On 04/06/2011 05:08 PM, Pavel Zuna wrote:
Ticket #744
Pavel
New fixed version of patch attached.
Pavel
>From c61c329c1fd4f806a64f4fa6b660b0baeea38377 Mon Sep 17 00:00:00 2001
From: Pavel Zuna <pz...@redhat.com>
Date: Wed, 6 Apr 2011 09:08:03 -0400
Subject: [PATCH] Validate/Normalize user attributes if set using krbtpolicy set/add-attr.
Ticket #744
---
ipalib/plugins/krbtpolicy.py | 20 ++++++++++++++++++++
ipalib/plugins/user.py | 1 +
2 files changed, 21 insertions(+), 0 deletions(-)
diff --git a/ipalib/plugins/krbtpolicy.py b/ipalib/plugins/krbtpolicy.py
index c9d86ea..8cefc90 100644
--- a/ipalib/plugins/krbtpolicy.py
+++ b/ipalib/plugins/krbtpolicy.py
@@ -83,6 +83,10 @@ class krbtpolicy(LDAPObject):
label=_('User name'),
doc=_('Manage ticket policy for specific user'),
primary_key=True,
+ pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$',
+ pattern_errmsg='may only include letters, numbers, _, -, . and $',
+ maxlength=255,
+ normalizer=lambda value: value.lower(),
),
Int('krbmaxticketlife?',
cli_name='maxlife',
@@ -96,6 +100,14 @@ class krbtpolicy(LDAPObject):
doc=_('Maximum renewable age (seconds)'),
minvalue=1,
),
+ Int('uidnumber?',
+ minvalue=1,
+ flags=['no_create', 'no_update', 'no_search'],
+ ),
+ Int('gidnumber?',
+ minvalue=1,
+ flags=['no_create', 'no_update', 'no_search'],
+ ),
)
def get_dn(self, *keys, **kwargs):
@@ -115,6 +127,14 @@ class krbtpolicy_mod(LDAPUpdate):
# ticket policies are attached to objects with unrelated attributes
if options.get('all'):
options['all'] = False
+ if keys[-1] is not None:
+ # we're modifying an user entry and it's possible to change its
+ # attribute unrelated to ticket policy using --{set,add}-attr
+ # we need to validate/normalize them here:
+ if 'mail' in entry_attrs:
+ entry_attrs['mail'] = self.api.Object['user']._normalize_email(
+ entry_attrs['mail']
+ )
return dn
api.register(krbtpolicy_mod)
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index e71c21b..d18ba18 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -176,6 +176,7 @@ class user(LDAPObject):
label=_('GID'),
doc=_('Group ID Number'),
default_from=lambda uid: uid,
+ minvalue=1,
),
Str('street?',
cli_name='street',
--
1.7.4
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel