コード例 #1
0
class trust_resolve(Command):
    __doc__ = _("Resolve security identifiers of users and groups in trusted domains")

    NO_CLI = True

    takes_options = (
        parameters.Str(
            'sids',
            multivalue=True,
            label=_(u'Security Identifiers (SIDs)'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.ListOfEntries(
            'result',
        ),
    )
コード例 #2
0
ファイル: automember.py プロジェクト: zz22394/freeipa
class automember_find(Method):
    __doc__ = _("Search for automember rules.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
            doc=_(u'A description of this auto member rule'),
        ),
        parameters.Str(
            'type',
            cli_metavar="['group', 'hostgroup']",
            label=_(u'Grouping Type'),
            doc=_(u'Grouping to which the rule applies'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #3
0
ファイル: entitle.py プロジェクト: zz22394/freeipa
class entitle_find(Method):
    __doc__ = _("Search for entitlement accounts.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #4
0
class trust_fetch_domains(Method):
    __doc__ = _("Refresh list of the domains associated with the trust")

    takes_args = (
        parameters.Str(
            'cn',
            cli_name='realm',
            label=_(u'Realm name'),
        ),
    )
    takes_options = (
        parameters.Flag(
            'rights',
            label=_(u'Rights'),
            doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #5
0
ファイル: entitle.py プロジェクト: zz22394/freeipa
class entitle_get(Command):
    __doc__ = _("Retrieve the entitlement certs.")

    takes_options = (
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #6
0
class user_status(Method):
    __doc__ = _("""
Lockout status of a user account

    An account may become locked if the password is entered incorrectly too
    many times within a specific time period as controlled by password
    policy. A locked account is a temporary condition and may be unlocked by
    an administrator.

    This connects to each IPA master and displays the lockout status on
    each one.

    To determine whether an account is locked on a given server you need
    to compare the number of failed logins and the time of the last failure.
    For an account to be locked it must exceed the maxfail failures within
    the failinterval duration as specified in the password policy associated
    with the user.

    The failed login counter is modified only when a user attempts a log in
    so it is possible that an account may appear locked but the last failed
    login attempt is older than the lockouttime of the password policy. This
    means that the user may attempt a login again.
    """)

    takes_args = (parameters.Str(
        'uid',
        cli_name='login',
        label=_(u'User login'),
        default_from=DefaultFrom(lambda givenname, sn: givenname[0] + sn,
                                 'principal'),
        no_convert=True,
    ), )
    takes_options = (
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #7
0
class topologysegment_find(Method):
    __doc__ = _("Search for topology segments.")

    takes_args = (
        parameters.Str(
            'topologysuffixcn',
            cli_name='topologysuffix',
            label=_(u'Suffix name'),
        ),
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Segment name'),
            doc=_(u'Arbitrary string identifying the segment'),
            default_from=DefaultFrom(lambda iparepltoposegmentleftnode, iparepltoposegmentrightnode: None, 'iparepltoposegmentleftnode', 'iparepltoposegmentrightnode'),
            # FIXME:
            # lambda iparepltoposegmentleftnode, iparepltoposegmentrightnode:
            no_convert=True,
        ),
        parameters.Str(
            'iparepltoposegmentleftnode',
            required=False,
            cli_name='leftnode',
            label=_(u'Left node'),
            doc=_(u'Left replication node - an IPA server'),
            no_convert=True,
        ),
        parameters.Str(
            'iparepltoposegmentrightnode',
            required=False,
            cli_name='rightnode',
            label=_(u'Right node'),
            doc=_(u'Right replication node - an IPA server'),
            no_convert=True,
        ),
        parameters.Str(
            'iparepltoposegmentdirection',
            required=False,
            cli_name='direction',
            cli_metavar="['both', 'left-right', 'right-left']",
            label=_(u'Connectivity'),
            doc=_(u'Direction of replication between left and right replication node'),
            exclude=('cli', 'webui'),
            default=u'both',
        ),
        parameters.Str(
            'nsds5replicastripattrs',
            required=False,
            cli_name='stripattrs',
            label=_(u'Attributes to strip'),
            doc=_(u'A space separated list of attributes which are removed from replication updates.'),
            no_convert=True,
        ),
        parameters.Str(
            'nsds5replicatedattributelist',
            required=False,
            cli_name='replattrs',
            label=_(u'Attributes to replicate'),
            doc=_(u'Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof'),
        ),
        parameters.Str(
            'nsds5replicatedattributelisttotal',
            required=False,
            cli_name='replattrstotal',
            label=_(u'Attributes for total update'),
            doc=_(u'Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout'),
        ),
        parameters.Int(
            'nsds5replicatimeout',
            required=False,
            cli_name='timeout',
            label=_(u'Session timeout'),
            doc=_(u'Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing'),
        ),
        parameters.Str(
            'nsds5replicaenabled',
            required=False,
            cli_name='enabled',
            cli_metavar="['on', 'off']",
            label=_(u'Replication agreement enabled'),
            doc=_(u'Whether a replication agreement is active, meaning whether replication is occurring per that agreement'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #8
0
ファイル: idrange.py プロジェクト: zpytela/freeipa
class idrange_find(Method):
    __doc__ = _("Search for ranges.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Range name'),
        ),
        parameters.Int(
            'ipabaseid',
            required=False,
            cli_name='base_id',
            label=_(u'First Posix ID of the range'),
        ),
        parameters.Int(
            'ipaidrangesize',
            required=False,
            cli_name='range_size',
            label=_(u'Number of IDs in the range'),
        ),
        parameters.Int(
            'ipabaserid',
            required=False,
            cli_name='rid_base',
            label=_(u'First RID of the corresponding RID range'),
        ),
        parameters.Int(
            'ipasecondarybaserid',
            required=False,
            cli_name='secondary_rid_base',
            label=_(u'First RID of the secondary RID range'),
        ),
        parameters.Str(
            'ipanttrusteddomainsid',
            required=False,
            cli_name='dom_sid',
            label=_(u'Domain SID of the trusted domain'),
        ),
        parameters.Str(
            'iparangetype',
            required=False,
            cli_name='type',
            cli_metavar="['ipa-ad-trust-posix', 'ipa-ad-trust', 'ipa-local']",
            label=_(u'Range type'),
            doc=
            _(u'ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local'
              ),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #9
0
ファイル: idviews.py プロジェクト: zz22394/freeipa
class idoverrideuser_find(Method):
    __doc__ = _("Search for an User ID override.")

    takes_args = (
        parameters.Str(
            'idviewcn',
            cli_name='idview',
            label=_(u'ID View Name'),
        ),
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'ipaanchoruuid',
            required=False,
            cli_name='anchor',
            label=_(u'Anchor to override'),
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
        ),
        parameters.Str(
            'uid',
            required=False,
            cli_name='login',
            label=_(u'User login'),
            no_convert=True,
        ),
        parameters.Int(
            'uidnumber',
            required=False,
            cli_name='uid',
            label=_(u'UID'),
            doc=_(u'User ID Number'),
        ),
        parameters.Str(
            'gecos',
            required=False,
            label=_(u'GECOS'),
        ),
        parameters.Int(
            'gidnumber',
            required=False,
            label=_(u'GID'),
            doc=_(u'Group ID Number'),
        ),
        parameters.Str(
            'homedirectory',
            required=False,
            cli_name='homedir',
            label=_(u'Home directory'),
        ),
        parameters.Str(
            'loginshell',
            required=False,
            cli_name='shell',
            label=_(u'Login shell'),
        ),
        parameters.Str(
            'ipaoriginaluid',
            required=False,
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'fallback_to_ldap',
            required=False,
            label=_(u'Fallback to AD DC LDAP'),
            doc=
            _(u'Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only.'
              ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("anchor")'
            ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #10
0
ファイル: certprofile.py プロジェクト: zavarat/freeipa
class certprofile_find(Method):
    __doc__ = _("Search for Certificate Profiles.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='id',
            label=_(u'Profile ID'),
            doc=_(u'Profile ID for referring to this profile'),
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Profile description'),
            doc=_(u'Brief description of this profile'),
        ),
        parameters.Bool(
            'ipacertprofilestoreissued',
            required=False,
            cli_name='store',
            label=_(u'Store issued certificates'),
            doc=_(u'Whether to store certs issued using this profile'),
            default=True,
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("id")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #11
0
ファイル: hbacrule.py プロジェクト: zz22394/freeipa
class hbacrule_find(Method):
    __doc__ = _("Search for HBAC rules.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Rule name'),
        ),
        parameters.Str(
            'accessruletype',
            required=False,
            cli_name='type',
            cli_metavar="['allow', 'deny']",
            label=_(u'Rule type'),
            doc=_(u'Rule type (allow)'),
            exclude=('webui', 'cli'),
            default=u'allow',
        ),
        parameters.Str(
            'usercategory',
            required=False,
            cli_name='usercat',
            cli_metavar="['all']",
            label=_(u'User category'),
            doc=_(u'User category the rule applies to'),
        ),
        parameters.Str(
            'hostcategory',
            required=False,
            cli_name='hostcat',
            cli_metavar="['all']",
            label=_(u'Host category'),
            doc=_(u'Host category the rule applies to'),
        ),
        parameters.Str(
            'sourcehostcategory',
            required=False,
            deprecated=True,
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'servicecategory',
            required=False,
            cli_name='servicecat',
            cli_metavar="['all']",
            label=_(u'Service category'),
            doc=_(u'Service category the rule applies to'),
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
        ),
        parameters.Bool(
            'ipaenabledflag',
            required=False,
            label=_(u'Enabled'),
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'sourcehost_host',
            required=False,
            deprecated=True,
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'sourcehost_hostgroup',
            required=False,
            deprecated=True,
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'externalhost',
            required=False,
            multivalue=True,
            label=_(u'External host'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #12
0
class server_find(Method):
    __doc__ = _("Search for IPA servers.")

    takes_args = (
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Server name'),
            doc=_(u'IPA server hostname'),
        ),
        parameters.Int(
            'ipamindomainlevel',
            required=False,
            cli_name='minlevel',
            label=_(u'Min domain level'),
            doc=_(u'Minimum domain level'),
        ),
        parameters.Int(
            'ipamaxdomainlevel',
            required=False,
            cli_name='maxlevel',
            label=_(u'Max domain level'),
            doc=_(u'Maximum domain level'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'topologysuffix',
            required=False,
            multivalue=True,
            cli_name='topologysuffixes',
            label=_(u'suffix'),
            doc=_(u'Search for servers with these managed suffixes.'),
        ),
        parameters.Str(
            'no_topologysuffix',
            required=False,
            multivalue=True,
            cli_name='no_topologysuffixes',
            label=_(u'suffix'),
            doc=_(u'Search for servers without these managed suffixes.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #13
0
class otptoken_find(Method):
    __doc__ = _("Search for OTP token.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'ipatokenuniqueid',
            required=False,
            cli_name='id',
            label=_(u'Unique ID'),
        ),
        parameters.Str(
            'type',
            required=False,
            cli_metavar="['totp', 'hotp', 'TOTP', 'HOTP']",
            label=_(u'Type'),
            doc=_(u'Type of the token'),
            default=u'totp',
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
            doc=_(u'Token description (informational only)'),
        ),
        parameters.Str(
            'ipatokenowner',
            required=False,
            cli_name='owner',
            label=_(u'Owner'),
            doc=_(u'Assigned user of the token (default: self)'),
        ),
        parameters.Bool(
            'ipatokendisabled',
            required=False,
            cli_name='disabled',
            label=_(u'Disabled'),
            doc=_(u'Mark the token as disabled (default: false)'),
        ),
        parameters.DateTime(
            'ipatokennotbefore',
            required=False,
            cli_name='not_before',
            label=_(u'Validity start'),
            doc=_(u'First date/time the token can be used'),
        ),
        parameters.DateTime(
            'ipatokennotafter',
            required=False,
            cli_name='not_after',
            label=_(u'Validity end'),
            doc=_(u'Last date/time the token can be used'),
        ),
        parameters.Str(
            'ipatokenvendor',
            required=False,
            cli_name='vendor',
            label=_(u'Vendor'),
            doc=_(u'Token vendor name (informational only)'),
        ),
        parameters.Str(
            'ipatokenmodel',
            required=False,
            cli_name='model',
            label=_(u'Model'),
            doc=_(u'Token model (informational only)'),
        ),
        parameters.Str(
            'ipatokenserial',
            required=False,
            cli_name='serial',
            label=_(u'Serial'),
            doc=_(u'Token serial (informational only)'),
        ),
        parameters.Str(
            'ipatokenotpalgorithm',
            required=False,
            cli_name='algo',
            cli_metavar="['sha1', 'sha256', 'sha384', 'sha512']",
            label=_(u'Algorithm'),
            doc=_(u'Token hash algorithm'),
            default=u'sha1',
        ),
        parameters.Int(
            'ipatokenotpdigits',
            required=False,
            cli_name='digits',
            cli_metavar="['6', '8']",
            label=_(u'Digits'),
            doc=_(u'Number of digits each token code will have'),
            default=6,
        ),
        parameters.Int(
            'ipatokentotpclockoffset',
            required=False,
            cli_name='offset',
            label=_(u'Clock offset'),
            doc=_(u'TOTP token / IPA server time difference'),
            default=0,
        ),
        parameters.Int(
            'ipatokentotptimestep',
            required=False,
            cli_name='interval',
            label=_(u'Clock interval'),
            doc=_(u'Length of TOTP token code validity'),
            default=30,
        ),
        parameters.Int(
            'ipatokenhotpcounter',
            required=False,
            cli_name='counter',
            label=_(u'Counter'),
            doc=_(u'Initial counter for the HOTP token'),
            default=0,
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("id")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #14
0
ファイル: permission.py プロジェクト: zz22394/freeipa
class permission_find(Method):
    __doc__ = _("Search for permissions.")

    takes_args = (
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Permission name'),
        ),
        parameters.Str(
            'ipapermright',
            required=False,
            multivalue=True,
            cli_name='right',
            cli_metavar="['read', 'search', 'compare', 'write', 'add', 'delete', 'all']",
            label=_(u'Granted rights'),
            doc=_(u'Rights to grant (read, search, compare, write, add, delete, all)'),
        ),
        parameters.Str(
            'attrs',
            required=False,
            multivalue=True,
            label=_(u'Effective attributes'),
            doc=_(u'All attributes to which the permission applies'),
        ),
        parameters.Str(
            'ipapermincludedattr',
            required=False,
            multivalue=True,
            cli_name='includedattrs',
            label=_(u'Included attributes'),
            doc=_(u'User-specified attributes to which the permission applies'),
        ),
        parameters.Str(
            'ipapermexcludedattr',
            required=False,
            multivalue=True,
            cli_name='excludedattrs',
            label=_(u'Excluded attributes'),
            doc=_(u'User-specified attributes to which the permission explicitly does not apply'),
        ),
        parameters.Str(
            'ipapermdefaultattr',
            required=False,
            multivalue=True,
            cli_name='defaultattrs',
            label=_(u'Default attributes'),
            doc=_(u'Attributes to which the permission applies by default'),
        ),
        parameters.Str(
            'ipapermbindruletype',
            required=False,
            cli_name='bindtype',
            cli_metavar="['permission', 'all', 'anonymous']",
            label=_(u'Bind rule type'),
            default=u'permission',
        ),
        parameters.Str(
            'ipapermlocation',
            required=False,
            cli_name='subtree',
            label=_(u'Subtree'),
            doc=_(u'Subtree to apply permissions to'),
        ),
        parameters.Str(
            'extratargetfilter',
            required=False,
            multivalue=True,
            cli_name='filter',
            label=_(u'Extra target filter'),
        ),
        parameters.Str(
            'ipapermtargetfilter',
            required=False,
            multivalue=True,
            cli_name='rawfilter',
            label=_(u'Raw target filter'),
            doc=_(u'All target filters, including those implied by type and memberof'),
        ),
        parameters.DNParam(
            'ipapermtarget',
            required=False,
            cli_name='target',
            label=_(u'Target DN'),
            doc=_(u'Optional DN to apply the permission to (must be in the subtree, but may not yet exist)'),
        ),
        parameters.Str(
            'memberof',
            required=False,
            multivalue=True,
            label=_(u'Member of group'),
            doc=_(u'Target members of a group (sets memberOf targetfilter)'),
        ),
        parameters.Str(
            'targetgroup',
            required=False,
            label=_(u'Target group'),
            doc=_(u'User group to apply permissions to (sets target)'),
        ),
        parameters.Str(
            'type',
            required=False,
            label=_(u'Type'),
            doc=_(u'Type of IPA object (sets subtree and objectClass targetfilter)'),
        ),
        parameters.Str(
            'filter',
            required=False,
            multivalue=True,
            doc=_(u'Deprecated; use extratargetfilter'),
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'subtree',
            required=False,
            multivalue=True,
            doc=_(u'Deprecated; use ipapermlocation'),
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'permissions',
            required=False,
            multivalue=True,
            doc=_(u'Deprecated; use ipapermright'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #15
0
class aci_find(Method):
    __doc__ = _("""
Search for ACIs.

    Returns a list of ACIs

    EXAMPLES:

     To find all ACIs that apply directly to members of the group ipausers:
       ipa aci-find --memberof=ipausers

     To find all ACIs that grant add access:
       ipa aci-find --permissions=add

    Note that the find command only looks for the given text in the set of
    ACIs, it does not evaluate the ACIs to see if something would apply.
    For example, searching on memberof=ipausers will find all ACIs that
    have ipausers as a memberof. There may be other ACIs that apply to
    members of that group indirectly.
    """)

    NO_CLI = True

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'aciname',
            required=False,
            cli_name='name',
            label=_(u'ACI name'),
        ),
        parameters.Str(
            'permission',
            required=False,
            label=_(u'Permission'),
            doc=_(u'Permission ACI grants access to'),
        ),
        parameters.Str(
            'group',
            required=False,
            label=_(u'User group'),
            doc=_(u'User group ACI grants access to'),
        ),
        parameters.Str(
            'permissions',
            required=False,
            multivalue=True,
            label=_(u'Permissions'),
            doc=_(u'Permissions to grant(read, write, add, delete, all)'),
            no_convert=True,
        ),
        parameters.Str(
            'attrs',
            required=False,
            multivalue=True,
            label=_(u'Attributes to which the permission applies'),
            doc=_(u'Attributes'),
        ),
        parameters.Str(
            'type',
            required=False,
            cli_metavar=
            "['user', 'group', 'host', 'service', 'hostgroup', 'netgroup', 'dnsrecord']",
            label=_(u'Type'),
            doc=
            _(u'type of IPA object (user, group, host, hostgroup, service, netgroup)'
              ),
        ),
        parameters.Str(
            'memberof',
            required=False,
            label=_(u'Member of'),
            doc=_(u'Member of a group'),
        ),
        parameters.Str(
            'filter',
            required=False,
            label=_(u'Filter'),
            doc=_(u'Legal LDAP filter (e.g. ou=Engineering)'),
        ),
        parameters.Str(
            'subtree',
            required=False,
            label=_(u'Subtree'),
            doc=_(u'Subtree to apply ACI to'),
        ),
        parameters.Str(
            'targetgroup',
            required=False,
            label=_(u'Target group'),
            doc=_(u'Group to apply ACI to'),
        ),
        parameters.Bool(
            'selfaci',
            required=False,
            cli_name='self',
            label=_(u'Target your own entry (self)'),
            doc=_(u'Apply ACI to your own entry (self)'),
            default=False,
        ),
        parameters.Str(
            'aciprefix',
            required=False,
            cli_name='prefix',
            cli_metavar="['permission', 'delegation', 'selfservice', 'none']",
            label=_(u'ACI prefix'),
            doc=
            _(u'Prefix used to distinguish ACI types (permission, delegation, selfservice, none)'
              ),
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #16
0
class user_find(Method):
    __doc__ = _("Search for users.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'uid',
            required=False,
            cli_name='login',
            label=_(u'User login'),
            default_from=DefaultFrom(lambda givenname, sn: givenname[0] + sn,
                                     'principal'),
            no_convert=True,
        ),
        parameters.Str(
            'givenname',
            required=False,
            cli_name='first',
            label=_(u'First name'),
        ),
        parameters.Str(
            'sn',
            required=False,
            cli_name='last',
            label=_(u'Last name'),
        ),
        parameters.Str(
            'cn',
            required=False,
            label=_(u'Full name'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
        ),
        parameters.Str(
            'displayname',
            required=False,
            label=_(u'Display name'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
        ),
        parameters.Str(
            'initials',
            required=False,
            label=_(u'Initials'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%c%c' % (givenname[0], sn[0]),
                'principal'),
        ),
        parameters.Str(
            'homedirectory',
            required=False,
            cli_name='homedir',
            label=_(u'Home directory'),
        ),
        parameters.Str(
            'gecos',
            required=False,
            label=_(u'GECOS field'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
        ),
        parameters.Str(
            'loginshell',
            required=False,
            cli_name='shell',
            label=_(u'Login shell'),
        ),
        parameters.Str(
            'krbprincipalname',
            required=False,
            cli_name='principal',
            label=_(u'Kerberos principal'),
            default_from=DefaultFrom(
                lambda uid: '%s@%s' % (uid.lower(), api.env.realm),
                'principal'),
            no_convert=True,
        ),
        parameters.Str(
            'mail',
            required=False,
            multivalue=True,
            cli_name='email',
            label=_(u'Email address'),
        ),
        parameters.Password(
            'userpassword',
            required=False,
            cli_name='password',
            label=_(u'Password'),
            doc=_(u'Prompt to set the user password'),
            exclude=('webui', ),
            confirm=True,
        ),
        parameters.Int(
            'uidnumber',
            required=False,
            cli_name='uid',
            label=_(u'UID'),
            doc=_(u'User ID Number (system will assign one if not provided)'),
            default=999,
        ),
        parameters.Int(
            'gidnumber',
            required=False,
            label=_(u'GID'),
            doc=_(u'Group ID Number'),
            default=999,
        ),
        parameters.Str(
            'street',
            required=False,
            label=_(u'Street address'),
        ),
        parameters.Str(
            'l',
            required=False,
            cli_name='city',
            label=_(u'City'),
        ),
        parameters.Str(
            'st',
            required=False,
            cli_name='state',
            label=_(u'State/Province'),
        ),
        parameters.Str(
            'postalcode',
            required=False,
            label=_(u'ZIP'),
        ),
        parameters.Str(
            'telephonenumber',
            required=False,
            multivalue=True,
            cli_name='phone',
            label=_(u'Telephone Number'),
        ),
        parameters.Str(
            'mobile',
            required=False,
            multivalue=True,
            label=_(u'Mobile Telephone Number'),
        ),
        parameters.Str(
            'pager',
            required=False,
            multivalue=True,
            label=_(u'Pager Number'),
        ),
        parameters.Str(
            'facsimiletelephonenumber',
            required=False,
            multivalue=True,
            cli_name='fax',
            label=_(u'Fax Number'),
        ),
        parameters.Str(
            'ou',
            required=False,
            cli_name='orgunit',
            label=_(u'Org. Unit'),
        ),
        parameters.Str(
            'title',
            required=False,
            label=_(u'Job Title'),
        ),
        parameters.Str(
            'manager',
            required=False,
            label=_(u'Manager'),
        ),
        parameters.Str(
            'carlicense',
            required=False,
            label=_(u'Car License'),
        ),
        parameters.Bool(
            'nsaccountlock',
            required=False,
            label=_(u'Account disabled'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'whoami',
            label=_(u'Self'),
            doc=_(u'Display user record for current Kerberos principal'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("login")'
            ),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'in_group',
            required=False,
            multivalue=True,
            cli_name='in_groups',
            label=_(u'group'),
            doc=_(u'Search for users with these member of groups.'),
        ),
        parameters.Str(
            'not_in_group',
            required=False,
            multivalue=True,
            cli_name='not_in_groups',
            label=_(u'group'),
            doc=_(u'Search for users without these member of groups.'),
        ),
        parameters.Str(
            'in_netgroup',
            required=False,
            multivalue=True,
            cli_name='in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for users with these member of netgroups.'),
        ),
        parameters.Str(
            'not_in_netgroup',
            required=False,
            multivalue=True,
            cli_name='not_in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for users without these member of netgroups.'),
        ),
        parameters.Str(
            'in_role',
            required=False,
            multivalue=True,
            cli_name='in_roles',
            label=_(u'role'),
            doc=_(u'Search for users with these member of roles.'),
        ),
        parameters.Str(
            'not_in_role',
            required=False,
            multivalue=True,
            cli_name='not_in_roles',
            label=_(u'role'),
            doc=_(u'Search for users without these member of roles.'),
        ),
        parameters.Str(
            'in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for users with these member of HBAC rules.'),
        ),
        parameters.Str(
            'not_in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='not_in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for users without these member of HBAC rules.'),
        ),
        parameters.Str(
            'in_sudorule',
            required=False,
            multivalue=True,
            cli_name='in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for users with these member of sudo rules.'),
        ),
        parameters.Str(
            'not_in_sudorule',
            required=False,
            multivalue=True,
            cli_name='not_in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for users without these member of sudo rules.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #17
0
ファイル: vault.py プロジェクト: zz22394/freeipa
class vault_find(Method):
    __doc__ = _("Search for vaults.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Vault name'),
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
            doc=_(u'Vault description'),
        ),
        parameters.Str(
            'ipavaulttype',
            required=False,
            cli_name='type',
            cli_metavar="['standard', 'symmetric', 'asymmetric']",
            label=_(u'Type'),
            doc=_(u'Vault type'),
            default=u'symmetric',
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Str(
            'service',
            required=False,
            doc=_(u'Service name of the service vault'),
            no_convert=True,
        ),
        parameters.Flag(
            'shared',
            required=False,
            doc=_(u'Shared vault'),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'username',
            required=False,
            cli_name='user',
            doc=_(u'Username of the user vault'),
        ),
        parameters.Flag(
            'services',
            required=False,
            doc=_(u'List all service vaults'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'users',
            required=False,
            doc=_(u'List all user vaults'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #18
0
ファイル: trust.py プロジェクト: zz22394/freeipa
class trust_find(Method):
    __doc__ = _("Search for trusts.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='realm',
            label=_(u'Realm name'),
        ),
        parameters.Str(
            'ipantflatname',
            required=False,
            cli_name='flat_name',
            label=_(u'Domain NetBIOS name'),
        ),
        parameters.Str(
            'ipanttrusteddomainsid',
            required=False,
            cli_name='sid',
            label=_(u'Domain Security Identifier'),
        ),
        parameters.Str(
            'ipantsidblacklistincoming',
            required=False,
            multivalue=True,
            cli_name='sid_blacklist_incoming',
            label=_(u'SID blacklist incoming'),
        ),
        parameters.Str(
            'ipantsidblacklistoutgoing',
            required=False,
            multivalue=True,
            cli_name='sid_blacklist_outgoing',
            label=_(u'SID blacklist outgoing'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("realm")'
            ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #19
0
ファイル: selfservice.py プロジェクト: zz22394/freeipa
class selfservice_find(Method):
    __doc__ = _("Search for a self-service permission.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'aciname',
            required=False,
            cli_name='name',
            label=_(u'Self-service name'),
        ),
        parameters.Str(
            'permissions',
            required=False,
            multivalue=True,
            label=_(u'Permissions'),
            doc=_(u'Permissions to grant (read, write). Default is write.'),
        ),
        parameters.Str(
            'attrs',
            required=False,
            multivalue=True,
            label=_(u'Attributes'),
            doc=_(u'Attributes to which the permission applies.'),
            no_convert=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #20
0
class group_find(Method):
    __doc__ = _("Search for groups.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='group_name',
            label=_(u'Group name'),
            no_convert=True,
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
            doc=_(u'Group description'),
        ),
        parameters.Int(
            'gidnumber',
            required=False,
            cli_name='gid',
            label=_(u'GID'),
            doc=_(u'GID (use this option to set it manually)'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'private',
            doc=_(u'search for private groups'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'posix',
            doc=_(u'search for POSIX groups'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'external',
            doc=
            _(u'search for groups with support of external non-IPA members from trusted domains'
              ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'nonposix',
            doc=_(u'search for non-POSIX groups'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=
            _(u'Results should contain primary key attribute only ("group-name")'
              ),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'user',
            required=False,
            multivalue=True,
            cli_name='users',
            label=_(u'user'),
            doc=_(u'Search for groups with these member users.'),
        ),
        parameters.Str(
            'no_user',
            required=False,
            multivalue=True,
            cli_name='no_users',
            label=_(u'user'),
            doc=_(u'Search for groups without these member users.'),
        ),
        parameters.Str(
            'group',
            required=False,
            multivalue=True,
            cli_name='groups',
            label=_(u'group'),
            doc=_(u'Search for groups with these member groups.'),
        ),
        parameters.Str(
            'no_group',
            required=False,
            multivalue=True,
            cli_name='no_groups',
            label=_(u'group'),
            doc=_(u'Search for groups without these member groups.'),
        ),
        parameters.Str(
            'in_group',
            required=False,
            multivalue=True,
            cli_name='in_groups',
            label=_(u'group'),
            doc=_(u'Search for groups with these member of groups.'),
        ),
        parameters.Str(
            'not_in_group',
            required=False,
            multivalue=True,
            cli_name='not_in_groups',
            label=_(u'group'),
            doc=_(u'Search for groups without these member of groups.'),
        ),
        parameters.Str(
            'in_netgroup',
            required=False,
            multivalue=True,
            cli_name='in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for groups with these member of netgroups.'),
        ),
        parameters.Str(
            'not_in_netgroup',
            required=False,
            multivalue=True,
            cli_name='not_in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for groups without these member of netgroups.'),
        ),
        parameters.Str(
            'in_role',
            required=False,
            multivalue=True,
            cli_name='in_roles',
            label=_(u'role'),
            doc=_(u'Search for groups with these member of roles.'),
        ),
        parameters.Str(
            'not_in_role',
            required=False,
            multivalue=True,
            cli_name='not_in_roles',
            label=_(u'role'),
            doc=_(u'Search for groups without these member of roles.'),
        ),
        parameters.Str(
            'in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for groups with these member of HBAC rules.'),
        ),
        parameters.Str(
            'not_in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='not_in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for groups without these member of HBAC rules.'),
        ),
        parameters.Str(
            'in_sudorule',
            required=False,
            multivalue=True,
            cli_name='in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for groups with these member of sudo rules.'),
        ),
        parameters.Str(
            'not_in_sudorule',
            required=False,
            multivalue=True,
            cli_name='not_in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for groups without these member of sudo rules.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #21
0
ファイル: cert.py プロジェクト: zpytela/freeipa
class cert_find(Command):
    __doc__ = _("Search for existing certificates.")

    takes_options = (
        parameters.Str(
            'subject',
            required=False,
            label=_(u'Match cn attribute in subject'),
        ),
        parameters.Int(
            'revocation_reason',
            required=False,
            label=_(u'Reason'),
            doc=_(u'Reason for revoking the certificate (0-10)'),
        ),
        parameters.Int(
            'min_serial_number',
            required=False,
            doc=_(u'minimum serial number'),
        ),
        parameters.Int(
            'max_serial_number',
            required=False,
            doc=_(u'maximum serial number'),
        ),
        parameters.Flag(
            'exactly',
            required=False,
            doc=_(u'match the common name exactly'),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'validnotafter_from',
            required=False,
            doc=_(u'Valid not after from this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'validnotafter_to',
            required=False,
            doc=_(u'Valid not after to this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'validnotbefore_from',
            required=False,
            doc=_(u'Valid not before from this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'validnotbefore_to',
            required=False,
            doc=_(u'Valid not before to this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'issuedon_from',
            required=False,
            doc=_(u'Issued on from this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'issuedon_to',
            required=False,
            doc=_(u'Issued on to this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'revokedon_from',
            required=False,
            doc=_(u'Revoked on from this date (YYYY-mm-dd)'),
        ),
        parameters.Str(
            'revokedon_to',
            required=False,
            doc=_(u'Revoked on to this date (YYYY-mm-dd)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of certs returned'),
            default=100,
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #22
0
ファイル: netgroup.py プロジェクト: zz22394/freeipa
class netgroup_find(Method):
    __doc__ = _("Search for a netgroup.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Netgroup name'),
            no_convert=True,
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
            doc=_(u'Netgroup description'),
        ),
        parameters.Str(
            'nisdomainname',
            required=False,
            cli_name='nisdomain',
            label=_(u'NIS domain name'),
        ),
        parameters.Str(
            'ipauniqueid',
            required=False,
            cli_name='uuid',
            label=_(u'IPA unique ID'),
            doc=_(u'IPA unique ID'),
        ),
        parameters.Str(
            'usercategory',
            required=False,
            cli_name='usercat',
            cli_metavar="['all']",
            label=_(u'User category'),
            doc=_(u'User category the rule applies to'),
        ),
        parameters.Str(
            'hostcategory',
            required=False,
            cli_name='hostcat',
            cli_metavar="['all']",
            label=_(u'Host category'),
            doc=_(u'Host category the rule applies to'),
        ),
        parameters.Str(
            'externalhost',
            required=False,
            multivalue=True,
            label=_(u'External host'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'private',
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'managed',
            doc=_(u'search for managed groups'),
            default=False,
            default_from=DefaultFrom(lambda private: private),
            autofill=True,
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'netgroup',
            required=False,
            multivalue=True,
            cli_name='netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for netgroups with these member netgroups.'),
        ),
        parameters.Str(
            'no_netgroup',
            required=False,
            multivalue=True,
            cli_name='no_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for netgroups without these member netgroups.'),
        ),
        parameters.Str(
            'user',
            required=False,
            multivalue=True,
            cli_name='users',
            label=_(u'user'),
            doc=_(u'Search for netgroups with these member users.'),
        ),
        parameters.Str(
            'no_user',
            required=False,
            multivalue=True,
            cli_name='no_users',
            label=_(u'user'),
            doc=_(u'Search for netgroups without these member users.'),
        ),
        parameters.Str(
            'group',
            required=False,
            multivalue=True,
            cli_name='groups',
            label=_(u'group'),
            doc=_(u'Search for netgroups with these member groups.'),
        ),
        parameters.Str(
            'no_group',
            required=False,
            multivalue=True,
            cli_name='no_groups',
            label=_(u'group'),
            doc=_(u'Search for netgroups without these member groups.'),
        ),
        parameters.Str(
            'host',
            required=False,
            multivalue=True,
            cli_name='hosts',
            label=_(u'host'),
            doc=_(u'Search for netgroups with these member hosts.'),
        ),
        parameters.Str(
            'no_host',
            required=False,
            multivalue=True,
            cli_name='no_hosts',
            label=_(u'host'),
            doc=_(u'Search for netgroups without these member hosts.'),
        ),
        parameters.Str(
            'hostgroup',
            required=False,
            multivalue=True,
            cli_name='hostgroups',
            label=_(u'host group'),
            doc=_(u'Search for netgroups with these member host groups.'),
        ),
        parameters.Str(
            'no_hostgroup',
            required=False,
            multivalue=True,
            cli_name='no_hostgroups',
            label=_(u'host group'),
            doc=_(u'Search for netgroups without these member host groups.'),
        ),
        parameters.Str(
            'in_netgroup',
            required=False,
            multivalue=True,
            cli_name='in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for netgroups with these member of netgroups.'),
        ),
        parameters.Str(
            'not_in_netgroup',
            required=False,
            multivalue=True,
            cli_name='not_in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for netgroups without these member of netgroups.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #23
0
class sudorule_find(Method):
    __doc__ = _("Search for Sudo Rule.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='sudorule_name',
            label=_(u'Rule name'),
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
        ),
        parameters.Bool(
            'ipaenabledflag',
            required=False,
            label=_(u'Enabled'),
            exclude=('cli', 'webui'),
        ),
        parameters.Str(
            'usercategory',
            required=False,
            cli_name='usercat',
            cli_metavar="['all']",
            label=_(u'User category'),
            doc=_(u'User category the rule applies to'),
        ),
        parameters.Str(
            'hostcategory',
            required=False,
            cli_name='hostcat',
            cli_metavar="['all']",
            label=_(u'Host category'),
            doc=_(u'Host category the rule applies to'),
        ),
        parameters.Str(
            'cmdcategory',
            required=False,
            cli_name='cmdcat',
            cli_metavar="['all']",
            label=_(u'Command category'),
            doc=_(u'Command category the rule applies to'),
        ),
        parameters.Str(
            'ipasudorunasusercategory',
            required=False,
            cli_name='runasusercat',
            cli_metavar="['all']",
            label=_(u'RunAs User category'),
            doc=_(u'RunAs User category the rule applies to'),
        ),
        parameters.Str(
            'ipasudorunasgroupcategory',
            required=False,
            cli_name='runasgroupcat',
            cli_metavar="['all']",
            label=_(u'RunAs Group category'),
            doc=_(u'RunAs Group category the rule applies to'),
        ),
        parameters.Int(
            'sudoorder',
            required=False,
            cli_name='order',
            label=_(u'Sudo order'),
            doc=_(u'integer to order the Sudo rules'),
            default=0,
        ),
        parameters.Str(
            'externaluser',
            required=False,
            label=_(u'External User'),
            doc=_(u'External User the rule applies to (sudorule-find only)'),
        ),
        parameters.Str(
            'ipasudorunasextuser',
            required=False,
            cli_name='runasexternaluser',
            label=_(u'RunAs External User'),
            doc=_(
                u'External User the commands can run as (sudorule-find only)'),
        ),
        parameters.Str(
            'ipasudorunasextgroup',
            required=False,
            cli_name='runasexternalgroup',
            label=_(u'RunAs External Group'),
            doc=_(
                u'External Group the commands can run as (sudorule-find only)'
            ),
        ),
        parameters.Str(
            'externalhost',
            required=False,
            multivalue=True,
            label=_(u'External host'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=
            _(u'Results should contain primary key attribute only ("sudorule-name")'
              ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #24
0
class cosentry_find(Method):
    NO_CLI = True

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
        ),
        parameters.DNParam(
            'krbpwdpolicyreference',
            required=False,
        ),
        parameters.Int(
            'cospriority',
            required=False,
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("cn")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #25
0
ファイル: host.py プロジェクト: zz22394/freeipa
class host_find(Method):
    __doc__ = _("Search for hosts.")

    takes_args = (
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'fqdn',
            required=False,
            cli_name='hostname',
            label=_(u'Host name'),
            no_convert=True,
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
            doc=_(u'A description of this host'),
        ),
        parameters.Str(
            'l',
            required=False,
            cli_name='locality',
            label=_(u'Locality'),
            doc=_(u'Host locality (e.g. "Baltimore, MD")'),
        ),
        parameters.Str(
            'nshostlocation',
            required=False,
            cli_name='location',
            label=_(u'Location'),
            doc=_(u'Host location (e.g. "Lab 2")'),
        ),
        parameters.Str(
            'nshardwareplatform',
            required=False,
            cli_name='platform',
            label=_(u'Platform'),
            doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
        ),
        parameters.Str(
            'nsosversion',
            required=False,
            cli_name='os',
            label=_(u'Operating system'),
            doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
        ),
        parameters.Str(
            'userpassword',
            required=False,
            cli_name='password',
            label=_(u'User password'),
            doc=_(u'Password used in bulk enrollment'),
        ),
        parameters.Bytes(
            'usercertificate',
            required=False,
            cli_name='certificate',
            label=_(u'Certificate'),
            doc=_(u'Base-64 encoded server certificate'),
        ),
        parameters.Str(
            'macaddress',
            required=False,
            multivalue=True,
            label=_(u'MAC address'),
            doc=_(u'Hardware MAC address(es) on this host'),
            no_convert=True,
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("hostname")'),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'in_hostgroup',
            required=False,
            multivalue=True,
            cli_name='in_hostgroups',
            label=_(u'host group'),
            doc=_(u'Search for hosts with these member of host groups.'),
        ),
        parameters.Str(
            'not_in_hostgroup',
            required=False,
            multivalue=True,
            cli_name='not_in_hostgroups',
            label=_(u'host group'),
            doc=_(u'Search for hosts without these member of host groups.'),
        ),
        parameters.Str(
            'in_netgroup',
            required=False,
            multivalue=True,
            cli_name='in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for hosts with these member of netgroups.'),
        ),
        parameters.Str(
            'not_in_netgroup',
            required=False,
            multivalue=True,
            cli_name='not_in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for hosts without these member of netgroups.'),
        ),
        parameters.Str(
            'in_role',
            required=False,
            multivalue=True,
            cli_name='in_roles',
            label=_(u'role'),
            doc=_(u'Search for hosts with these member of roles.'),
        ),
        parameters.Str(
            'not_in_role',
            required=False,
            multivalue=True,
            cli_name='not_in_roles',
            label=_(u'role'),
            doc=_(u'Search for hosts without these member of roles.'),
        ),
        parameters.Str(
            'in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for hosts with these member of HBAC rules.'),
        ),
        parameters.Str(
            'not_in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='not_in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for hosts without these member of HBAC rules.'),
        ),
        parameters.Str(
            'in_sudorule',
            required=False,
            multivalue=True,
            cli_name='in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for hosts with these member of sudo rules.'),
        ),
        parameters.Str(
            'not_in_sudorule',
            required=False,
            multivalue=True,
            cli_name='not_in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for hosts without these member of sudo rules.'),
        ),
        parameters.Str(
            'enroll_by_user',
            required=False,
            multivalue=True,
            cli_name='enroll_by_users',
            label=_(u'user'),
            doc=_(u'Search for hosts with these enrolled by users.'),
        ),
        parameters.Str(
            'not_enroll_by_user',
            required=False,
            multivalue=True,
            cli_name='not_enroll_by_users',
            label=_(u'user'),
            doc=_(u'Search for hosts without these enrolled by users.'),
        ),
        parameters.Str(
            'man_by_host',
            required=False,
            multivalue=True,
            cli_name='man_by_hosts',
            label=_(u'host'),
            doc=_(u'Search for hosts with these managed by hosts.'),
        ),
        parameters.Str(
            'not_man_by_host',
            required=False,
            multivalue=True,
            cli_name='not_man_by_hosts',
            label=_(u'host'),
            doc=_(u'Search for hosts without these managed by hosts.'),
        ),
        parameters.Str(
            'man_host',
            required=False,
            multivalue=True,
            cli_name='man_hosts',
            label=_(u'host'),
            doc=_(u'Search for hosts with these managing hosts.'),
        ),
        parameters.Str(
            'not_man_host',
            required=False,
            multivalue=True,
            cli_name='not_man_hosts',
            label=_(u'host'),
            doc=_(u'Search for hosts without these managing hosts.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #26
0
class pwpolicy_find(Method):
    __doc__ = _("Search for group password policies.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='group',
            label=_(u'Group'),
            doc=_(u'Manage password policy for specific group'),
        ),
        parameters.Int(
            'krbmaxpwdlife',
            required=False,
            cli_name='maxlife',
            label=_(u'Max lifetime (days)'),
            doc=_(u'Maximum password lifetime (in days)'),
        ),
        parameters.Int(
            'krbminpwdlife',
            required=False,
            cli_name='minlife',
            label=_(u'Min lifetime (hours)'),
            doc=_(u'Minimum password lifetime (in hours)'),
        ),
        parameters.Int(
            'krbpwdhistorylength',
            required=False,
            cli_name='history',
            label=_(u'History size'),
            doc=_(u'Password history size'),
        ),
        parameters.Int(
            'krbpwdmindiffchars',
            required=False,
            cli_name='minclasses',
            label=_(u'Character classes'),
            doc=_(u'Minimum number of character classes'),
        ),
        parameters.Int(
            'krbpwdminlength',
            required=False,
            cli_name='minlength',
            label=_(u'Min length'),
            doc=_(u'Minimum length of password'),
        ),
        parameters.Int(
            'cospriority',
            required=False,
            cli_name='priority',
            label=_(u'Priority'),
            doc=_(
                u'Priority of the policy (higher number means lower priority'),
        ),
        parameters.Int(
            'krbpwdmaxfailure',
            required=False,
            cli_name='maxfail',
            label=_(u'Max failures'),
            doc=_(u'Consecutive failures before lockout'),
        ),
        parameters.Int(
            'krbpwdfailurecountinterval',
            required=False,
            cli_name='failinterval',
            label=_(u'Failure reset interval'),
            doc=_(u'Period after which failure count will be reset (seconds)'),
        ),
        parameters.Int(
            'krbpwdlockoutduration',
            required=False,
            cli_name='lockouttime',
            label=_(u'Lockout duration'),
            doc=_(u'Period for which lockout is enforced (seconds)'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("group")'
            ),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #27
0
class service_find(Method):
    __doc__ = _("Search for IPA services.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'krbprincipalname',
            required=False,
            cli_name='principal',
            label=_(u'Principal'),
            doc=_(u'Service principal'),
            no_convert=True,
        ),
        parameters.Str(
            'ipakrbauthzdata',
            required=False,
            multivalue=True,
            cli_name='pac_type',
            cli_metavar="['MS-PAC', 'PAD', 'NONE']",
            label=_(u'PAC type'),
            doc=
            _(u"Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service"
              ),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=
            _(u'Results should contain primary key attribute only ("principal")'
              ),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'man_by_host',
            required=False,
            multivalue=True,
            cli_name='man_by_hosts',
            label=_(u'host'),
            doc=_(u'Search for services with these managed by hosts.'),
        ),
        parameters.Str(
            'not_man_by_host',
            required=False,
            multivalue=True,
            cli_name='not_man_by_hosts',
            label=_(u'host'),
            doc=_(u'Search for services without these managed by hosts.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #28
0
class selinuxusermap_find(Method):
    __doc__ = _("Search for SELinux User Maps.")

    takes_args = (
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Rule name'),
        ),
        parameters.Str(
            'ipaselinuxuser',
            required=False,
            cli_name='selinuxuser',
            label=_(u'SELinux User'),
        ),
        parameters.Str(
            'seealso',
            required=False,
            cli_name='hbacrule',
            label=_(u'HBAC Rule'),
            doc=_(u'HBAC Rule that defines the users, groups and hostgroups'),
        ),
        parameters.Str(
            'usercategory',
            required=False,
            cli_name='usercat',
            cli_metavar="['all']",
            label=_(u'User category'),
            doc=_(u'User category the rule applies to'),
        ),
        parameters.Str(
            'hostcategory',
            required=False,
            cli_name='hostcat',
            cli_metavar="['all']",
            label=_(u'Host category'),
            doc=_(u'Host category the rule applies to'),
        ),
        parameters.Str(
            'description',
            required=False,
            cli_name='desc',
            label=_(u'Description'),
        ),
        parameters.Bool(
            'ipaenabledflag',
            required=False,
            label=_(u'Enabled'),
            exclude=('cli', 'webui'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #29
0
class topologysuffix_find(Method):
    __doc__ = _("Search for topology suffixes.")

    takes_args = (
        parameters.Str(
            'criteria',
            required=False,
            doc=_(u'A string searched in all relevant object attributes'),
        ),
    )
    takes_options = (
        parameters.Str(
            'cn',
            required=False,
            cli_name='name',
            label=_(u'Suffix name'),
        ),
        parameters.DNParam(
            'iparepltopoconfroot',
            required=False,
            cli_name='suffix_dn',
            label=_(u'Managed LDAP suffix DN'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=_(u'Print entries as stored on the server. Only affects output format.'),
            exclude=('webui',),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(u'Results should contain primary key attribute only ("name")'),
            default=False,
            autofill=True,
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries(
            'result',
        ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )
コード例 #30
0
class stageuser_find(Method):
    __doc__ = _("Search for stage users.")

    takes_args = (parameters.Str(
        'criteria',
        required=False,
        doc=_(u'A string searched in all relevant object attributes'),
    ), )
    takes_options = (
        parameters.Str(
            'uid',
            required=False,
            cli_name='login',
            label=_(u'User login'),
            default_from=DefaultFrom(lambda givenname, sn: givenname[0] + sn,
                                     'principal'),
            no_convert=True,
        ),
        parameters.Str(
            'givenname',
            required=False,
            cli_name='first',
            label=_(u'First name'),
        ),
        parameters.Str(
            'sn',
            required=False,
            cli_name='last',
            label=_(u'Last name'),
        ),
        parameters.Str(
            'cn',
            required=False,
            label=_(u'Full name'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
        ),
        parameters.Str(
            'displayname',
            required=False,
            label=_(u'Display name'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
        ),
        parameters.Str(
            'initials',
            required=False,
            label=_(u'Initials'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%c%c' % (givenname[0], sn[0]),
                'principal'),
        ),
        parameters.Str(
            'homedirectory',
            required=False,
            cli_name='homedir',
            label=_(u'Home directory'),
        ),
        parameters.Str(
            'gecos',
            required=False,
            label=_(u'GECOS'),
            default_from=DefaultFrom(
                lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
        ),
        parameters.Str(
            'loginshell',
            required=False,
            cli_name='shell',
            label=_(u'Login shell'),
        ),
        parameters.Str(
            'krbprincipalname',
            required=False,
            cli_name='principal',
            label=_(u'Kerberos principal'),
            default_from=DefaultFrom(
                lambda uid: '%s@%s' % (uid.lower(), api.env.realm),
                'principal'),
            no_convert=True,
        ),
        parameters.DateTime(
            'krbprincipalexpiration',
            required=False,
            cli_name='principal_expiration',
            label=_(u'Kerberos principal expiration'),
        ),
        parameters.Str(
            'mail',
            required=False,
            multivalue=True,
            cli_name='email',
            label=_(u'Email address'),
        ),
        parameters.Password(
            'userpassword',
            required=False,
            cli_name='password',
            label=_(u'Password'),
            doc=_(u'Prompt to set the user password'),
            exclude=('webui', ),
            confirm=True,
        ),
        parameters.Int(
            'uidnumber',
            required=False,
            cli_name='uid',
            label=_(u'UID'),
            doc=_(u'User ID Number (system will assign one if not provided)'),
        ),
        parameters.Int(
            'gidnumber',
            required=False,
            label=_(u'GID'),
            doc=_(u'Group ID Number'),
        ),
        parameters.Str(
            'street',
            required=False,
            label=_(u'Street address'),
        ),
        parameters.Str(
            'l',
            required=False,
            cli_name='city',
            label=_(u'City'),
        ),
        parameters.Str(
            'st',
            required=False,
            cli_name='state',
            label=_(u'State/Province'),
        ),
        parameters.Str(
            'postalcode',
            required=False,
            label=_(u'ZIP'),
        ),
        parameters.Str(
            'telephonenumber',
            required=False,
            multivalue=True,
            cli_name='phone',
            label=_(u'Telephone Number'),
        ),
        parameters.Str(
            'mobile',
            required=False,
            multivalue=True,
            label=_(u'Mobile Telephone Number'),
        ),
        parameters.Str(
            'pager',
            required=False,
            multivalue=True,
            label=_(u'Pager Number'),
        ),
        parameters.Str(
            'facsimiletelephonenumber',
            required=False,
            multivalue=True,
            cli_name='fax',
            label=_(u'Fax Number'),
        ),
        parameters.Str(
            'ou',
            required=False,
            cli_name='orgunit',
            label=_(u'Org. Unit'),
        ),
        parameters.Str(
            'title',
            required=False,
            label=_(u'Job Title'),
        ),
        parameters.Str(
            'manager',
            required=False,
            label=_(u'Manager'),
        ),
        parameters.Str(
            'carlicense',
            required=False,
            multivalue=True,
            label=_(u'Car License'),
        ),
        parameters.Str(
            'ipauserauthtype',
            required=False,
            multivalue=True,
            cli_name='user_auth_type',
            cli_metavar="['password', 'radius', 'otp']",
            label=_(u'User authentication types'),
            doc=_(u'Types of supported user authentication'),
        ),
        parameters.Str(
            'userclass',
            required=False,
            multivalue=True,
            cli_name='class',
            label=_(u'Class'),
            doc=
            _(u'User category (semantics placed on this attribute are for local interpretation)'
              ),
        ),
        parameters.Str(
            'ipatokenradiusconfiglink',
            required=False,
            cli_name='radius',
            label=_(u'RADIUS proxy configuration'),
        ),
        parameters.Str(
            'ipatokenradiususername',
            required=False,
            cli_name='radius_username',
            label=_(u'RADIUS proxy username'),
        ),
        parameters.Str(
            'departmentnumber',
            required=False,
            multivalue=True,
            label=_(u'Department Number'),
        ),
        parameters.Str(
            'employeenumber',
            required=False,
            label=_(u'Employee Number'),
        ),
        parameters.Str(
            'employeetype',
            required=False,
            label=_(u'Employee Type'),
        ),
        parameters.Str(
            'preferredlanguage',
            required=False,
            label=_(u'Preferred Language'),
        ),
        parameters.Bytes(
            'usercertificate',
            required=False,
            multivalue=True,
            cli_name='certificate',
            label=_(u'Certificate'),
            doc=_(u'Base-64 encoded server certificate'),
        ),
        parameters.Int(
            'timelimit',
            required=False,
            label=_(u'Time Limit'),
            doc=_(u'Time limit of search in seconds (0 is unlimited)'),
        ),
        parameters.Int(
            'sizelimit',
            required=False,
            label=_(u'Size Limit'),
            doc=_(u'Maximum number of entries returned (0 is unlimited)'),
        ),
        parameters.Flag(
            'all',
            doc=
            _(u'Retrieve and print all attributes from the server. Affects command output.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'raw',
            doc=
            _(u'Print entries as stored on the server. Only affects output format.'
              ),
            exclude=('webui', ),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'no_members',
            doc=_(u'Suppress processing of membership attributes.'),
            exclude=('webui', 'cli'),
            default=False,
            autofill=True,
        ),
        parameters.Flag(
            'pkey_only',
            required=False,
            label=_(u'Primary key only'),
            doc=_(
                u'Results should contain primary key attribute only ("login")'
            ),
            default=False,
            autofill=True,
        ),
        parameters.Str(
            'in_group',
            required=False,
            multivalue=True,
            cli_name='in_groups',
            label=_(u'group'),
            doc=_(u'Search for stage users with these member of groups.'),
        ),
        parameters.Str(
            'not_in_group',
            required=False,
            multivalue=True,
            cli_name='not_in_groups',
            label=_(u'group'),
            doc=_(u'Search for stage users without these member of groups.'),
        ),
        parameters.Str(
            'in_netgroup',
            required=False,
            multivalue=True,
            cli_name='in_netgroups',
            label=_(u'netgroup'),
            doc=_(u'Search for stage users with these member of netgroups.'),
        ),
        parameters.Str(
            'not_in_netgroup',
            required=False,
            multivalue=True,
            cli_name='not_in_netgroups',
            label=_(u'netgroup'),
            doc=_(
                u'Search for stage users without these member of netgroups.'),
        ),
        parameters.Str(
            'in_role',
            required=False,
            multivalue=True,
            cli_name='in_roles',
            label=_(u'role'),
            doc=_(u'Search for stage users with these member of roles.'),
        ),
        parameters.Str(
            'not_in_role',
            required=False,
            multivalue=True,
            cli_name='not_in_roles',
            label=_(u'role'),
            doc=_(u'Search for stage users without these member of roles.'),
        ),
        parameters.Str(
            'in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(u'Search for stage users with these member of HBAC rules.'),
        ),
        parameters.Str(
            'not_in_hbacrule',
            required=False,
            multivalue=True,
            cli_name='not_in_hbacrules',
            label=_(u'HBAC rule'),
            doc=_(
                u'Search for stage users without these member of HBAC rules.'),
        ),
        parameters.Str(
            'in_sudorule',
            required=False,
            multivalue=True,
            cli_name='in_sudorules',
            label=_(u'sudo rule'),
            doc=_(u'Search for stage users with these member of sudo rules.'),
        ),
        parameters.Str(
            'not_in_sudorule',
            required=False,
            multivalue=True,
            cli_name='not_in_sudorules',
            label=_(u'sudo rule'),
            doc=_(
                u'Search for stage users without these member of sudo rules.'),
        ),
    )
    has_output = (
        output.Output(
            'summary',
            (unicode, type(None)),
            doc=_(u'User-friendly description of action performed'),
        ),
        output.ListOfEntries('result', ),
        output.Output(
            'count',
            int,
            doc=_(u'Number of entries returned'),
        ),
        output.Output(
            'truncated',
            bool,
            doc=_(u'True if not all results were returned'),
        ),
    )