Re: [Freeipa-devel] [PATCH] 599 add usercat and hostcat to netgroups

2010-11-08 Thread Rob Crittenden 

Jakub Hrozek wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 11/04/2010 08:21 PM, Rob Crittenden wrote:

The netgroup plugin was missing the usercategory and hostcategory
associations. This adds them and fixes displaying membership in
netgroup_show.

rob


The code looks OK and works, but why use enum when there's only one
allowed value? A bool switch would be more intuitive, I think..


So we don't have to change the type later. It is expected that at some 
point these will have additional values.


rob

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 599 add usercat and hostcat to netgroups

2010-11-08 Thread Jakub Hrozek 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 11/08/2010 07:52 PM, Rob Crittenden wrote:
 So we don't have to change the type later. It is expected that at some
 point these will have additional values.
 
 rob

OK, that's what I thought, but I wanted to have this confirmed before
giving an ack..

Ack now. Thanks for the explanation.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkzYWfwACgkQHsardTLnvCXxoQCeJ8+r5fybOyXJjpksSHnaGRfi
TpgAn2AP/u/fKoSh7Z78v1kwLZhNmMFQ
=+jrI
-END PGP SIGNATURE-

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 599 add usercat and hostcat to netgroups

2010-11-04 Thread Rob Crittenden 
The netgroup plugin was missing the usercategory and hostcategory 
associations. This adds them and fixes displaying membership in 
netgroup_show.


rob
From a0f98fb52922ec97947e7df9bc4dd32523e1a3a5 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Thu, 4 Nov 2010 15:19:14 -0400
Subject: [PATCH] Add usercategory and hostcategory and fix displaying members in netgroup_show

ticket 443
---
 ipalib/plugins/netgroup.py |   24 
 1 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py
index 199b486..e79aca2 100644
--- a/ipalib/plugins/netgroup.py
+++ b/ipalib/plugins/netgroup.py
@@ -42,8 +42,10 @@ EXAMPLES:
 
 
 from ipalib import api, errors
+from ipalib import Str, StrEnum
 from ipalib.plugins.baseldap import *
 from ipalib import _, ngettext
+from ipalib.plugins.hbac import is_all
 
 
 output_params = (
@@ -72,6 +74,7 @@ class netgroup(LDAPObject):
 default_attributes = [
 'cn', 'description', 'memberof', 'externalhost', 'nisdomainname',
 'memberuser', 'memberhost', 'member', 'memberindirect',
+'usercategory', 'hostcategory',
 ]
 uuid_attribute = 'ipauniqueid'
 rdn_attribute = 'ipauniqueid'
@@ -107,6 +110,18 @@ class netgroup(LDAPObject):
 doc=_('IPA unique ID'),
 flags=['no_create', 'no_update'],
 ),
+StrEnum('usercategory?',
+cli_name='usercat',
+label=_('User category'),
+doc=_('User category the rule applies to'),
+values=(u'all', ),
+),
+StrEnum('hostcategory?',
+cli_name='hostcat',
+label=_('Host category'),
+doc=_('Host category the rule applies to'),
+values=(u'all', ),
+),
 )
 
 api.register(netgroup)
@@ -141,6 +156,14 @@ class netgroup_mod(LDAPUpdate):
 has_output_params = LDAPUpdate.has_output_params + output_params
 msg_summary = _('Modified netgroup %(value)s')
 
+def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
+(dn, entry_attrs) = ldap.get_entry(dn, attrs_list)
+if is_all(options, 'usercategory') and 'memberuser' in entry_attrs:
+raise errors.MutuallyExclusiveError(reason=user category cannot be set to 'all' while there are allowed users)
+if is_all(options, 'hostcategory') and 'memberhost' in entry_attrs:
+raise errors.MutuallyExclusiveError(reason=host category cannot be set to 'all' while there are allowed hosts)
+return dn
+
 api.register(netgroup_mod)
 
 
@@ -160,6 +183,7 @@ class netgroup_show(LDAPRetrieve):
 
 Display information about a netgroup.
 
+has_output_params = LDAPRetrieve.has_output_params + output_params
 
 api.register(netgroup_show)
 
-- 
1.7.2.1

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel