diff options
author | Jan Cholasta <jcholast@redhat.com> | 2016-06-30 06:37:52 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2016-06-30 16:32:20 +0200 |
commit | 0f578ec36ccb3ceb91d64e3967a4fcd01b240895 (patch) | |
tree | 492d4aabe215f7b57c7a3fd5198c0cc6b03f2102 | |
parent | ae5f11b4de1d5e353a2e1b8345e316949f4b75ed (diff) | |
download | freeipa-0f578ec36ccb3ceb91d64e3967a4fcd01b240895.tar.gz freeipa-0f578ec36ccb3ceb91d64e3967a4fcd01b240895.tar.xz freeipa-0f578ec36ccb3ceb91d64e3967a4fcd01b240895.zip |
user: add object plugin for user_status
Change user_status from a method of user to a method of a new userstatus
class, which defines the extra attributes returned by user_status.
This fixes user_status CLI output.
https://fedorahosted.org/freeipa/ticket/4739
Reviewed-By: David Kupka <dkupka@redhat.com>
-rw-r--r-- | API.txt | 6 | ||||
-rw-r--r-- | VERSION | 4 | ||||
-rw-r--r-- | ipaserver/plugins/baseuser.py | 18 | ||||
-rw-r--r-- | ipaserver/plugins/stageuser.py | 2 | ||||
-rw-r--r-- | ipaserver/plugins/user.py | 52 |
5 files changed, 50 insertions, 32 deletions
@@ -5863,10 +5863,9 @@ output: Output('result', type=[<type 'dict'>]) output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>]) output: ListOfPrimaryKeys('value') command: user_status/1 -args: 1,4,4 -arg: Str('uid', cli_name='login') +args: 1,3,4 +arg: Str('useruid', cli_name='login') option: Flag('all', autofill=True, cli_name='all', default=False) -option: Flag('no_members', autofill=True, default=False) option: Flag('raw', autofill=True, cli_name='raw', default=False) option: Str('version?') output: Output('count', type=[<type 'int'>]) @@ -6615,6 +6614,7 @@ default: user_stage/1 default: user_status/1 default: user_undel/1 default: user_unlock/1 +default: userstatus/1 default: vault/1 default: vault_add_internal/1 default: vault_add_member/1 @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=203 -# Last change: host: added authentication indicators +IPA_API_VERSION_MINOR=204 +# Last change: user: add object plugin for user_status diff --git a/ipaserver/plugins/baseuser.py b/ipaserver/plugins/baseuser.py index 8087418d1..9c4af66f9 100644 --- a/ipaserver/plugins/baseuser.py +++ b/ipaserver/plugins/baseuser.py @@ -61,24 +61,6 @@ baseuser_output_params = ( ), ) -status_baseuser_output_params = ( - Str('server', - label=_('Server'), - ), - Str('krbloginfailedcount', - label=_('Failed logins'), - ), - Str('krblastsuccessfulauth', - label=_('Last successful authentication'), - ), - Str('krblastfailedauth', - label=_('Last failed authentication'), - ), - Str('now', - label=_('Time now'), - ), - ) - UPG_DEFINITION_DN = DN(('cn', 'UPG Definition'), ('cn', 'Definitions'), ('cn', 'Managed Entries'), diff --git a/ipaserver/plugins/stageuser.py b/ipaserver/plugins/stageuser.py index 9d5d40453..3b9388f60 100644 --- a/ipaserver/plugins/stageuser.py +++ b/ipaserver/plugins/stageuser.py @@ -40,7 +40,6 @@ from .baseuser import ( NO_UPG_MAGIC, baseuser_pwdchars, baseuser_output_params, - status_baseuser_output_params, baseuser_add_manager, baseuser_remove_manager) from ipalib.request import context @@ -102,7 +101,6 @@ register = Registry() stageuser_output_params = baseuser_output_params -status_output_params = status_baseuser_output_params @register() class stageuser(baseuser): diff --git a/ipaserver/plugins/user.py b/ipaserver/plugins/user.py index adc59fcba..7c5221c85 100644 --- a/ipaserver/plugins/user.py +++ b/ipaserver/plugins/user.py @@ -38,7 +38,6 @@ from .baseuser import ( NO_UPG_MAGIC, UPG_DEFINITION_DN, baseuser_output_params, - status_baseuser_output_params, baseuser_pwdchars, validate_nsaccountlock, convert_nsaccountlock, @@ -48,6 +47,7 @@ from .baseuser import ( from .idviews import remove_ipaobject_overrides from ipalib.plugable import Registry from .baseldap import ( + LDAPObject, pkey_to_value, LDAPCreate, LDAPSearch, @@ -118,8 +118,6 @@ register = Registry() user_output_params = baseuser_output_params -status_output_params = status_baseuser_output_params - def check_protected_member(user, protected_group_name=u'admins'): ''' @@ -990,6 +988,38 @@ class user_unlock(LDAPQuery): @register() +class userstatus(LDAPObject): + parent_object = 'user' + + takes_params = ( + Bool('preserved?', + label=_('Preserved user'), + flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'}, + ), + Str('server', + label=_('Server'), + flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'}, + ), + Str('krbloginfailedcount', + label=_('Failed logins'), + flags={'no_create', 'no_update', 'no_search'}, + ), + Str('krblastsuccessfulauth', + label=_('Last successful authentication'), + flags={'no_create', 'no_update', 'no_search'}, + ), + Str('krblastfailedauth', + label=_('Last failed authentication'), + flags={'no_create', 'no_update', 'no_search'}, + ), + Str('now', + label=_('Time now'), + flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'}, + ), + ) + + +@register() class user_status(LDAPQuery): __doc__ = _(""" Lockout status of a user account @@ -1013,12 +1043,20 @@ class user_status(LDAPQuery): login attempt is older than the lockouttime of the password policy. This means that the user may attempt a login again. """) + obj_name = 'userstatus' + attr_name = 'find' + has_output = output.standard_list_of_entries - has_output_params = LDAPSearch.has_output_params + status_output_params + + def get_args(self): + for arg in super(user_status, self).get_args(): + if arg.name == 'useruid': + arg = arg.clone(cli_name='login') + yield arg def execute(self, *keys, **options): ldap = self.obj.backend - dn = self.obj.get_either_dn(*keys, **options) + dn = self.api.Object.user.get_either_dn(*keys, **options) attr_list = ['krbloginfailedcount', 'krblastsuccessfulauth', 'krblastfailedauth', 'nsaccountlock'] disabled = False @@ -1074,11 +1112,11 @@ class user_status(LDAPQuery): convert_nsaccountlock(entry) if 'nsaccountlock' in entry: disabled = entry['nsaccountlock'] - self.obj.get_preserved_attribute(entry, options) + self.api.Object.user.get_preserved_attribute(entry, options) entries.append(newresult) count += 1 except errors.NotFound: - self.obj.handle_not_found(*keys) + self.api.Object.user.handle_not_found(*keys) except Exception as e: self.error("user_status: Retrieving status for %s failed with %s" % (dn, str(e))) newresult = {'dn': dn} |