diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2016-06-23 18:54:49 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-07-01 09:37:25 +0200 |
| commit | c2af032c0333f7e210c54369159d1d9f5e3fec74 (patch) | |
| tree | 5aae121cbe6be08755e8b4c6484a316b99eb997e /ipaserver/plugins/passwd.py | |
| parent | 974eb7b5efd20ad2195b0ad578637ab31f4c1df4 (diff) | |
| download | freeipa-c2af032c0333f7e210c54369159d1d9f5e3fec74.tar.gz freeipa-c2af032c0333f7e210c54369159d1d9f5e3fec74.tar.xz freeipa-c2af032c0333f7e210c54369159d1d9f5e3fec74.zip | |
Migrate management framework plugins to use Principal parameter
All plugins will now use this parameter and common code for all operations on
Kerberos principals. Additional semantic validators and normalizers were
added to determine or append a correct realm so that the previous behavior is
kept intact.
https://fedorahosted.org/freeipa/ticket/3864
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/plugins/passwd.py')
| -rw-r--r-- | ipaserver/plugins/passwd.py | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/ipaserver/plugins/passwd.py b/ipaserver/plugins/passwd.py index 253a0d35d..1576c4ca8 100644 --- a/ipaserver/plugins/passwd.py +++ b/ipaserver/plugins/passwd.py @@ -17,15 +17,22 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +import six + from ipalib import api, errors, krb_utils from ipalib import Command -from ipalib import Str, Password +from ipalib import Password from ipalib import _ from ipalib import output +from ipalib.parameters import Principal from ipalib.plugable import Registry -from .baseuser import validate_principal, normalize_principal from ipalib.request import context +from ipapython import kerberos from ipapython.dn import DN +from ipaserver.plugins.service import validate_realm, normalize_principal + +if six.PY3: + unicode = str __doc__ = _(""" Set a user's password @@ -59,7 +66,7 @@ def get_current_password(principal): be ignored later. """ current_principal = krb_utils.get_principal() - if current_principal == normalize_principal(principal): + if current_principal == unicode(normalize_principal(principal)): return None else: return MAGIC_VALUE @@ -69,12 +76,14 @@ class passwd(Command): __doc__ = _("Set a user's password.") takes_args = ( - Str('principal', validate_principal, + Principal( + 'principal', + validate_realm, cli_name='user', label=_('User name'), primary_key=True, autofill=True, - default_from=lambda: krb_utils.get_principal(), + default_from=lambda: kerberos.Principal(krb_utils.get_principal()), normalizer=lambda value: normalize_principal(value), ), Password('password', @@ -114,6 +123,8 @@ class passwd(Command): """ ldap = self.api.Backend.ldap2 + principal = unicode(principal) + entry_attrs = ldap.find_entry_by_attr( 'krbprincipalname', principal, 'posixaccount', [''], DN(api.env.container_user, api.env.basedn) |