ipaserver.plugins.automember.automember_show¶
- class ipaserver.plugins.automember.automember_show(cn: str, *, type: str, all: bool, raw: bool, version: str = None)[source]¶
Bases:
ipaserver.plugins.baseldap.LDAPRetrieve
Public Data Attributes:
Inherited from
LDAPRetrieve
Inherited from
BaseLDAPCommand
Inherited from
Method
Inherited from
Attribute
Inherited from
Command
Public Methods:
execute
(*keys, **options)Perform the actual work this command does.
Inherited from
LDAPRetrieve
execute
(*keys, **options)Perform the actual work this command does.
pre_callback
(ldap, dn, attrs_list, *keys, ...)post_callback
(ldap, dn, entry_attrs, *keys, ...)exc_callback
(keys, options, exc, call_func, ...)Inherited from
LDAPQuery
get_args
()Iterate through parameters for
Command.args
namespace.Inherited from
BaseLDAPCommand
get_summary_default
(output)process_attr_options
(entry_attrs, dn, keys, ...)Process all --setattr, --addattr, and --delattr options and add the resulting value to the list of attributes.
register_pre_callback
(callback[, first])Shortcut for register_callback('pre', ...)
register_post_callback
(callback[, first])Shortcut for register_callback('post', ...)
register_exc_callback
(callback[, first])Shortcut for register_callback('exc', ...)
Iterate through parameters for
Command.options
namespace.Inherited from
PKQuery
get_args
()Iterate through parameters for
Command.args
namespace.Inherited from
Method
Inherited from
Command
__call__
(*args, **options)Perform validation and then execute the command.
add_message
(message)args_options_2_params
(*args, **options)Merge (args, options) into params.
args_options_2_entry
(*args, **options)Creates a LDAP entry from attributes in args and options.
params_2_args_options
(**params)Split params into (args, options).
prompt_param
(param[, default, optional, kw, ...])Prompts the user for the value of given parameter.
normalize
(**kw)Return a dictionary of normalized values.
convert
(**kw)Return a dictionary of values converted to correct type.
get_default
([_params])Return a dictionary of defaults for all missing required values.
get_default_of
(_name, **kw)Return default value for parameter _name.
validate
(**kw)Validate all values.
verify_client_version
(client_version)Compare the version the client provided to the version of the server.
run
(*args, **options)Dispatch to Command.execute or Command.forward.
execute
(*keys, **options)Perform the actual work this command does.
forward
(*args, **kw)Forward call over RPC to this same command on server.
get_args
()Iterate through parameters for
Command.args
namespace.check_args
(args)Sanity test for args namespace.
Iterate through parameters for
Command.options
namespace.validate_output
(output[, version])Validate the return value to make sure it meets the interface contract.
get_summary_default
(output)log_messages
(output)output_for_cli
(textui, output, *args, **options)Generic output method.
__json__
()get_callbacks
(callback_type)Yield callbacks of the given type
register_callback
(callback_type, callback[, ...])Register a callback
register_interactive_prompt_callback
(callback)Shortcut for register_callback('interactive_prompt', ...)
Inherited from
Plugin
__init__
(api)finalize
()Finalize plugin initialization.
Finalize plugin initialization if it has not yet been finalized.
__repr__
()Return 'module_name.class_name()' representation.
Inherited from
ReadOnly
__lock__
()Put this instance into a read-only state.
Return True if instance is locked, otherwise False.
__setattr__
(name, value)If unlocked, set attribute named
name
tovalue
.__delattr__
(name)If unlocked, delete attribute named
name
.Private Data Attributes:
Inherited from
BaseLDAPCommand
Inherited from
ReadOnly
_ReadOnly__locked
Private Methods:
Inherited from
BaseLDAPCommand
_convert_2_dict
(ldap, attrs)Convert a string in the form of name/value pairs into a dictionary.
_exc_wrapper
(keys, options, call_func)Function wrapper that automatically calls exception callbacks
Inherited from
Command
_Command__topic_getter
()_Command__do_call
(*args, **options)_repr_iter
(**params)Iterate through
repr()
of safe values of args and options._Command__args_2_params
(values)_Command__options_2_params
(options)_Command__attributes_2_entry
(kw)_Command__params_2_options
(params)_Command__get_default_iter
(params, kw)Generator method used by Command.get_default and Command.get_default_of.
Finalize plugin initialization.
Inherited from
HasParam
_get_param_iterable
(name[, verb])Return an iterable of params defined by the attribute named
name
._filter_param_by_context
(name[, env])Filter params on attribute named
name
by environmentenv
._create_param_namespace
(name[, env])Inherited from
Plugin
_Plugin__name_getter
()_Plugin__full_name_getter
()_Plugin__bases_getter
()_Plugin__doc_getter
()_Plugin__summary_getter
()Finalize plugin initialization.
- property Backend¶
- property Command¶
- NO_CLI = False¶
- __annotations__ = {}¶
- __call__(*args, **options)¶
Perform validation and then execute the command.
If not in a server context, the call will be forwarded over XML-RPC and the executed an the nearest IPA server.
- __delattr__(name)¶
If unlocked, delete attribute named
name
.If this instance is locked, an AttributeError will be raised.
- Parameters
name – Name of attribute to delete.
- __dict__ = mappingproxy({'__module__': 'ipaserver.plugins.automember', '__doc__': Gettext('\n Display information about an automember rule.\n ', domain='ipa', localedir=None), 'takes_options': (StrEnum('type', cli_metavar=u"['group', 'hostgroup']", doc=Gettext('Grouping to which the rule applies', domain='ipa', localedir=None), label=Gettext('Grouping Type', domain='ipa', localedir=None), values=[u'group', u'hostgroup']),), 'execute': <function automember_show.execute>, '__annotations__': {}, '_signature': <Signature (cn: str, *, type: str, all: bool, raw: bool, version: str = None) -> Dict[str, Any]>})¶
- __init__(api)¶
- __islocked__()¶
Return True if instance is locked, otherwise False.
- __json__()¶
- __lock__()¶
Put this instance into a read-only state.
After the instance has been locked, attempting to set or delete an attribute will raise an AttributeError.
- __module__ = 'ipaserver.plugins.automember'¶
- __repr__()¶
Return ‘module_name.class_name()’ representation.
This representation could be used to instantiate this Plugin instance given the appropriate environment.
- __setattr__(name, value)¶
If unlocked, set attribute named
name
tovalue
.If this instance is locked, an AttributeError will be raised.
- Parameters
name – Name of attribute to set.
value – Value to assign to attribute.
- __signature__ = <Signature (cn: str, *, type: str, all: bool, raw: bool, version: str = None) -> Dict[str, Any]>¶
- __weakref__¶
list of weak references to the object (if defined)
- _convert_2_dict(ldap, attrs)¶
Convert a string in the form of name/value pairs into a dictionary.
- Parameters
attrs – A list of name/value pair strings, in the “name=value” format. May also be a single string, or None.
- _create_param_namespace(name, env=None)¶
- _exc_wrapper(keys, options, call_func)¶
Function wrapper that automatically calls exception callbacks
- _filter_param_by_context(name, env=None)¶
Filter params on attribute named
name
by environmentenv
.For example:
>>> from ipalib.config import Env >>> class Example(HasParam): ... ... takes_args = ( ... Str('foo_only', include=['foo']), ... Str('not_bar', exclude=['bar']), ... 'both', ... ) ... ... def get_args(self): ... return self._get_param_iterable('args') ... ... >>> eg = Example() >>> foo = Env(context='foo') >>> bar = Env(context='bar') >>> another = Env(context='another') >>> (foo.context, bar.context, another.context) (u'foo', u'bar', u'another') >>> list(eg._filter_param_by_context('args', foo)) [Str('foo_only', include=['foo']), Str('not_bar', exclude=['bar']), Str('both')] >>> list(eg._filter_param_by_context('args', bar)) [Str('both')] >>> list(eg._filter_param_by_context('args', another)) [Str('not_bar', exclude=['bar']), Str('both')]
- _get_param_iterable(name, verb='takes')¶
Return an iterable of params defined by the attribute named
name
.A sequence of params can be defined one of three ways: as a
tuple
; as a callable that returns an iterable; or as a param spec (a Param orstr
instance). This method returns a uniform iterable regardless of how the param sequence was defined.For example, when defined with a tuple:
>>> class ByTuple(HasParam): ... takes_args = (Param('foo'), Param('bar')) ... >>> by_tuple = ByTuple() >>> list(by_tuple._get_param_iterable('args')) [Param('foo'), Param('bar')]
Or you can define your param sequence with a callable when you need to reference attributes on your plugin instance (for validation rules, etc.). For example:
>>> class ByCallable(HasParam): ... def takes_args(self): ... yield Param('foo', self.validate_foo) ... yield Param('bar', self.validate_bar) ... ... def validate_foo(self, _, value, **kw): ... if value != 'Foo': ... return _("must be 'Foo'") ... ... def validate_bar(self, _, value, **kw): ... if value != 'Bar': ... return _("must be 'Bar'") ... >>> by_callable = ByCallable() >>> list(by_callable._get_param_iterable('args')) [Param('foo', validate_foo), Param('bar', validate_bar)]
Lastly, as a convenience for when a param sequence contains a single param, your defining attribute may a param spec (either a Param or an
str
instance). For example:>>> class BySpec(HasParam): ... takes_args = Param('foo') ... takes_options = 'bar?' ... >>> by_spec = BySpec() >>> list(by_spec._get_param_iterable('args')) [Param('foo')] >>> list(by_spec._get_param_iterable('options')) ['bar?']
For information on how an
str
param spec is interpreted, see the create_param() and parse_param_spec() functions in the ipalib.parameters module.Also see HasParam._filter_param_by_context().
- _iter_output()¶
- _on_finalize()¶
Finalize plugin initialization.
This method creates the
args
,options
, andparams
namespaces. This is not done in Command.__init__ because subclasses (like crud.Add) might need to access other plugins loaded in self.api to determine what their custom Command.get_args and Command.get_options methods should yield.
- _repr_iter(**params)¶
Iterate through
repr()
of safe values of args and options.This method uses parameters.Param.safe_value() to mask passwords when logging. Logging the exact call is extremely useful, but we obviously don’t want to log the cleartext password.
For example:
>>> class my_cmd(Command): ... takes_args = ('login',) ... takes_options=(Password('passwd'),) ... >>> c = my_cmd() >>> c.finalize() >>> list(c._repr_iter(login=u'Okay.', passwd=u'Private!')) ["u'Okay.'", "passwd=u'********'"]
- _signature = <Signature (cn: str, *, type: str, all: bool, raw: bool, version: str = None) -> Dict[str, Any]>¶
- add_message(message)¶
- addattr_option = Str('addattr*', validate_add_attribute, cli_name='addattr', doc=Gettext('Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.', domain='ipa', localedir=None), exclude=[u'webui'])¶
- property api¶
Return API instance passed to __init__().
- api_version = '2.249'¶
- args = None¶
- args_options_2_entry(*args, **options)¶
Creates a LDAP entry from attributes in args and options.
- args_options_2_params(*args, **options)¶
Merge (args, options) into params.
- property attr_name¶
- bases = (<class 'ipaserver.plugins.baseldap.LDAPRetrieve'>,)¶
- callback_types = ('interactive_prompt', 'pre', 'post', 'exc')¶
- check_args(args)¶
Sanity test for args namespace.
This method gets called by HasParam._create_param_namespace().
- property context¶
- convert(**kw)¶
Return a dictionary of values converted to correct type.
>>> from ipalib import Int >>> class my_command(Command): ... takes_args = ( ... Int('one'), ... 'two', ... ) ... >>> c = my_command() >>> c.finalize() >>> c.convert(one=1, two=2) {'two': u'2', 'one': 1}
- delattr_option = Str('delattr*', validate_del_attribute, cli_name='delattr', doc=Gettext('Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.', domain='ipa', localedir=None), exclude=[u'webui'])¶
- doc = Gettext('\n Display information about an automember rule.\n ', domain='ipa', localedir=None)¶
- ensure_finalized()¶
Finalize plugin initialization if it has not yet been finalized.
- property env¶
- exc_callback(keys, options, exc, call_func, *call_args, **call_kwargs)¶
- execute(*keys, **options)[source]¶
Perform the actual work this command does.
This method should be implemented only against functionality in self.api.Backend. For example, a hypothetical user_add.execute() might be implemented like this:
>>> class user_add(Command): ... def execute(self, **kw): ... return self.api.Backend.ldap.add(**kw) ...
- extra_args_first = False¶
- extra_options_first = False¶
- finalize()¶
Finalize plugin initialization.
This method calls _on_finalize() and locks the plugin object.
Subclasses should not override this method. Custom finalization is done in _on_finalize().
- class finalize_attr(name, value=None)¶
Bases:
object
Create a stub object for plugin attribute that isn’t set until the finalization of the plugin initialization.
When the stub object is accessed, it calls ensure_finalized() to make sure the plugin initialization is finalized. The stub object is expected to be replaced with the actual attribute value during the finalization (preferably in _on_finalize()), otherwise an AttributeError is raised.
This is used to implement on-demand finalization of plugin initialization.
- __annotations__ = {}¶
- __get__(obj, cls)¶
- __init__(name, value=None)¶
- __module__ = 'ipalib.plugable'¶
- __slots__ = ('name', 'value')¶
- name¶
- value¶
- forward(*args, **kw)¶
Forward call over RPC to this same command on server.
- property forwarded_name¶
- full_name = 'automember_show/1'¶
- get_args()¶
Iterate through parameters for
Command.args
namespace.This method gets called by HasParam._create_param_namespace().
Subclasses can override this to customize how the arguments are determined. For an example of why this can be useful, see the ipalib.crud.Create subclass.
- classmethod get_callbacks(callback_type)¶
Yield callbacks of the given type
- get_default(_params=None, **kw)¶
Return a dictionary of defaults for all missing required values.
For example:
>>> from ipalib import Str >>> class my_command(Command): ... takes_args = Str('color', default=u'Red') ... >>> c = my_command() >>> c.finalize() >>> c.get_default() {'color': u'Red'} >>> c.get_default(color=u'Yellow') {}
- get_default_of(_name, **kw)¶
Return default value for parameter _name.
- get_options()¶
Iterate through parameters for
Command.options
namespace.This method gets called by HasParam._create_param_namespace().
For commands that return entries two special options are generated: –all makes the command retrieve/display all attributes –raw makes the command display attributes as they are stored
Subclasses can override this to customize how the arguments are determined. For an example of why this can be useful, see the ipalib.crud.Create subclass.
- get_output_params()¶
- get_summary_default(output)¶
- has_output = (Output('summary', type=[<type 'unicode'>, <type 'NoneType'>], doc=Gettext('User-friendly description of action performed', domain='ipa', localedir=None)), Entry('result'), PrimaryKey('value', doc=Gettext("The primary_key value of the entry, e.g. 'jdoe' for a user", domain='ipa', localedir=None), flags=['no_display']))¶
- has_output_params = (Flag('has_password', autofill=True, default=False, label=Gettext('Password', domain='ipa', localedir=None)), Str('member', label=Gettext('Failed members', domain='ipa', localedir=None)), Str('member_user?', label=Gettext('Member users', domain='ipa', localedir=None)), Str('member_group?', label=Gettext('Member groups', domain='ipa', localedir=None)), Str('memberof_group?', label=Gettext('Member of groups', domain='ipa', localedir=None)), Str('member_host?', label=Gettext('Member hosts', domain='ipa', localedir=None)), Str('member_hostgroup?', label=Gettext('Member host-groups', domain='ipa', localedir=None)), Str('memberof_hostgroup?', label=Gettext('Member of host-groups', domain='ipa', localedir=None)), Str('memberof_permission?', label=Gettext('Permissions', domain='ipa', localedir=None)), Str('memberof_privilege?', label=u'Privileges'), Str('memberof_role?', label=Gettext('Roles', domain='ipa', localedir=None)), Str('memberof_sudocmdgroup?', label=Gettext('Sudo Command Groups', domain='ipa', localedir=None)), Str('member_privilege?', label=u'Granted to Privilege'), Str('member_role?', label=Gettext('Granting privilege to roles', domain='ipa', localedir=None)), Str('member_netgroup?', label=Gettext('Member netgroups', domain='ipa', localedir=None)), Str('memberof_netgroup?', label=Gettext('Member of netgroups', domain='ipa', localedir=None)), Str('member_service?', label=Gettext('Member services', domain='ipa', localedir=None)), Str('member_servicegroup?', label=Gettext('Member service groups', domain='ipa', localedir=None)), Str('memberof_servicegroup?', label=u'Member of service groups'), Str('member_hbacsvc?', label=Gettext('Member HBAC service', domain='ipa', localedir=None)), Str('member_hbacsvcgroup?', label=Gettext('Member HBAC service groups', domain='ipa', localedir=None)), Str('memberof_hbacsvcgroup?', label=u'Member of HBAC service groups'), Str('member_sudocmd?', label=u'Member Sudo commands'), Str('memberof_sudorule?', label=u'Member of Sudo rule'), Str('memberof_hbacrule?', label=u'Member of HBAC rule'), Str('memberof_subid?', label=u'Subordinate ids'), Str('member_idoverrideuser?', label=Gettext('Member ID user overrides', domain='ipa', localedir=None)), Str('memberindirect_idoverrideuser?', label=Gettext('Indirect Member ID user overrides', domain='ipa', localedir=None)), Str('memberindirect_user?', label=Gettext('Indirect Member users', domain='ipa', localedir=None)), Str('memberindirect_group?', label=Gettext('Indirect Member groups', domain='ipa', localedir=None)), Str('memberindirect_host?', label=Gettext('Indirect Member hosts', domain='ipa', localedir=None)), Str('memberindirect_hostgroup?', label=Gettext('Indirect Member host-groups', domain='ipa', localedir=None)), Str('memberindirect_role?', label=Gettext('Indirect Member of roles', domain='ipa', localedir=None)), Str('memberindirect_permission?', label=Gettext('Indirect Member permissions', domain='ipa', localedir=None)), Str('memberindirect_hbacsvc?', label=Gettext('Indirect Member HBAC service', domain='ipa', localedir=None)), Str('memberindirect_hbacsvcgrp?', label=Gettext('Indirect Member HBAC service group', domain='ipa', localedir=None)), Str('memberindirect_netgroup?', label=Gettext('Indirect Member netgroups', domain='ipa', localedir=None)), Str('memberofindirect_group?', label=u'Indirect Member of group'), Str('memberofindirect_netgroup?', label=u'Indirect Member of netgroup'), Str('memberofindirect_hostgroup?', label=u'Indirect Member of host-group'), Str('memberofindirect_role?', label=u'Indirect Member of role'), Str('memberofindirect_sudorule?', label=u'Indirect Member of Sudo rule'), Str('memberofindirect_hbacrule?', label=u'Indirect Member of HBAC rule'), Str('sourcehost', label=Gettext('Failed source hosts/hostgroups', domain='ipa', localedir=None)), Str('memberhost', label=Gettext('Failed hosts/hostgroups', domain='ipa', localedir=None)), Str('memberuser', label=Gettext('Failed users/groups', domain='ipa', localedir=None)), Str('memberservice', label=Gettext('Failed service/service groups', domain='ipa', localedir=None)), Str('failed', flags=[u'suppress_empty'], label=Gettext('Failed to remove', domain='ipa', localedir=None)), Str('ipasudorunas', label=Gettext('Failed RunAs', domain='ipa', localedir=None)), Str('ipasudorunasgroup', label=Gettext('Failed RunAsGroup', domain='ipa', localedir=None)))¶
- interactive_prompt_callback(kw)¶
- internal_options = ()¶
- json_friendly_attributes = ('name', 'doc', 'NO_CLI')¶
- log_messages(output)¶
- msg_summary = None¶
- msg_truncated = Gettext('Results are truncated, try a more specific search', domain='ipa', localedir=None)¶
- name = 'automember_show'¶
- normalize(**kw)¶
Return a dictionary of normalized values.
For example:
>>> class my_command(Command): ... takes_options = ( ... Param('first', normalizer=lambda value: value.lower()), ... Param('last'), ... ) ... >>> c = my_command() >>> c.finalize() >>> c.normalize(first=u'JOHN', last=u'DOE') {'last': u'DOE', 'first': u'john'}
- property obj¶
- property obj_full_name¶
- property obj_name¶
- obj_version = '1'¶
- options = None¶
- output = None¶
- output_for_cli(textui, output, *args, **options)¶
Generic output method. Prints values the output argument according to their type and self.output.
Entry attributes are labeled and printed in the order specified in self.output_params. Attributes that aren’t present in self.output_params are not printed unless the command was invokend with the –all option. Attribute labelling is disabled if the –raw option was given.
Subclasses can override this method, if custom output is needed.
- output_params = None¶
- params = None¶
- params_2_args_options(**params)¶
Split params into (args, options).
- params_by_default = None¶
- post_callback(ldap, dn, entry_attrs, *keys, **options)¶
- pre_callback(ldap, dn, attrs_list, *keys, **options)¶
- process_attr_options(entry_attrs, dn, keys, options)¶
Process all –setattr, –addattr, and –delattr options and add the resulting value to the list of attributes. –setattr is processed first, then –addattr and finally –delattr.
When –setattr is not used then the original LDAP object is looked up (of course, not when dn is None) and the changes are applied to old object values.
Attribute values deleted by –delattr may be deleted from attribute values set or added by –setattr, –addattr. For example, the following attributes will result in a NOOP:
–addattr=attribute=foo –delattr=attribute=foo
AttrValueNotFound exception may be raised when an attribute value was not found either by –setattr and –addattr nor in existing LDAP object.
- Parameters
entry_attrs – A list of attributes that will be updated
dn – dn of updated LDAP object or None if a new object is created
keys – List of command arguments
options – List of options
- prompt_param(param, default=None, optional=False, kw={}, label=None)¶
Prompts the user for the value of given parameter.
Returns the parameter instance.
- classmethod register_callback(callback_type, callback, first=False)¶
Register a callback
- Parameters
callback_type – The callback type (e.g. ‘pre’, ‘post’)
callback – The callable added
first – If true, the new callback will be added before all existing callbacks; otherwise it’s added after them
Note that callbacks registered this way will be attached to this class only, not to its subclasses.
- classmethod register_exc_callback(callback, first=False)¶
Shortcut for register_callback(‘exc’, …)
- classmethod register_interactive_prompt_callback(callback, first=False)¶
Shortcut for register_callback(‘interactive_prompt’, …)
- classmethod register_post_callback(callback, first=False)¶
Shortcut for register_callback(‘post’, …)
- classmethod register_pre_callback(callback, first=False)¶
Shortcut for register_callback(‘pre’, …)
- run(*args, **options)¶
Dispatch to Command.execute or Command.forward.
If running in a server context, Command.execute is called and the actually work this command performs is executed locally.
If running in a non-server context, Command.forward is called, which forwards this call over RPC to the exact same command on the nearest IPA server and the actual work this command performs is executed remotely.
- setattr_option = Str('setattr*', validate_set_attribute, cli_name='setattr', doc=Gettext('Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.', domain='ipa', localedir=None), exclude=[u'webui'])¶
- summary = 'Display information about an automember rule.'¶
- takes_args = ()¶
- takes_options = (StrEnum('type', cli_metavar=u"['group', 'hostgroup']", doc=Gettext('Grouping to which the rule applies', domain='ipa', localedir=None), label=Gettext('Grouping Type', domain='ipa', localedir=None), values=[u'group', u'hostgroup']),)¶
- topic = 'automember'¶
- use_output_validation = True¶
- validate(**kw)¶
Validate all values.
If any value fails the validation, ipalib.errors.ValidationError (or a subclass thereof) will be raised.
- validate_output(output, version='2.249')¶
Validate the return value to make sure it meets the interface contract.
- verify_client_version(client_version)¶
Compare the version the client provided to the version of the server.
If the client major version does not match then return an error. If the client minor version is less than or equal to the server then let the request proceed.
- version = '1'¶