On 20.10.2015 18:46, Martin Basti wrote:
On 20.10.2015 16:07, Martin Basti wrote:
On 20.10.2015 15:57, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5344
Patch attached.
Test are failing, a fix in UserTracker has to be done (partially in
my patch 329)
SelfNACK, I forgot to add stageuser tests
Updated patch attached.
I extracted tests to the separate patch, tests do not work, I had
issues with user and stageuser trackers.
Patch to fix issues with --addattr and managers added and attached.
From 7e301a11f7ea46cff25cb0d6fa13058c69ae530c Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Tue, 27 Oct 2015 13:42:49 +0100
Subject: [PATCH] Fix --add-attr with multiple managers
Framework expects managers as unicode, but if there was a manager in
LDAP specified, it was returned as DN, which caused parameter conversion
error.
Normalize method was added to manager parameter which convert DN to
manager login.
https://fedorahosted.org/freeipa/ticket/5344
---
ipalib/plugins/baseuser.py | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/ipalib/plugins/baseuser.py b/ipalib/plugins/baseuser.py
index da4883ccec906472ed2e82f5c61ef91c9b2049e9..4d6bf1dfca7c94aba31f1f8d0125f1065271613f 100644
--- a/ipalib/plugins/baseuser.py
+++ b/ipalib/plugins/baseuser.py
@@ -153,6 +153,23 @@ def normalize_principal(principal):
return unicode('%s@%s' % (user, realm))
+def _convert_manager(manager):
+ # convert DN to unicode, otherwise --addattr call will not work
+ # validation of manager is done later, just extract manager login from DN
+ if not manager:
+ return manager
+
+ if isinstance(manager, DN):
+ try:
+ return manager['uid']
+ except KeyError:
+ raise errors.ConversionError(
+ _("DN of the manager does not contain 'uid'")
+ )
+
+
+ return manager
+
def fix_addressbook_permission_bindrule(name, template, is_new,
anonymous_read_aci,
@@ -340,6 +357,7 @@ class baseuser(LDAPObject):
),
Str('manager*',
label=_('Manager'),
+ normalizer=_convert_manager,
),
Str('carlicense*',
label=_('Car License'),
--
2.4.3
From 250c5d3f2f5e47b19c628115ecd9df8a71d357dc Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Tue, 20 Oct 2015 18:39:57 +0200
Subject: [PATCH] Allow multiple managers per user - CLI part
https://fedorahosted.org/freeipa/ticket/5344
---
API.txt | 12 ++++++------
VERSION | 4 ++--
ipalib/plugins/baseuser.py | 7 +++++--
3 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/API.txt b/API.txt
index 873c6d54221a0c1657b5457bd9dceedb4adf06b3..896df430aaa1952c0fe4af4672b78f1ad11da45e 100644
--- a/API.txt
+++ b/API.txt
@@ -4225,7 +4225,7 @@ option: Str('krbprincipalname', attribute=True, autofill=True, cli_name='princip
option: Str('l', attribute=True, cli_name='city', multivalue=False, required=False)
option: Str('loginshell', attribute=True, cli_name='shell', multivalue=False, required=False)
option: Str('mail', attribute=True, cli_name='email', multivalue=True, required=False)
-option: Str('manager', attribute=True, cli_name='manager', multivalue=False, required=False)
+option: Str('manager', attribute=True, cli_name='manager', multivalue=True, required=False)
option: Str('mobile', attribute=True, cli_name='mobile', multivalue=True, required=False)
option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Str('ou', attribute=True, cli_name='orgunit', multivalue=False, required=False)
@@ -4285,7 +4285,7 @@ option: Str('krbprincipalname', attribute=True, autofill=False, cli_name='princi
option: Str('l', attribute=True, autofill=False, cli_name='city', multivalue=False, query=True, required=False)
option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, query=True, required=False)
option: Str('mail', attribute=True, autofill=False, cli_name='email', multivalue=True, query=True, required=False)
-option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=False, query=True, required=False)
+option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=True, query=True, required=False)
option: Str('mobile', attribute=True, autofill=False, cli_name='mobile', multivalue=True, query=True, required=False)
option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Str('not_in_group*', cli_name='not_in_groups', csv=True)
@@ -4342,7 +4342,7 @@ option: DateTime('krbprincipalexpiration', attribute=True, autofill=False, cli_n
option: Str('l', attribute=True, autofill=False, cli_name='city', multivalue=False, required=False)
option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, required=False)
option: Str('mail', attribute=True, autofill=False, cli_name='email', multivalue=True, required=False)
-option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=False, required=False)
+option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=True, required=False)
option: Str('mobile', attribute=True, autofill=False, cli_name='mobile', multivalue=True, required=False)
option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Str('ou', attribute=True, autofill=False, cli_name='orgunit', multivalue=False, required=False)
@@ -5172,7 +5172,7 @@ option: Str('krbprincipalname', attribute=True, autofill=True, cli_name='princip
option: Str('l', attribute=True, cli_name='city', multivalue=False, required=False)
option: Str('loginshell', attribute=True, cli_name='shell', multivalue=False, required=False)
option: Str('mail', attribute=True, cli_name='email', multivalue=True, required=False)
-option: Str('manager', attribute=True, cli_name='manager', multivalue=False, required=False)
+option: Str('manager', attribute=True, cli_name='manager', multivalue=True, required=False)
option: Str('mobile', attribute=True, cli_name='mobile', multivalue=True, required=False)
option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Flag('noprivate', autofill=True, cli_name='noprivate', default=False)
@@ -5261,7 +5261,7 @@ option: Str('krbprincipalname', attribute=True, autofill=False, cli_name='princi
option: Str('l', attribute=True, autofill=False, cli_name='city', multivalue=False, query=True, required=False)
option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, query=True, required=False)
option: Str('mail', attribute=True, autofill=False, cli_name='email', multivalue=True, query=True, required=False)
-option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=False, query=True, required=False)
+option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=True, query=True, required=False)
option: Str('mobile', attribute=True, autofill=False, cli_name='mobile', multivalue=True, query=True, required=False)
option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Str('not_in_group*', cli_name='not_in_groups', csv=True)
@@ -5321,7 +5321,7 @@ option: DateTime('krbprincipalexpiration', attribute=True, autofill=False, cli_n
option: Str('l', attribute=True, autofill=False, cli_name='city', multivalue=False, required=False)
option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, required=False)
option: Str('mail', attribute=True, autofill=False, cli_name='email', multivalue=True, required=False)
-option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=False, required=False)
+option: Str('manager', attribute=True, autofill=False, cli_name='manager', multivalue=True, required=False)
option: Str('mobile', attribute=True, autofill=False, cli_name='mobile', multivalue=True, required=False)
option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Bool('nsaccountlock', attribute=True, autofill=False, cli_name='nsaccountlock', multivalue=False, required=False)
diff --git a/VERSION b/VERSION
index cdda198c6ce3148dcf785149dc3ce050782e8caa..6bcd9ee8e0557555f790db0940af57f9e9ed4f42 100644
--- a/VERSION
+++ b/VERSION
@@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
# #
########################################################
IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=157
-# Last change: mbabinsk - hide segment direction from topology commands
+IPA_API_VERSION_MINOR=158
+# Last change: mbasti - allow to specify multiple managers per user
diff --git a/ipalib/plugins/baseuser.py b/ipalib/plugins/baseuser.py
index b974e3fb18659e7eb6e75557e0d4db3ec1197dcd..40114d6e994d0c1f814ce0c5b362c9cf4848f850 100644
--- a/ipalib/plugins/baseuser.py
+++ b/ipalib/plugins/baseuser.py
@@ -338,7 +338,7 @@ class baseuser(LDAPObject):
Str('title?',
label=_('Job Title'),
),
- Str('manager?',
+ Str('manager*',
label=_('Manager'),
),
Str('carlicense*',
@@ -426,8 +426,11 @@ class baseuser(LDAPObject):
if not manager:
return None
- if not isinstance(manager, list):
+ if isinstance(manager, tuple):
+ manager = list(manager)
+ elif not isinstance(manager, list):
manager = [manager]
+
try:
container_dn = DN(container, api.env.basedn)
for i, mgr in enumerate(manager):
--
2.4.3
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code