summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2014-03-27 14:04:00 +0100
committerPetr Viktorin <pviktori@redhat.com>2014-04-18 14:59:20 +0200
commit4314d02fbf9ef1cb9543ecf76a8d22e79d250214 (patch)
tree8c6ac601e881712e8cf7c25fce420026a3762553 /ipalib
parentc644b47492e22370bc71f57e5ac46b50f9b4e247 (diff)
downloadfreeipa-4314d02fbf9ef1cb9543ecf76a8d22e79d250214.tar.gz
freeipa-4314d02fbf9ef1cb9543ecf76a8d22e79d250214.tar.xz
freeipa-4314d02fbf9ef1cb9543ecf76a8d22e79d250214.zip
Allow primary keys to use different type than unicode.
Also return list of primary keys instead of a single unicode CSV value from LDAPDelete-based commands. This introduces a new capability 'primary_key_types' for backward compatibility with old clients. Reviewed-By: Tomas Babej <tbabej@redhat.com>
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/capabilities.py3
-rw-r--r--ipalib/cli.py3
-rw-r--r--ipalib/frontend.py15
-rw-r--r--ipalib/output.py52
-rw-r--r--ipalib/plugins/aci.py12
-rw-r--r--ipalib/plugins/automember.py20
-rw-r--r--ipalib/plugins/automount.py8
-rw-r--r--ipalib/plugins/baseldap.py69
-rw-r--r--ipalib/plugins/delegation.py10
-rw-r--r--ipalib/plugins/dns.py13
-rw-r--r--ipalib/plugins/group.py2
-rw-r--r--ipalib/plugins/hbacrule.py4
-rw-r--r--ipalib/plugins/host.py2
-rw-r--r--ipalib/plugins/krbtpolicy.py4
-rw-r--r--ipalib/plugins/selfservice.py10
-rw-r--r--ipalib/plugins/selinuxusermap.py4
-rw-r--r--ipalib/plugins/service.py2
-rw-r--r--ipalib/plugins/sudorule.py4
-rw-r--r--ipalib/plugins/trust.py30
-rw-r--r--ipalib/plugins/user.py6
20 files changed, 179 insertions, 94 deletions
diff --git a/ipalib/capabilities.py b/ipalib/capabilities.py
index b60a570cf..3dd93294f 100644
--- a/ipalib/capabilities.py
+++ b/ipalib/capabilities.py
@@ -45,6 +45,9 @@ capabilities = dict(
# permissions2: Reworked permission system
# http://www.freeipa.org/page/V3/Permissions_V2
permissions2=u'2.69',
+
+ # primary_key_types: Non-unicode primary keys in command output
+ primary_key_types=u'2.83',
)
diff --git a/ipalib/cli.py b/ipalib/cli.py
index 067d78089..4250aaf54 100644
--- a/ipalib/cli.py
+++ b/ipalib/cli.py
@@ -363,7 +363,8 @@ class textui(backend.Backend):
label = labels.get(key, key)
flag = flags.get(key, [])
value = entry[key]
- if 'suppress_empty' in flag and value in [u'', '', [], None]:
+ if ('suppress_empty' in flag and
+ value in [u'', '', (), [], None]):
continue
if isinstance(value, dict):
if frontend.entry_count(value) == 0:
diff --git a/ipalib/frontend.py b/ipalib/frontend.py
index 76c53eba5..66be7939f 100644
--- a/ipalib/frontend.py
+++ b/ipalib/frontend.py
@@ -439,12 +439,9 @@ class Command(HasParam):
and 'summary' in self.output
and 'summary' not in ret
):
- if self.msg_summary:
- ret['summary'] = self.msg_summary % ret
- else:
- ret['summary'] = None
+ ret['summary'] = self.get_summary_default(ret)
if self.use_output_validation and (self.output or ret is not None):
- self.validate_output(ret)
+ self.validate_output(ret, options.get('version', API_VERSION))
return ret
def soft_validate(self, values):
@@ -918,7 +915,7 @@ class Command(HasParam):
flags=['no_option', 'no_output'],
)
- def validate_output(self, output):
+ def validate_output(self, output, version=API_VERSION):
"""
Validate the return value to make sure it meets the interface contract.
"""
@@ -947,7 +944,7 @@ class Command(HasParam):
nice, o.name, o.type, type(value), value)
)
if callable(o.validate):
- o.validate(self, value)
+ o.validate(self, value, version)
def get_output_params(self):
for param in self._get_param_iterable('output_params', verb='has'):
@@ -959,6 +956,10 @@ class Command(HasParam):
continue
yield param
+ def get_summary_default(self, output):
+ if self.msg_summary:
+ return self.msg_summary % output
+
def log_messages(self, output, logger):
logger_functions = dict(
debug=logger.debug,
diff --git a/ipalib/output.py b/ipalib/output.py
index 1f42b4d6e..3501cddd2 100644
--- a/ipalib/output.py
+++ b/ipalib/output.py
@@ -24,6 +24,7 @@ Simple description of return values.
from inspect import getdoc
from types import NoneType
from plugable import ReadOnly, lock
+from capabilities import client_has_capability
from text import _
@@ -99,7 +100,7 @@ class ListOfEntries(Output):
type = (list, tuple)
doc = _('A list of LDAP entries')
- def validate(self, cmd, entries):
+ def validate(self, cmd, entries, version):
assert isinstance(entries, self.type)
for (i, entry) in enumerate(entries):
if not isinstance(entry, dict):
@@ -107,6 +108,47 @@ class ListOfEntries(Output):
self.name, i, dict, type(entry), entry)
)
+class PrimaryKey(Output):
+ def validate(self, cmd, value, version):
+ if client_has_capability(version, 'primary_key_types'):
+ if hasattr(cmd, 'obj') and cmd.obj and cmd.obj.primary_key:
+ types = cmd.obj.primary_key.allowed_types
+ else:
+ types = (unicode,)
+ types = types + (NoneType,)
+ else:
+ types = (unicode,)
+ if not isinstance(value, types):
+ raise TypeError(
+ "%s.validate_output() => %s.validate():\n"
+ " output[%r]: need %r; got %r: %r" % (
+ cmd.name, self.__class__.__name__, self.name,
+ types[0], type(value), value))
+
+class ListOfPrimaryKeys(Output):
+ def validate(self, cmd, values, version):
+ if client_has_capability(version, 'primary_key_types'):
+ types = (tuple, list)
+ else:
+ types = (unicode,)
+ if not isinstance(values, types):
+ raise TypeError(
+ "%s.validate_output() => %s.validate():\n"
+ " output[%r]: need %r; got %r: %r" % (
+ cmd.name, self.__class__.__name__, self.name,
+ types[0], type(values), values))
+
+ if client_has_capability(version, 'primary_key_types'):
+ if hasattr(cmd, 'obj') and cmd.obj and cmd.obj.primary_key:
+ types = cmd.obj.primary_key.allowed_types
+ else:
+ types = (unicode,)
+ for (i, value) in enumerate(values):
+ if not isinstance(value, types):
+ raise TypeError(emsg % (
+ cmd.name, self.__class__.__name__, i, self.name,
+ types[0], type(value), value))
+
result = Output('result', doc=_('All commands should at least have a result'))
@@ -114,7 +156,7 @@ summary = Output('summary', (unicode, NoneType),
_('User-friendly description of action performed')
)
-value = Output('value', unicode,
+value = PrimaryKey('value', None,
_("The primary_key value of the entry, e.g. 'jdoe' for a user"),
flags=['no_display'],
)
@@ -140,6 +182,12 @@ standard_delete = (
value,
)
+standard_multi_delete = (
+ summary,
+ Output('result', dict, _('List of deletions that failed')),
+ ListOfPrimaryKeys('value', flags=['no_display']),
+)
+
standard_boolean = (
summary,
Output('result', bool, _('True means the operation was successful')),
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py
index 45900b357..4821089f1 100644
--- a/ipalib/plugins/aci.py
+++ b/ipalib/plugins/aci.py
@@ -126,7 +126,7 @@ from ipalib.aci import ACI
from ipalib import output
from ipalib import _, ngettext
from ipalib.plugable import Registry
-from ipalib.plugins.baseldap import gen_pkey_only_option
+from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
from ipapython.ipa_log_manager import *
from ipapython.dn import DN
@@ -557,7 +557,7 @@ class aci_add(crud.Create):
result = _aci_to_kw(ldap, newaci, kw.get('test', False))
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
@@ -598,7 +598,7 @@ class aci_del(crud.Delete):
return dict(
result=True,
- value=aciname,
+ value=pkey_to_value(aciname, options),
)
@@ -666,7 +666,7 @@ class aci_mod(crud.Update):
result = _aci_to_kw(ldap, newaci)
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
@@ -919,7 +919,7 @@ class aci_show(crud.Retrieve):
result = _aci_to_kw(ldap, aci)
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
@@ -981,5 +981,5 @@ class aci_rename(crud.Update):
result = _aci_to_kw(ldap, newaci)
return dict(
result=result,
- value=kw['newname'],
+ value=pkey_to_value(kw['newname'], kw),
)
diff --git a/ipalib/plugins/automember.py b/ipalib/plugins/automember.py
index dad35d458..3166c6958 100644
--- a/ipalib/plugins/automember.py
+++ b/ipalib/plugins/automember.py
@@ -297,7 +297,7 @@ class automember_add(LDAPCreate):
def execute(self, *keys, **options):
result = super(automember_add, self).execute(*keys, **options)
- result['value'] = keys[-1]
+ result['value'] = pkey_to_value(keys[-1], options)
return result
@@ -389,7 +389,7 @@ class automember_add_condition(LDAPUpdate):
result = {'result': getattr(context, 'entry_attrs'), 'value': keys[-1]}
result['failed'] = getattr(context, 'failed')
result['completed'] = getattr(context, 'completed')
- result['value'] = keys[-1]
+ result['value'] = pkey_to_value(keys[-1], options)
return result
@@ -476,7 +476,7 @@ class automember_remove_condition(LDAPUpdate):
result = {'result': getattr(context, 'entry_attrs'), 'value': keys[-1]}
result['failed'] = getattr(context, 'failed')
result['completed'] = getattr(context, 'completed')
- result['value'] = keys[-1]
+ result['value'] = pkey_to_value(keys[-1], options)
return result
@@ -491,7 +491,7 @@ class automember_mod(LDAPUpdate):
def execute(self, *keys, **options):
result = super(automember_mod, self).execute(*keys, **options)
- result['value'] = keys[-1]
+ result['value'] = pkey_to_value(keys[-1], options)
return result
@@ -506,7 +506,7 @@ class automember_del(LDAPDelete):
def execute(self, *keys, **options):
result = super(automember_del, self).execute(*keys, **options)
- result['value'] = keys[-1]
+ result['value'] = pkey_to_value([keys[-1]], options)
return result
@@ -540,7 +540,7 @@ class automember_show(LDAPRetrieve):
def execute(self, *keys, **options):
result = super(automember_show, self).execute(*keys, **options)
- result['value'] = keys[-1]
+ result['value'] = pkey_to_value(keys[-1], options)
return result
@@ -568,7 +568,7 @@ class automember_default_group_set(LDAPUpdate):
def execute(self, *keys, **options):
result = super(automember_default_group_set, self).execute(*keys, **options)
- result['value'] = options['type']
+ result['value'] = pkey_to_value(options['type'], options)
return result
@@ -602,7 +602,7 @@ class automember_default_group_remove(LDAPUpdate):
def execute(self, *keys, **options):
result = super(automember_default_group_remove, self).execute(*keys, **options)
- result['value'] = options['type']
+ result['value'] = pkey_to_value(options['type'], options)
return result
@@ -626,7 +626,7 @@ class automember_default_group_show(LDAPRetrieve):
def execute(self, *keys, **options):
result = super(automember_default_group_show, self).execute(*keys, **options)
- result['value'] = options['type']
+ result['value'] = pkey_to_value(options['type'], options)
return result
@@ -777,4 +777,4 @@ class automember_rebuild(Command):
return dict(
result=result,
summary=unicode(summary),
- value=u'')
+ value=pkey_to_value(None, options))
diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py
index b961b1c17..7b426b688 100644
--- a/ipalib/plugins/automount.py
+++ b/ipalib/plugins/automount.py
@@ -827,7 +827,7 @@ class automountkey_add(LDAPCreate):
options[self.obj.primary_key.name] = self.obj.get_pk(key, info)
options['add_operation'] = True
result = super(automountkey_add, self).execute(*keys, **options)
- result['value'] = options['automountkey']
+ result['value'] = pkey_to_value(options['automountkey'], options)
return result
api.register(automountkey_add)
@@ -923,7 +923,7 @@ class automountkey_del(LDAPDelete):
options['automountkey'],
options.get('automountinformation', None))
result = super(automountkey_del, self).execute(*keys, **options)
- result['value'] = options['automountkey']
+ result['value'] = pkey_to_value([options['automountkey']], options)
return result
api.register(automountkey_del)
@@ -982,7 +982,7 @@ class automountkey_mod(LDAPUpdate):
options['rename'] = new_rdn
result = super(automountkey_mod, self).execute(*keys, **options)
- result['value'] = options['automountkey']
+ result['value'] = pkey_to_value(options['automountkey'], options)
return result
api.register(automountkey_mod)
@@ -1026,7 +1026,7 @@ class automountkey_show(LDAPRetrieve):
options.get('automountinformation', None))
result = super(automountkey_show, self).execute(*keys, **options)
- result['value'] = options['automountkey']
+ result['value'] = pkey_to_value(options['automountkey'], options)
return result
api.register(automountkey_show)
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index 6a8b4f822..949e5753b 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -32,7 +32,9 @@ from ipalib.cli import to_cli
from ipalib import output
from ipalib.text import _
from ipalib.util import json_serialize, validate_hostname
+from ipalib.capabilities import client_has_capability
from ipapython.dn import DN, RDN
+from ipapython.version import API_VERSION
DNA_MAGIC = -1
@@ -240,6 +242,20 @@ def entry_to_dict(entry, **options):
result['dn'] = entry.dn
return result
+def pkey_to_unicode(key):
+ if key is None:
+ key = []
+ elif not isinstance(key, (tuple, list)):
+ key = [key]
+ key = u','.join(unicode(k) for k in key)
+ return key
+
+def pkey_to_value(key, options):
+ version = options.get('version', API_VERSION)
+ if client_has_capability(version, 'primary_key_types'):
+ return key
+ return pkey_to_unicode(key)
+
def wait_for_value(ldap, dn, attr, value):
"""
389-ds postoperation plugins are executed after the data has been
@@ -768,6 +784,12 @@ last, after all sets and adds."""),
_callback_registry = dict(pre={}, post={}, exc={}, interactive_prompt={})
+ def get_summary_default(self, output):
+ if 'value' in output:
+ output = dict(output)
+ output['value'] = pkey_to_unicode(output['value'])
+ return super(BaseLDAPCommand, self).get_summary_default(output)
+
def _convert_2_dict(self, ldap, attrs):
"""
Convert a string in the form of name/value pairs into a dictionary.
@@ -1103,9 +1125,12 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn
- if self.obj.primary_key and keys[-1] is not None:
- return dict(result=entry_attrs, value=keys[-1])
- return dict(result=entry_attrs, value=u'')
+ if self.obj.primary_key:
+ pkey = keys[-1]
+ else:
+ pkey = None
+
+ return dict(result=entry_attrs, value=pkey_to_value(pkey, options))
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
assert isinstance(dn, DN)
@@ -1227,9 +1252,12 @@ class LDAPRetrieve(LDAPQuery):
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn
- if self.obj.primary_key and keys[-1] is not None:
- return dict(result=entry_attrs, value=keys[-1])
- return dict(result=entry_attrs, value=u'')
+ if self.obj.primary_key:
+ pkey = keys[-1]
+ else:
+ pkey = None
+
+ return dict(result=entry_attrs, value=pkey_to_value(pkey, options))
def pre_callback(self, ldap, dn, attrs_list, *keys, **options):
assert isinstance(dn, DN)
@@ -1363,9 +1391,12 @@ class LDAPUpdate(LDAPQuery, crud.Update):
entry_attrs = entry_to_dict(entry_attrs, **options)
- if self.obj.primary_key and keys[-1] is not None:
- return dict(result=entry_attrs, value=keys[-1])
- return dict(result=entry_attrs, value=u'')
+ if self.obj.primary_key:
+ pkey = keys[-1]
+ else:
+ pkey = None
+
+ return dict(result=entry_attrs, value=pkey_to_value(pkey, options))
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
assert isinstance(dn, DN)
@@ -1386,7 +1417,7 @@ class LDAPDelete(LDAPMultiQuery):
"""
Delete an LDAP entry and all of its direct subentries.
"""
- has_output = output.standard_delete
+ has_output = output.standard_multi_delete
has_output_params = global_output_params
@@ -1433,28 +1464,28 @@ class LDAPDelete(LDAPMultiQuery):
return result
- if not self.obj.primary_key or not isinstance(keys[-1], (list, tuple)):
- pkeyiter = (keys[-1], )
- else:
+ if self.obj.primary_key and isinstance(keys[-1], (list, tuple)):
pkeyiter = keys[-1]
+ elif keys[-1] is not None:
+ pkeyiter = [keys[-1]]
+ else:
+ pkeyiter = []
deleted = []
failed = []
- result = True
for pkey in pkeyiter:
try:
- if not delete_entry(pkey):
- result = False
+ delete_entry(pkey)
except errors.ExecutionError:
if not options.get('continue', False):
raise
failed.append(pkey)
else:
deleted.append(pkey)
+ deleted = pkey_to_value(deleted, options)
+ failed = pkey_to_value(failed, options)
- if self.obj.primary_key and pkeyiter[0] is not None:
- return dict(result=dict(failed=u','.join(failed)), value=u','.join(deleted))
- return dict(result=dict(failed=u''), value=u'')
+ return dict(result=dict(failed=failed), value=deleted)
def pre_callback(self, ldap, dn, *keys, **options):
assert isinstance(dn, DN)
diff --git a/ipalib/plugins/delegation.py b/ipalib/plugins/delegation.py
index bab76ccbc..93129fbc4 100644
--- a/ipalib/plugins/delegation.py
+++ b/ipalib/plugins/delegation.py
@@ -24,7 +24,7 @@ from ipalib.request import context
from ipalib import api, crud, errors
from ipalib import output
from ipalib import Object, Command
-from ipalib.plugins.baseldap import gen_pkey_only_option
+from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
__doc__ = _("""
Group to Group Delegation
@@ -141,7 +141,7 @@ class delegation_add(crud.Create):
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(delegation_add)
@@ -159,7 +159,7 @@ class delegation_del(crud.Delete):
self.obj.postprocess_result(result)
return dict(
result=True,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(delegation_del)
@@ -178,7 +178,7 @@ class delegation_mod(crud.Update):
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(delegation_mod)
@@ -220,7 +220,7 @@ class delegation_show(crud.Retrieve):
self.obj.postprocess_result(result)
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(delegation_show)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 876f37619..23b3ad456 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -2012,7 +2012,7 @@ class dnszone_disable(LDAPQuery):
except errors.EmptyModlist:
pass
- return dict(result=True, value=keys[-1])
+ return dict(result=True, value=pkey_to_value(keys[-1], options))
api.register(dnszone_disable)
@@ -2036,7 +2036,7 @@ class dnszone_enable(LDAPQuery):
except errors.EmptyModlist:
pass
- return dict(result=True, value=keys[-1])
+ return dict(result=True, value=pkey_to_value(keys[-1], options))
api.register(dnszone_enable)
@@ -2073,7 +2073,7 @@ class dnszone_add_permission(LDAPQuery):
return dict(
result=True,
- value=permission_name,
+ value=pkey_to_value(permission_name, options),
)
api.register(dnszone_add_permission)
@@ -2106,7 +2106,7 @@ class dnszone_remove_permission(LDAPQuery):
return dict(
result=True,
- value=permission_name,
+ value=pkey_to_value(permission_name, options),
)
api.register(dnszone_remove_permission)
@@ -2957,7 +2957,7 @@ api.register(dnsrecord_delentry)
class dnsrecord_del(LDAPUpdate):
__doc__ = _('Delete DNS resource record.')
- has_output = output.standard_delete
+ has_output = output.standard_multi_delete
no_option_msg = _('Neither --del-all nor options to delete a specific record provided.\n'\
"Command help may be consulted for all supported record types.")
@@ -3045,6 +3045,7 @@ class dnsrecord_del(LDAPUpdate):
return result
result = super(dnsrecord_del, self).execute(*keys, **options)
+ result['value'] = pkey_to_value([keys[-1]], options)
if getattr(context, 'del_all', False) and not \
self.obj.is_pkey_zone_record(*keys):
@@ -3223,7 +3224,7 @@ class dns_is_enabled(Command):
except Exception, e:
pass
- return dict(result=dns_enabled, value=u'')
+ return dict(result=dns_enabled, value=pkey_to_value(None, options))
api.register(dns_is_enabled)
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 644954d94..2cbd7e57a 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -589,7 +589,7 @@ class group_detach(LDAPQuery):
return dict(
result=True,
- value=keys[0],
+ value=pkey_to_value(keys[0], options),
)
api.register(group_detach)
diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py
index 52abb408b..06e9c4e6b 100644
--- a/ipalib/plugins/hbacrule.py
+++ b/ipalib/plugins/hbacrule.py
@@ -324,7 +324,7 @@ class hbacrule_enable(LDAPQuery):
return dict(
result=True,
- value=cn,
+ value=pkey_to_value(cn, options),
)
api.register(hbacrule_enable)
@@ -354,7 +354,7 @@ class hbacrule_disable(LDAPQuery):
return dict(
result=True,
- value=cn,
+ value=pkey_to_value(cn, options),
)
api.register(hbacrule_disable)
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 9b5a39d89..8f770ff02 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -1011,7 +1011,7 @@ class host_disable(LDAPQuery):
return dict(
result=True,
- value=keys[0],
+ value=pkey_to_value(keys[0], options),
)
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
diff --git a/ipalib/plugins/krbtpolicy.py b/ipalib/plugins/krbtpolicy.py
index 4ae676dc5..22a961a4a 100644
--- a/ipalib/plugins/krbtpolicy.py
+++ b/ipalib/plugins/krbtpolicy.py
@@ -216,8 +216,6 @@ class krbtpolicy_reset(LDAPQuery):
entry_attrs = entry_to_dict(entry_attrs, **options)
- if keys[-1] is not None:
- return dict(result=entry_attrs, value=keys[-1])
- return dict(result=entry_attrs, value=u'')
+ return dict(result=entry_attrs, value=pkey_to_value(keys[-1], options))
api.register(krbtpolicy_reset)
diff --git a/ipalib/plugins/selfservice.py b/ipalib/plugins/selfservice.py
index b2ea7677a..a1fd9d355 100644
--- a/ipalib/plugins/selfservice.py
+++ b/ipalib/plugins/selfservice.py
@@ -23,7 +23,7 @@ from ipalib.request import context
from ipalib import api, crud, errors
from ipalib import output
from ipalib import Object, Command
-from ipalib.plugins.baseldap import gen_pkey_only_option
+from ipalib.plugins.baseldap import gen_pkey_only_option, pkey_to_value
__doc__ = _("""
Self-service Permissions
@@ -135,7 +135,7 @@ class selfservice_add(crud.Create):
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(selfservice_add)
@@ -153,7 +153,7 @@ class selfservice_del(crud.Delete):
return dict(
result=True,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(selfservice_del)
@@ -175,7 +175,7 @@ class selfservice_mod(crud.Update):
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(selfservice_mod)
@@ -218,7 +218,7 @@ class selfservice_show(crud.Retrieve):
self.obj.postprocess_result(result)
return dict(
result=result,
- value=aciname,
+ value=pkey_to_value(aciname, kw),
)
api.register(selfservice_show)
diff --git a/ipalib/plugins/selinuxusermap.py b/ipalib/plugins/selinuxusermap.py
index 04a37bd0d..cf1d55d9a 100644
--- a/ipalib/plugins/selinuxusermap.py
+++ b/ipalib/plugins/selinuxusermap.py
@@ -425,7 +425,7 @@ class selinuxusermap_enable(LDAPQuery):
return dict(
result=True,
- value=cn,
+ value=pkey_to_value(cn, options),
)
api.register(selinuxusermap_enable)
@@ -455,7 +455,7 @@ class selinuxusermap_disable(LDAPQuery):
return dict(
result=True,
- value=cn,
+ value=pkey_to_value(cn, options),
)
api.register(selinuxusermap_disable)
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py
index 25f02cd12..f590b666a 100644
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@@ -661,7 +661,7 @@ class service_disable(LDAPQuery):
return dict(
result=True,
- value=keys[0],
+ value=pkey_to_value(keys[0], options),
)
api.register(service_disable)
diff --git a/ipalib/plugins/sudorule.py b/ipalib/plugins/sudorule.py
index 16611aede..627b4b975 100644
--- a/ipalib/plugins/sudorule.py
+++ b/ipalib/plugins/sudorule.py
@@ -699,7 +699,7 @@ class sudorule_add_option(LDAPQuery):
entry_attrs = entry_to_dict(entry_attrs, **options)
- return dict(result=entry_attrs, value=cn)
+ return dict(result=entry_attrs, value=pkey_to_value(cn, options))
def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Added option "%(option)s" to Sudo Rule "%(rule)s"') % \
@@ -755,7 +755,7 @@ class sudorule_remove_option(LDAPQuery):
entry_attrs = entry_to_dict(entry_attrs, **options)
- return dict(result=entry_attrs, value=cn)
+ return dict(result=entry_attrs, value=pkey_to_value(cn, options))
def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Removed option "%(option)s" from Sudo Rule "%(rule)s"') % \
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index f57cf7d89..de838803f 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -434,6 +434,7 @@ sides.
)
msg_summary = _('Added Active Directory trust for realm "%(value)s"')
+ msg_summary_existing = _('Re-established trust to domain "%(value)s"')
has_output_params = LDAPCreate.has_output_params + trust_output_params
def execute(self, *keys, **options):
@@ -640,11 +641,6 @@ sides.
except errors.NotFound:
dn = None
- if dn:
- summary = _('Re-established trust to domain "%(value)s"')
- else:
- summary = self.msg_summary
-
# 1. Full access to the remote domain. Use admin credentials and
# generate random trustdom password to do work on both sides
if full_join:
@@ -685,10 +681,13 @@ sides.
error=_('Unable to verify write permissions to the AD'))
ret = dict(
- value=self.trustinstance.remote_domain.info['dns_domain'],
+ value=pkey_to_value(
+ self.trustinstance.remote_domain.info['dns_domain'],
+ options),
verified=result['verified']
)
- ret['summary'] = summary % ret
+ if dn:
+ ret['summary'] = self.msg_summary_existing % ret
return ret
@@ -702,10 +701,13 @@ sides.
options['trust_secret']
)
ret = dict(
- value=self.trustinstance.remote_domain.info['dns_domain'],
+ value=pkey_to_value(
+ self.trustinstance.remote_domain.info['dns_domain'],
+ options),
verified=result['verified']
)
- ret['summary'] = summary % ret
+ if dn:
+ ret['summary'] = self.msg_summary_existing % ret
return ret
raise errors.ValidationError(name=_('AD Trust setup'),
error=_('Not enough arguments specified to perform trust setup'))
@@ -915,7 +917,7 @@ class trustconfig_mod(LDAPUpdate):
def execute(self, *keys, **options):
result = super(trustconfig_mod, self).execute(*keys, **options)
- result['value'] = options['trust_type']
+ result['value'] = pkey_to_value(options['trust_type'], options)
return result
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
@@ -932,7 +934,7 @@ class trustconfig_show(LDAPRetrieve):
def execute(self, *keys, **options):
result = super(trustconfig_show, self).execute(*keys, **options)
- result['value'] = options['trust_type']
+ result['value'] = pkey_to_value(options['trust_type'], options)
return result
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
@@ -1216,7 +1218,7 @@ class trustdomain_del(LDAPDelete):
except errors.AlreadyActive:
pass
result = super(trustdomain_del, self).execute(*keys, **options)
- result['value'] = u','.join(keys[1])
+ result['value'] = pkey_to_value(keys[1], options)
return result
@@ -1346,7 +1348,7 @@ class trustdomain_enable(LDAPQuery):
return dict(
result=True,
- value=keys[1],
+ value=pkey_to_value(keys[1], options),
)
api.register(trustdomain_enable)
@@ -1386,7 +1388,7 @@ class trustdomain_disable(LDAPQuery):
return dict(
result=True,
- value=keys[1],
+ value=pkey_to_value(keys[1], options),
)
api.register(trustdomain_disable)
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 4bdfb26a7..166955933 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -832,7 +832,7 @@ class user_disable(LDAPQuery):
return dict(
result=True,
- value=keys[0],
+ value=pkey_to_value(keys[0], options),
)
api.register(user_disable)
@@ -854,7 +854,7 @@ class user_enable(LDAPQuery):
return dict(
result=True,
- value=keys[0],
+ value=pkey_to_value(keys[0], options),
)
api.register(user_enable)
@@ -883,7 +883,7 @@ class user_unlock(LDAPQuery):
return dict(
result=True,
- value=keys[0],
+ value=pkey_to_value(keys[0], options),
)
api.register(user_unlock)