Univention Bugzilla – Attachment 3542 Details for
Bug 23746
sambaPrivileges Syntax
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
samba_priv_2.4-3.patch
samba_priv_2.4-3.patch (text/plain), 12.49 KB, created by
Stefan Gohmann
on 2011-09-21 16:40 CEST
(
hide
)
Description:
samba_priv_2.4-3.patch
Filename:
MIME Type:
Creator:
Stefan Gohmann
Created:
2011-09-21 16:40 CEST
Size:
12.49 KB
patch
obsolete
>--- management/univention-directory-manager-modules/modules/univention/admin/handlers/groups/group.py (.../release-ucs-2.4-2/ucs) (Revision 27072) >+++ management/univention-directory-manager-modules/modules/univention/admin/handlers/groups/group.py (.../release-ucs-2.4-3) (Revision 27072) >@@ -109,6 +109,17 @@ > default=('2',[]), > options=['samba'] > ), >+ 'sambaPrivileges': univention.admin.property( >+ short_description=_('Samba privileges'), >+ long_description=('Manage samba privileges'), >+ syntax=univention.admin.syntax.sambaPrivileges, >+ multivalue=1, >+ options=['samba'], >+ required=0, >+ dontsearch=0, >+ may_change=1, >+ identifies=0, >+ ), > 'description': univention.admin.property( > short_description=_('Description'), > long_description='', >@@ -222,6 +233,9 @@ > ], advanced = True ), > univention.admin.tab(_('Allowed groups'),_('Groups that are allowed to send e-mails to the group'),[ > [univention.admin.field("allowedEmailGroups")] >+ ], advanced = True ), >+ univention.admin.tab(_('Windows'),_('Windows account settings'),[ >+ [univention.admin.field("sambaPrivileges")] > ], advanced = True ) > ] > >@@ -231,6 +245,7 @@ > mapping.register('description', 'description', None, univention.admin.mapping.ListToString) > mapping.register('sambaGroupType', 'sambaGroupType', None, univention.admin.mapping.ListToString) > mapping.register('mailAddress', 'mailPrimaryAddress', None, univention.admin.mapping.ListToString) >+mapping.register('sambaPrivileges', 'univentionSambaPrivilegeList') > > def _case_insensitive_in_list(dn, list): > for element in list: >@@ -569,6 +584,18 @@ > def _ldap_modlist( self ): > > ml=univention.admin.handlers.simpleLdap._ldap_modlist( self ) >+ >+ # samba privileges >+ if self.hasChanged("sambaPrivileges") and "samba" in self.options: >+ o = self.oldattr.get('objectClass', []) >+ # add univentionSambaPrivileges objectclass >+ if self["sambaPrivileges"] and not "univentionSambaPrivileges" in o: >+ ml.insert(0, ('objectClass', '', 'univentionSambaPrivileges')) >+ # do not remove univentionSambaPrivileges objectclass >+ # (we need it in the listener filter) >+ #if not self["sambaPrivileges"] and "univentionSambaPrivileges" in o: >+ # ml.insert(0, ('objectClass', 'univentionSambaPrivileges', '')) >+ > if self.hasChanged( 'mailAddress' ) and self[ 'mailAddress' ]: > for i, j in self.alloc: > if i == 'mailPrimaryAddress': break >Index: management/univention-directory-manager-modules/modules/univention/admin/handlers/groups/de.po >=================================================================== >--- management/univention-directory-manager-modules/modules/univention/admin/handlers/users/de.po (.../release-ucs-2.4-2/ucs) (Revision 27072) >+++ management/univention-directory-manager-modules/modules/univention/admin/handlers/users/de.po (.../release-ucs-2.4-3) (Revision 27072) >@@ -286,6 +286,14 @@ > msgid "Groups" > msgstr "Gruppen" > >+#: user.py:528 >+msgid "Samba privileges" >+msgstr "Samba Privilegien" >+ >+#: user.py:529 >+msgid "Manage samba privileges" >+msgstr "Samba Privilegien verwalten" >+ > #: user.py:538 > msgid "Primary group" > msgstr "Primäre Gruppe" >Index: management/univention-directory-manager-modules/modules/univention/admin/handlers/dns/forward_zone.py >=================================================================== >--- management/univention-directory-manager-modules/modules/univention/admin/handlers/users/user.py (.../release-ucs-2.4-2/ucs) (Revision 27072) >+++ management/univention-directory-manager-modules/modules/univention/admin/handlers/users/user.py (.../release-ucs-2.4-3) (Revision 27072) >@@ -524,6 +524,17 @@ > identifies=0, > options=['samba'] > ), >+ 'sambaPrivileges': univention.admin.property( >+ short_description=_('Samba privileges'), >+ long_description=('Manage samba privileges'), >+ syntax=univention.admin.syntax.sambaPrivileges, >+ multivalue=1, >+ options=['samba'], >+ required=0, >+ dontsearch=0, >+ may_change=1, >+ identifies=0, >+ ), > 'groups': univention.admin.property( > short_description=_('Groups'), > long_description='', >@@ -1114,7 +1125,7 @@ > univention.admin.tab(_('Windows'),_('Windows account settings'),[ > [univention.admin.field("sambahome"), univention.admin.field("homedrive")], > [univention.admin.field("scriptpath"), univention.admin.field("profilepath")], >- [univention.admin.field("sambaRID")], >+ [univention.admin.field("sambaRID"), univention.admin.field("sambaPrivileges")], > [univention.admin.field("sambaLogonHours"), univention.admin.field("sambaUserWorkstations")] > ]), > univention.admin.tab(_('Groups'),_('Group memberships'), [ >@@ -1380,7 +1391,7 @@ > mapping.register('organisation', 'o', None, univention.admin.mapping.ListToString) > > mapping.register('mailPrimaryAddress', 'mailPrimaryAddress', None, univention.admin.mapping.ListToLowerString) >-mapping.register('mailAlternativeAddress', 'mailAlternativeAddress', univention.admin.mapping.ListToLowerListUniq) >+mapping.register('mailAlternativeAddress', 'mailAlternativeAddress', None, univention.admin.mapping.ListToLowerListUniq) > mapping.register('mailGlobalSpamFolder', 'mailGlobalSpamFolder', None, univention.admin.mapping.ListToString) > > mapping.register('street', 'street', None, univention.admin.mapping.ListToString) >@@ -1402,6 +1413,7 @@ > mapping.register('sambahome', 'sambaHomePath', None, univention.admin.mapping.ListToString) > mapping.register('sambaUserWorkstations', 'sambaUserWorkstations', sambaWorkstationsMap, sambaWorkstationsUnmap) > mapping.register('sambaLogonHours', 'sambaLogonHours', logonHoursMap, logonHoursUnmap) >+mapping.register('sambaPrivileges', 'univentionSambaPrivilegeList') > mapping.register('scriptpath', 'sambaLogonScript', None, univention.admin.mapping.ListToString) > mapping.register('profilepath', 'sambaProfilePath', None, univention.admin.mapping.ListToString) > mapping.register('homedrive', 'sambaHomeDrive', None, univention.admin.mapping.ListToString) >@@ -2227,6 +2239,17 @@ > shadowLastChangeValue = '' # if is filled, it will be added to ml in the end > sambaPwdLastSetValue = '' # if is filled, it will be added to ml in the end > >+ # samba privileges >+ if self.hasChanged("sambaPrivileges") and "samba" in self.options: >+ o = self.oldattr.get('objectClass', []) >+ # add univentionSambaPrivileges objectclass >+ if self["sambaPrivileges"] and not "univentionSambaPrivileges" in o: >+ ml.insert(0, ('objectClass', '', 'univentionSambaPrivileges')) >+ # do not remove univentionSambaPrivileges objectclass >+ # (we need it in the listener filter) >+ #if not self["sambaPrivileges"] and "univentionSambaPrivileges" in o: >+ # ml.insert(0, ('objectClass', 'univentionSambaPrivileges', '')) >+ > if self.options != self.old_options: > univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'options: %s' % self.options) > univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'old_options: %s' % self.old_options) >Index: management/univention-directory-manager-modules/modules/univention/admin/handlers/users/de.po >=================================================================== >--- management/univention-directory-manager-modules/modules/univention/admin/syntax.py (.../release-ucs-2.4-2/ucs) (Revision 27072) >+++ management/univention-directory-manager-modules/modules/univention/admin/syntax.py (.../release-ucs-2.4-3) (Revision 27072) >@@ -1116,6 +1116,23 @@ > name='ldapServer' > def parse(self, text): > return text >+ >+class sambaPrivileges(simple): >+ name='sambaPrivileges' >+ privileges = [ >+ { "name" : "SeMachineAccountPrivilege", "description" : _("Add machines to domain") }, >+ { "name" : "SeSecurityPrivilege", "description" : _("Manage auditing and security log") }, >+ { "name" : "SeTakeOwnershipPrivilege", "description" : _("Take ownership of files or other objects") }, >+ { "name" : "SeBackupPrivilege", "description" : _("Back up files and directories") }, >+ { "name" : "SeRestorePrivilege", "description" : _("Restore files and directories") }, >+ { "name" : "SeRemoteShutdownPrivilege", "description" : _("Force shutdown from a remote system") }, >+ { "name" : "SePrintOperatorPrivilege", "description" : _("Manage printers") }, >+ { "name" : "SeAddUsersPrivilege", "description" : _("Add users and groups to the domain") }, >+ { "name" : "SeDiskOperatorPrivilege", "description" : _("Manage disk shares") }, >+ ] >+ def parse(self, text): >+ return text >+ > class printerServer(simple): > name='printerServer' > def parse(self, text): >--- management/univention-directory-manager/uniconf/modedit.py (.../release-ucs-2.4-2/ucs) (Revision 27072) >+++ management/univention-directory-manager/uniconf/modedit.py (.../release-ucs-2.4-3) (Revision 27072) >@@ -3730,6 +3730,105 @@ > > ################################ > >+ elif property.syntax.name == 'sambaPrivileges': >+ self.minput[name]=[] >+ minput_rows=[] >+ atts=copy.deepcopy(attributes) >+ mvaluelist=[] >+ i=0 >+ if value: >+ for v in value: >+ try: >+ mvaluelist.append({'name': unicode(i), 'description': syntax.tostring(v)}) >+ except univention.admin.uexceptions.valueInvalidSyntax, e: >+ pass >+ i+=1 >+ if name: >+ # [0]: input field (or several input fields in case of a complex syntax property) >+ >+ packages = property.syntax.privileges >+ >+ self.minput[name].append(question_select(property.short_description,atts,{'choicelist':packages,'helptext':_('select Server')})) >+ atts=copy.deepcopy(attributes) >+ b_atts=copy.deepcopy(attributes) >+ b2_atts=copy.deepcopy(attributes) >+ # [1]: add button >+ self.minput[name].append(get_addbutton(b_atts,_("Add %s") % name)) >+ # [2]: mselect list widget >+ self.minput[name].append(question_mselect(_("Entries:"),atts,{"helptext":_("Current entries for '%s'") % name,"choicelist":mvaluelist})) >+ # [3]: remove button >+ self.minput[name].append(get_removebutton(b_atts,_("Remove selected '%s' entrie(s) from list") % name)) >+ >+ # move buttons: >+ # [4]: up button [ ^ ] >+ self.minput[name].append(get_upbutton(b2_atts,_("Move upwards"))) >+ # [5]: down button [ v ] >+ self.minput[name].append(get_downbutton(b2_atts,_("Move downwards"))) >+ >+ # put the widgets/buttons from minput[name] into a table >+ # | | >+ # |----------------| >+ # <input field> | <add button> | >+ # ---------------------------------| >+ # | <up button> | >+ # |----------------| >+ # | <remove button>| >+ # <mselect list> |----------------| >+ # | <down button> | >+ #----------------------------------| >+ minput_rows.append(tablerow("",{},{"obs":[\ >+ tablecol('',{'rowspan':'2'}, {'obs': [\ >+ #input field >+ self.minput[name][0]\ >+ ]}),\ >+ tablecol('',{}, {'obs': [\ >+ # needed freespace >+ htmltext("",{},{'htmltext':[' ']}) >+ ]})\ >+ ]})) >+ minput_rows.append(tablerow("",{},{"obs":[\ >+ tablecol('',{'type':'multi_add_top'}, {'obs': [\ >+ #add button >+ self.minput[name][1]\ >+ ]})\ >+ ]})) >+ minput_rows.append(tablerow("",{},{"obs":[\ >+ tablerow("",{},{"obs":[\ >+ tablecol('',{'rowspan':'3'}, {'obs': [\ >+ #mselect list >+ self.minput[name][2]\ >+ ]}),\ >+ tablecol('',{'type':'multi_remove'}, {'obs': [\ >+ #up button >+ self.minput[name][4]\ >+ ]})\ >+ ]}),\ >+ tablerow("",{},{"obs":[\ >+ tablecol('',{'type':'multi_remove'}, {'obs': [\ >+ #remove button >+ self.minput[name][3]\ >+ ]})\ >+ ]}),\ >+ tablerow("",{},{"obs":[\ >+ tablecol('',{'type':'multi_remove_img'}, {'obs': [\ >+ #down button >+ self.minput[name][5]\ >+ ]})\ >+ ]})\ >+ ]})) >+ else: >+ minput_rows.append(tablerow("",{},{"obs":[\ >+ tablecol('',{}, {'obs': [\ >+ ]}),\ >+ tablecol('',{}, {'obs': [\ >+ ]})\ >+ ]})) >+ cols.append(tablecol('',{'type':'tab_layout'}, {'obs': [table("",{'type':'multi'},{"obs":minput_rows})]})) >+ >+ >+ >+ ################################ >+ > elif property.syntax.name == 'ldapServer': > self.minput[name]=[] > minput_rows=[] >Index: management/univention-directory-manager/debian/univention-directory-manager.univention-config-registry-variables >===================================================================
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3542">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 23746
: 3542 |
3544
|
3545