lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2025-10-31 17:39:12 +00:00
Code Issues Activity

Add 'certidude users' command for listing user accounts

Browse Source
This commit is contained in:
Lauri Võsandi
2016-04-01 00:01:58 +03:00
parent 816cf32353
commit fa27253b50
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
certidude/cli.py
View File

@@ -914,6 +914,16 @@ def certidude_setup_authority(username, static_path, kerberos_keytab, nginx_conf
click.echo(" certidude serve") click.echo(" certidude serve")
@click.command("users", help="List users")
def certidude_users():
from certidude.user import User
admins = set(User.objects.filter_admins())
for user in User.objects.all():
print "%s;%s;%s;%s;%s" % (
"admin" if user in admins else "user",
user.name, user.given_name, user.surname, user.mail)
@click.command("list", help="List certificates") @click.command("list", help="List certificates")
@click.option("--verbose", "-v", default=False, is_flag=True, help="Verbose output") @click.option("--verbose", "-v", default=False, is_flag=True, help="Verbose output")
@click.option("--show-key-type", "-k", default=False, is_flag=True, help="Show key type and length") @click.option("--show-key-type", "-k", default=False, is_flag=True, help="Show key type and length")
@@ -1167,3 +1177,4 @@ entry_point.add_command(certidude_signer)
entry_point.add_command(certidude_request) entry_point.add_command(certidude_request)
entry_point.add_command(certidude_sign) entry_point.add_command(certidude_sign)
entry_point.add_command(certidude_list) entry_point.add_command(certidude_list)
entry_point.add_command(certidude_users)

2
certidude/templates/certidude.conf
View File

@@ -31,7 +31,7 @@ posix admin group = sudo
;backend = ldap ;backend = ldap
ldap computer filter = (&(objectclass=user)(objectclass=computer)(samaccountname=%s)) ldap computer filter = (&(objectclass=user)(objectclass=computer)(samaccountname=%s))
ldap user filter = (&(objectclass=user)(objectclass=person)(samaccountname=%s)) ldap user filter = (&(objectclass=user)(objectcategory=person)(samaccountname=%s))
ldap admin filter = (&(memberOf=cn=Domain Admins,cn=Users,{% if base %}{{ base }}{% else %}dc=example,dc=com{% endif %})(samaccountname=%s)) ldap admin filter = (&(memberOf=cn=Domain Admins,cn=Users,{% if base %}{{ base }}{% else %}dc=example,dc=com{% endif %})(samaccountname=%s))
# Users are allowed to log in from user subnets # Users are allowed to log in from user subnets