ipaserver.plugins.servicedelegation.servicedelegationtarget_del

class ipaserver.plugins.servicedelegation.servicedelegationtarget_del(api)[source]

Bases: ipaserver.plugins.baseldap.LDAPDelete

Public Data Attributes:

msg_summary

Inherited from LDAPDelete

has_output

has_output_params

subtree_delete

Inherited from LDAPMultiQuery

takes_options

Inherited from BaseLDAPCommand

setattr_option

addattr_option

delattr_option

callback_types

Inherited from Method

extra_options_first

extra_args_first

Inherited from Attribute

obj_version

obj_name

obj_full_name

attr_name

obj

Inherited from Command

takes_options

takes_args

obj

use_output_validation

has_output

has_output_params

internal_options

msg_summary

msg_truncated

callback_types

api_version

topic

forwarded_name

json_friendly_attributes

Inherited from HasParam

NO_CLI

context

Inherited from Plugin

version

name

full_name

bases

doc

summary

api

Return API instance passed to __init__().

env

Backend

Command

Public Methods:

pre_callback(ldap, dn, *keys, **options)

Inherited from LDAPDelete

execute(*keys, **options)

Perform the actual work this command does.

pre_callback(ldap, dn, *keys, **options)

post_callback(ldap, dn, *keys, **options)

exc_callback(keys, options, exc, call_func, ...)

Inherited from LDAPMultiQuery

get_args()

Iterate through parameters for Command.args namespace.

Inherited from LDAPQuery

get_args()

Iterate through parameters for Command.args namespace.

Inherited from BaseLDAPCommand

get_summary_default(output)

process_attr_options(entry_attrs, dn, keys, ...)

Process all --setattr, --addattr, and --delattr options and add the resulting value to the list of attributes.

register_pre_callback(callback[, first])

Shortcut for register_callback('pre', ...)

register_post_callback(callback[, first])

Shortcut for register_callback('post', ...)

register_exc_callback(callback[, first])

Shortcut for register_callback('exc', ...)

get_options()

Iterate through parameters for Command.options namespace.

Inherited from PKQuery

get_args()

Iterate through parameters for Command.args namespace.

Inherited from Method

get_output_params()

Inherited from Command

args

options

params

params_by_default

output

output_params

__call__(*args, **options)

Perform validation and then execute the command.

add_message(message)

args_options_2_params(*args, **options)

Merge (args, options) into params.

args_options_2_entry(*args, **options)

Creates a LDAP entry from attributes in args and options.

params_2_args_options(**params)

Split params into (args, options).

prompt_param(param[, default, optional, kw, ...])

Prompts the user for the value of given parameter.

normalize(**kw)

Return a dictionary of normalized values.

convert(**kw)

Return a dictionary of values converted to correct type.

get_default([_params])

Return a dictionary of defaults for all missing required values.

get_default_of(_name, **kw)

Return default value for parameter _name.

validate(**kw)

Validate all values.

verify_client_version(client_version)

Compare the version the client provided to the version of the server.

run(*args, **options)

Dispatch to Command.execute or Command.forward.

execute(*keys, **options)

Perform the actual work this command does.

forward(*args, **kw)

Forward call over RPC to this same command on server.

get_args()

Iterate through parameters for Command.args namespace.

check_args(args)

Sanity test for args namespace.

get_options()

Iterate through parameters for Command.options namespace.

validate_output(output[, version])

Validate the return value to make sure it meets the interface contract.

get_output_params()

get_summary_default(output)

log_messages(output)

output_for_cli(textui, output, *args, **options)

Generic output method.

__json__()

get_callbacks(callback_type)

Yield callbacks of the given type

register_callback(callback_type, callback[, ...])

Register a callback

register_interactive_prompt_callback(callback)

Shortcut for register_callback('interactive_prompt', ...)

interactive_prompt_callback(kw)

Inherited from Plugin

__init__(api)

finalize()

Finalize plugin initialization.

ensure_finalized()

Finalize plugin initialization if it has not yet been finalized.

__repr__()

Return 'module_name.class_name()' representation.

Inherited from ReadOnly

__lock__()

Put this instance into a read-only state.

__islocked__()

Return True if instance is locked, otherwise False.

__setattr__(name, value)

If unlocked, set attribute named name to value.

__delattr__(name)

If unlocked, delete attribute named name.

Private Data Attributes:

Inherited from BaseLDAPCommand

_signature

Inherited from PKQuery

_signature

Inherited from Method

_signature

Inherited from Command

_signature

Inherited from ReadOnly

_ReadOnly__locked

Private Methods:

Inherited from BaseLDAPCommand

_convert_2_dict(ldap, attrs)

Convert a string in the form of name/value pairs into a dictionary.

_exc_wrapper(keys, options, call_func)

Function wrapper that automatically calls exception callbacks

Inherited from Command

_Command__topic_getter()

_Command__do_call(*args, **options)

_repr_iter(**params)

Iterate through repr() of safe values of args and options.

_Command__args_2_params(values)

_Command__options_2_params(options)

_Command__attributes_2_entry(kw)

_Command__params_2_options(params)

_Command__get_default_iter(params, kw)

Generator method used by Command.get_default and Command.get_default_of.

_on_finalize()

Finalize plugin initialization.

_iter_output()

Inherited from HasParam

_get_param_iterable(name[, verb])

Return an iterable of params defined by the attribute named name.

_filter_param_by_context(name[, env])

Filter params on attribute named name by environment env.

_create_param_namespace(name[, env])

Inherited from Plugin

_Plugin__name_getter()

_Plugin__full_name_getter()

_Plugin__bases_getter()

_Plugin__doc_getter()

_Plugin__summary_getter()

_on_finalize()

Finalize plugin initialization.


property Backend
property Command
NO_CLI = False
__annotations__ = {}
__call__(*args, **options)

Perform validation and then execute the command.

If not in a server context, the call will be forwarded over XML-RPC and the executed an the nearest IPA server.

__delattr__(name)

If unlocked, delete attribute named name.

If this instance is locked, an AttributeError will be raised.

Parameters

name – Name of attribute to delete.

__dict__ = mappingproxy({'__module__': 'ipaserver.plugins.servicedelegation', '__doc__': Gettext('Delete service delegation target.', domain='ipa', localedir=None), 'msg_summary': Gettext('Deleted service delegation target "%(value)s"', domain='ipa', localedir=None), 'pre_callback': <function servicedelegationtarget_del.pre_callback>, '__annotations__': {}})
__init__(api)
__islocked__()

Return True if instance is locked, otherwise False.

__json__()
__lock__()

Put this instance into a read-only state.

After the instance has been locked, attempting to set or delete an attribute will raise an AttributeError.

__module__ = 'ipaserver.plugins.servicedelegation'
__repr__()

Return ‘module_name.class_name()’ representation.

This representation could be used to instantiate this Plugin instance given the appropriate environment.

__setattr__(name, value)

If unlocked, set attribute named name to value.

If this instance is locked, an AttributeError will be raised.

Parameters
  • name – Name of attribute to set.

  • value – Value to assign to attribute.

__signature__ = None
__weakref__

list of weak references to the object (if defined)

_convert_2_dict(ldap, attrs)

Convert a string in the form of name/value pairs into a dictionary.

Parameters

attrs – A list of name/value pair strings, in the “name=value” format. May also be a single string, or None.

_create_param_namespace(name, env=None)
_exc_wrapper(keys, options, call_func)

Function wrapper that automatically calls exception callbacks

_filter_param_by_context(name, env=None)

Filter params on attribute named name by environment env.

For example:

>>> from ipalib.config import Env
>>> class Example(HasParam):
...
...     takes_args = (
...         Str('foo_only', include=['foo']),
...         Str('not_bar', exclude=['bar']),
...         'both',
...     )
...
...     def get_args(self):
...         return self._get_param_iterable('args')
...
...
>>> eg = Example()
>>> foo = Env(context='foo')
>>> bar = Env(context='bar')
>>> another = Env(context='another')
>>> (foo.context, bar.context, another.context)
(u'foo', u'bar', u'another')
>>> list(eg._filter_param_by_context('args', foo))
[Str('foo_only', include=['foo']), Str('not_bar', exclude=['bar']), Str('both')]
>>> list(eg._filter_param_by_context('args', bar))
[Str('both')]
>>> list(eg._filter_param_by_context('args', another))
[Str('not_bar', exclude=['bar']), Str('both')]
_get_param_iterable(name, verb='takes')

Return an iterable of params defined by the attribute named name.

A sequence of params can be defined one of three ways: as a tuple; as a callable that returns an iterable; or as a param spec (a Param or str instance). This method returns a uniform iterable regardless of how the param sequence was defined.

For example, when defined with a tuple:

>>> class ByTuple(HasParam):
...     takes_args = (Param('foo'), Param('bar'))
...
>>> by_tuple = ByTuple()
>>> list(by_tuple._get_param_iterable('args'))
[Param('foo'), Param('bar')]

Or you can define your param sequence with a callable when you need to reference attributes on your plugin instance (for validation rules, etc.). For example:

>>> class ByCallable(HasParam):
...     def takes_args(self):
...         yield Param('foo', self.validate_foo)
...         yield Param('bar', self.validate_bar)
...
...     def validate_foo(self, _, value, **kw):
...         if value != 'Foo':
...             return _("must be 'Foo'")
...
...     def validate_bar(self, _, value, **kw):
...         if value != 'Bar':
...             return _("must be 'Bar'")
...
>>> by_callable = ByCallable()
>>> list(by_callable._get_param_iterable('args'))
[Param('foo', validate_foo), Param('bar', validate_bar)]

Lastly, as a convenience for when a param sequence contains a single param, your defining attribute may a param spec (either a Param or an str instance). For example:

>>> class BySpec(HasParam):
...     takes_args = Param('foo')
...     takes_options = 'bar?'
...
>>> by_spec = BySpec()
>>> list(by_spec._get_param_iterable('args'))
[Param('foo')]
>>> list(by_spec._get_param_iterable('options'))
['bar?']

For information on how an str param spec is interpreted, see the create_param() and parse_param_spec() functions in the ipalib.parameters module.

Also see HasParam._filter_param_by_context().

_iter_output()
_on_finalize()

Finalize plugin initialization.

This method creates the args, options, and params namespaces. This is not done in Command.__init__ because subclasses (like crud.Add) might need to access other plugins loaded in self.api to determine what their custom Command.get_args and Command.get_options methods should yield.

_repr_iter(**params)

Iterate through repr() of safe values of args and options.

This method uses parameters.Param.safe_value() to mask passwords when logging. Logging the exact call is extremely useful, but we obviously don’t want to log the cleartext password.

For example:

>>> class my_cmd(Command):
...     takes_args = ('login',)
...     takes_options=(Password('passwd'),)
...
>>> c = my_cmd()
>>> c.finalize()
>>> list(c._repr_iter(login=u'Okay.', passwd=u'Private!'))
["u'Okay.'", "passwd=u'********'"]
_signature = None
add_message(message)
addattr_option = Str('addattr*', validate_add_attribute, cli_name='addattr', doc=Gettext('Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.', domain='ipa', localedir=None), exclude=[u'webui'])
property api

Return API instance passed to __init__().

api_version = '2.249'
args = None
args_options_2_entry(*args, **options)

Creates a LDAP entry from attributes in args and options.

args_options_2_params(*args, **options)

Merge (args, options) into params.

property attr_name
bases = (<class 'ipaserver.plugins.baseldap.LDAPDelete'>,)
callback_types = ('interactive_prompt', 'pre', 'post', 'exc')
check_args(args)

Sanity test for args namespace.

This method gets called by HasParam._create_param_namespace().

property context
convert(**kw)

Return a dictionary of values converted to correct type.

>>> from ipalib import Int
>>> class my_command(Command):
...     takes_args = (
...         Int('one'),
...         'two',
...     )
...
>>> c = my_command()
>>> c.finalize()
>>> c.convert(one=1, two=2)
{'two': u'2', 'one': 1}
delattr_option = Str('delattr*', validate_del_attribute, cli_name='delattr', doc=Gettext('Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.', domain='ipa', localedir=None), exclude=[u'webui'])
doc = Gettext('Delete service delegation target.', domain='ipa', localedir=None)
ensure_finalized()

Finalize plugin initialization if it has not yet been finalized.

property env
exc_callback(keys, options, exc, call_func, *call_args, **call_kwargs)
execute(*keys, **options)

Perform the actual work this command does.

This method should be implemented only against functionality in self.api.Backend. For example, a hypothetical user_add.execute() might be implemented like this:

>>> class user_add(Command):
...     def execute(self, **kw):
...         return self.api.Backend.ldap.add(**kw)
...
extra_args_first = False
extra_options_first = False
finalize()

Finalize plugin initialization.

This method calls _on_finalize() and locks the plugin object.

Subclasses should not override this method. Custom finalization is done in _on_finalize().

class finalize_attr(name, value=None)

Bases: object

Create a stub object for plugin attribute that isn’t set until the finalization of the plugin initialization.

When the stub object is accessed, it calls ensure_finalized() to make sure the plugin initialization is finalized. The stub object is expected to be replaced with the actual attribute value during the finalization (preferably in _on_finalize()), otherwise an AttributeError is raised.

This is used to implement on-demand finalization of plugin initialization.

__annotations__ = {}
__get__(obj, cls)
__init__(name, value=None)
__module__ = 'ipalib.plugable'
__slots__ = ('name', 'value')
name
value
forward(*args, **kw)

Forward call over RPC to this same command on server.

property forwarded_name
full_name = 'servicedelegationtarget_del/1'
get_args()

Iterate through parameters for Command.args namespace.

This method gets called by HasParam._create_param_namespace().

Subclasses can override this to customize how the arguments are determined. For an example of why this can be useful, see the ipalib.crud.Create subclass.

classmethod get_callbacks(callback_type)

Yield callbacks of the given type

get_default(_params=None, **kw)

Return a dictionary of defaults for all missing required values.

For example:

>>> from ipalib import Str
>>> class my_command(Command):
...     takes_args = Str('color', default=u'Red')
...
>>> c = my_command()
>>> c.finalize()
>>> c.get_default()
{'color': u'Red'}
>>> c.get_default(color=u'Yellow')
{}
get_default_of(_name, **kw)

Return default value for parameter _name.

get_options()

Iterate through parameters for Command.options namespace.

This method gets called by HasParam._create_param_namespace().

For commands that return entries two special options are generated: –all makes the command retrieve/display all attributes –raw makes the command display attributes as they are stored

Subclasses can override this to customize how the arguments are determined. For an example of why this can be useful, see the ipalib.crud.Create subclass.

get_output_params()
get_summary_default(output)
has_output = (Output('summary', type=[<type 'unicode'>, <type 'NoneType'>], doc=Gettext('User-friendly description of action performed', domain='ipa', localedir=None)), Output('result', type=[<type 'dict'>], doc=Gettext('List of deletions that failed', domain='ipa', localedir=None)), ListOfPrimaryKeys('value', flags=['no_display']))
has_output_params = (Flag('has_password', autofill=True, default=False, label=Gettext('Password', domain='ipa', localedir=None)), Str('member', label=Gettext('Failed members', domain='ipa', localedir=None)), Str('member_user?', label=Gettext('Member users', domain='ipa', localedir=None)), Str('member_group?', label=Gettext('Member groups', domain='ipa', localedir=None)), Str('memberof_group?', label=Gettext('Member of groups', domain='ipa', localedir=None)), Str('member_host?', label=Gettext('Member hosts', domain='ipa', localedir=None)), Str('member_hostgroup?', label=Gettext('Member host-groups', domain='ipa', localedir=None)), Str('memberof_hostgroup?', label=Gettext('Member of host-groups', domain='ipa', localedir=None)), Str('memberof_permission?', label=Gettext('Permissions', domain='ipa', localedir=None)), Str('memberof_privilege?', label=u'Privileges'), Str('memberof_role?', label=Gettext('Roles', domain='ipa', localedir=None)), Str('memberof_sudocmdgroup?', label=Gettext('Sudo Command Groups', domain='ipa', localedir=None)), Str('member_privilege?', label=u'Granted to Privilege'), Str('member_role?', label=Gettext('Granting privilege to roles', domain='ipa', localedir=None)), Str('member_netgroup?', label=Gettext('Member netgroups', domain='ipa', localedir=None)), Str('memberof_netgroup?', label=Gettext('Member of netgroups', domain='ipa', localedir=None)), Str('member_service?', label=Gettext('Member services', domain='ipa', localedir=None)), Str('member_servicegroup?', label=Gettext('Member service groups', domain='ipa', localedir=None)), Str('memberof_servicegroup?', label=u'Member of service groups'), Str('member_hbacsvc?', label=Gettext('Member HBAC service', domain='ipa', localedir=None)), Str('member_hbacsvcgroup?', label=Gettext('Member HBAC service groups', domain='ipa', localedir=None)), Str('memberof_hbacsvcgroup?', label=u'Member of HBAC service groups'), Str('member_sudocmd?', label=u'Member Sudo commands'), Str('memberof_sudorule?', label=u'Member of Sudo rule'), Str('memberof_hbacrule?', label=u'Member of HBAC rule'), Str('memberof_subid?', label=u'Subordinate ids'), Str('member_idoverrideuser?', label=Gettext('Member ID user overrides', domain='ipa', localedir=None)), Str('memberindirect_idoverrideuser?', label=Gettext('Indirect Member ID user overrides', domain='ipa', localedir=None)), Str('memberindirect_user?', label=Gettext('Indirect Member users', domain='ipa', localedir=None)), Str('memberindirect_group?', label=Gettext('Indirect Member groups', domain='ipa', localedir=None)), Str('memberindirect_host?', label=Gettext('Indirect Member hosts', domain='ipa', localedir=None)), Str('memberindirect_hostgroup?', label=Gettext('Indirect Member host-groups', domain='ipa', localedir=None)), Str('memberindirect_role?', label=Gettext('Indirect Member of roles', domain='ipa', localedir=None)), Str('memberindirect_permission?', label=Gettext('Indirect Member permissions', domain='ipa', localedir=None)), Str('memberindirect_hbacsvc?', label=Gettext('Indirect Member HBAC service', domain='ipa', localedir=None)), Str('memberindirect_hbacsvcgrp?', label=Gettext('Indirect Member HBAC service group', domain='ipa', localedir=None)), Str('memberindirect_netgroup?', label=Gettext('Indirect Member netgroups', domain='ipa', localedir=None)), Str('memberofindirect_group?', label=u'Indirect Member of group'), Str('memberofindirect_netgroup?', label=u'Indirect Member of netgroup'), Str('memberofindirect_hostgroup?', label=u'Indirect Member of host-group'), Str('memberofindirect_role?', label=u'Indirect Member of role'), Str('memberofindirect_sudorule?', label=u'Indirect Member of Sudo rule'), Str('memberofindirect_hbacrule?', label=u'Indirect Member of HBAC rule'), Str('sourcehost', label=Gettext('Failed source hosts/hostgroups', domain='ipa', localedir=None)), Str('memberhost', label=Gettext('Failed hosts/hostgroups', domain='ipa', localedir=None)), Str('memberuser', label=Gettext('Failed users/groups', domain='ipa', localedir=None)), Str('memberservice', label=Gettext('Failed service/service groups', domain='ipa', localedir=None)), Str('failed', flags=[u'suppress_empty'], label=Gettext('Failed to remove', domain='ipa', localedir=None)), Str('ipasudorunas', label=Gettext('Failed RunAs', domain='ipa', localedir=None)), Str('ipasudorunasgroup', label=Gettext('Failed RunAsGroup', domain='ipa', localedir=None)))
interactive_prompt_callback(kw)
internal_options = ()
json_friendly_attributes = ('name', 'doc', 'NO_CLI')
log_messages(output)
msg_summary = Gettext('Deleted service delegation target "%(value)s"', domain='ipa', localedir=None)
msg_truncated = Gettext('Results are truncated, try a more specific search', domain='ipa', localedir=None)
name = 'servicedelegationtarget_del'
normalize(**kw)

Return a dictionary of normalized values.

For example:

>>> class my_command(Command):
...     takes_options = (
...         Param('first', normalizer=lambda value: value.lower()),
...         Param('last'),
...     )
...
>>> c = my_command()
>>> c.finalize()
>>> c.normalize(first=u'JOHN', last=u'DOE')
{'last': u'DOE', 'first': u'john'}
property obj
property obj_full_name
property obj_name
obj_version = '1'
options = None
output = None
output_for_cli(textui, output, *args, **options)

Generic output method. Prints values the output argument according to their type and self.output.

Entry attributes are labeled and printed in the order specified in self.output_params. Attributes that aren’t present in self.output_params are not printed unless the command was invokend with the –all option. Attribute labelling is disabled if the –raw option was given.

Subclasses can override this method, if custom output is needed.

output_params = None
params = None
params_2_args_options(**params)

Split params into (args, options).

params_by_default = None
post_callback(ldap, dn, *keys, **options)
pre_callback(ldap, dn, *keys, **options)[source]
process_attr_options(entry_attrs, dn, keys, options)

Process all –setattr, –addattr, and –delattr options and add the resulting value to the list of attributes. –setattr is processed first, then –addattr and finally –delattr.

When –setattr is not used then the original LDAP object is looked up (of course, not when dn is None) and the changes are applied to old object values.

Attribute values deleted by –delattr may be deleted from attribute values set or added by –setattr, –addattr. For example, the following attributes will result in a NOOP:

–addattr=attribute=foo –delattr=attribute=foo

AttrValueNotFound exception may be raised when an attribute value was not found either by –setattr and –addattr nor in existing LDAP object.

Parameters
  • entry_attrs – A list of attributes that will be updated

  • dn – dn of updated LDAP object or None if a new object is created

  • keys – List of command arguments

  • options – List of options

prompt_param(param, default=None, optional=False, kw={}, label=None)

Prompts the user for the value of given parameter.

Returns the parameter instance.

classmethod register_callback(callback_type, callback, first=False)

Register a callback

Parameters
  • callback_type – The callback type (e.g. ‘pre’, ‘post’)

  • callback – The callable added

  • first – If true, the new callback will be added before all existing callbacks; otherwise it’s added after them

Note that callbacks registered this way will be attached to this class only, not to its subclasses.

classmethod register_exc_callback(callback, first=False)

Shortcut for register_callback(‘exc’, …)

classmethod register_interactive_prompt_callback(callback, first=False)

Shortcut for register_callback(‘interactive_prompt’, …)

classmethod register_post_callback(callback, first=False)

Shortcut for register_callback(‘post’, …)

classmethod register_pre_callback(callback, first=False)

Shortcut for register_callback(‘pre’, …)

run(*args, **options)

Dispatch to Command.execute or Command.forward.

If running in a server context, Command.execute is called and the actually work this command performs is executed locally.

If running in a non-server context, Command.forward is called, which forwards this call over RPC to the exact same command on the nearest IPA server and the actual work this command performs is executed remotely.

setattr_option = Str('setattr*', validate_set_attribute, cli_name='setattr', doc=Gettext('Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.', domain='ipa', localedir=None), exclude=[u'webui'])
subtree_delete = True
summary = 'Delete service delegation target.'
takes_args = ()
takes_options = (Flag('continue', autofill=True, cli_name='continue', default=False, doc=Gettext("Continuous mode: Don't stop on errors.", domain='ipa', localedir=None)),)
topic = 'servicedelegation'
use_output_validation = True
validate(**kw)

Validate all values.

If any value fails the validation, ipalib.errors.ValidationError (or a subclass thereof) will be raised.

validate_output(output, version='2.249')

Validate the return value to make sure it meets the interface contract.

verify_client_version(client_version)

Compare the version the client provided to the version of the server.

If the client major version does not match then return an error. If the client minor version is less than or equal to the server then let the request proceed.

version = '1'