class cosentry_add(Method):
NO_CLI = True
takes_args = (parameters.Str('cn', ), )
takes_options = (
parameters.DNParam('krbpwdpolicyreference', ),
parameters.Int('cospriority', ),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.Output(
'value',
unicode,
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class cosentry(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
),
parameters.DNParam('krbpwdpolicyreference', ),
parameters.Int('cospriority', ),
)
class aci_show(Method):
__doc__ = _("Display a single ACI given an ACI name.")
NO_CLI = True
takes_args = (parameters.Str(
'aciname',
cli_name='name',
label=_(u'ACI name'),
), )
takes_options = (
parameters.Str(
'aciprefix',
cli_name='prefix',
cli_metavar="['permission', 'delegation', 'selfservice', 'none']",
label=_(u'ACI prefix'),
doc=
_(u'Prefix used to distinguish ACI types (permission, delegation, selfservice, none)'
),
),
parameters.DNParam(
'location',
required=False,
label=_(u'Location of the ACI'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class topologysuffix(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Suffix name'),
),
parameters.DNParam(
'iparepltopoconfroot',
label=_(u'Managed LDAP suffix DN'),
),
)
class topologysuffix_mod(Method):
__doc__ = _("Modify a topology suffix.")
NO_CLI = True
takes_args = (
parameters.Str(
'cn',
cli_name='name',
label=_(u'Suffix name'),
),
)
takes_options = (
parameters.DNParam(
'iparepltopoconfroot',
required=False,
cli_name='suffix_dn',
label=_(u'Managed LDAP suffix DN'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'),
exclude=('webui',),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class topologysuffix_find(Method):
__doc__ = _("Search for topology suffixes.")
takes_args = (
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'cn',
required=False,
cli_name='name',
label=_(u'Suffix name'),
),
parameters.DNParam(
'iparepltopoconfroot',
required=False,
cli_name='suffix_dn',
label=_(u'Managed LDAP suffix DN'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("name")'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class config(Object):
takes_params = (
parameters.Int(
'ipamaxusernamelength',
label=_(u'Maximum username length'),
),
parameters.Str(
'ipahomesrootdir',
label=_(u'Home directory base'),
doc=_(u'Default location of home directories'),
),
parameters.Str(
'ipadefaultloginshell',
label=_(u'Default shell'),
doc=_(u'Default shell for new users'),
),
parameters.Str(
'ipadefaultprimarygroup',
label=_(u'Default users group'),
doc=_(u'Default group for new users'),
),
parameters.Str(
'ipadefaultemaildomain',
required=False,
label=_(u'Default e-mail domain'),
),
parameters.Int(
'ipasearchtimelimit',
label=_(u'Search time limit'),
doc=
_(u'Maximum amount of time (seconds) for a search (> 0, or -1 for unlimited)'
),
),
parameters.Int(
'ipasearchrecordslimit',
label=_(u'Search size limit'),
doc=_(u'Maximum number of records to search (-1 is unlimited)'),
),
parameters.Str(
'ipausersearchfields',
label=_(u'User search fields'),
doc=
_(u'A comma-separated list of fields to search in when searching for users'
),
),
parameters.Str(
'ipagroupsearchfields',
label=_(u'Group search fields'),
doc=
_(u'A comma-separated list of fields to search in when searching for groups'
),
),
parameters.Bool(
'ipamigrationenabled',
label=_(u'Enable migration mode'),
),
parameters.DNParam(
'ipacertificatesubjectbase',
label=_(u'Certificate Subject base'),
doc=_(u'Base for certificate subjects (OU=Test,O=Example)'),
),
parameters.Str(
'ipagroupobjectclasses',
multivalue=True,
label=_(u'Default group objectclasses'),
doc=_(u'Default group objectclasses (comma-separated list)'),
),
parameters.Str(
'ipauserobjectclasses',
multivalue=True,
label=_(u'Default user objectclasses'),
doc=_(u'Default user objectclasses (comma-separated list)'),
),
parameters.Int(
'ipapwdexpadvnotify',
label=_(u'Password Expiration Notification (days)'),
doc=_(u"Number of days's notice of impending password expiration"),
),
parameters.Str(
'ipaconfigstring',
required=False,
multivalue=True,
label=_(u'Password plugin features'),
doc=_(u'Extra hashes to generate in password plug-in'),
),
parameters.Str(
'ipaselinuxusermaporder',
label=_(u'SELinux user map order'),
doc=_(
u'Order in increasing priority of SELinux users, delimited by $'
),
),
parameters.Str(
'ipaselinuxusermapdefault',
required=False,
label=_(u'Default SELinux user'),
doc=
_(u'Default SELinux user when no match is found in SELinux map rule'
),
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
label=_(u'Default PAC types'),
doc=_(u'Default types of PAC supported for services'),
),
)
class cosentry_find(Method):
NO_CLI = True
takes_args = (parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
), )
takes_options = (
parameters.Str(
'cn',
required=False,
),
parameters.DNParam(
'krbpwdpolicyreference',
required=False,
),
parameters.Int(
'cospriority',
required=False,
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("cn")'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class migrate_ds(Command):
__doc__ = _("Migrate users and groups from DS to IPA.")
takes_args = (
parameters.Str(
'ldapuri',
cli_name='ldap_uri',
label=_(u'LDAP URI'),
doc=_(u'LDAP URI of DS server to migrate from'),
),
parameters.Password(
'bindpw',
cli_name='password',
label=_(u'Password'),
doc=_(u'bind password'),
),
)
takes_options = (
parameters.DNParam(
'binddn',
required=False,
cli_name='bind_dn',
label=_(u'Bind DN'),
default=DN(u'cn=directory manager'),
autofill=True,
),
parameters.DNParam(
'usercontainer',
cli_name='user_container',
label=_(u'User container'),
doc=_(u'DN of container for users in DS relative to base DN'),
default=DN(u'ou=people'),
autofill=True,
),
parameters.DNParam(
'groupcontainer',
cli_name='group_container',
label=_(u'Group container'),
doc=_(u'DN of container for groups in DS relative to base DN'),
default=DN(u'ou=groups'),
autofill=True,
),
parameters.Str(
'userobjectclass',
multivalue=True,
cli_name='user_objectclass',
label=_(u'User object class'),
doc=
_(u'Comma-separated list of objectclasses used to search for user entries in DS'
),
default=(u'person', ),
autofill=True,
),
parameters.Str(
'groupobjectclass',
multivalue=True,
cli_name='group_objectclass',
label=_(u'Group object class'),
doc=
_(u'Comma-separated list of objectclasses used to search for group entries in DS'
),
default=(u'groupOfUniqueNames', u'groupOfNames'),
autofill=True,
),
parameters.Str(
'userignoreobjectclass',
required=False,
multivalue=True,
cli_name='user_ignore_objectclass',
label=_(u'Ignore user object class'),
doc=
_(u'Comma-separated list of objectclasses to be ignored for user entries in DS'
),
default=(),
autofill=True,
),
parameters.Str(
'userignoreattribute',
required=False,
multivalue=True,
cli_name='user_ignore_attribute',
label=_(u'Ignore user attribute'),
doc=
_(u'Comma-separated list of attributes to be ignored for user entries in DS'
),
default=(),
autofill=True,
),
parameters.Str(
'groupignoreobjectclass',
required=False,
multivalue=True,
cli_name='group_ignore_objectclass',
label=_(u'Ignore group object class'),
doc=
_(u'Comma-separated list of objectclasses to be ignored for group entries in DS'
),
default=(),
autofill=True,
),
parameters.Str(
'groupignoreattribute',
required=False,
multivalue=True,
cli_name='group_ignore_attribute',
label=_(u'Ignore group attribute'),
doc=
_(u'Comma-separated list of attributes to be ignored for group entries in DS'
),
default=(),
autofill=True,
),
parameters.Flag(
'groupoverwritegid',
cli_name='group_overwrite_gid',
label=_(u'Overwrite GID'),
doc=
_(u'When migrating a group already existing in IPA domain overwrite the group GID and report as success'
),
default=False,
autofill=True,
),
parameters.Str(
'schema',
required=False,
cli_metavar="['RFC2307bis', 'RFC2307']",
label=_(u'LDAP schema'),
doc=
_(u'The schema used on the LDAP server. Supported values are RFC2307 and RFC2307bis. The default is RFC2307bis'
),
default=u'RFC2307bis',
autofill=True,
),
parameters.Flag(
'continue',
required=False,
label=_(u'Continue'),
doc=
_(u'Continuous operation mode. Errors are reported but the process continues'
),
default=False,
autofill=True,
),
parameters.DNParam(
'basedn',
required=False,
cli_name='base_dn',
label=_(u'Base DN'),
doc=_(u'Base DN on remote LDAP server'),
),
parameters.Flag(
'compat',
required=False,
cli_name='with_compat',
label=_(u'Ignore compat plugin'),
doc=_(u'Allows migration despite the usage of compat plugin'),
default=False,
autofill=True,
),
parameters.Str(
'exclude_groups',
required=False,
multivalue=True,
doc=_(u'comma-separated list of groups to exclude from migration'),
default=(),
autofill=True,
),
parameters.Str(
'exclude_users',
required=False,
multivalue=True,
doc=_(u'comma-separated list of users to exclude from migration'),
default=(),
autofill=True,
),
)
has_output = (
output.Output(
'result',
dict,
doc=_(u'Lists of objects migrated; categorized by type.'),
),
output.Output(
'failed',
dict,
doc=
_(u'Lists of objects that could not be migrated; categorized by type.'
),
),
output.Output(
'enabled',
bool,
doc=_(u'False if migration mode was disabled.'),
),
output.Output(
'compat',
bool,
doc=
_(u'False if migration fails because the compatibility plug-in is enabled.'
),
),
)
class permission(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Permission name'),
),
parameters.Str(
'ipapermright',
required=False,
multivalue=True,
label=_(u'Granted rights'),
doc=_(u'Rights to grant (read, search, compare, write, add, delete, all)'),
),
parameters.Str(
'attrs',
required=False,
multivalue=True,
label=_(u'Effective attributes'),
doc=_(u'All attributes to which the permission applies'),
),
parameters.Str(
'ipapermincludedattr',
required=False,
multivalue=True,
label=_(u'Included attributes'),
doc=_(u'User-specified attributes to which the permission applies'),
),
parameters.Str(
'ipapermexcludedattr',
required=False,
multivalue=True,
label=_(u'Excluded attributes'),
doc=_(u'User-specified attributes to which the permission explicitly does not apply'),
),
parameters.Str(
'ipapermdefaultattr',
required=False,
multivalue=True,
label=_(u'Default attributes'),
doc=_(u'Attributes to which the permission applies by default'),
),
parameters.Str(
'ipapermbindruletype',
label=_(u'Bind rule type'),
),
parameters.Str(
'ipapermlocation',
required=False,
label=_(u'Subtree'),
doc=_(u'Subtree to apply permissions to'),
),
parameters.Str(
'extratargetfilter',
required=False,
multivalue=True,
label=_(u'Extra target filter'),
),
parameters.Str(
'ipapermtargetfilter',
required=False,
multivalue=True,
label=_(u'Raw target filter'),
doc=_(u'All target filters, including those implied by type and memberof'),
),
parameters.DNParam(
'ipapermtarget',
required=False,
label=_(u'Target DN'),
doc=_(u'Optional DN to apply the permission to (must be in the subtree, but may not yet exist)'),
),
parameters.Str(
'memberof',
required=False,
multivalue=True,
label=_(u'Member of group'),
doc=_(u'Target members of a group (sets memberOf targetfilter)'),
),
parameters.Str(
'targetgroup',
required=False,
label=_(u'Target group'),
doc=_(u'User group to apply permissions to (sets target)'),
),
parameters.Str(
'type',
required=False,
label=_(u'Type'),
doc=_(u'Type of IPA object (sets subtree and objectClass targetfilter)'),
),
parameters.Str(
'filter',
required=False,
multivalue=True,
doc=_(u'Deprecated; use extratargetfilter'),
),
parameters.Str(
'subtree',
required=False,
multivalue=True,
doc=_(u'Deprecated; use ipapermlocation'),
),
parameters.Str(
'permissions',
required=False,
multivalue=True,
doc=_(u'Deprecated; use ipapermright'),
),
parameters.Str(
'member_privilege',
required=False,
label=_(u'Granted to Privilege'),
),
parameters.Str(
'memberindirect_role',
required=False,
label=_(u'Indirect Member of roles'),
),
)
class permission_mod(Method):
__doc__ = _("Modify a permission.")
takes_args = (
parameters.Str(
'cn',
cli_name='name',
label=_(u'Permission name'),
),
)
takes_options = (
parameters.Str(
'ipapermright',
required=False,
multivalue=True,
cli_name='right',
cli_metavar="['read', 'search', 'compare', 'write', 'add', 'delete', 'all']",
label=_(u'Granted rights'),
doc=_(u'Rights to grant (read, search, compare, write, add, delete, all)'),
),
parameters.Str(
'attrs',
required=False,
multivalue=True,
label=_(u'Effective attributes'),
doc=_(u'All attributes to which the permission applies'),
),
parameters.Str(
'ipapermincludedattr',
required=False,
multivalue=True,
cli_name='includedattrs',
label=_(u'Included attributes'),
doc=_(u'User-specified attributes to which the permission applies'),
),
parameters.Str(
'ipapermexcludedattr',
required=False,
multivalue=True,
cli_name='excludedattrs',
label=_(u'Excluded attributes'),
doc=_(u'User-specified attributes to which the permission explicitly does not apply'),
),
parameters.Str(
'ipapermbindruletype',
required=False,
cli_name='bindtype',
cli_metavar="['permission', 'all', 'anonymous']",
label=_(u'Bind rule type'),
default=u'permission',
),
parameters.Str(
'ipapermlocation',
required=False,
cli_name='subtree',
label=_(u'Subtree'),
doc=_(u'Subtree to apply permissions to'),
),
parameters.Str(
'extratargetfilter',
required=False,
multivalue=True,
cli_name='filter',
label=_(u'Extra target filter'),
),
parameters.Str(
'ipapermtargetfilter',
required=False,
multivalue=True,
cli_name='rawfilter',
label=_(u'Raw target filter'),
doc=_(u'All target filters, including those implied by type and memberof'),
),
parameters.DNParam(
'ipapermtarget',
required=False,
cli_name='target',
label=_(u'Target DN'),
doc=_(u'Optional DN to apply the permission to (must be in the subtree, but may not yet exist)'),
),
parameters.Str(
'memberof',
required=False,
multivalue=True,
label=_(u'Member of group'),
doc=_(u'Target members of a group (sets memberOf targetfilter)'),
),
parameters.Str(
'targetgroup',
required=False,
label=_(u'Target group'),
doc=_(u'User group to apply permissions to (sets target)'),
),
parameters.Str(
'type',
required=False,
label=_(u'Type'),
doc=_(u'Type of IPA object (sets subtree and objectClass targetfilter)'),
),
parameters.Str(
'filter',
required=False,
multivalue=True,
doc=_(u'Deprecated; use extratargetfilter'),
exclude=('cli', 'webui'),
),
parameters.Str(
'subtree',
required=False,
multivalue=True,
doc=_(u'Deprecated; use ipapermlocation'),
exclude=('cli', 'webui'),
),
parameters.Str(
'permissions',
required=False,
multivalue=True,
doc=_(u'Deprecated; use ipapermright'),
exclude=('cli', 'webui'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'),
exclude=('webui',),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'rename',
required=False,
label=_(u'Rename'),
doc=_(u'Rename the permission object'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class permission_find(Method):
__doc__ = _("Search for permissions.")
takes_args = (
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'cn',
required=False,
cli_name='name',
label=_(u'Permission name'),
),
parameters.Str(
'ipapermright',
required=False,
multivalue=True,
cli_name='right',
cli_metavar="['read', 'search', 'compare', 'write', 'add', 'delete', 'all']",
label=_(u'Granted rights'),
doc=_(u'Rights to grant (read, search, compare, write, add, delete, all)'),
),
parameters.Str(
'attrs',
required=False,
multivalue=True,
label=_(u'Effective attributes'),
doc=_(u'All attributes to which the permission applies'),
),
parameters.Str(
'ipapermincludedattr',
required=False,
multivalue=True,
cli_name='includedattrs',
label=_(u'Included attributes'),
doc=_(u'User-specified attributes to which the permission applies'),
),
parameters.Str(
'ipapermexcludedattr',
required=False,
multivalue=True,
cli_name='excludedattrs',
label=_(u'Excluded attributes'),
doc=_(u'User-specified attributes to which the permission explicitly does not apply'),
),
parameters.Str(
'ipapermdefaultattr',
required=False,
multivalue=True,
cli_name='defaultattrs',
label=_(u'Default attributes'),
doc=_(u'Attributes to which the permission applies by default'),
),
parameters.Str(
'ipapermbindruletype',
required=False,
cli_name='bindtype',
cli_metavar="['permission', 'all', 'anonymous']",
label=_(u'Bind rule type'),
default=u'permission',
),
parameters.Str(
'ipapermlocation',
required=False,
cli_name='subtree',
label=_(u'Subtree'),
doc=_(u'Subtree to apply permissions to'),
),
parameters.Str(
'extratargetfilter',
required=False,
multivalue=True,
cli_name='filter',
label=_(u'Extra target filter'),
),
parameters.Str(
'ipapermtargetfilter',
required=False,
multivalue=True,
cli_name='rawfilter',
label=_(u'Raw target filter'),
doc=_(u'All target filters, including those implied by type and memberof'),
),
parameters.DNParam(
'ipapermtarget',
required=False,
cli_name='target',
label=_(u'Target DN'),
doc=_(u'Optional DN to apply the permission to (must be in the subtree, but may not yet exist)'),
),
parameters.Str(
'memberof',
required=False,
multivalue=True,
label=_(u'Member of group'),
doc=_(u'Target members of a group (sets memberOf targetfilter)'),
),
parameters.Str(
'targetgroup',
required=False,
label=_(u'Target group'),
doc=_(u'User group to apply permissions to (sets target)'),
),
parameters.Str(
'type',
required=False,
label=_(u'Type'),
doc=_(u'Type of IPA object (sets subtree and objectClass targetfilter)'),
),
parameters.Str(
'filter',
required=False,
multivalue=True,
doc=_(u'Deprecated; use extratargetfilter'),
exclude=('cli', 'webui'),
),
parameters.Str(
'subtree',
required=False,
multivalue=True,
doc=_(u'Deprecated; use ipapermlocation'),
exclude=('cli', 'webui'),
),
parameters.Str(
'permissions',
required=False,
multivalue=True,
doc=_(u'Deprecated; use ipapermright'),
exclude=('cli', 'webui'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("name")'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
