diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2013-03-11 12:37:29 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2013-04-09 19:00:30 +0200 |
| commit | e64db8cbc2e9571200cd14e7d2313102022c2813 (patch) | |
| tree | 2ebed4dd0c34b22003abe98a61a9831894f424b5 /ipalib | |
| parent | 3f053437c979e13b22e3e5cac194d24dc9afcddf (diff) | |
| download | freeipa.git-e64db8cbc2e9571200cd14e7d2313102022c2813.tar.gz freeipa.git-e64db8cbc2e9571200cd14e7d2313102022c2813.tar.xz freeipa.git-e64db8cbc2e9571200cd14e7d2313102022c2813.zip | |
Filter groups by type (POSIX, non-POSIX, external)
Added flag for each groups type: --posix, --nonposix, --external to group-find command.
Group types:
* non-POSIX: not posix, not external
* POSIX: with objectclass posixgroup
* external: with objectclass ipaexternalgroup
https://fedorahosted.org/freeipa/ticket/3483
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/group.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 21ee0049..02eeb10c 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -328,10 +328,35 @@ class group_find(LDAPSearch): cli_name='private', doc=_('search for private groups'), ), + Flag('posix', + cli_name='posix', + doc=_('search for POSIX groups'), + ), + Flag('external', + cli_name='external', + doc=_('search for groups with support of external non-IPA members from trusted domains'), + ), + Flag('nonposix', + cli_name='nonposix', + doc=_('search for non-POSIX groups'), + ), ) def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options): assert isinstance(base_dn, DN) + + # filter groups by pseudo type + filters = [] + if options['posix']: + search_kw = {'objectclass': ['posixGroup']} + filters.append(ldap.make_filter(search_kw, rules=ldap.MATCH_ALL)) + if options['external']: + search_kw = {'objectclass': ['ipaExternalGroup']} + filters.append(ldap.make_filter(search_kw, rules=ldap.MATCH_ALL)) + if options['nonposix']: + search_kw = {'objectclass': ['posixGroup' , 'ipaExternalGroup']} + filters.append(ldap.make_filter(search_kw, rules=ldap.MATCH_NONE)) + # if looking for private groups, we need to create a new search filter, # because private groups have different object classes if options['private']: @@ -351,6 +376,9 @@ class group_find(LDAPSearch): cflt = ldap.make_filter(search_kw, exact=False) filter = ldap.combine_filters((oflt, cflt), rules=ldap.MATCH_ALL) + elif filters: + filters.append(filter) + filter = ldap.combine_filters(filters, rules=ldap.MATCH_ALL) return (filter, base_dn, scope) api.register(group_find) |