Hi William ,
Just find out a way to do it .
class UserAccountnsRole(Account):
def __init__(self, instance, dn=None):
super(UserAccountnsRole, self).__init__(instance, dn)
self._rdn_attribute = RDN
self._create_objectclasses = [
'top',
'LDAPsubentry',
'nsRoleDefinition',
'nsComplexRoleDefinition',
'nsFilteredRoleDefinition'
]
user_compare_exclude = [
'nsUniqueId',
'modifyTimestamp',
'createTimestamp',
'entrydn'
]
self._compare_exclude = self._compare_exclude + user_compare_exclude
self._protected = False
def _validate(self, rdn, properties, basedn):
if 'ntUserDomainId' in properties and 'ntUser' not in
self._create_objectclasses:
self._create_objectclasses.append('ntUser')
return super(UserAccountnsRole, self)._validate(rdn, properties, basedn)
def create_test_user_nsrole(instance, cn, nsRoleFilter, description,
suffix=None):
global test_user_id
if cn is None:
cn = "testuser_" + str(test_user_id)
test_user_id += 1
if suffix is None:
suffix = DEFAULT_SUFFIX
dn = "cn=" + cn + "," + suffix
properties = {
'cn': cn,
"nsRoleFilter": nsRoleFilter,
"description": description,
}
user = UserAccountnsRole(instance, dn)
user.create(properties=properties)
return user
Now just using create_test_user_nsrole we will be able to create entries
with nsRoles.
Regards
Anuj Borah
On Mon, Jan 7, 2019 at 2:30 PM William Brown <[email protected]>
wrote:
> Hi,
>
> I’ve been speaking to Anuj Borah about a PR they made, and how we can
> properly represent nsRole.
>
> because nsRoles are an extra objectClass, rather than a standalone one, we
> need a way to represent this properly.
>
> It’s probably a good idea to use some of pythons composability here, where
> we could do something like:
>
> class nsFilteredRole(DSLdapObject):
>
>
> class User(DSldapObject):
>
> class User_nsFilteredRole(User, nsFilteredRole):
>
> Then to have a way to define and have each subclass called, and asserted
> for correctness. A question is how we would handle:
>
> user = User.create(…)
> # How to convert user to User_nsFilteredRole
>
> We could do something like:
>
> User_nsFilteredRole.from(user)
>
> And have a from that does a valid conversion based on types and adds in
> the required role parts?
>
> This isn’t a common scenario, so I think having a limited set of well
> understood types that require this type of conversion would be okay.
>
> Thought? *looking at you Simon* :)
>
> PS: It’s good to be back
>
> --
> Sincerely,
>
> William
> _______________________________________________
> 389-devel mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/[email protected]
>
_______________________________________________
389-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
