Hello, Patch 0080 adds userClass attribute for users to IPA CLI. Patch 0081 adds userClass attribute for users and hosts to the web UI.
Design page: http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems Tickets: https://fedorahosted.org/freeipa/ticket/3588 https://fedorahosted.org/freeipa/ticket/3590 -- Regards, Ana Krivokapic Associate Software Engineer FreeIPA team Red Hat Inc.
From df9c93c145671094fe85401a96c490dd60cf0671 Mon Sep 17 00:00:00 2001 From: Ana Krivokapic <akriv...@redhat.com> Date: Fri, 25 Oct 2013 16:29:26 +0200 Subject: [PATCH] Add userClass attribute for users This new freeform user attribute will allow provisioning systems to add custom tags for user objects which can be later used for automember rules or for additional local interpretation. Design page: http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems https://fedorahosted.org/freeipa/ticket/3588 --- API.txt | 9 ++++++--- VERSION | 2 +- install/updates/10-60basev3.update | 1 + ipalib/plugins/user.py | 8 +++++++- ipatests/test_xmlrpc/test_user_plugin.py | 33 +++++++++++++++++++++++++++++--- 5 files changed, 45 insertions(+), 8 deletions(-) diff --git a/API.txt b/API.txt index 40871f6a8b105a7b161df34ce4f6feaf785a6107..feb7f27de1ae2b1e9b4582bf225c50ab8035e595 100644 --- a/API.txt +++ b/API.txt @@ -3586,7 +3586,7 @@ command: trustdomain_mod output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('value', <type 'unicode'>, None) command: user_add -args: 1,35,3 +args: 1,36,3 arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, required=True) option: Str('addattr*', cli_name='addattr', exclude='webui') option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') @@ -3621,6 +3621,7 @@ command: user_add option: Str('telephonenumber', attribute=True, cli_name='phone', multivalue=True, required=False) option: Str('title', attribute=True, cli_name='title', multivalue=False, required=False) option: Int('uidnumber', attribute=True, cli_name='uid', minvalue=1, multivalue=False, required=False) +option: Str('userclass', attribute=True, cli_name='class', multivalue=True, required=False) option: Password('userpassword', attribute=True, cli_name='password', exclude='webui', multivalue=False, required=False) option: Str('version?', exclude='webui') output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) @@ -3649,7 +3650,7 @@ command: user_enable output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('value', <type 'unicode'>, None) command: user_find -args: 1,45,4 +args: 1,46,4 arg: Str('criteria?', noextrawhitespace=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Str('carlicense', attribute=True, autofill=False, cli_name='carlicense', multivalue=False, query=True, required=False) @@ -3693,6 +3694,7 @@ command: user_find option: Str('title', attribute=True, autofill=False, cli_name='title', multivalue=False, query=True, required=False) option: Str('uid', attribute=True, autofill=False, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=False) option: Int('uidnumber', attribute=True, autofill=False, cli_name='uid', minvalue=1, multivalue=False, query=True, required=False) +option: Str('userclass', attribute=True, autofill=False, cli_name='class', multivalue=True, query=True, required=False) option: Password('userpassword', attribute=True, autofill=False, cli_name='password', exclude='webui', multivalue=False, query=True, required=False) option: Str('version?', exclude='webui') option: Flag('whoami', autofill=True, default=False) @@ -3701,7 +3703,7 @@ command: user_find output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('truncated', <type 'bool'>, None) command: user_mod -args: 1,36,3 +args: 1,37,3 arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=True) option: Str('addattr*', cli_name='addattr', exclude='webui') option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') @@ -3737,6 +3739,7 @@ command: user_mod option: Str('telephonenumber', attribute=True, autofill=False, cli_name='phone', multivalue=True, required=False) option: Str('title', attribute=True, autofill=False, cli_name='title', multivalue=False, required=False) option: Int('uidnumber', attribute=True, autofill=False, cli_name='uid', minvalue=1, multivalue=False, required=False) +option: Str('userclass', attribute=True, autofill=False, cli_name='class', multivalue=True, required=False) option: Password('userpassword', attribute=True, autofill=False, cli_name='password', exclude='webui', multivalue=False, required=False) option: Str('version?', exclude='webui') output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) diff --git a/VERSION b/VERSION index c3c6d5a4c28991839a1917f18d2804475a16bcb7..32f6efbc4d4768c77c514a3367cb9feb039205e5 100644 --- a/VERSION +++ b/VERSION @@ -89,4 +89,4 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=65 +IPA_API_VERSION_MINOR=66 diff --git a/install/updates/10-60basev3.update b/install/updates/10-60basev3.update index 476fa3ba5b194036e33fe7c8dd395bd42e243fb3..111754c3709c938b71fd7a1d2203df4630c48330 100644 --- a/install/updates/10-60basev3.update +++ b/install/updates/10-60basev3.update @@ -13,6 +13,7 @@ dn: cn=schema add:attributeTypes: (2.16.840.1.113730.3.8.11.1 NAME 'ipaExternalMember' DESC 'External Group Member Identifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'IPA v3' ) add:objectClasses: (2.16.840.1.113730.3.8.12.1 NAME 'ipaExternalGroup' SUP top STRUCTURAL MUST ( cn ) MAY ( ipaExternalMember $$ memberOf $$ description $$ owner) X-ORIGIN 'IPA v3' ) replace:objectClasses: (2.16.840.1.113730.3.8.4.1 NAME 'ipaHost' AUXILIARY MUST ( fqdn ) MAY ( userPassword $$ ipaClientVersion $$ enrolledBy $$ memberOf ) X-ORIGIN 'IPA v2' )::(2.16.840.1.113730.3.8.4.1 NAME 'ipaHost' AUXILIARY MUST ( fqdn ) MAY ( userPassword $$ ipaClientVersion $$ enrolledBy $$ memberOf $$ userClass ) X-ORIGIN 'IPA v2' ) +replace:objectClasses: ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY DESC 'Standard LDAP objectclass' MUST ( cn $$ uid $$ uidNumber $$ gidNumber $$ homeDirectory ) MAY ( userPassword $$ loginShell $$ gecos $$ description ) )::( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY DESC 'Standard LDAP objectclass' MUST ( cn $$ uid $$ uidNumber $$ gidNumber $$ homeDirectory ) MAY ( userPassword $$ loginShell $$ gecos $$ description $$ userClass ) ) # Fix dc syntax (RFC 2247) replace:attributeTypes:"( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domaincomponent' ) DESC 'Standard LDAP attribute type' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2247' )::( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domaincomponent' ) DESC 'Standard LDAP attribute type' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'RFC 2247' )" diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 471981f48204209753eda2fb994d4c653dca0fa2..11d4a726cddeb58c080aa40444e14cdfa28d8a91 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -205,7 +205,7 @@ class user(LDAPObject): 'uid', 'givenname', 'sn', 'homedirectory', 'loginshell', 'uidnumber', 'gidnumber', 'mail', 'ou', 'telephonenumber', 'title', 'memberof', 'nsaccountlock', - 'memberofindirect', + 'memberofindirect', 'userclass', ] search_display_attributes = [ 'uid', 'givenname', 'sn', 'homedirectory', 'loginshell', @@ -365,6 +365,12 @@ class user(LDAPObject): csv=True, flags=['no_search'], ), + Str('userclass*', + cli_name='class', + label=_('Class'), + doc=_('User category (semantics placed on this attribute are for ' + 'local interpretation)'), + ), ) def _normalize_and_validate_email(self, email, config=None): diff --git a/ipatests/test_xmlrpc/test_user_plugin.py b/ipatests/test_xmlrpc/test_user_plugin.py index 9df5d5d5b6b0b27c9330179b2300f77f9f0f9f4b..f4cdcb3640ba009aa3c9854a9bcf226bf0a89b9f 100644 --- a/ipatests/test_xmlrpc/test_user_plugin.py +++ b/ipatests/test_xmlrpc/test_user_plugin.py @@ -188,12 +188,24 @@ class test_user(Declarative): dict( desc='Create "%s"' % user1, command=( - 'user_add', [user1], dict(givenname=u'Test', sn=u'User1') + 'user_add', + [user1], + dict( + givenname=u'Test', + sn=u'User1', + userclass=u'testusers' + ) ), expected=dict( value=user1, summary=u'Added user "%s"' % user1, - result=get_user_result(user1, u'Test', u'User1', 'add'), + result=get_user_result( + user1, + u'Test', + u'User1', + 'add', + userclass=[u'testusers'] + ), ), extra_check = upg_check, ), @@ -215,12 +227,27 @@ class test_user(Declarative): 'user_show', [user1], {} ), expected=dict( - result=get_user_result(user1, u'Test', u'User1', 'show'), + result=get_user_result( + user1, + u'Test', + u'User1', + 'show', + userclass=[u'testusers'] + ), value=user1, summary=None, ), ), + dict( + desc='Remove userclass for user "%s"' % user1, + command=('user_mod', [user1], dict(userclass=u'')), + expected=dict( + result=get_user_result(user1, u'Test', u'User1', 'mod'), + value=user1, + summary=u'Modified user "%s"' % user1, + ), + ), dict( desc='Search for "%s" with all=True' % user1, -- 1.8.3.1
From 2522dffe8c43f0fa38493951197894db13452e0f Mon Sep 17 00:00:00 2001 From: Ana Krivokapic <akriv...@redhat.com> Date: Fri, 25 Oct 2013 16:31:50 +0200 Subject: [PATCH] WebUI: Add userClass attribute to user and host pages Design page: http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems https://fedorahosted.org/freeipa/ticket/3590 --- install/ui/src/freeipa/host.js | 1 + install/ui/src/freeipa/user.js | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/install/ui/src/freeipa/host.js b/install/ui/src/freeipa/host.js index f5007538e8ad1ea2e372c194b129f6c668d31b3e..c8c8b7c2833668c19111efad093c29613c95eba2 100644 --- a/install/ui/src/freeipa/host.js +++ b/install/ui/src/freeipa/host.js @@ -82,6 +82,7 @@ return { $type: 'textarea', name: 'description' }, + 'userclass', 'l', 'nshostlocation', 'nshardwareplatform', diff --git a/install/ui/src/freeipa/user.js b/install/ui/src/freeipa/user.js index 34c3a7adf1e1304f66f9298c6a7cf21ecaff4d94..ba425386e5f4eadbb1676e0ab0b4aff0416ea722 100644 --- a/install/ui/src/freeipa/user.js +++ b/install/ui/src/freeipa/user.js @@ -103,7 +103,8 @@ return { 'cn', 'displayname', 'initials', - 'gecos' + 'gecos', + 'userclass' ] }, { -- 1.8.3.1
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel