diff options
Diffstat (limited to 'ipaserver/plugins/user.py')
-rw-r--r-- | ipaserver/plugins/user.py | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/ipaserver/plugins/user.py b/ipaserver/plugins/user.py index c231847d5..b3ae7646f 100644 --- a/ipaserver/plugins/user.py +++ b/ipaserver/plugins/user.py @@ -43,7 +43,9 @@ from .baseuser import ( convert_nsaccountlock, fix_addressbook_permission_bindrule, baseuser_add_manager, - baseuser_remove_manager) + baseuser_remove_manager, + baseuser_add_principal, + baseuser_remove_principal) from .idviews import remove_ipaobject_overrides from ipalib.plugable import Registry from .baseldap import ( @@ -287,6 +289,14 @@ class user(baseuser): 'Modify Users and Reset passwords', }, }, + 'System: Manage User Principals': { + 'ipapermright': {'write'}, + 'ipapermdefaultattr': {'krbprincipalname', 'krbcanonicalname'}, + 'default_privileges': { + 'User Administrators', + 'Modify Users and Reset passwords', + }, + }, 'System: Modify Users': { 'ipapermright': {'write'}, 'ipapermdefaultattr': { @@ -1187,3 +1197,15 @@ class user_add_manager(baseuser_add_manager): @register() class user_remove_manager(baseuser_remove_manager): __doc__ = _("Remove a manager to the user entry") + + +@register() +class user_add_principal(baseuser_add_principal): + __doc__ = _('Add new principal alias to the user entry') + msg_summary = _('Added new aliases to user "%(value)s"') + + +@register() +class user_remove_principal(baseuser_remove_principal): + __doc__ = _('Remove principal alias from the user entry') + msg_summary = _('Removed aliases from user "%(value)s"') |