If it helps, the python file where we customized things is included
below:
# Place in /usr/lib/python2.7/site-packages/ipalib/plugins/
Ok, this is location for
pre-4.5 plugins. With FreeIPA 4.5 we split them
into ipaserver/plugins and ipaclient/plugins, to allow clear separation
between server and client side plugins and to make thin client operation
possible.
Move your plugin Python code to ipaserver/plugins/ subdirectory instead
of ipalib/plugins. Also replace 'from ipalib.plugins' by 'from
ipaserver.plugins ..'.
import re
from ipalib import api
from ipalib.plugins import user, stageuser, group
from ipalib.parameters import Str
from ipalib import _
FILESERVER = "fileserver.chem.byu.edu"
GIDS = [
("csr", '1000'),
("staff", '3000'),
("faculty", '4000'),
("adjunct", '4010'),
("visiting", '4020'),
("emeritus", '4100'),
("graduate", '5000'),
("researcher", '6000'),
("ugrad", '8000'),
]
GROUP_TO_GID = {x: y for x, y in GIDS}
GID_TO_GROUP = {y: x for x, y in GIDS}
# Locations of home directories for different groups.
HOME_DIR_LOCATION = {
'1000': "/home/csr", # csr
'3000': "/home/staff", # staff
'4000': "/home/faculty", # faculty
'4010': "/home/faculty", # adjunct
'4020': "/home/postdoc", # visiting
'4100': "/home/faculty", # emeritus
'5000': "/home/research", # graduate
'6000': "/home/research", # researcher
'8000': "/home/students", # ugrad
}
############################
# Expose attributes to CLI #
############################
def __check_netid(ugettext, netid):
'''
Checks if netid is already assigned to an existing account.
'''
# Search for users with given NetID
result = api.Command.user_find(netid=netid)
# Throw error if NetID is already assigned to a user account
if result['count'] > 0:
uid = result['result'][0]['uid'][0]
return _("NetID is already assigned to user
\"{}\".".format(uid))
def __validate_student_id(ugettext, studentid):
'''
Checks if studentid string is all numbers and nine digits long.
Also checks if studentid is already assigned to an existing account.
'''
if not (studentid.isdigit() and len(studentid) == 9):
return _("Student ID must be 9 digits")
# Check if ID number is already assigned to another account
result = api.Command.user_find(studentid=studentid)
if result['count'] > 0:
uid = result['result'][0]['uid'][0]
return _("Student ID is alread assigned to user
\"{}\".".format(uid))
chem_params = (
Str('netid', __check_netid,
cli_name='netid',
label=_('BYU Net ID'),
),
Str('studentid', __validate_student_id,
cli_name='studentid',
label=_('BYU Student ID Number'),
),
)
user.user.takes_params = user.user.takes_params + chem_params
user.user.default_attributes.append('netid')
user.user.default_attributes.append('studentid')
stageuser.stageuser.takes_params = stageuser.stageuser.takes_params + \
chem_params
stageuser.stageuser.default_attributes.append('netid')
stageuser.stageuser.default_attributes.append('studentid')
#####################
# Add pre-callbacks #
#####################
def __get_homedir(uid, homedir_base):
'''
Determines the location of a user's home directory.
'''
if 'students' in homedir_base:
return "{}/{}/{}".format(homedir_base, uid[0], uid)
else:
return "{}/{}".format(homedir_base, uid)
def __get_uid_from_dn(dn):
'''
Returns uid from dn.
'''
if 'uid' not in str(dn):
return _("\'uid\' not in given dn:
\'{}\'".format(str(dn)))
uid = str(dn).split(',')[0] # gets 'uid=<username>'
uid = re.sub('^uid=', '', uid) # gets '<username>'
return uid
#######################
# Stageuser Callbacks #
#######################
def stageuseradd_precallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
if 'homedirectory' in entry:
entry['homedirectory'] = __get_homedir(entry['uid'],
entry['homedirectory'])
return dn
def stageusermod_precallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
if 'homedirectory' in entry:
entry['homedirectory'] = __get_homedir(__get_uid_from_dn(dn),
entry['homedirectory'])
return dn
stageuser.stageuser_add.register_pre_callback(stageuseradd_precallback)
stageuser.stageuser_mod.register_pre_callback(stageusermod_precallback)
##################
# User Callbacks #
##################
def useradd_precallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
if 'homedirectory' in entry:
entry['homedirectory'] = __get_homedir(entry['uid'],
entry['homedirectory'])
return dn
def useradd_postcallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
# TODO: add user to one of the default groups (ugrad, grad, etc.)
# NOTE: Since the groups Graduate and Faculty share home directories
# with other groups, there's no way to determine group based on
# home directory.
return dn
def usermod_precallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
if 'homedirectory' in entry:
entry['homedirectory'] = __get_homedir(__get_uid_from_dn(dn),
entry['homedirectory'])
return dn
user.user_add.register_pre_callback(useradd_precallback)
user.user_mod.register_pre_callback(usermod_precallback)
###################
# Group Callbacks #
###################
def groupadd_postcallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
# TODO: Create management role
return dn
def groupdel_precallback(self, ldap, dn, entry, attrs_list,
*keys, **options):
# TODO: Remove managment role
return dn
group.group_add.register_post_callback(groupadd_postcallback)
group.group_del.register_pre_callback(groupdel_precallback)
On Fri, Aug 4, 2017 at 8:57 AM, Pavel Vomacka <pvomacka(a)redhat.com> wrote:
> Hello,
>
> On 08/03/2017 10:12 PM, Kristian Petersen via FreeIPA-users wrote:
>
> The customizations that define the additions to the schema appear to be in
> the javascript file /usr/share/ipa/ui/js/plugins/chemuser/chemuser.js.
> It defines the additional fields we use that are causing us so much
> trouble. I have included it below.
>
> // Place in /usr/share/ipa/ui/js/plugins/chemuser/
> define([
> 'freeipa/phases',
> 'freeipa/user'],
> function(phases, user_mod) {
>
> // helper function
> function get_item(array, attr, value) {
> for (var i=0,l=array.length; i<l; i++) {
> if (array[i][attr] === value) return array[i];
> }
> return null;
> }
>
> var chem_user_plugin = {};
> chem_user_plugin.add_chemistry_fields_pre_op = function() {
>
> // Adds extra fields into user details facet.
> var facet = get_item(user_mod.entity_spec.facets, '$type',
'details');
> var section = get_item(facet.sections, 'name', 'identity');
> section.fields.push({
> name: 'netid',
> label: 'BYU Net ID',
> required: 0,
> }, {
> name: 'studentid',
> label: 'BYU Student ID Number',
> required: 0,
> }
> );
>
> // Adds extra fields to add user form.
> var add_user_fields = user_mod.entity_spec.adder_dialog.sections[0].fields;
>
> add_user_fields.splice(3, 1) // Remove 'Class' field
> add_user_fields.splice(3, 0, {
> name: 'netid',
> required: 0,
> }, {
> name: 'studentid',
> required: 0,
> }, {
> name: 'mail',
> required: 1,
> }, {
> $type: "combobox",
> name: "homedirectory",
> required: 1,
> editable: 0,
> options: [{
> label: "CSR",
> value: "/home/csr"
> }, {
> label: "Staff",
> value: "/home/staff"
> }, {
> label: "Faculty",
> value: "/home/faculty"
> }, {
> label: "Visiting/Postdoc",
> value: "/home/postdoc"
> }, {
> label: "Graduate",
> value: "/home/research",
> }, {
> label: "Researcher",
> value: "/home/research"
> }, {
> label: "Undergrad",
> value: "/home/students"
> }
> ]
> }
> );
> return true;
> };
>
> phases.on('customization', chem_user_plugin.add_chemistry_fields_pre_op);
> return chem_user_plugin;
> });
>
> This worked just fine prior to the update that Randy spoke of, but for
> whatever reason it's not working now. When adding a user through the web
> UI, the fields that are for the netid and studentid have no labels on them
> and if you try and add the person with data in them it gives an error: "IPA
> Error 3005: Option Error. Unknown option: studentid" or the same for the
> netid.
>
> The file appears to be in the right place in the filesystem. Any ideas?
>
> From what I can see here, I would say that your Python changes stopped
> working. The reason why you don't see any labels of your custom fields is
> that they are not in metadata, which are send to WebUI. Therefore WebUI
> cannot show them. And then when you send a request to the server with those
> custom options, the server does not understand those options (therefore the
> error message).
>
> I don't know how you changed Python code. In case you do it directly in
> code then the upgrade probably overrode your changes (as Rob mentioned
> before). Or maybe your changes are not properly loaded or run.
>
> You can try to call API by running:
> $ ipa console
> on your server. Then write something like:
> >>>> api.Command.user_add(u'tuser', givenname=u'test',
sn=u'user')
> just add your new options and you will most likely get the same error.
> (This is just the way how to test API calls which are used by WebUI
> somewhere else than in WebUI, then you can say whether the bug is in WebUI
> or not).
>
> From my point of view, WebUI plugin looks correct and it works, because
> you can see some changes in WebUI.
>
>
> On Thu, Aug 3, 2017 at 1:27 PM, Alexander Bokovoy <abokovoy(a)redhat.com>
> wrote:
>
>> On to, 03 elo 2017, Kristian Petersen via FreeIPA-users wrote:
>>
>>> The customizations are in separate files and are still there, but seem to
>>> be getting ignored for lack of a better description.
>>>
>> You'd need to describe more and in more detail. Look at
>>
https://github.com/abbra/freeipa-desktop-profile/ as an example of an
>> external plugin that works and integrates with existing FreeIPA upgrade
>> code properly.
>>
>> You can look at that one to see what's different on your side.
>>
>> --
>> / Alexander Bokovoy
>>
>
>
>
> --
> Kristian Petersen
> System Administrator
> Dept. of Chemistry and Biochemistry
>
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
>
>
> --
> Pavel^3 Vomacka
>
>
--
Kristian Petersen
System Administrator
Dept. of Chemistry and Biochemistry