summaryrefslogtreecommitdiffstats
path: root/ipalib
Commit message (Collapse)AuthorAgeFilesLines
...
* plugable: replace API.import_plugins with new API.add_packageJan Cholasta2016-05-252-34/+29
| | | | | | | | | | | | | | | Replace API.import_plugins with a new method API.add_package which allows loading plugin packages into an API object from a package object. This makes loading of plugin packages loading consistent with loading of plugin modules and classes. Rename API.modules to API.packages and use package objects where implemented to reflect the change. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* ipalib: remove the unused `csv` argument of ParamJan Cholasta2016-05-2516-54/+17
| | | | | | https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* makeapi: optimize API.txtJan Cholasta2016-05-252-38/+77
| | | | | | | | | | | | | | | | | | | | Change Param formatting to: * always use quantified names rather than the `required` and `multivalue` kwargs, * ignore kwargs with default value, * ignore kwargs related to validation, as validation is now strictly server-side, * ignore the `attribute` and `primary_key` kwargs, as they are relevant only on object params, * ignore the `include` and `exclude` kwargs, as makeapi takes into account only params available in the 'cli' context, * ignore the unused `csv` kwarg. Format optional Output arguments as kwargs. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* frontend: do not forward argument defaults to serverJan Cholasta2016-05-252-2/+5
| | | | | | | | | | | When forwarding a command call to a server, use only arguments which were explicitly specified by the caller. This increases compatibility between new clients and old servers. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* user: do not assume the preserve flags have value in user_delJan Cholasta2016-05-251-5/+6
| | | | | | https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* frontend: do not forward unspecified positional arguments to serverJan Cholasta2016-05-251-1/+14
| | | | | | | | | When forwarding a command call to a server, do not use a value of None in place of unspecified positional arguments. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* ipalib: make optional positional command arguments actually optionalJan Cholasta2016-05-2513-23/+44
| | | | | | | | | Fix several plugins not to assume optional positional arguments have a value of None when not specified. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* batch: do not crash when no argument is specifiedJan Cholasta2016-05-251-1/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* frontend: perform argument value validation only on serverJan Cholasta2016-05-253-5/+16
| | | | | | | | | | | | | | | | Do not validate values of command arguments on the client and let the server handle validation. This will make the client more lightweight by not having it to carry validation code and metadata with itself for the price of increasing network traffic in case the validation fails. Types of the arguments are still validated on both the client and the server. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* frontend: remove the unused Command.soft_validate methodJan Cholasta2016-05-251-14/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* frontend: re-raise remote RequirementError using CLI name in CLIJan Cholasta2016-05-254-23/+17
| | | | | | https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* rpc: include structured error information in responsesJan Cholasta2016-05-253-1/+11
| | | | | | | | | | | | | | Include keyword arguments of exceptions in RPC responses. This is limited to JSON-RPC, as XML-RPC does not support additional data in error responses. Include keyword arguments of messages in RPC responses. Include keyword arguments of exceptions in batch command result. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* parameters: remove unused ConversionError and ValidationError argumentsJan Cholasta2016-05-254-63/+34
| | | | | | | | | | Do not set the `value`, `index` and `rule` arguments when raising ConversionError and ValidationError. The arguments are unused and are not specified consistently accross the framework and plugins. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* rpc: do not crash when unable to parse JSONJan Cholasta2016-05-251-1/+1
| | | | | | | | | When unable to parse JSON response from the server, properly raise JSONError not to cause a crash. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* Fix referenced before assigment variables in except statementsMartin Basti2016-05-201-2/+2
| | | | | | | Variable msg may not exists in the last except context, and even it contains improper value because it is not related to catched exception Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* makeapi: use the same formatting for `int` and `long` valuesJan Cholasta2016-05-191-0/+2
| | | | | | | | | This prevents validation failures on architectures where integer is less than 32 bits. https://fedorahosted.org/freeipa/ticket/5894 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Batch command: avoid accessing potentially undefined context.principalPetr Spacek2016-05-121-1/+4
| | | | | | | | | | | This might happen when the command is called directly in Python, e.g. in installers and so on. Pylint pylint-1.5.5-1.fc24.noarch caught this. https://fedorahosted.org/freeipa/ticket/5838 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* ipalib.cli: Improve reporting of binary values in the CLIPetr Viktorin2016-05-101-2/+3
| | | | | | | | | Make sure the base64-encoded value is a string, so it is printed without the b'' markers. Part of the work for: https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Martin Basti <mbasti@redhat.com>
* idviews: Add user certificate attribute to user ID overridesTomas Babej2016-05-061-2/+77
| | | | | | https://fedorahosted.org/freeipa/ticket/4955 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* certprofile plugin: Use binary mode for file with binary dataPetr Viktorin2016-05-051-1/+1
| | | | | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>
* ipalib.rpc: Send base64-encoded data as string under Python 3Petr Viktorin2016-05-051-1/+4
| | | | | | | | | | Python 3's JSON library cannot deal with bytes, so decode base64-encoded data to string. Part of the work for https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>
* radiusproxy plugin: Use str(error) rather than error.messagePetr Viktorin2016-05-051-1/+1
| | | | | | | | | | In Python 3, the "message" attribute has been removed in favor of calling str() on the error. Part of the work for https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Added fix for notifying user about locked user account in WebUIAbhijeet Kasurde2016-04-281-0/+6
| | | | | | | | | | | | User in now notified about "Locked User account" message instead of "The password or username you entered is incorrect" or any generic error message Fixes : https://fedorahosted.org/freeipa/ticket/5076 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
* dns plugin: Fix zone normalization under Python 3Petr Viktorin2016-04-281-1/+3
| | | | | | | | | | | | | | In Python 3, str.encode('ascii') converts to bytes, and str() (nicknamed unicode() in IPA) returns the string representation of an object, which is b'...' for bytes. So, unicode('...'.encode('ascii')) results in "b'...'". Change the code to only call encode() for the error. Part of the work for https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Do not do extra search for ipasshpubkey to generate fingerprintsMartin Basti2016-04-266-35/+115
| | | | | | | | | | | | | | | | | | | | Host, user and idview commands do unnnecessary extra search for ipasshpubkey attribute to generate fingerprints. Note: Host and user plugins shows ipasshpubkey only when the attribute is changed, idviews show ipasshpubkey always. This behavior has been kept by this commit. common_pre/post_callbacks were fixed in [base|stage]user modules. common_callbacks requires the same arguments as pre/post_callbacks now (except baseuser_find.post_common_callback) Note2: in *-add commands there is no need for managing ipasshpubkey as this attribute should be shown always there. https://fedorahosted.org/freeipa/ticket/3376 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Performace: don't download password attributes in host/user-findMartin Basti2016-04-222-6/+0
| | | | | | | | | | | | For each entry in user/host-find was executed an extra search for password attributes what has significant impact on performance (for 2000 users there were 2000 additional searches) http://www.freeipa.org/page/V4/Performance_Improvements https://fedorahosted.org/freeipa/ticket/5281 Reviewed-By: David Kupka <dkupka@redhat.com>
* Add 'skip overlap check' checkbox into add zone dialogPavel Vomacka2016-04-221-0/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/5773 Reviewed-By: Martin Basti <mbasti@redhat.com>
* caacl: correctly handle full user principal nameFraser Tweedale2016-04-201-2/+2
| | | | | | | | The caacl HBAC request is correct when just the username is given, but the full 'user@REALM' form was not handled correctly. Fixes: https://fedorahosted.org/freeipa/ticket/5733 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Added fix for notifying user about Kerberos principal expiration in WebUIAbhijeet Kasurde2016-04-151-1/+7
| | | | | | | | | | | | - User is now notified about "Kerberos Principal expiration" message instead of "Wrong username or password" message. - User is also notified about "Invalid password" message instead of generic error message. https://fedorahosted.org/freeipa/ticket/5077 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add activate option to stage user details pagePavel Vomacka2016-04-151-0/+1
| | | | | | | | Add activate option to the action menu on stage user details page. https://fedorahosted.org/freeipa/ticket/5369 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Limit max username length to 255 in config-modMartin Basti2016-04-151-0/+1
| | | | | | | | This value is same as is used in user and stageuser commands. https://fedorahosted.org/freeipa/ticket/5774 Reviewed-By: David Kupka <dkupka@redhat.com>
* specify type of exceeded limit when warning about truncated search resultsMartin Babinsky2016-04-132-3/+6
| | | | | | | | | API commands inheriting from LDAPSearch should mention which limit was exceeded in the warning message sent with truncated results. https://fedorahosted.org/freeipa/ticket/5677 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* differentiate between limit types when LDAP search exceeds configured limitsMartin Babinsky2016-04-133-13/+35
| | | | | | | | | | | When LDAP search fails on exceeded limits, we should raise an specific exception for the type of limit raised (size, time, administrative) so that the consumer can distinguish between e.g. searches returning too many entries and those timing out. https://fedorahosted.org/freeipa/ticket/5677 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host-del --updatedns: print warnings instead of errorMartin Basti2016-04-132-2/+35
| | | | | | | | When DNS records do not exist, print warnings instead of hard error https://fedorahosted.org/freeipa/ticket/5627 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: update help for --updatedns optionMartin Basti2016-04-131-1/+2
| | | | | | | | Clarify that dns removes only A, AAAA, PTR, SSHFP records of the host(s) managed by IPA DNS. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: remove only A, AAAA, SSHFP, PTR recordsMartin Basti2016-04-131-21/+17
| | | | | | | | | only A, AAAA, SSHPF and PTR records are managed by IPA. The other records should be removed by user. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: split removing A/AAAA and PTR records to separate functionsMartin Basti2016-04-131-10/+14
| | | | | | | | | This change is needed because A/AAAA and PTR record will be handled separately. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: remove unneeded dnszone-show command callMartin Basti2016-04-131-18/+12
| | | | | | | | | This command has no effect in that block of code, dnsrecord_show is enough for detection if records exists. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: replace dns-record find command with showMartin Basti2016-04-131-12/+17
| | | | | | | | | Due the configuration of dnsrecord_find, it works as dnsrecord-show, thus it can be replaced. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* host_del: fix removal of host recordsMartin Basti2016-04-131-21/+10
| | | | | | | | | Originally only the first A/AAAA record is removed, and one other record. This commit fixes it and all records are removed. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Add missing pre_common_callback to stageuser_addMartin Basti2016-04-121-0/+2
| | | | | | | | | | This pre_callback contains method to preprocessing usercertificate that was not called during stageuser-add. This commit adds missing pre_common_callback call to stageuser_add. https://fedorahosted.org/freeipa/ticket/5759 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* otptoken-add: improve the robustness of QR code printingMartin Babinsky2016-03-242-7/+74
| | | | | | | | | | | The python-qrcode print_ascii() method does not work in terminals with non-UTF-8 encoding. When this is the case do not render QR code but print a warning instead. Also print a warning when the QR code size is greater that terminal width if the output is a tty. https://fedorahosted.org/freeipa/ticket/5700 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Fix: catch Exception instead of more specific exception typesMartin Basti2016-03-221-2/+2
| | | | | | | | Regression caused by commit 491447cc5ab8c5eff2be57d609201cefb79f7053, ValueErrori and AttributeError are too much specific for these cases, multiple types of exception can be raised. Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Pylint: remove unnecessary-semicolonMartin Basti2016-03-222-3/+3
| | | | | Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* Pylint: import max one module per lineMartin Basti2016-03-221-1/+2
| | | | | Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* Pylint: enable reimported checkMartin Basti2016-03-222-2/+1
| | | | | | | Fixes current reimports and enables pylint check for them Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* pylint: remove bare exceptMartin Basti2016-03-226-14/+14
| | | | | | | Bare except should not be used. Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* sudo: Fix a typo in the --help output of sudocmdgroupJakub Hrozek2016-03-181-2/+2
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* Fix broken trust warningsMartin Basti2016-03-161-1/+3
| | | | | | | | Warning should be shown only for parent entries of trust domain. Subdomains do not contain ipaNTSecurityIdentifier attribute at all. https://fedorahosted.org/freeipa/ticket/5737 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* stageuser-activate: Normalize manager valueMartin Basti2016-03-161-10/+11
| | | | | | | | | Manager(s) were returned as list od DN, this commit fixes behavior and managers are returned as list of logins. https://fedorahosted.org/freeipa/ticket/5481 Reviewed-By: David Kupka <dkupka@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-01 14:36:03 +0000