Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
# Authors: # Rob Crittenden <rcritten@redhat.com> # # Copyright (C) 2010 Red Hat # see file 'COPYING' for use and warranty information # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>.
Privileges
A privilege combines permissions into a logical task. A permission provides the rights to do a single task. There are some IPA operations that require multiple permissions to succeed. A privilege is where permissions are combined in order to perform a specific task.
For example, adding a user requires the following permissions: * Creating a new user entry * Resetting a user password * Adding the new user to the default IPA users group
Combining these three low-level tasks into a higher level task in the form of a privilege named "Add User" makes it easier to manage Roles.
A privilege may not contain other privileges.
See role and permission for additional information. """)
""" Privilege object. """ 'memberindirect', 'memberofindirect', ] 'member': ['role'], 'memberof': ['permission'], 'memberofindirect': ['permission'], } 'member': ['permission'], }
Str('cn', cli_name='name', label=_('Privilege name'), primary_key=True, ), Str('description', cli_name='desc', label=_('Description'), doc=_('Privilege description'), ), )
'%(count)d privilege matched', '%(count)d privileges matched', 0 )
""" Remove members from a privilege """
output.Entry('result'), output.Output('failed', type=dict, doc=_('Members that could not be added'), ), output.Output('completed', type=int, doc=_('Number of permissions added'), ), )
output.Entry('result'), output.Output('failed', type=dict, doc=_('Members that could not be added'), ), output.Output('completed', type=int, doc=_('Number of permissions removed'), ), )
|