard_list_of_entries + + def execute(self, *args, **options): + ldap = self.api.Backend.ldap2 + attrs = ('cn','krbminpwdlife', 'krbmaxpwdlife', 'krbpwdmindiffchars', 'krbpwdminlength', 'krbpwdhistorylength',) + + attr_filter = ldap.make_filter({'objectclass':'krbpwdpolicy'}, rules=ldap.MATCH_ALL) + + try: + (entries, truncated) = ldap.find_entries( + attr_filter, attrs, 'cn=%s,cn=kerberos,%s' % (api.env.realm, api.env.basedn), scope=ldap.SCOPE_ONELEVEL + ) + except errors.NotFound: + (entries, truncated) = (tuple(), False) + + for e in entries: + _convert_time_for_output(e[1]) + e[1]['dn'] = e[0] + entries = tuple(e for (dn, e) in entries) + + return dict(result=entries, + count=len(entries), + truncated=truncated, + ) + +api.register(pwpolicy_find) |