Alexander,
That was it! I had seen this before at a previous place of employment, but
couldn't recall enough of what we'd done there to fix it. You're a
lifesaver, really. Thank you very much to *everyone* who chimed in to lend
a hand.
PS: We're still running FreeIPA 4.4.0 and were affected by this change that
occurred in where the plugins files get stored. That may be something to
pass on to others.
On Fri, Aug 4, 2017 at 9:41 AM, Alexander Bokovoy <abokovoy(a)redhat.com>
wrote:
On pe, 04 elo 2017, Kristian Petersen wrote:
> If it helps, the python file where we customized things is included below:
>
> # Place in /usr/lib/python2.7/site-packages/ipalib/plugins/
>
Ok, this is location for pre-4.5 plugins. With FreeIPA 4.5 we split them
into ipaserver/plugins and ipaclient/plugins, to allow clear separation
between server and client side plugins and to make thin client operation
possible.
Move your plugin Python code to ipaserver/plugins/ subdirectory instead
of ipalib/plugins. Also replace 'from ipalib.plugins' by 'from
ipaserver.plugins ..'.
> import re
>
> from ipalib import api
> from ipalib.plugins import user, stageuser, group
> from ipalib.parameters import Str
> from ipalib import _
>
>
> FILESERVER = "fileserver.chem.byu.edu"
> GIDS = [
> ("csr", '1000'),
> ("staff", '3000'),
> ("faculty", '4000'),
> ("adjunct", '4010'),
> ("visiting", '4020'),
> ("emeritus", '4100'),
> ("graduate", '5000'),
> ("researcher", '6000'),
> ("ugrad", '8000'),
> ]
> GROUP_TO_GID = {x: y for x, y in GIDS}
> GID_TO_GROUP = {y: x for x, y in GIDS}
> # Locations of home directories for different groups.
> HOME_DIR_LOCATION = {
> '1000': "/home/csr", # csr
> '3000': "/home/staff", # staff
> '4000': "/home/faculty", # faculty
> '4010': "/home/faculty", # adjunct
> '4020': "/home/postdoc", # visiting
> '4100': "/home/faculty", # emeritus
> '5000': "/home/research", # graduate
> '6000': "/home/research", # researcher
> '8000': "/home/students", # ugrad
> }
>
>
> ############################
> # Expose attributes to CLI #
> ############################
> def __check_netid(ugettext, netid):
> '''
> Checks if netid is already assigned to an existing account.
> '''
>
> # Search for users with given NetID
> result = api.Command.user_find(netid=netid)
>
> # Throw error if NetID is already assigned to a user account
> if result['count'] > 0:
> uid = result['result'][0]['uid'][0]
> return _("NetID is already assigned to user
\"{}\".".format(uid))
>
>
> def __validate_student_id(ugettext, studentid):
> '''
> Checks if studentid string is all numbers and nine digits long.
> Also checks if studentid is already assigned to an existing account.
> '''
>
> if not (studentid.isdigit() and len(studentid) == 9):
> return _("Student ID must be 9 digits")
>
> # Check if ID number is already assigned to another account
> result = api.Command.user_find(studentid=studentid)
> if result['count'] > 0:
> uid = result['result'][0]['uid'][0]
> return _("Student ID is alread assigned to user
> \"{}\".".format(uid))
>
>
> chem_params = (
> Str('netid', __check_netid,
> cli_name='netid',
> label=_('BYU Net ID'),
> ),
> Str('studentid', __validate_student_id,
> cli_name='studentid',
> label=_('BYU Student ID Number'),
> ),
> )
>
> user.user.takes_params = user.user.takes_params + chem_params
> user.user.default_attributes.append('netid')
> user.user.default_attributes.append('studentid')
>
> stageuser.stageuser.takes_params = stageuser.stageuser.takes_params + \
> chem_params
> stageuser.stageuser.default_attributes.append('netid')
> stageuser.stageuser.default_attributes.append('studentid')
>
>
> #####################
> # Add pre-callbacks #
> #####################
> def __get_homedir(uid, homedir_base):
> '''
> Determines the location of a user's home directory.
> '''
>
> if 'students' in homedir_base:
> return "{}/{}/{}".format(homedir_base, uid[0], uid)
> else:
> return "{}/{}".format(homedir_base, uid)
>
>
> def __get_uid_from_dn(dn):
> '''
> Returns uid from dn.
> '''
> if 'uid' not in str(dn):
> return _("\'uid\' not in given dn:
\'{}\'".format(str(dn)))
>
> uid = str(dn).split(',')[0] # gets 'uid=<username>'
> uid = re.sub('^uid=', '', uid) # gets '<username>'
> return uid
>
>
> #######################
> # Stageuser Callbacks #
> #######################
> def stageuseradd_precallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> if 'homedirectory' in entry:
> entry['homedirectory'] = __get_homedir(entry['uid'],
> entry['homedirectory'])
> return dn
>
>
> def stageusermod_precallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> if 'homedirectory' in entry:
> entry['homedirectory'] = __get_homedir(__get_uid_from_dn(dn),
> entry['homedirectory'])
> return dn
>
> stageuser.stageuser_add.register_pre_callback(stageuseradd_precallback)
> stageuser.stageuser_mod.register_pre_callback(stageusermod_precallback)
>
>
> ##################
> # User Callbacks #
> ##################
> def useradd_precallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> if 'homedirectory' in entry:
> entry['homedirectory'] = __get_homedir(entry['uid'],
> entry['homedirectory'])
> return dn
>
>
> def useradd_postcallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> # TODO: add user to one of the default groups (ugrad, grad, etc.)
> # NOTE: Since the groups Graduate and Faculty share home directories
> # with other groups, there's no way to determine group based on
> # home directory.
> return dn
>
>
> def usermod_precallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> if 'homedirectory' in entry:
> entry['homedirectory'] = __get_homedir(__get_uid_from_dn(dn),
> entry['homedirectory'])
> return dn
>
> user.user_add.register_pre_callback(useradd_precallback)
> user.user_mod.register_pre_callback(usermod_precallback)
>
>
> ###################
> # Group Callbacks #
> ###################
> def groupadd_postcallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> # TODO: Create management role
> return dn
>
>
> def groupdel_precallback(self, ldap, dn, entry, attrs_list,
> *keys, **options):
> # TODO: Remove managment role
> return dn
>
> group.group_add.register_post_callback(groupadd_postcallback)
> group.group_del.register_pre_callback(groupdel_precallback)
>
>
> On Fri, Aug 4, 2017 at 8:57 AM, Pavel Vomacka <pvomacka(a)redhat.com>
> wrote:
>
> Hello,
>>
>> On 08/03/2017 10:12 PM, Kristian Petersen via FreeIPA-users wrote:
>>
>> The customizations that define the additions to the schema appear to be
>> in
>> the javascript file /usr/share/ipa/ui/js/plugins/chemuser/chemuser.js.
>> It defines the additional fields we use that are causing us so much
>> trouble. I have included it below.
>>
>> // Place in /usr/share/ipa/ui/js/plugins/chemuser/
>> define([
>> 'freeipa/phases',
>> 'freeipa/user'],
>> function(phases, user_mod) {
>>
>> // helper function
>> function get_item(array, attr, value) {
>> for (var i=0,l=array.length; i<l; i++) {
>> if (array[i][attr] === value) return array[i];
>> }
>> return null;
>> }
>>
>> var chem_user_plugin = {};
>> chem_user_plugin.add_chemistry_fields_pre_op = function() {
>>
>> // Adds extra fields into user details facet.
>> var facet = get_item(user_mod.entity_spec.facets, '$type',
'details');
>> var section = get_item(facet.sections, 'name', 'identity');
>> section.fields.push({
>> name: 'netid',
>> label: 'BYU Net ID',
>> required: 0,
>> }, {
>> name: 'studentid',
>> label: 'BYU Student ID Number',
>> required: 0,
>> }
>> );
>>
>> // Adds extra fields to add user form.
>> var add_user_fields = user_mod.entity_spec.adder_dia
>> log.sections[0].fields;
>>
>> add_user_fields.splice(3, 1) // Remove 'Class' field
>> add_user_fields.splice(3, 0, {
>> name: 'netid',
>> required: 0,
>> }, {
>> name: 'studentid',
>> required: 0,
>> }, {
>> name: 'mail',
>> required: 1,
>> }, {
>> $type: "combobox",
>> name: "homedirectory",
>> required: 1,
>> editable: 0,
>> options: [{
>> label: "CSR",
>> value: "/home/csr"
>> }, {
>> label: "Staff",
>> value: "/home/staff"
>> }, {
>> label: "Faculty",
>> value: "/home/faculty"
>> }, {
>> label: "Visiting/Postdoc",
>> value: "/home/postdoc"
>> }, {
>> label: "Graduate",
>> value: "/home/research",
>> }, {
>> label: "Researcher",
>> value: "/home/research"
>> }, {
>> label: "Undergrad",
>> value: "/home/students"
>> }
>> ]
>> }
>> );
>> return true;
>> };
>>
>> phases.on('customization', chem_user_plugin.add_chemistry
>> _fields_pre_op);
>> return chem_user_plugin;
>> });
>>
>> This worked just fine prior to the update that Randy spoke of, but for
>> whatever reason it's not working now. When adding a user through the web
>> UI, the fields that are for the netid and studentid have no labels on
>> them
>> and if you try and add the person with data in them it gives an error:
>> "IPA
>> Error 3005: Option Error. Unknown option: studentid" or the same for the
>> netid.
>>
>> The file appears to be in the right place in the filesystem. Any ideas?
>>
>> From what I can see here, I would say that your Python changes stopped
>> working. The reason why you don't see any labels of your custom fields is
>> that they are not in metadata, which are send to WebUI. Therefore WebUI
>> cannot show them. And then when you send a request to the server with
>> those
>> custom options, the server does not understand those options (therefore
>> the
>> error message).
>>
>> I don't know how you changed Python code. In case you do it directly in
>> code then the upgrade probably overrode your changes (as Rob mentioned
>> before). Or maybe your changes are not properly loaded or run.
>>
>> You can try to call API by running:
>> $ ipa console
>> on your server. Then write something like:
>> >>>> api.Command.user_add(u'tuser',
givenname=u'test', sn=u'user')
>> just add your new options and you will most likely get the same error.
>> (This is just the way how to test API calls which are used by WebUI
>> somewhere else than in WebUI, then you can say whether the bug is in
>> WebUI
>> or not).
>>
>> From my point of view, WebUI plugin looks correct and it works, because
>> you can see some changes in WebUI.
>>
>>
>> On Thu, Aug 3, 2017 at 1:27 PM, Alexander Bokovoy <abokovoy(a)redhat.com>
>> wrote:
>>
>> On to, 03 elo 2017, Kristian Petersen via FreeIPA-users wrote:
>>>
>>> The customizations are in separate files and are still there, but seem
>>>> to
>>>> be getting ignored for lack of a better description.
>>>>
>>>> You'd need to describe more and in more detail. Look at
>>>
https://github.com/abbra/freeipa-desktop-profile/ as an example of an
>>> external plugin that works and integrates with existing FreeIPA upgrade
>>> code properly.
>>>
>>> You can look at that one to see what's different on your side.
>>>
>>> --
>>> / Alexander Bokovoy
>>>
>>>
>>
>>
>> --
>> Kristian Petersen
>> System Administrator
>> Dept. of Chemistry and Biochemistry
>>
>>
>> _______________________________________________
>> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
>> To unsubscribe send an email to freeipa-users-leave(a)lists.fedo
>>
rahosted.org
>>
>>
>> --
>> Pavel^3 Vomacka
>>
>>
>>
>
> --
> Kristian Petersen
> System Administrator
> Dept. of Chemistry and Biochemistry
>
--
/ Alexander Bokovoy
--
Kristian Petersen
System Administrator
Dept. of Chemistry and Biochemistry