summaryrefslogtreecommitdiffstats
path: root/ipalib
Commit message (Collapse)AuthorAgeFilesLines
...
* Added fix for notifying user about Kerberos principal expiration in WebUIAbhijeet Kasurde2016-04-151-1/+7
| | | | | | | | | | | | - User is now notified about "Kerberos Principal expiration" message instead of "Wrong username or password" message. - User is also notified about "Invalid password" message instead of generic error message. https://fedorahosted.org/freeipa/ticket/5077 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add activate option to stage user details pagePavel Vomacka2016-04-151-0/+1
| | | | | | | | Add activate option to the action menu on stage user details page. https://fedorahosted.org/freeipa/ticket/5369 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Limit max username length to 255 in config-modMartin Basti2016-04-151-0/+1
| | | | | | | | This value is same as is used in user and stageuser commands. https://fedorahosted.org/freeipa/ticket/5774 Reviewed-By: David Kupka <dkupka@redhat.com>
* specify type of exceeded limit when warning about truncated search resultsMartin Babinsky2016-04-132-3/+6
| | | | | | | | | API commands inheriting from LDAPSearch should mention which limit was exceeded in the warning message sent with truncated results. https://fedorahosted.org/freeipa/ticket/5677 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* differentiate between limit types when LDAP search exceeds configured limitsMartin Babinsky2016-04-133-13/+35
| | | | | | | | | | | When LDAP search fails on exceeded limits, we should raise an specific exception for the type of limit raised (size, time, administrative) so that the consumer can distinguish between e.g. searches returning too many entries and those timing out. https://fedorahosted.org/freeipa/ticket/5677 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host-del --updatedns: print warnings instead of errorMartin Basti2016-04-132-2/+35
| | | | | | | | When DNS records do not exist, print warnings instead of hard error https://fedorahosted.org/freeipa/ticket/5627 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: update help for --updatedns optionMartin Basti2016-04-131-1/+2
| | | | | | | | Clarify that dns removes only A, AAAA, PTR, SSHFP records of the host(s) managed by IPA DNS. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: remove only A, AAAA, SSHFP, PTR recordsMartin Basti2016-04-131-21/+17
| | | | | | | | | only A, AAAA, SSHPF and PTR records are managed by IPA. The other records should be removed by user. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: split removing A/AAAA and PTR records to separate functionsMartin Basti2016-04-131-10/+14
| | | | | | | | | This change is needed because A/AAAA and PTR record will be handled separately. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: remove unneeded dnszone-show command callMartin Basti2016-04-131-18/+12
| | | | | | | | | This command has no effect in that block of code, dnsrecord_show is enough for detection if records exists. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: replace dns-record find command with showMartin Basti2016-04-131-12/+17
| | | | | | | | | Due the configuration of dnsrecord_find, it works as dnsrecord-show, thus it can be replaced. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: fix removal of host recordsMartin Basti2016-04-131-21/+10
| | | | | | | | | Originally only the first A/AAAA record is removed, and one other record. This commit fixes it and all records are removed. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Add missing pre_common_callback to stageuser_addMartin Basti2016-04-121-0/+2
| | | | | | | | | | This pre_callback contains method to preprocessing usercertificate that was not called during stageuser-add. This commit adds missing pre_common_callback call to stageuser_add. https://fedorahosted.org/freeipa/ticket/5759 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* otptoken-add: improve the robustness of QR code printingMartin Babinsky2016-03-242-7/+74
| | | | | | | | | | | The python-qrcode print_ascii() method does not work in terminals with non-UTF-8 encoding. When this is the case do not render QR code but print a warning instead. Also print a warning when the QR code size is greater that terminal width if the output is a tty. https://fedorahosted.org/freeipa/ticket/5700 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Fix: catch Exception instead of more specific exception typesMartin Basti2016-03-221-2/+2
| | | | | | | | Regression caused by commit 491447cc5ab8c5eff2be57d609201cefb79f7053, ValueErrori and AttributeError are too much specific for these cases, multiple types of exception can be raised. Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Pylint: remove unnecessary-semicolonMartin Basti2016-03-222-3/+3
| | | | | Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* Pylint: import max one module per lineMartin Basti2016-03-221-1/+2
| | | | | Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* Pylint: enable reimported checkMartin Basti2016-03-222-2/+1
| | | | | | | Fixes current reimports and enables pylint check for them Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* pylint: remove bare exceptMartin Basti2016-03-226-14/+14
| | | | | | | Bare except should not be used. Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* sudo: Fix a typo in the --help output of sudocmdgroupJakub Hrozek2016-03-181-2/+2
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* Fix broken trust warningsMartin Basti2016-03-161-1/+3
| | | | | | | | Warning should be shown only for parent entries of trust domain. Subdomains do not contain ipaNTSecurityIdentifier attribute at all. https://fedorahosted.org/freeipa/ticket/5737 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* stageuser-activate: Normalize manager valueMartin Basti2016-03-161-10/+11
| | | | | | | | | Manager(s) were returned as list od DN, this commit fixes behavior and managers are returned as list of logins. https://fedorahosted.org/freeipa/ticket/5481 Reviewed-By: David Kupka <dkupka@redhat.com>
* Fix the man page part for shorter sentences, to avoid dual understanding, ↵Jérôme Fenal2016-03-101-13/+13
| | | | | | and punctuation, all spotted while translating to French. Reviewed-By: Tomas Babej <tbabej@redhat.com>
* Allow admins to disable preauth for SPNs.Simo Sorce2016-03-081-1/+2
| | | | | | | | | | | | | | | | Some legacy softare is not able to properly cope with preauthentication, allow the admins to disable the requirement to use preauthentication for all Service Principal Names if they so desire. IPA Users are excluded, for users, which use password of lessere entrpy, preauthentication is always required by default. This setting does NOT override explicit policies set on service principals or in the global policy, it only affects the default. Signed-off-by: Simo Sorce <simo@redhat.com> Ticket: https://fedorahosted.org/freeipa/ticket/3860 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* ipalib: Fix user certificate docstringsTomas Babej2016-03-073-3/+3
| | | | Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
* fix suspicious except statementsMartin Basti2016-03-041-3/+3
| | | | | | | | | The "except ValueError as UnicodeDecodeError" looks very suspicious. Commit change except to catch both exceptions. https://fedorahosted.org/freeipa/ticket/5718 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* ipalib.x809: Accept bytes for make_pemPetr Viktorin2016-03-031-0/+2
| | | | | | Part of the work for https://fedorahosted.org/freeipa/ticket/5638 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* ipalib: add convenient Command method for adding messagesJan Cholasta2016-03-031-8/+12
| | | | | | | Call the add_message() method of Command from anywhere in the implementation of a command to add a message to the result of the command. Reviewed-By: Martin Basti <mbasti@redhat.com>
* ipalib: provide per-call command contextJan Cholasta2016-03-032-0/+31
| | | | | | | Add context which is valid for the duration of command call. The context is accessible using the `context` attribute of Command and Object plugins. Reviewed-By: Martin Basti <mbasti@redhat.com>
* pylint: supress false positive no-member errorsMartin Basti2016-03-023-5/+11
| | | | | | | | | pylint 1.5 prints many false positive no-member errors which are supressed by this commit. https://fedorahosted.org/freeipa/ticket/5615 Reviewed-By: David Kupka <dkupka@redhat.com>
* Remove duplicated exceptMartin Basti2016-02-252-8/+0
| | | | | | Both exceptions have been catched before, so it is bacically dead code Reviewed-By: David Kupka <dkupka@redhat.com>
* Fixes minor issuesStanislav Laznicka2016-02-241-1/+1
| | | | | | | | | | | | | Fixes issues discovered by Coverity plugins/baseldap.py: possible undefined value in return certmonger.py: possible dereference of None value i18n.py: fixed always True bug (+ cosmetic change) https://fedorahosted.org/freeipa/ticket/5661 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Cosmetic changes to the codeStanislav Laznicka2016-02-241-3/+0
| | | | | | | | | | | | | | | Fixes some Coverity issues ipadiscovery.py: added assert should universe break plugins/dns.py: removed dead code dnssec/ldapkeydb.py: attribute assert in the proper object test_automount_plugin.py: fixed possible close() on None xmlrpc_test.py: Coverity does not like accessing None.__class__ https://fedorahosted.org/freeipa/ticket/5661 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Warn user if trust is brokenMartin Basti2016-02-232-0/+52
| | | | | | | | | | Detect missing ipaNTSecurityIdentifier and print message for a user, that the trust is broken as result of trust-show and trust-find commands. https://fedorahosted.org/freeipa/ticket/5665 Reviewed-By: Tomas Babej <tbabej@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* trusts: use ipaNTTrustPartner attribute to detect trust entriesMartin Basti2016-02-231-2/+5
| | | | | | | | | | | | | | Trust entries were found by presence of ipaNTSecurityIdentifier attribute. Unfortunately this attribute might not be there due the bug. As replacement for this, attribute ipaNTTrustPartner can be used. Note: other non trust entries located in cn=trusts subtree can be cross-realm principals. https://fedorahosted.org/freeipa/ticket/5665 Reviewed-By: Tomas Babej <tbabej@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* cli: Don't encode/decode for stdin/stdout on Python 3Petr Viktorin2016-02-171-17/+24
| | | | | | https://fedorahosted.org/freeipa/ticket/5638 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Fix bytes/string handling in rpcMichael Simacek2016-02-171-7/+7
| | | | | | https://fedorahosted.org/freeipa/ticket/5638 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* make lint: use config file and plugin for pylintMartin Basti2016-02-111-0/+4
| | | | | | | | | | | | | | | | | | | Our custom implementation of pylint checker is often broken by incompatible change on pylint side. Using supported solutions (config file, pylint plugins) should avoid this issue. The plugin adds missing (dynamic) member to classes in abstract syntax tree generated for pylint, instead of just ignoring missing members and all sub-members. This should improve pylint detection of typos and missing members in api. env and test config. make-lint python script has been removed, to run pylint execute 'make lint' https://fedorahosted.org/freeipa/ticket/5615 Reviewed-By: David Kupka <dkupka@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Fixed typo in service-addThorsten Scherf2016-02-021-1/+1
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* Add tool tips for Revert, Refresh, Undo, and Undo AllPavel Vomacka2016-01-271-2/+4
| | | | | | | | | | | | Add tool tips for buttons in detail view. New tooltips: Reload - Reload current settings from the server. Revert - Undo all unsaved changes. Undo - Undo this change. Undo all - Undo all changes in this field. https://fedorahosted.org/freeipa/ticket/5428 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Warn user when ipa *-find reach limitMartin Basti2016-01-272-1/+17
| | | | | | | | | Truncated entries were silently ignored, now a user receives warning. https://fedorahosted.org/freeipa/ticket/4022 Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Gabe Alford <redhatrises@gmail.com>
* uninstallation: more robust check for master removal from topologyMartin Babinsky2016-01-211-0/+1
| | | | | | | | | | | | When uninstalling IPA master in domain level 1 topology, the code that checks for correct removal from topology will now consider failures to lookup host entry in local LDAP and to obtain host TGT as a sign that the master entry was already removed. https://fedorahosted.org/freeipa/ticket/5584 Reviewed-By: Simo Sorce <ssorce@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Avoid builtins that were removed in Python 3Petr Viktorin2016-01-202-2/+2
| | | | | | | | | | | | - `file` was removed in favor of `open`. Switch to the new spelling. - `buffer` was removed in favor of a buffer protocol (and memoryview), and `reload` was moved to importlib. Both are used in py2-only blocks, so just placate PyLint. https://fedorahosted.org/freeipa/ticket/5623 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Don't index exceptions directlyPetr Viktorin2016-01-202-4/+4
| | | | | | | | | | In Python 3, exceptions don't behave as tuples of their arguments; instead of e[1] it's necessary to use e.args[1]. https://fedorahosted.org/freeipa/ticket/5623 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Use explicit truncating divisionPetr Viktorin2016-01-203-6/+6
| | | | | | | | | | In Python 3, the truncating division operator, //, is needed to get C-style "int division". https://fedorahosted.org/freeipa/ticket/5623 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Loggger: Use warning instead of warn - dns pluginTomas Babej2016-01-191-1/+1
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* logger: Use warning instead of warnTomas Babej2016-01-184-12/+12
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* ipapython: remove default_encoding_utf8Jan Cholasta2016-01-151-10/+3
| | | | | | | | | Replace the "import default_encoding_utf8" in ipalib/cli.py with equivalent Python code. https://fedorahosted.org/freeipa/ticket/5596 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* ipalib: assume version 2.0 when skip_version_check is enabledJan Cholasta2016-01-121-2/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/5601 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Fix dns_is_enabled() API command to throw exceptions as appropriatePetr Spacek2016-01-081-6/+4
| | | | | | | | | | Previously the command returned False whenever an exception occured which caused installed to continue even when there was a problem with LDAP connection. https://fedorahosted.org/freeipa/ticket/5564 Reviewed-By: David Kupka <dkupka@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-02 17:39:12 +0000