[Freeipa-devel] [PATCH] account deactivation checkbox
Kevin McCarthy
kmccarth at redhat.com
Fri Aug 31 18:01:00 UTC 2007
This patch adds account deactivation to the view/add/edit person pages.
It also fixes a bug in genModList(), to make it case-insensitive for
keys.
-Kevin
-------------- next part --------------
# HG changeset patch
# User Kevin McCarthy <kmccarth at redhat.com>
# Date 1188583166 25200
# Node ID b8e9c44915550cf7d6e935acb804e11e94fea015
# Parent 45996bd1d7e7735cd3e562fa0af8a60607148703
Add account deactivation checkbox.
Fix genModList to lowercase all keys and use CIDict.
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipa-gui/ipagui/controllers.py
--- a/ipa-server/ipa-gui/ipagui/controllers.py Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/controllers.py Fri Aug 31 10:59:26 2007 -0700
@@ -28,6 +28,8 @@ client = ipa.ipaclient.IPAClient(True)
client = ipa.ipaclient.IPAClient(True)
client.set_principal("test at FREEIPA.ORG")
+user_fields = ['*', 'nsAccountLock']
+
def restrict_post():
if cherrypy.request.method != "POST":
turbogears.flash("This method only accepts posts")
@@ -77,6 +79,8 @@ class Root(controllers.RootController):
new_user.setValue('sn', kw.get('sn'))
new_user.setValue('mail', kw.get('mail'))
new_user.setValue('telephonenumber', kw.get('telephonenumber'))
+ if kw.get('nsAccountLock'):
+ new_user.setValue('nsAccountLock', 'true')
rv = client.add_user(new_user)
turbogears.flash("%s added!" % kw['uid'])
@@ -92,7 +96,7 @@ class Root(controllers.RootController):
if tg_errors:
turbogears.flash("There was a problem with the form!")
- user = client.get_user_by_uid(uid)
+ user = client.get_user_by_uid(uid, user_fields)
user_dict = user.toDict()
# store a copy of the original user for the update later
user_data = b64encode(dumps(user_dict))
@@ -120,6 +124,11 @@ class Root(controllers.RootController):
new_user.setValue('sn', kw.get('sn'))
new_user.setValue('mail', kw.get('mail'))
new_user.setValue('telephonenumber', kw.get('telephonenumber'))
+ if kw.get('nsAccountLock'):
+ new_user.setValue('nsAccountLock', 'true')
+ else:
+ new_user.setValue('nsAccountLock', None)
+
#
# this is a hack until we decide on the policy for names/cn/sn/givenName
#
@@ -161,7 +170,7 @@ class Root(controllers.RootController):
def usershow(self, uid):
"""Retrieve a single user for display"""
try:
- user = client.get_user_by_uid(uid)
+ user = client.get_user_by_uid(uid, user_fields)
return dict(user=user.toDict(), fields=forms.user.UserFields())
except ipaerror.IPAError, e:
turbogears.flash("User show failed: " + str(e))
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipa-gui/ipagui/forms/user.py
--- a/ipa-server/ipa-gui/ipagui/forms/user.py Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/forms/user.py Fri Aug 31 10:59:26 2007 -0700
@@ -10,6 +10,7 @@ class UserFields():
sn = widgets.TextField(name="sn", label="Last name")
mail = widgets.TextField(name="mail", label="E-mail address")
telephonenumber = widgets.TextField(name="telephonenumber", label="Phone")
+ nsAccountLock = widgets.CheckBox(name="nsAccountLock", label="Account Deactivated")
uid.validator = validators.PlainText(not_empty=True)
userpassword.validator = validators.String(not_empty=True)
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipa-gui/ipagui/static/css/style.css
--- a/ipa-server/ipa-gui/ipagui/static/css/style.css Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/static/css/style.css Fri Aug 31 10:59:26 2007 -0700
@@ -122,7 +122,7 @@ body {
}
.formtable th {
- width: 15%;
+ width: 20%;
text-align: right;
}
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipa-gui/ipagui/templates/usereditform.kid
--- a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid Fri Aug 31 10:59:26 2007 -0700
@@ -139,6 +139,21 @@
</tr>
</table>
+ <div class="formsection">Account Status</div>
+ <table class="formtable" cellpadding="2" cellspacing="0" border="0">
+ <tr>
+ <th>
+ <label class="fieldlabel" for="${user.nsAccountLock.field_id}"
+ py:content="user.nsAccountLock.label" />:
+ </th>
+ <td>
+ <span py:replace="user.nsAccountLock.display(value_for(user.nsAccountLock))" />
+ <span py:if="tg.errors.get('nsAccountLock')" class="fielderror"
+ py:content="tg.errors.get('nsAccountLock')" />
+ </td>
+ </tr>
+ </table>
+
<table class="formtable" cellpadding="2" cellspacing="0" border="0">
<tr>
<th>
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipa-gui/ipagui/templates/usernewform.kid
--- a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid Fri Aug 31 10:59:26 2007 -0700
@@ -150,6 +150,21 @@
</tr>
</table>
+ <div class="formsection">Account Status</div>
+ <table class="formtable" cellpadding="2" cellspacing="0" border="0">
+ <tr>
+ <th>
+ <label class="fieldlabel" for="${user.nsAccountLock.field_id}"
+ py:content="user.nsAccountLock.label" />:
+ </th>
+ <td>
+ <span py:replace="user.nsAccountLock.display(value_for(user.nsAccountLock))" />
+ <span py:if="tg.errors.get('nsAccountLock')" class="fielderror"
+ py:content="tg.errors.get('nsAccountLock')" />
+ </td>
+ </tr>
+ </table>
+
<table class="formtable" cellpadding="2" cellspacing="0" border="0">
<tr>
<th>
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipa-gui/ipagui/templates/usershow.kid
--- a/ipa-server/ipa-gui/ipagui/templates/usershow.kid Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/usershow.kid Fri Aug 31 10:59:26 2007 -0700
@@ -62,6 +62,16 @@
</tr>
</table>
+ <div class="formsection">Account Status</div>
+ <table class="formtable" cellpadding="2" cellspacing="0" border="0">
+ <tr>
+ <th>
+ <label class="fieldlabel" py:content="fields.nsAccountLock.label" />:
+ </th>
+ <td>${user.get("nsAccountLock")}</td>
+ </tr>
+ </table>
+
<a href="${tg.url('/useredit', uid=user.get('uid'))}">edit</a>
</body>
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/ipaserver/ipaldap.py
--- a/ipa-server/ipaserver/ipaldap.py Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/ipaserver/ipaldap.py Fri Aug 31 10:59:26 2007 -0700
@@ -29,6 +29,7 @@ import socket
import socket
import ldif
import re
+import string
import ldap
import cStringIO
import time
@@ -382,8 +383,11 @@ class IPAdmin(SimpleLDAPObject):
REPLACE operations, to deal with multi-user updates more properly."""
modlist = []
- keys = set(old_entry.keys())
- keys.update(new_entry.keys())
+ old_entry = ipautil.CIDict(old_entry)
+ new_entry = ipautil.CIDict(new_entry)
+
+ keys = set(map(string.lower, old_entry.keys()))
+ keys.update(map(string.lower, new_entry.keys()))
for key in keys:
new_values = new_entry.get(key, [])
diff -r 45996bd1d7e7 -r b8e9c4491555 ipa-server/xmlrpc-server/funcs.py
--- a/ipa-server/xmlrpc-server/funcs.py Thu Aug 30 15:18:16 2007 -0700
+++ b/ipa-server/xmlrpc-server/funcs.py Fri Aug 31 10:59:26 2007 -0700
@@ -270,8 +270,6 @@ class IPAServer:
if user.get('gn'):
del user['gn']
- if user.get('givenname'):
- del user['givenname']
# some required objectclasses
entry.setValues('objectClass', 'top', 'posixAccount', 'shadowAccount', 'account', 'person', 'inetOrgPerson', 'organizationalPerson', 'krbPrincipalAux', 'krbTicketPolicyAux')
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2228 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070831/08383289/attachment.bin>
More information about the Freeipa-devel
mailing list