https://fedorahosted.org/freeipa/ticket/563 https://fedorahosted.org/freeipa/ticket/588
Jan
From 5d23b3fad0dd8bc96888833e5a69d069d9346f52 Mon Sep 17 00:00:00 2001 From: Jan Zeleny <jzel...@redhat.com> Date: Thu, 17 Feb 2011 03:55:14 -0500 Subject: [PATCH] Document the --rights output format https://fedorahosted.org/freeipa/ticket/563 https://fedorahosted.org/freeipa/ticket/588 --- ipa.1 | 15 ++++++++++++++- ipalib/plugins/baseldap.py | 6 +++--- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/ipa.1 b/ipa.1 index eb8fe8cd085f8ab7c76fbee6a8357965e279d5e6..a322d246f1f74d2bd31796663c1dea1e1d895880 100644 --- a/ipa.1 +++ b/ipa.1 @@ -106,13 +106,26 @@ The above types of commands take the objects primary key as their only positiona For some types of objects, these commands might need to take more than one primary key. This applies to IPA objects organized in hierarchies where the parent object needs to be identified first. Parent primary keys are always aligned to the left (higher in the hierarchy = more to the left). For example the automount IPA plugin enables users to manage automount maps per location, as a result all automount commands take an automountlocation primary key as their first positional argument. -All commands that display objects have two special options for controlling output: +All commands that display objects have three special options for controlling output: .TP \fB\-\-all\fR Dispaly all attributes. Without this option only the most relevant attributes are displayed. .TP \fB\-\-raw\fR Display objects as they are stored in the backing store. Disables formatting and attribute labels. +.TP +\fB\-\-rights\fR +Display effective rights on all attributes of the entry. You also have to specify \fB\-\-all\fR for this to work. User rights are returned as Python dictionary where index is the name of an attribute and value is a string composed of following letters: + +.ad l +r - read\p +s - search\p +w - write\p +o - obliterate (delete)\p +c - compare\p +W - self-write\p +O - self-obliterate + .SH "EXAMPLES" .TP \fBipa help commands\fR diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index f403990ff86f33140b2a91405f8f0cde2d079644..43183c264884b4db2b9f2f50733d0fe1182082d9 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -180,7 +180,7 @@ def get_effective_rights(ldap, dn, attrs=None): rights = rights[0].split(', ') for r in rights: (k,v) = r.split(':') - rdict[k.strip().lower()] = v + rdict[k.strip().lower()] = str(v) return rdict @@ -666,7 +666,7 @@ class LDAPRetrieve(LDAPQuery): takes_options = ( Flag('rights', label=_('Rights'), - doc=_('Display the access rights to modify this entry (requires --all)'), + doc=_('Display the access rights of this entry (requires --all). See ipa man page for details.'), ), ) @@ -732,7 +732,7 @@ class LDAPUpdate(LDAPQuery, crud.Update): takes_options = _attr_options + ( Flag('rights', label=_('Rights'), - doc=_('Display the access rights to modify this entry (requires --all)'), + doc=_('Display the access rights of this entry (requires --all). See ipa man page for details.'), ), ) -- 1.7.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
