ipaserver.plugins.aci.aci_add

class ipaserver.plugins.aci.aci_add(aciname: str, *, permission: str = None, group: str = None, permissions: List[str], attrs: List[str] = None, type: str = None, memberof: str = None, filter: str = None, subtree: str = None, targetgroup: str = None, selfaci: bool = False, aciprefix: str, test: bool = False, all: bool, raw: bool, version: str = None)[source]

Bases: ipalib.crud.Create

Public Methods:

execute(aciname, **kw)

Execute the aci-create operation.

Inherited from Create

get_args()

Iterate through parameters for Command.args namespace.

get_options()

Iterate through parameters for Command.options namespace.

Inherited from Method

get_output_params()

Inherited from Command

args

options

params

params_by_default

output

output_params

__call__(*args, **options)

Perform validation and then execute the command.

add_message(message)

args_options_2_params(*args, **options)

Merge (args, options) into params.

args_options_2_entry(*args, **options)

Creates a LDAP entry from attributes in args and options.

params_2_args_options(**params)

Split params into (args, options).

prompt_param(param[, default, optional, kw, ...])

Prompts the user for the value of given parameter.

normalize(**kw)

Return a dictionary of normalized values.

convert(**kw)

Return a dictionary of values converted to correct type.

get_default([_params])

Return a dictionary of defaults for all missing required values.

get_default_of(_name, **kw)

Return default value for parameter _name.

validate(**kw)

Validate all values.

verify_client_version(client_version)

Compare the version the client provided to the version of the server.

run(*args, **options)

Dispatch to Command.execute or Command.forward.

execute(aciname, **kw)

Execute the aci-create operation.

forward(*args, **kw)

Forward call over RPC to this same command on server.

get_args()

Iterate through parameters for Command.args namespace.

check_args(args)

Sanity test for args namespace.

get_options()

Iterate through parameters for Command.options namespace.

validate_output(output[, version])

Validate the return value to make sure it meets the interface contract.

get_output_params()

get_summary_default(output)

log_messages(output)

output_for_cli(textui, output, *args, **options)

Generic output method.

__json__()

get_callbacks(callback_type)

Yield callbacks of the given type

register_callback(callback_type, callback[, ...])

Register a callback

register_interactive_prompt_callback(callback)

Shortcut for register_callback('interactive_prompt', ...)

interactive_prompt_callback(kw)

Inherited from Plugin

__init__(api)

finalize()

Finalize plugin initialization.

ensure_finalized()

Finalize plugin initialization if it has not yet been finalized.

__repr__()

Return 'module_name.class_name()' representation.

Inherited from ReadOnly

__lock__()

Put this instance into a read-only state.

__islocked__()

Return True if instance is locked, otherwise False.

__setattr__(name, value)

If unlocked, set attribute named name to value.

__delattr__(name)

If unlocked, delete attribute named name.

Private Data Attributes:

_signature

Inherited from ReadOnly

_ReadOnly__locked

Private Methods:

Inherited from Create

_Create__clone(param, **kw)

Inherited from Command

_Command__topic_getter()

_Command__do_call(*args, **options)

_repr_iter(**params)

Iterate through repr() of safe values of args and options.

_Command__args_2_params(values)

_Command__options_2_params(options)

_Command__attributes_2_entry(kw)

_Command__params_2_options(params)

_Command__get_default_iter(params, kw)

Generator method used by Command.get_default and Command.get_default_of.

_on_finalize()

Finalize plugin initialization.

_iter_output()

Inherited from HasParam

_get_param_iterable(name[, verb])

Return an iterable of params defined by the attribute named name.

_filter_param_by_context(name[, env])

Filter params on attribute named name by environment env.

_create_param_namespace(name[, env])

Inherited from Plugin

_Plugin__name_getter()

_Plugin__full_name_getter()

_Plugin__bases_getter()

_Plugin__doc_getter()

_Plugin__summary_getter()

_on_finalize()

Finalize plugin initialization.


property Backend
property Command
NO_CLI = True
__annotations__ = {}
__call__(*args, **options)

Perform validation and then execute the command.

If not in a server context, the call will be forwarded over XML-RPC and the executed an the nearest IPA server.

__delattr__(name)

If unlocked, delete attribute named name.

If this instance is locked, an AttributeError will be raised.

Parameters

name – Name of attribute to delete.

__dict__ = mappingproxy({'__module__': 'ipaserver.plugins.aci', '__doc__': Gettext('Create new ACI.', domain='ipa', localedir=None), 'NO_CLI': True, 'msg_summary': Gettext('Created ACI "%(value)s"', domain='ipa', localedir=None), 'takes_options': (StrEnum('aciprefix', cli_metavar=u"['permission', 'delegation', 'selfservice', 'none']", cli_name='prefix', doc=Gettext('Prefix used to distinguish ACI types (permission, delegation, selfservice, none)', domain='ipa', localedir=None), flags=[u'no_update', u'no_create', u'no_search'], label=Gettext('ACI prefix', domain='ipa', localedir=None), values=[u'permission', u'delegation', u'selfservice', u'none']), Flag('test?', autofill=True, default=False, doc=Gettext("Test the ACI syntax but don't write anything", domain='ipa', localedir=None))), 'execute': <function aci_add.execute>, '__annotations__': {}, '_signature': <Signature (aciname: str, *, permission: str = None, group: str = None, permissions: List[str], attrs: List[str] = None, type: str = None, memberof: str = None, filter: str = None, subtree: str = None, targetgroup: str = None, selfaci: bool = False, aciprefix: str, test: bool = False, all: bool, raw: bool, version: str = None) -> Dict[str, Any]>})
__init__(api)
__islocked__()

Return True if instance is locked, otherwise False.

__json__()
__lock__()

Put this instance into a read-only state.

After the instance has been locked, attempting to set or delete an attribute will raise an AttributeError.

__module__ = 'ipaserver.plugins.aci'
__repr__()

Return ‘module_name.class_name()’ representation.

This representation could be used to instantiate this Plugin instance given the appropriate environment.

__setattr__(name, value)

If unlocked, set attribute named name to value.

If this instance is locked, an AttributeError will be raised.

Parameters
  • name – Name of attribute to set.

  • value – Value to assign to attribute.

__signature__ = <Signature (aciname: str, *, permission: str = None, group: str = None, permissions: List[str], attrs: List[str] = None, type: str = None, memberof: str = None, filter: str = None, subtree: str = None, targetgroup: str = None, selfaci: bool = False, aciprefix: str, test: bool = False, all: bool, raw: bool, version: str = None) -> Dict[str, Any]>
__weakref__

list of weak references to the object (if defined)

_create_param_namespace(name, env=None)
_filter_param_by_context(name, env=None)

Filter params on attribute named name by environment env.

For example:

>>> from ipalib.config import Env
>>> class Example(HasParam):
...
...     takes_args = (
...         Str('foo_only', include=['foo']),
...         Str('not_bar', exclude=['bar']),
...         'both',
...     )
...
...     def get_args(self):
...         return self._get_param_iterable('args')
...
...
>>> eg = Example()
>>> foo = Env(context='foo')
>>> bar = Env(context='bar')
>>> another = Env(context='another')
>>> (foo.context, bar.context, another.context)
(u'foo', u'bar', u'another')
>>> list(eg._filter_param_by_context('args', foo))
[Str('foo_only', include=['foo']), Str('not_bar', exclude=['bar']), Str('both')]
>>> list(eg._filter_param_by_context('args', bar))
[Str('both')]
>>> list(eg._filter_param_by_context('args', another))
[Str('not_bar', exclude=['bar']), Str('both')]
_get_param_iterable(name, verb='takes')

Return an iterable of params defined by the attribute named name.

A sequence of params can be defined one of three ways: as a tuple; as a callable that returns an iterable; or as a param spec (a Param or str instance). This method returns a uniform iterable regardless of how the param sequence was defined.

For example, when defined with a tuple:

>>> class ByTuple(HasParam):
...     takes_args = (Param('foo'), Param('bar'))
...
>>> by_tuple = ByTuple()
>>> list(by_tuple._get_param_iterable('args'))
[Param('foo'), Param('bar')]

Or you can define your param sequence with a callable when you need to reference attributes on your plugin instance (for validation rules, etc.). For example:

>>> class ByCallable(HasParam):
...     def takes_args(self):
...         yield Param('foo', self.validate_foo)
...         yield Param('bar', self.validate_bar)
...
...     def validate_foo(self, _, value, **kw):
...         if value != 'Foo':
...             return _("must be 'Foo'")
...
...     def validate_bar(self, _, value, **kw):
...         if value != 'Bar':
...             return _("must be 'Bar'")
...
>>> by_callable = ByCallable()
>>> list(by_callable._get_param_iterable('args'))
[Param('foo', validate_foo), Param('bar', validate_bar)]

Lastly, as a convenience for when a param sequence contains a single param, your defining attribute may a param spec (either a Param or an str instance). For example:

>>> class BySpec(HasParam):
...     takes_args = Param('foo')
...     takes_options = 'bar?'
...
>>> by_spec = BySpec()
>>> list(by_spec._get_param_iterable('args'))
[Param('foo')]
>>> list(by_spec._get_param_iterable('options'))
['bar?']

For information on how an str param spec is interpreted, see the create_param() and parse_param_spec() functions in the ipalib.parameters module.

Also see HasParam._filter_param_by_context().

_iter_output()
_on_finalize()

Finalize plugin initialization.

This method creates the args, options, and params namespaces. This is not done in Command.__init__ because subclasses (like crud.Add) might need to access other plugins loaded in self.api to determine what their custom Command.get_args and Command.get_options methods should yield.

_repr_iter(**params)

Iterate through repr() of safe values of args and options.

This method uses parameters.Param.safe_value() to mask passwords when logging. Logging the exact call is extremely useful, but we obviously don’t want to log the cleartext password.

For example:

>>> class my_cmd(Command):
...     takes_args = ('login',)
...     takes_options=(Password('passwd'),)
...
>>> c = my_cmd()
>>> c.finalize()
>>> list(c._repr_iter(login=u'Okay.', passwd=u'Private!'))
["u'Okay.'", "passwd=u'********'"]
_signature = <Signature (aciname: str, *, permission: str = None, group: str = None, permissions: List[str], attrs: List[str] = None, type: str = None, memberof: str = None, filter: str = None, subtree: str = None, targetgroup: str = None, selfaci: bool = False, aciprefix: str, test: bool = False, all: bool, raw: bool, version: str = None) -> Dict[str, Any]>
add_message(message)
property api

Return API instance passed to __init__().

api_version = '2.249'
args = None
args_options_2_entry(*args, **options)

Creates a LDAP entry from attributes in args and options.

args_options_2_params(*args, **options)

Merge (args, options) into params.

property attr_name
bases = (<class 'ipalib.crud.Create'>,)
callback_types = ('interactive_prompt',)
check_args(args)

Sanity test for args namespace.

This method gets called by HasParam._create_param_namespace().

property context
convert(**kw)

Return a dictionary of values converted to correct type.

>>> from ipalib import Int
>>> class my_command(Command):
...     takes_args = (
...         Int('one'),
...         'two',
...     )
...
>>> c = my_command()
>>> c.finalize()
>>> c.convert(one=1, two=2)
{'two': u'2', 'one': 1}
doc = Gettext('Create new ACI.', domain='ipa', localedir=None)
ensure_finalized()

Finalize plugin initialization if it has not yet been finalized.

property env
execute(aciname, **kw)[source]

Execute the aci-create operation.

Returns the entry as it will be created in LDAP.

Parameters
  • aciname – The name of the ACI being added.

  • kw – Keyword arguments for the other LDAP attributes.

extra_args_first = False
extra_options_first = False
finalize()

Finalize plugin initialization.

This method calls _on_finalize() and locks the plugin object.

Subclasses should not override this method. Custom finalization is done in _on_finalize().

class finalize_attr(name, value=None)

Bases: object

Create a stub object for plugin attribute that isn’t set until the finalization of the plugin initialization.

When the stub object is accessed, it calls ensure_finalized() to make sure the plugin initialization is finalized. The stub object is expected to be replaced with the actual attribute value during the finalization (preferably in _on_finalize()), otherwise an AttributeError is raised.

This is used to implement on-demand finalization of plugin initialization.

__annotations__ = {}
__get__(obj, cls)
__init__(name, value=None)
__module__ = 'ipalib.plugable'
__slots__ = ('name', 'value')
name
value
forward(*args, **kw)

Forward call over RPC to this same command on server.

property forwarded_name
full_name = 'aci_add/1'
get_args()

Iterate through parameters for Command.args namespace.

This method gets called by HasParam._create_param_namespace().

Subclasses can override this to customize how the arguments are determined. For an example of why this can be useful, see the ipalib.crud.Create subclass.

classmethod get_callbacks(callback_type)

Yield callbacks of the given type

get_default(_params=None, **kw)

Return a dictionary of defaults for all missing required values.

For example:

>>> from ipalib import Str
>>> class my_command(Command):
...     takes_args = Str('color', default=u'Red')
...
>>> c = my_command()
>>> c.finalize()
>>> c.get_default()
{'color': u'Red'}
>>> c.get_default(color=u'Yellow')
{}
get_default_of(_name, **kw)

Return default value for parameter _name.

get_options()

Iterate through parameters for Command.options namespace.

This method gets called by HasParam._create_param_namespace().

For commands that return entries two special options are generated: –all makes the command retrieve/display all attributes –raw makes the command display attributes as they are stored

Subclasses can override this to customize how the arguments are determined. For an example of why this can be useful, see the ipalib.crud.Create subclass.

get_output_params()
get_summary_default(output)
has_output = (Output('summary', type=[<type 'unicode'>, <type 'NoneType'>], doc=Gettext('User-friendly description of action performed', domain='ipa', localedir=None)), Entry('result'), PrimaryKey('value', doc=Gettext("The primary_key value of the entry, e.g. 'jdoe' for a user", domain='ipa', localedir=None), flags=['no_display']))
has_output_params = ()
interactive_prompt_callback(kw)
internal_options = ()
json_friendly_attributes = ('name', 'doc', 'NO_CLI')
log_messages(output)
msg_summary = Gettext('Created ACI "%(value)s"', domain='ipa', localedir=None)
msg_truncated = Gettext('Results are truncated, try a more specific search', domain='ipa', localedir=None)
name = 'aci_add'
normalize(**kw)

Return a dictionary of normalized values.

For example:

>>> class my_command(Command):
...     takes_options = (
...         Param('first', normalizer=lambda value: value.lower()),
...         Param('last'),
...     )
...
>>> c = my_command()
>>> c.finalize()
>>> c.normalize(first=u'JOHN', last=u'DOE')
{'last': u'DOE', 'first': u'john'}
property obj
property obj_full_name
property obj_name
obj_version = '1'
options = None
output = None
output_for_cli(textui, output, *args, **options)

Generic output method. Prints values the output argument according to their type and self.output.

Entry attributes are labeled and printed in the order specified in self.output_params. Attributes that aren’t present in self.output_params are not printed unless the command was invokend with the –all option. Attribute labelling is disabled if the –raw option was given.

Subclasses can override this method, if custom output is needed.

output_params = None
params = None
params_2_args_options(**params)

Split params into (args, options).

params_by_default = None
prompt_param(param, default=None, optional=False, kw={}, label=None)

Prompts the user for the value of given parameter.

Returns the parameter instance.

classmethod register_callback(callback_type, callback, first=False)

Register a callback

Parameters
  • callback_type – The callback type (e.g. ‘pre’, ‘post’)

  • callback – The callable added

  • first – If true, the new callback will be added before all existing callbacks; otherwise it’s added after them

Note that callbacks registered this way will be attached to this class only, not to its subclasses.

classmethod register_interactive_prompt_callback(callback, first=False)

Shortcut for register_callback(‘interactive_prompt’, …)

run(*args, **options)

Dispatch to Command.execute or Command.forward.

If running in a server context, Command.execute is called and the actually work this command performs is executed locally.

If running in a non-server context, Command.forward is called, which forwards this call over RPC to the exact same command on the nearest IPA server and the actual work this command performs is executed remotely.

summary = 'Create new ACI.'
takes_args = ()
takes_options = (StrEnum('aciprefix', cli_metavar=u"['permission', 'delegation', 'selfservice', 'none']", cli_name='prefix', doc=Gettext('Prefix used to distinguish ACI types (permission, delegation, selfservice, none)', domain='ipa', localedir=None), flags=[u'no_update', u'no_create', u'no_search'], label=Gettext('ACI prefix', domain='ipa', localedir=None), values=[u'permission', u'delegation', u'selfservice', u'none']), Flag('test?', autofill=True, default=False, doc=Gettext("Test the ACI syntax but don't write anything", domain='ipa', localedir=None)))
topic = 'aci'
use_output_validation = True
validate(**kw)

Validate all values.

If any value fails the validation, ipalib.errors.ValidationError (or a subclass thereof) will be raised.

validate_output(output, version='2.249')

Validate the return value to make sure it meets the interface contract.

verify_client_version(client_version)

Compare the version the client provided to the version of the server.

If the client major version does not match then return an error. If the client minor version is less than or equal to the server then let the request proceed.

version = '1'