From cb795fa14bc2798fd8f1c6e2b87d19432e3f84a1 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Sat, 4 Oct 2008 05:17:11 -0400 Subject: Add group plugin, routine to get cn=ipaconfig --- ipalib/plugins/f_group.py | 117 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 ipalib/plugins/f_group.py (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py new file mode 100644 index 00000000..36cecc33 --- /dev/null +++ b/ipalib/plugins/f_group.py @@ -0,0 +1,117 @@ +# Authors: +# Jason Gerard DeRose +# +# Copyright (C) 2008 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +""" +Frontend plugins for group (Identity). +""" + +from ipalib import frontend +from ipalib import crud +from ipalib.frontend import Param +from ipalib import api +from ipa_server import servercore +from ipa_server import ipaldap +import ldap +from ipa_server.context import context + + +class group(frontend.Object): + """ + Group object. + """ + takes_params = ( + 'description', + Param('cn', + primary_key=True, + normalize=lambda value: value.lower(), + ) + ) +api.register(group) + + +class group_add(crud.Add): + 'Add a new group.' + def execute(self, *args, **kw): + """args[0] = uid of the group to add + kw{container} is the location in the DIT to add the group, not + required + kw otherwise contains all the attributes + """ + # FIXME: ug, really? + if not kw.get('container'): + group_container = servercore.DefaultGroupContainer + else: + group_container = kw['container'] + del kw['container'] + + group = kw + + group['cn'] = args[0] + + # Get our configuration + config = servercore.get_ipa_config() + + dn="cn=%s,%s,%s" % (ldap.dn.escape_dn_chars(group['cn']), + group_container,servercore.basedn) + + entry = ipaldap.Entry(dn) + + # some required objectclasses + entry.setValues('objectClass', (config.get('ipagroupobjectclasses'))) + + # No need to explicitly set gidNumber. The dna_plugin will do this + # for us if the value isn't provided by the user. + + # fill in our new entry with everything sent by the user + for g in group: + entry.setValues(g, group[g]) + + result = context.conn.getConn().addEntry(entry) + return result + + +api.register(group_add) + + +class group_del(crud.Del): + 'Delete an existing group.' +api.register(group_del) + + +class group_mod(crud.Mod): + 'Edit an existing group.' +api.register(group_mod) + + +class group_find(crud.Find): + 'Search the groups.' + def execute(self, *args, **kw): + cn=args[0] + result = servercore.get_sub_entry(servercore.basedn, "cn=%s" % cn, ["*"]) + return result + def forward(self, *args, **kw): + result = super(crud.Find, self).forward(*args, **kw) + for a in result: + print a, ": ", result[a] +api.register(group_find) + + +class group_show(crud.Get): + 'Examine an existing group.' +api.register(group_show) -- cgit From 69bc5ad77adecaf7d8fde4a6578c3d2f3ef355df Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 7 Oct 2008 02:10:15 -0400 Subject: Add some more supporting functions Do a little bit more error handling and checking --- ipalib/plugins/f_group.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index 36cecc33..c5a37e72 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -28,7 +28,6 @@ from ipalib import api from ipa_server import servercore from ipa_server import ipaldap import ldap -from ipa_server.context import context class group(frontend.Object): @@ -82,7 +81,7 @@ class group_add(crud.Add): for g in group: entry.setValues(g, group[g]) - result = context.conn.getConn().addEntry(entry) + result = servercore.add_entry(entry) return result -- cgit From 8a97b3e8a8f437cd99cc7cabbc719368b0247983 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 9 Oct 2008 23:11:03 -0400 Subject: Implement group-del --- ipalib/plugins/f_group.py | 48 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index c5a37e72..fd56b3ff 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -27,6 +27,7 @@ from ipalib.frontend import Param from ipalib import api from ipa_server import servercore from ipa_server import ipaldap +from ipa_server import ipautil import ldap @@ -83,13 +84,49 @@ class group_add(crud.Add): result = servercore.add_entry(entry) return result - - + def forward(self, *args, **kw): + result = super(crud.Add, self).forward(*args, **kw) + if result: + print "Group %s added" % args[0] api.register(group_add) class group_del(crud.Del): 'Delete an existing group.' + def execute(self, *args, **kw): + """args[0] = dn of the group to remove + + Delete a group + + The memberOf plugin handles removing the group from any other + groups. + """ + group_dn = args[0] + + group = servercore.get_entry_by_dn(group_dn, ['dn', 'cn']) + if group is None: + raise errors.NotFound +# logging.info("IPA: delete_group '%s'" % group_dn) + + # We have 2 special groups, don't allow them to be removed + # FIXME +# if "admins" in group.get('cn') or "editors" in group.get('cn'): +# raise ipaerror.gen_exception(ipaerror.CONFIG_REQUIRED_GROUPS) + + # Don't allow the default user group to be removed + config=servercore.get_ipa_config() + default_group = servercore.get_entry_by_cn(config.get('ipadefaultprimarygroup'), None) + if group_dn == default_group.get('dn'): + raise errors.DefaultGroup + + return servercore.delete_entry(group_dn) + def forward(self, *args, **kw): + group = self.api.Command['group_show'](ipautil.utf8_encode_value(args[0])) + if not group: + print "nothing found" + return False + a = group.get('dn') + result = super(crud.Del, self).forward(a) api.register(group_del) @@ -113,4 +150,11 @@ api.register(group_find) class group_show(crud.Get): 'Examine an existing group.' + def execute(self, *args, **kw): + cn=args[0] + result = servercore.get_sub_entry(servercore.basedn, "cn=%s" % cn, ["*"]) + return result + def forward(self, *args, **kw): + result = super(crud.Get, self).forward(*args, **kw) + return result api.register(group_show) -- cgit From 5d2a99925d4b8f8bb39dfbf4ae797d9845366109 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 9 Oct 2008 23:32:28 -0400 Subject: Implement group-mod --- ipalib/plugins/f_group.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index fd56b3ff..eeb18c5c 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -132,6 +132,25 @@ api.register(group_del) class group_mod(crud.Mod): 'Edit an existing group.' + def execute(self, *args, **kw): + group_cn=args[0] + result = servercore.get_entry_by_cn(group_cn, ["*"]) + + group = kw + dn = result.get('dn') + del result['dn'] + entry = ipaldap.Entry((dn, servercore.convert_scalar_values(result))) + + for g in group: + entry.setValues(g, group[g]) + + result = servercore.update_entry(entry.toDict()) + + return result + def forward(self, *args, **kw): + result = super(crud.Mod, self).forward(*args, **kw) + if result: + print "Group %s modified" % args[0] api.register(group_mod) -- cgit From 1a8317ff7471214811d39ab846d402dc22a03779 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 15 Oct 2008 17:46:01 -0400 Subject: Port group-add to use LDAP backend Have create and update return the record that was just added/modified --- ipalib/plugins/f_group.py | 57 ++++++++++++++++++++++------------------------- 1 file changed, 27 insertions(+), 30 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index eeb18c5c..a07d314b 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -38,6 +38,7 @@ class group(frontend.Object): takes_params = ( 'description', Param('cn', + cli_name='name', primary_key=True, normalize=lambda value: value.lower(), ) @@ -47,47 +48,43 @@ api.register(group) class group_add(crud.Add): 'Add a new group.' - def execute(self, *args, **kw): - """args[0] = uid of the group to add - kw{container} is the location in the DIT to add the group, not - required - kw otherwise contains all the attributes + + def execute(self, cn, **kw): """ - # FIXME: ug, really? - if not kw.get('container'): - group_container = servercore.DefaultGroupContainer - else: - group_container = kw['container'] - del kw['container'] + Execute the group-add operation. - group = kw + The dn should not be passed as a keyword argument as it is constructed + by this method. - group['cn'] = args[0] + Returns the entry as it will be created in LDAP. - # Get our configuration - config = servercore.get_ipa_config() + No need to explicitly set gidNumber. The dna_plugin will do this + for us if the value isn't provided by the caller. - dn="cn=%s,%s,%s" % (ldap.dn.escape_dn_chars(group['cn']), - group_container,servercore.basedn) + :param cn: The name of the group being added. + :param kw: Keyword arguments for the other LDAP attributes. + """ + assert 'cn' not in kw + assert 'dn' not in kw + ldap = self.api.Backend.ldap + kw['cn'] = cn + kw['dn'] = ldap.make_group_dn(cn) - entry = ipaldap.Entry(dn) + # Get our configuration + config = servercore.get_ipa_config() # some required objectclasses - entry.setValues('objectClass', (config.get('ipagroupobjectclasses'))) + kw['objectClass'] = config.get('ipagroupobjectclasses') - # No need to explicitly set gidNumber. The dna_plugin will do this - # for us if the value isn't provided by the user. + return ldap.create(**kw) - # fill in our new entry with everything sent by the user - for g in group: - entry.setValues(g, group[g]) + def output_for_cli(self, ret): + """ + Output result of this command to command line interface. + """ + if ret: + print "Group added" - result = servercore.add_entry(entry) - return result - def forward(self, *args, **kw): - result = super(crud.Add, self).forward(*args, **kw) - if result: - print "Group %s added" % args[0] api.register(group_add) -- cgit From 5748fce84ca0c0256183e1da308cb9f7ae4e73de Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 16 Oct 2008 10:59:03 -0400 Subject: Remove references to ipa_server.* and port group plugin to ldap backend --- ipalib/plugins/f_group.py | 144 +++++++++++++++++++++++++++------------------- 1 file changed, 85 insertions(+), 59 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index a07d314b..c2280a4e 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -25,10 +25,7 @@ from ipalib import frontend from ipalib import crud from ipalib.frontend import Param from ipalib import api -from ipa_server import servercore -from ipa_server import ipaldap from ipa_server import ipautil -import ldap class group(frontend.Object): @@ -71,7 +68,7 @@ class group_add(crud.Add): kw['dn'] = ldap.make_group_dn(cn) # Get our configuration - config = servercore.get_ipa_config() + config = ldap.get_ipa_config() # some required objectclasses kw['objectClass'] = config.get('ipagroupobjectclasses') @@ -90,87 +87,116 @@ api.register(group_add) class group_del(crud.Del): 'Delete an existing group.' - def execute(self, *args, **kw): - """args[0] = dn of the group to remove - - Delete a group - - The memberOf plugin handles removing the group from any other - groups. + def execute(self, cn, **kw): """ - group_dn = args[0] + Delete a group - group = servercore.get_entry_by_dn(group_dn, ['dn', 'cn']) - if group is None: - raise errors.NotFound -# logging.info("IPA: delete_group '%s'" % group_dn) + The memberOf plugin handles removing the group from any other + groups. + :param cn: The name of the group being removed + :param kw: Unused + """ # We have 2 special groups, don't allow them to be removed - # FIXME -# if "admins" in group.get('cn') or "editors" in group.get('cn'): +# if "admins" == cn.lower() or "editors" == cn.lower(): # raise ipaerror.gen_exception(ipaerror.CONFIG_REQUIRED_GROUPS) + ldap = self.api.Backend.ldap + dn = ldap.find_entry_dn("cn", cn, "posixGroup") +# logging.info("IPA: delete_group '%s'" % dn) + # Don't allow the default user group to be removed - config=servercore.get_ipa_config() - default_group = servercore.get_entry_by_cn(config.get('ipadefaultprimarygroup'), None) - if group_dn == default_group.get('dn'): + config=ldap.get_ipa_config() + default_group = ldap.find_entry_dn("cn", config.get('ipadefaultprimarygroup'), "posixGroup") + if dn == default_group: raise errors.DefaultGroup - return servercore.delete_entry(group_dn) - def forward(self, *args, **kw): - group = self.api.Command['group_show'](ipautil.utf8_encode_value(args[0])) - if not group: - print "nothing found" - return False - a = group.get('dn') - result = super(crud.Del, self).forward(a) + return ldap.delete(dn) + + def output_for_cli(self, ret): + """ + Output result of this command to command line interface. + """ + if ret: + print "Group deleted" + api.register(group_del) class group_mod(crud.Mod): 'Edit an existing group.' - def execute(self, *args, **kw): - group_cn=args[0] - result = servercore.get_entry_by_cn(group_cn, ["*"]) + def execute(self, cn, **kw): + """ + Execute the user-mod operation. - group = kw - dn = result.get('dn') - del result['dn'] - entry = ipaldap.Entry((dn, servercore.convert_scalar_values(result))) + The dn should not be passed as a keyword argument as it is constructed + by this method. - for g in group: - entry.setValues(g, group[g]) + Returns the entry - result = servercore.update_entry(entry.toDict()) + :param cn: The name of the group to update. + :param kw: Keyword arguments for the other LDAP attributes. + """ + assert 'cn' not in kw + assert 'dn' not in kw + ldap = self.api.Backend.ldap + dn = ldap.find_entry_dn("cn", cn, "posixGroup") + return ldap.update(dn, **kw) + + def output_for_cli(self, ret): + """ + Output result of this command to command line interface. + """ + if ret: + print "Group updated" - return result - def forward(self, *args, **kw): - result = super(crud.Mod, self).forward(*args, **kw) - if result: - print "Group %s modified" % args[0] api.register(group_mod) class group_find(crud.Find): 'Search the groups.' - def execute(self, *args, **kw): - cn=args[0] - result = servercore.get_sub_entry(servercore.basedn, "cn=%s" % cn, ["*"]) - return result - def forward(self, *args, **kw): - result = super(crud.Find, self).forward(*args, **kw) - for a in result: - print a, ": ", result[a] + def execute(self, cn, **kw): + ldap = self.api.Backend.ldap + kw['cn'] = cn + return ldap.search(**kw) + + def output_for_cli(self, groups): + if not groups: + return + + counter = groups[0] + groups = groups[1:] + if counter == 0: + print "No entries found" + return + elif counter == -1: + print "These results are truncated." + print "Please refine your search and try again." + + for g in groups: + for a in g.keys(): + print "%s: %s" % (a, g[a]) + api.register(group_find) class group_show(crud.Get): 'Examine an existing group.' - def execute(self, *args, **kw): - cn=args[0] - result = servercore.get_sub_entry(servercore.basedn, "cn=%s" % cn, ["*"]) - return result - def forward(self, *args, **kw): - result = super(crud.Get, self).forward(*args, **kw) - return result + def execute(self, cn, **kw): + """ + Execute the group-show operation. + + The dn should not be passed as a keyword argument as it is constructed + by this method. + + Returns the entry + + :param cn: The group name to retrieve. + :param kw: Not used. + """ + ldap = self.api.Backend.ldap + dn = ldap.find_entry_dn("cn", cn, "posixGroup") + # FIXME: should kw contain the list of attributes to display? + return ldap.retrieve(dn) + api.register(group_show) -- cgit From f777f72de6a7c1d3ef29088fbf89722c1148f246 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 16 Oct 2008 15:00:30 -0400 Subject: Use the search fields from the configuration when searching Generalize the attribute -> objectclass search helper --- ipalib/plugins/f_group.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index c2280a4e..132e45ef 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -155,9 +155,20 @@ api.register(group_mod) class group_find(crud.Find): 'Search the groups.' - def execute(self, cn, **kw): + def execute(self, term, **kw): ldap = self.api.Backend.ldap - kw['cn'] = cn + + # Pull the list of searchable attributes out of the configuration. + config = ldap.get_ipa_config() + search_fields_conf_str = config.get('ipagroupsearchfields') + search_fields = search_fields_conf_str.split(",") + + for s in search_fields: + kw[s] = term + + object_type = ldap.get_object_type("cn") + if object_type and not kw.get('objectclass'): + kw['objectclass'] = ldap.get_object_type("cn") return ldap.search(**kw) def output_for_cli(self, groups): -- cgit From ae8370be44d95b9f6793ded46ef81126aebef3e0 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 17 Oct 2008 19:20:23 -0400 Subject: Port f_service to LDAP backend Add new keyword, 'filter', that can be passed to the search function. This is globbed onto the filter that is auto-created. --- ipalib/plugins/f_group.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index 132e45ef..e83c870e 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -168,7 +168,7 @@ class group_find(crud.Find): object_type = ldap.get_object_type("cn") if object_type and not kw.get('objectclass'): - kw['objectclass'] = ldap.get_object_type("cn") + kw['objectclass'] = object_type return ldap.search(**kw) def output_for_cli(self, groups): -- cgit From 245969858d8484428db1edbff8d6bd36587fb144 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 21 Oct 2008 16:33:34 -0400 Subject: Implement group member add/remove Add gidNumber to the group command-line --- ipalib/plugins/f_group.py | 151 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 149 insertions(+), 2 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index e83c870e..b5f80f93 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -25,7 +25,8 @@ from ipalib import frontend from ipalib import crud from ipalib.frontend import Param from ipalib import api -from ipa_server import ipautil +from ipalib import errors +from ipalib import ipa_types class group(frontend.Object): @@ -33,7 +34,14 @@ class group(frontend.Object): Group object. """ takes_params = ( - 'description', + Param('description', + doc='A description of this group', + ), + Param('gidnumber?', + cli_name='gid', + type=ipa_types.Int(), + doc='The gid to use for this group. If not included one is automatically set.', + ), Param('cn', cli_name='name', primary_key=True, @@ -210,4 +218,143 @@ class group_show(crud.Get): # FIXME: should kw contain the list of attributes to display? return ldap.retrieve(dn) + def output_for_cli(self, group): + if not group: + return + + for a in group.keys(): + print "%s: %s" % (a, group[a]) + api.register(group_show) + + +class group_add_member(frontend.Command): + 'Add a member to a group.' + takes_args = ( + Param('group', primary_key=True), + ) + takes_options = ( + Param('users?', doc='comma-separated list of users to add'), + Param('groups?', doc='comma-separated list of groups to add'), + ) + def execute(self, cn, **kw): + """ + Execute the group-add-member operation. + + Returns the updated group entry + + :param cn: The group name to add new members to. + :param kw: groups is a comma-separated list of groups to add + :parem kw: users is a comma-separated list of users to add + """ + ldap = self.api.Backend.ldap + dn = ldap.find_entry_dn("cn", cn) + add_failed = [] + to_add = [] + completed = 0 + + members = kw.get('groups', '').split(',') + for m in members: + if not m: continue + try: + member_dn = ldap.find_entry_dn("cn", m) + to_add.append(member_dn) + except errors.NotFound: + add_failed.append(m) + continue + + members = kw.get('users', '').split(',') + for m in members: + if not m: continue + try: + member_dn = ldap.find_entry_dn("uid", m) + to_add.append(member_dn) + except errors.NotFound: + add_failed.append(m) + continue + + for member_dn in to_add: + try: + ldap.add_member_to_group(member_dn, dn) + completed+=1 + except: + add_failed.append(member_dn) + + return add_failed + + def output_for_cli(self, add_failed): + """ + Output result of this command to command line interface. + """ + if add_failed: + print "These entries failed to add to the group:" + for a in add_failed: + print "\t'%s'" % a + + +api.register(group_add_member) + + +class group_remove_member(frontend.Command): + 'Remove a member from a group.' + takes_args = ( + Param('group', primary_key=True), + ) + takes_options = ( + Param('users?', doc='comma-separated list of users to remove'), + Param('groups?', doc='comma-separated list of groups to remove'), + ) + def execute(self, cn, **kw): + """ + Execute the group-remove-member operation. + + Returns the members that could not be added + + :param cn: The group name to add new members to. + :param kw: groups is a comma-separated list of groups to remove + :parem kw: users is a comma-separated list of users to remove + """ + ldap = self.api.Backend.ldap + dn = ldap.find_entry_dn("cn", cn) + to_remove = [] + remove_failed = [] + completed = 0 + + members = kw.get('groups', '').split(',') + for m in members: + if not m: continue + try: + member_dn = ldap.find_entry_dn("cn", m) + to_remove.append(member_dn) + except errors.NotFound: + remove_failed.append(m) + continue + + members = kw.get('users', '').split(',') + for m in members: + try: + member_dn = ldap.find_entry_dn("uid", m,) + to_remove.append(member_dn) + except errors.NotFound: + remove_failed.append(m) + continue + + for member_dn in to_remove: + try: + ldap.remove_member_from_group(member_dn, dn) + completed+=1 + except: + remove_failed.append(member_dn) + + return remove_failed + + def output_for_cli(self, remove_failed): + """ + Output result of this command to command line interface. + """ + if remove_failed: + print "These entries failed to be removed from the group:" + for a in remove_failed: + print "\t'%s'" % a + +api.register(group_remove_member) -- cgit From 201a963930b69baff2a31f685cb4cdd38d6da42e Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Mon, 27 Oct 2008 12:23:49 -0400 Subject: Fix comment --- ipalib/plugins/f_group.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index b5f80f93..13af14c1 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -135,7 +135,7 @@ class group_mod(crud.Mod): 'Edit an existing group.' def execute(self, cn, **kw): """ - Execute the user-mod operation. + Execute the group-mod operation. The dn should not be passed as a keyword argument as it is constructed by this method. -- cgit From dd9206deb62c1c96344d2280f672353a53a7fd11 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 31 Oct 2008 17:03:10 -0400 Subject: Uncomment some logging statements ported over from v1. --- ipalib/plugins/f_group.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index 13af14c1..9df83a29 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -111,7 +111,7 @@ class group_del(crud.Del): ldap = self.api.Backend.ldap dn = ldap.find_entry_dn("cn", cn, "posixGroup") -# logging.info("IPA: delete_group '%s'" % dn) + self.log.info("IPA: group-del '%s'" % dn) # Don't allow the default user group to be removed config=ldap.get_ipa_config() -- cgit From fc8ac693726ec33b5c0924f9b8ff5d663705a5a3 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 5 Dec 2008 15:31:18 -0500 Subject: Port plugins to use the new output_for_cli() argument list Fix some errors uncovered by the nosetests --- ipalib/plugins/f_group.py | 95 ++++++++++++++++++++++++++++++----------------- 1 file changed, 61 insertions(+), 34 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index 9df83a29..6fe95006 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -29,6 +29,19 @@ from ipalib import errors from ipalib import ipa_types +def get_members(members): + """ + Return a list of members. + + It is possible that the value passed in is None. + """ + if members: + members = members.split(',') + else: + members = [] + + return members + class group(frontend.Object): """ Group object. @@ -83,12 +96,13 @@ class group_add(crud.Add): return ldap.create(**kw) - def output_for_cli(self, ret): + def output_for_cli(self, textui, result, *args, **options): """ Output result of this command to command line interface. """ - if ret: - print "Group added" + textui.print_name(self.name) + textui.print_entry(result) + textui.print_dashed('Added group "%s"' % result['cn']) api.register(group_add) @@ -121,12 +135,11 @@ class group_del(crud.Del): return ldap.delete(dn) - def output_for_cli(self, ret): + def output_for_cli(self, textui, result, cn): """ Output result of this command to command line interface. """ - if ret: - print "Group deleted" + textui.print_plain("Deleted group %s" % cn) api.register(group_del) @@ -151,12 +164,12 @@ class group_mod(crud.Mod): dn = ldap.find_entry_dn("cn", cn, "posixGroup") return ldap.update(dn, **kw) - def output_for_cli(self, ret): + def output_for_cli(self, textui, result, cn, **options): """ Output result of this command to command line interface. """ - if ret: - print "Group updated" + if result: + textui.print_plain("Group updated") api.register(group_mod) @@ -179,22 +192,24 @@ class group_find(crud.Find): kw['objectclass'] = object_type return ldap.search(**kw) - def output_for_cli(self, groups): - if not groups: + def output_for_cli(self, textui, result, uid, **options): + counter = result[0] + groups = result[1:] + if counter == 0 or len(groups) == 0: + textui.print_plain("No entries found") return - - counter = groups[0] - groups = groups[1:] - if counter == 0: - print "No entries found" + if len(groups) == 1: + textui.print_entry(groups[0]) return - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." + textui.print_name(self.name) for g in groups: - for a in g.keys(): - print "%s: %s" % (a, g[a]) + textui.print_entry(g) + textui.print_plain('') + if counter == -1: + textui.print_plain("These results are truncated.") + textui.print_plain("Please refine your search and try again.") + textui.print_count(groups, '%d groups matched') api.register(group_find) @@ -218,12 +233,24 @@ class group_show(crud.Get): # FIXME: should kw contain the list of attributes to display? return ldap.retrieve(dn) - def output_for_cli(self, group): - if not group: + def output_for_cli(self, textui, result, *args, **options): + counter = result[0] + groups = result[1:] + if counter == 0 or len(groups) == 0: + textui.print_plain("No entries found") return - - for a in group.keys(): - print "%s: %s" % (a, group[a]) + if len(groups) == 1: + textui.print_entry(groups[0]) + return + textui.print_name(self.name) + for u in groups: + textui.print_plain('%(givenname)s %(sn)s:' % u) + textui.print_entry(u) + textui.print_plain('') + if counter == -1: + textui.print_plain('These results are truncated.') + textui.print_plain('Please refine your search and try again.') + textui.print_count(groups, '%d groups matched') api.register(group_show) @@ -253,7 +280,7 @@ class group_add_member(frontend.Command): to_add = [] completed = 0 - members = kw.get('groups', '').split(',') + members = get_members(kw.get('groups', '')) for m in members: if not m: continue try: @@ -263,7 +290,7 @@ class group_add_member(frontend.Command): add_failed.append(m) continue - members = kw.get('users', '').split(',') + members = get_members(kw.get('users', '')) for m in members: if not m: continue try: @@ -282,11 +309,11 @@ class group_add_member(frontend.Command): return add_failed - def output_for_cli(self, add_failed): + def output_for_cli(self, textui, result, *args, **options): """ Output result of this command to command line interface. """ - if add_failed: + if result: print "These entries failed to add to the group:" for a in add_failed: print "\t'%s'" % a @@ -320,7 +347,7 @@ class group_remove_member(frontend.Command): remove_failed = [] completed = 0 - members = kw.get('groups', '').split(',') + members = get_members(kw.get('groups', '')) for m in members: if not m: continue try: @@ -330,7 +357,7 @@ class group_remove_member(frontend.Command): remove_failed.append(m) continue - members = kw.get('users', '').split(',') + members = get_members(kw.get('users', '')) for m in members: try: member_dn = ldap.find_entry_dn("uid", m,) @@ -348,11 +375,11 @@ class group_remove_member(frontend.Command): return remove_failed - def output_for_cli(self, remove_failed): + def output_for_cli(self, textui, result, *args, **options): """ Output result of this command to command line interface. """ - if remove_failed: + if result: print "These entries failed to be removed from the group:" for a in remove_failed: print "\t'%s'" % a -- cgit From 46bd3974af5ce312cb1dd3ca12e6184d78dc470e Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 10 Dec 2008 16:45:07 -0500 Subject: Don't pass along the kw dictionary we were passed by XML-RPC. We generally want to just search indexed attributes. We get this list of attributes from the configuration, use it. --- ipalib/plugins/f_group.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index 6fe95006..803e5d00 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -184,13 +184,14 @@ class group_find(crud.Find): search_fields_conf_str = config.get('ipagroupsearchfields') search_fields = search_fields_conf_str.split(",") + search_kw = {} for s in search_fields: - kw[s] = term + search_kw[s] = term object_type = ldap.get_object_type("cn") if object_type and not kw.get('objectclass'): - kw['objectclass'] = object_type - return ldap.search(**kw) + search_kw['objectclass'] = object_type + return ldap.search(**search_kw) def output_for_cli(self, textui, result, uid, **options): counter = result[0] -- cgit From 29e5a58795da7283eb5976d14f8e5344d4db0e28 Mon Sep 17 00:00:00 2001 From: Jason Gerard DeRose Date: Wed, 14 Jan 2009 21:23:20 -0700 Subject: Updated group plugins module to where it can at least be imported --- ipalib/plugins/f_group.py | 38 +++++++++++++++++--------------------- 1 file changed, 17 insertions(+), 21 deletions(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index 803e5d00..c9d7b86b 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -21,12 +21,9 @@ Frontend plugins for group (Identity). """ -from ipalib import frontend -from ipalib import crud -from ipalib.frontend import Param -from ipalib import api -from ipalib import errors -from ipalib import ipa_types +from ipalib import api, crud, errors +from ipalib import Object, Command # Plugin base classes +from ipalib import Str, Int # Parameter types def get_members(members): @@ -42,24 +39,23 @@ def get_members(members): return members -class group(frontend.Object): +class group(Object): """ Group object. """ takes_params = ( - Param('description', + Str('description', doc='A description of this group', ), - Param('gidnumber?', + Int('gidnumber?', cli_name='gid', - type=ipa_types.Int(), doc='The gid to use for this group. If not included one is automatically set.', ), - Param('cn', + Str('cn', cli_name='name', primary_key=True, - normalize=lambda value: value.lower(), - ) + normalizer=lambda value: value.lower(), + ), ) api.register(group) @@ -256,14 +252,14 @@ class group_show(crud.Get): api.register(group_show) -class group_add_member(frontend.Command): +class group_add_member(Command): 'Add a member to a group.' takes_args = ( - Param('group', primary_key=True), + Str('group', primary_key=True), ) takes_options = ( - Param('users?', doc='comma-separated list of users to add'), - Param('groups?', doc='comma-separated list of groups to add'), + Str('users?', doc='comma-separated list of users to add'), + Str('groups?', doc='comma-separated list of groups to add'), ) def execute(self, cn, **kw): """ @@ -323,14 +319,14 @@ class group_add_member(frontend.Command): api.register(group_add_member) -class group_remove_member(frontend.Command): +class group_remove_member(Command): 'Remove a member from a group.' takes_args = ( - Param('group', primary_key=True), + Str('group', primary_key=True), ) takes_options = ( - Param('users?', doc='comma-separated list of users to remove'), - Param('groups?', doc='comma-separated list of groups to remove'), + Str('users?', doc='comma-separated list of users to remove'), + Str('groups?', doc='comma-separated list of groups to remove'), ) def execute(self, cn, **kw): """ -- cgit From ec86208a9007ec9febca620c777b80b20e9c360d Mon Sep 17 00:00:00 2001 From: Jason Gerard DeRose Date: Wed, 14 Jan 2009 22:19:31 -0700 Subject: Updated passwd plugins module to where it can at least be imported --- ipalib/plugins/f_group.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipalib/plugins/f_group.py') diff --git a/ipalib/plugins/f_group.py b/ipalib/plugins/f_group.py index c9d7b86b..740b32f8 100644 --- a/ipalib/plugins/f_group.py +++ b/ipalib/plugins/f_group.py @@ -23,7 +23,7 @@ Frontend plugins for group (Identity). from ipalib import api, crud, errors from ipalib import Object, Command # Plugin base classes -from ipalib import Str, Int # Parameter types +from ipalib import Str, Int # Parameter types def get_members(members): -- cgit