Fix DNS zone --allow-dynupdate option behavior

--allow-dynupdate was implemented as a Flag parameter type, which is not convenient for LDAP attributes. When a DNS zone with permitted dynamic updates was modified and the --allow-dynupdate flag was not set, dynamic updates were turned off. This patch changes the option type to Bool parameter type which behaves according to user expectations when modifying the zone. https://fedorahosted.org/freeipa/ticket/2039
author: Martin Kosek <mkosek@redhat.com> 2011-11-09 14:23:15 +0100
committer: Martin Kosek <mkosek@redhat.com> 2011-11-09 15:31:50 +0100
commit: 843c0787b7e123801250b9a0fb5b974cd9fd7e7b (patch)
tree: da70e275d5dfa41d39f7e11f357d6e664488a8f8
parent: b5c049ae2e62f24c6dfce618b94f567671e238ea (diff)
download: freeipa-843c0787b7e123801250b9a0fb5b974cd9fd7e7b.tar.gz
freeipa-843c0787b7e123801250b9a0fb5b974cd9fd7e7b.tar.xz
freeipa-843c0787b7e123801250b9a0fb5b974cd9fd7e7b.zip
4 files changed, 15 insertions, 16 deletions
diff --git a/API.txt b/API.txt
index 73c04ffec..8a8efa0cd 100644
--- a/API.txt
+++ b/API.txt
@@ -867,7 +867,7 @@ option: Int('idnssoaminimum', attribute=True, autofill=True, cli_name='minimum',
 option: Int('dnsttl', attribute=True, cli_name='ttl', label=Gettext('SOA time to live', domain='ipa', localedir=None), multivalue=False, required=False)
 option: StrEnum('dnsclass', attribute=True, cli_name='class', label=Gettext('SOA class', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'IN', u'CS', u'CH', u'HS'))
 option: Str('idnsupdatepolicy', attribute=True, cli_name='update_policy', label=Gettext('BIND update policy', domain='ipa', localedir=None), multivalue=False, required=False)
-option: Flag('idnsallowdynupdate', attribute=True, autofill=True, cli_name='allow_dynupdate', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=True)
+option: Bool('idnsallowdynupdate', attribute=True, autofill=True, cli_name='dynamic_update', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=False)
 option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
 option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
 option: Flag('force', autofill=True, default=False, label=Gettext('Force', domain='ipa', localedir=None))
@@ -912,8 +912,8 @@ option: Int('idnssoaminimum', attribute=True, autofill=False, cli_name='minimum'
 option: Int('dnsttl', attribute=True, autofill=False, cli_name='ttl', label=Gettext('SOA time to live', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
 option: StrEnum('dnsclass', attribute=True, autofill=False, cli_name='class', label=Gettext('SOA class', domain='ipa', localedir=None), multivalue=False, query=True, required=False, values=(u'IN', u'CS', u'CH', u'HS'))
 option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update_policy', label=Gettext('BIND update policy', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
-option: Bool('idnszoneactive', attribute=True, autofill=False, cli_name='zone_active', default=False, flags=['no_create', 'no_update'], label=Gettext('Active zone', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
-option: Bool('idnsallowdynupdate', attribute=True, autofill=False, cli_name='allow_dynupdate', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
+option: Bool('idnszoneactive', attribute=True, autofill=False, cli_name='zone_active', flags=['no_create', 'no_update'], label=Gettext('Active zone', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
+option: Bool('idnsallowdynupdate', attribute=True, autofill=False, cli_name='dynamic_update', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
 option: Int('timelimit?', autofill=False, flags=['no_display'], label=Gettext('Time Limit', domain='ipa', localedir=None), minvalue=0)
 option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('Size Limit', domain='ipa', localedir=None), minvalue=0)
 option: Flag('forward_only', autofill=True, cli_name='forward_only', default=False, label=Gettext('Forward zones only', domain='ipa', localedir=None))
@@ -939,7 +939,7 @@ option: Int('idnssoaminimum', attribute=True, autofill=False, cli_name='minimum'
 option: Int('dnsttl', attribute=True, autofill=False, cli_name='ttl', label=Gettext('SOA time to live', domain='ipa', localedir=None), multivalue=False, required=False)
 option: StrEnum('dnsclass', attribute=True, autofill=False, cli_name='class', label=Gettext('SOA class', domain='ipa', localedir=None), multivalue=False, required=False, values=(u'IN', u'CS', u'CH', u'HS'))
 option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update_policy', label=Gettext('BIND update policy', domain='ipa', localedir=None), multivalue=False, required=False)
-option: Flag('idnsallowdynupdate', attribute=True, autofill=True, cli_name='allow_dynupdate', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=False)
+option: Bool('idnsallowdynupdate', attribute=True, autofill=False, cli_name='dynamic_update', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=False)
 option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
 option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
 option: Flag('rights', autofill=True, default=False, label=Gettext('Rights', domain='ipa', localedir=None))
diff --git a/VERSION b/VERSION
index 43367b129..a191c2eed 100644
--- a/VERSION
+++ b/VERSION
@@ -79,4 +79,4 @@ IPA_DATA_VERSION=20100614120000
 #                                                      #
 ########################################################
 IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=14
+IPA_API_VERSION_MINOR=15
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 97eb6a6d4..912fd36f0 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -23,7 +23,7 @@ import time
 
 from ipalib import api, errors, output
 from ipalib import Command
-from ipalib import Flag, Int, List, Str, StrEnum
+from ipalib import Flag, Bool, Int, List, Str, StrEnum
 from ipalib.plugins.baseldap import *
 from ipalib import _, ngettext
 from ipalib.util import validate_zonemgr
@@ -42,6 +42,10 @@ EXAMPLES:
    ipa dnszone-add example.com --name-server nameserver.example.com
                                --admin-email admin@example.com
 
+ Modify the zone to allow dynamic updates for hosts own records in realm EXAMPLE.COM:
+   ipa dnszone-mod example.com --dynamic-update=TRUE \\
+        --update-policy="grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA;"
+
  Add new reverse zone specified by network IP address:
    ipa dnszone-add --name-from-ip 80.142.15.0/24
                    --name-server nameserver.example.com
@@ -395,18 +399,20 @@ class dnszone(LDAPObject):
             label=_('BIND update policy'),
             doc=_('BIND update policy'),
         ),
-        Flag('idnszoneactive?',
+        Bool('idnszoneactive?',
             cli_name='zone_active',
             label=_('Active zone'),
             doc=_('Is zone active?'),
             flags=['no_create', 'no_update'],
             attribute=True,
         ),
-        Flag('idnsallowdynupdate',
-            cli_name='allow_dynupdate',
+        Bool('idnsallowdynupdate?',
+            cli_name='dynamic_update',
             label=_('Dynamic update'),
             doc=_('Allow dynamic updates.'),
             attribute=True,
+            default=False,
+            autofill=True
         ),
     )
 
@@ -441,9 +447,6 @@ class dnszone_add(LDAPCreate):
             del entry_attrs['name_from_ip']
 
         entry_attrs['idnszoneactive'] = 'TRUE'
-        entry_attrs['idnsallowdynupdate'] = str(
-            entry_attrs.get('idnsallowdynupdate', False)
-        ).upper()
 
         # Check nameserver has a forward record
         nameserver = entry_attrs['idnssoamname']
@@ -495,9 +498,6 @@ class dnszone_mod(LDAPUpdate):
     def pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
         if 'name_from_ip' in entry_attrs:
             del entry_attrs['name_from_ip']
-        entry_attrs['idnsallowdynupdate'] = str(
-            entry_attrs.get('idnsallowdynupdate', False)
-        ).upper()
         return dn
 
 api.register(dnszone_mod)
diff --git a/tests/test_xmlrpc/test_dns_plugin.py b/tests/test_xmlrpc/test_dns_plugin.py
index 679f285d5..7e75a130e 100644
--- a/tests/test_xmlrpc/test_dns_plugin.py
+++ b/tests/test_xmlrpc/test_dns_plugin.py
@@ -215,7 +215,6 @@ class test_dns(Declarative):
                     'idnssoaretry': [fuzzy_digits],
                     'idnssoaexpire': [fuzzy_digits],
                     'idnssoaminimum': [fuzzy_digits],
-                    'idnsallowdynupdate': [u'FALSE'],
                 },
             },
         ),
author	Martin Kosek <mkosek@redhat.com>	2011-11-09 14:23:15 +0100
committer	Martin Kosek <mkosek@redhat.com>	2011-11-09 15:31:50 +0100
commit	843c0787b7e123801250b9a0fb5b974cd9fd7e7b (patch)
tree	da70e275d5dfa41d39f7e11f357d6e664488a8f8
parent	b5c049ae2e62f24c6dfce618b94f567671e238ea (diff)
download	freeipa-843c0787b7e123801250b9a0fb5b974cd9fd7e7b.tar.gz freeipa-843c0787b7e123801250b9a0fb5b974cd9fd7e7b.tar.xz freeipa-843c0787b7e123801250b9a0fb5b974cd9fd7e7b.zip