add command line utilites for radius profiles

author: John Dennis <jdennis@redhat.com> 2007-11-26 19:30:33 -0500
committer: John Dennis <jdennis@redhat.com> 2007-11-26 19:30:33 -0500
commit: 09238510ff0dced7998e6a1b72f450070e8c6116 (patch)
tree: 990ecb78d559c97a86e25e816d58ce7e295619f5
parent: 4f33d674188268432b3d8ef0921be0de3e6c5ef7 (diff)
download: freeipa-09238510ff0dced7998e6a1b72f450070e8c6116.tar.gz
freeipa-09238510ff0dced7998e6a1b72f450070e8c6116.tar.xz
freeipa-09238510ff0dced7998e6a1b72f450070e8c6116.zip
9 files changed, 693 insertions, 13 deletions
diff --git a/ipa-admintools/Makefile b/ipa-admintools/Makefile
index 2db506f9d..5ceb42d27 100644
--- a/ipa-admintools/Makefile
+++ b/ipa-admintools/Makefile
@@ -25,6 +25,10 @@ install:
 	install -m 755 ipa-radiusclientmod $(SBINDIR)
 	install -m 755 ipa-delradiusclient $(SBINDIR)
 	install -m 755 ipa-findradiusclient $(SBINDIR)
+	install -m 755 ipa-addradiusprofile $(SBINDIR)
+	install -m 755 ipa-radiusprofilemod $(SBINDIR)
+	install -m 755 ipa-delradiusprofile $(SBINDIR)
+	install -m 755 ipa-findradiusprofile $(SBINDIR)
 
 	@for subdir in $(SUBDIRS); do \
 		(cd $$subdir && $(MAKE) $@) || exit 1; \
diff --git a/ipa-admintools/ipa-addradiusprofile b/ipa-admintools/ipa-addradiusprofile
new file mode 100644
index 000000000..5f44d9ff4
--- /dev/null
+++ b/ipa-admintools/ipa-addradiusprofile
@@ -0,0 +1,185 @@
+#! /usr/bin/python -E
+# Authors: John Dennis <jdennis@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import sys
+import os
+from optparse import OptionParser
+import copy
+
+import ipa.ipaclient as ipaclient
+import ipa.ipautil as ipautil
+import ipa.config
+import ipa.ipaerror
+import ipa.radius_util as radius_util
+
+import xmlrpclib
+import kerberos
+import ldap
+
+#------------------------------------------------------------------------------
+
+radius_attrs = radius_util.radius_profile_attr_to_ldap_attr.keys()
+mandatory_radius_attrs = ['UID']
+
+#------------------------------------------------------------------------------
+
+def help_option_callback(option, opt_str, value, parser, *args, **kwargs):
+    parser.print_help()
+    print
+    print "Valid interative attributes are:"
+    print ipautil.format_list(radius_attrs, quote='"')
+    print
+    print "Required attributes are:"
+    print ipautil.format_list(mandatory_radius_attrs, quote='"')
+    sys.exit(0)
+
+def main():
+    pairs = {}
+
+    opt_parser = OptionParser(add_help_option=False)
+
+    opt_parser.add_option("-u", "--uid", dest="uid",
+                      help="RADIUS profile identifier")
+    opt_parser.add_option("-d", "--Description", dest="desc", 
+                      help="description of the RADIUS client")
+
+
+    opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
+                        help="detailed help information")
+    opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False,
+                      help="interactive mode, prompts with auto-completion")
+    opt_parser.add_option("-p", "--pair", dest="pairs", action='append',
+                      help="specify one or more attribute=value pair(s), value may be optionally quoted, pairs are delimited by whitespace")
+    opt_parser.add_option("-f", "--file", dest="pair_file",
+                      help="attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. Reads from stdin if file is -")
+    opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true',
+                      help="print information")
+
+    opt_parser.set_usage("Usage: %s [options] UID" % (os.path.basename(sys.argv[0])))
+
+    args = ipa.config.init_config(sys.argv)
+    options, args = opt_parser.parse_args(args)
+
+    if len(args) < 2:
+        opt_parser.error("missing UID")
+
+    uid = args[1]
+    pairs['UID'] = uid
+
+    # Get pairs from a file or stdin
+    if options.pair_file:
+        try:
+            av = radius_util.read_pairs_file(options.pair_file)
+            pairs.update(av)
+        except Exception, e:
+            print "ERROR, could not read pairs (%s)" % (e)
+
+    # Get pairs specified on the command line as a named argument
+    if options.uid: pairs['UID'] = options.uid
+    if options.desc: pairs['Description'] = options.desc
+
+    # Get pairs specified on the command line as a pair argument
+    if options.pairs:
+        for p in options.pairs:
+            av = ipautil.parse_key_value_pairs(p)
+            pairs.update(av)
+
+    # Get pairs interactively
+    if options.interactive:
+        # Remove any mandatory attriubtes which have been previously specified
+        interactive_mandatory_attrs = copy.copy(mandatory_radius_attrs)
+        for attr in pairs.keys():
+            try:
+                interactive_mandatory_attrs.remove(attr)
+            except ValueError:
+                pass
+        c = ipautil.AttributeValueCompleter(radius_attrs, pairs)
+        c.open()
+        av = c.get_pairs("Enter: ", interactive_mandatory_attrs, radius_util.validate)
+        pairs.update(av)
+        c.close()
+
+    # FIXME: validation should be moved to xmlrpc server
+
+    # Data collection done, assure mandatory data has been specified
+
+    if pairs.has_key('UID') and pairs['UID'] != uid:
+        print "ERROR, uid specified on command line (%s) does not match value found in pairs (%s)" % \
+            (uid, pairs['UID'])
+        return 1
+
+    valid = True
+    for attr in mandatory_radius_attrs:
+        if not pairs.has_key(attr):
+            valid = False
+            print "ERROR, %s is mandatory, but has not been specified" % (attr)
+    if not valid:
+        return 1
+
+    # Make sure each attribute is a member of the set of valid attributes
+    valid = True
+    for attr,value in pairs.items():
+        if attr not in radius_attrs:
+            valid = False
+            print "ERROR, %s is not a valid attribute" % (attr)
+    if not valid:
+        print "Valid attributes are:"
+        print ipautil.format_list(radius_attrs, quote='"')
+        return 1
+
+    # Makse sure each value is valid
+    valid = True
+    for attr,value in pairs.items():
+        if not radius_util.validate(attr, value):
+            valid = False
+    if not valid:
+        return 1
+
+    # Dump what we've got so far
+    if options.verbose:
+        print "Pairs:"
+        for attr,value in pairs.items():
+            print "\t%s = %s" % (attr, value)
+
+    radius_profile = radius_util.RadiusProfile()
+    for attr,value in pairs.items():
+        radius_profile.setValue(radius_util.radius_profile_attr_to_ldap_attr[attr], value)
+
+    try:
+        ipa_client = ipaclient.IPAClient()
+        ipa_client.add_radius_profile(radius_profile)
+        print "successfully added"
+    except xmlrpclib.Fault, f:
+        print f.faultString
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1
+    except xmlrpclib.ProtocolError, e:
+        print "Unable to connect to IPA server: %s" % (e.errmsg)
+        return 1
+    except ipa.ipaerror.IPAError, e:
+        print "%s" % (e.message)
+        return 1
+
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/ipa-admintools/ipa-delradiusprofile b/ipa-admintools/ipa-delradiusprofile
new file mode 100644
index 000000000..16baea4ab
--- /dev/null
+++ b/ipa-admintools/ipa-delradiusprofile
@@ -0,0 +1,77 @@
+#! /usr/bin/python -E
+# Authors: John Dennis <jdennis@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import os
+import sys
+from optparse import OptionParser
+import ipa
+import ipa.ipaclient as ipaclient
+import ipa.ipavalidate as ipavalidate
+import ipa.config
+import ipa.ipaerror
+import ipa.radius_util as radius_util
+
+import xmlrpclib
+import kerberos
+import ldap
+
+#------------------------------------------------------------------------------
+
+def help_option_callback(option, opt_str, value, parser, *args, **kwargs):
+    parser.print_help()
+    sys.exit(0)
+
+
+def main():
+    opt_parser = OptionParser(add_help_option=False)
+
+    opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
+                        help="detailed help information")
+    opt_parser.set_usage("Usage: %s [options] UID" % (os.path.basename(sys.argv[0])))
+
+    args = ipa.config.init_config(sys.argv)
+    options, args = opt_parser.parse_args(args)
+
+    if len(args) < 2:
+        opt_parser.error("missing UID")
+
+    uid = args[1]
+
+    try:
+        ipa_client = ipaclient.IPAClient()
+        ipa_client.delete_radius_profile(uid)
+        print "successfully deleted"
+    except xmlrpclib.Fault, f:
+        print f.faultString
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1
+    except xmlrpclib.ProtocolError, e:
+        print "Unable to connect to IPA server: %s" % (e.errmsg)
+        return 1
+    except ipa.ipaerror.IPAError, e:
+        print "%s" % (e.message)
+        return 1
+
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/ipa-admintools/ipa-findradiusprofile b/ipa-admintools/ipa-findradiusprofile
new file mode 100644
index 000000000..6fd5b466d
--- /dev/null
+++ b/ipa-admintools/ipa-findradiusprofile
@@ -0,0 +1,104 @@
+#! /usr/bin/python -E
+# Authors: John Dennis <jdennis@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import os
+import sys
+from optparse import OptionParser
+import ipa
+from ipa import radius_util
+import ipa.ipaclient as ipaclient
+import ipa.ipavalidate as ipavalidate
+import ipa.config
+import ipa.ipaerror
+import ipa.ipautil
+
+import xmlrpclib
+import kerberos
+import ldap
+
+#------------------------------------------------------------------------------
+
+attrs = radius_util.radius_profile_ldap_attr_to_radius_attr.keys()
+
+#------------------------------------------------------------------------------
+
+def parse_options():
+    return options, args
+
+#------------------------------------------------------------------------------
+
+# FIXME
+def help_option_callback(option, opt_str, value, parser, *args, **kwargs):
+    parser.print_help()
+    print
+    print "Note: UID may contain wildcards, to get all profiles use '*'"
+    sys.exit(0)
+
+def main():
+    opt_parser = OptionParser(add_help_option=False)
+    opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
+                        help="detailed help information")
+
+    args = ipa.config.init_config(sys.argv)
+    options, args = opt_parser.parse_args(args)
+
+    opt_parser.set_usage("Usage: %s [options] UID [UID ...]" % (os.path.basename(sys.argv[0])))
+
+    if len(args) < 2:
+        opt_parser.error("missing UID(es)")
+
+    uids = args[1:]
+
+    try:
+        ipa_client = ipaclient.IPAClient()
+        radius_profiles = ipa_client.find_radius_profiles(uids, sattrs=attrs)
+        counter = radius_profiles[0]
+        radius_profiles = radius_profiles[1:]
+
+        if counter == 0:
+            print "No entries found for", uids
+            return 2
+
+        for radius_profile in radius_profiles:
+            profile_attrs = radius_profile.attrList()
+            profile_attrs.sort()
+            
+            print "%s:" % radius_profile.getValues(radius_util.radius_profile_attr_to_ldap_attr['UID'])
+            for attr in profile_attrs:
+                value = radius_profile.getValues(attr)
+                print "\t%s = %s" % (radius_util.radius_profile_ldap_attr_to_radius_attr[attr], value)
+
+    except xmlrpclib.Fault, f:
+        print f.faultString
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1
+    except xmlrpclib.ProtocolError, e:
+        print "Unable to connect to IPA server: %s" % (e.errmsg)
+        return 1
+    except ipa.ipaerror.IPAError, e:
+        print "%s" % (e.message)
+        return 1
+
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/ipa-admintools/ipa-radiusprofilemod b/ipa-admintools/ipa-radiusprofilemod
new file mode 100644
index 000000000..7b441a31f
--- /dev/null
+++ b/ipa-admintools/ipa-radiusprofilemod
@@ -0,0 +1,207 @@
+#! /usr/bin/python -E
+# Authors: John Dennis <jdennis@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import sys
+import os
+from optparse import OptionParser
+import copy
+
+import ipa.ipaclient as ipaclient
+import ipa.ipautil as ipautil
+import ipa.config
+import ipa.ipaerror
+import ipa.radius_util as radius_util
+
+import xmlrpclib
+import kerberos
+import ldap
+
+#------------------------------------------------------------------------------
+
+radius_attrs = radius_util.radius_profile_attr_to_ldap_attr.keys()
+mandatory_radius_attrs = ['UID']
+
+#------------------------------------------------------------------------------
+
+def help_option_callback(option, opt_str, value, parser, *args, **kwargs):
+    parser.print_help()
+    print
+    print "Valid interative attributes are:"
+    print ipautil.format_list(radius_attrs, quote='"')
+    print
+    print "Required attributes are:"
+    print ipautil.format_list(mandatory_radius_attrs, quote='"')
+    sys.exit(0)
+
+def main():
+    pairs = {}
+
+    opt_parser = OptionParser(add_help_option=False)
+
+    opt_parser.add_option("-u", "--uid", dest="uid",
+                      help="RADIUS profile identifier")
+    opt_parser.add_option("-s", "--shared", dest="shared", default=False, action='store_true',
+                      help="profile is shared")
+    opt_parser.add_option("-d", "--Description", dest="desc", 
+                      help="description of the RADIUS client")
+
+    opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
+                        help="detailed help information")
+    opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False,
+                      help="interactive mode, prompts with auto-completion")
+    opt_parser.add_option("-p", "--pair", dest="pairs", action='append',
+                      help="specify one or more attribute=value pair(s), value may be optionally quoted, pairs are delimited by whitespace")
+    opt_parser.add_option("-f", "--file", dest="pair_file",
+                      help="attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. Reads from stdin if file is -")
+    opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true',
+                      help="print information")
+
+    opt_parser.set_usage("Usage: %s [options] Client-IP-Address" % (os.path.basename(sys.argv[0])))
+
+    args = ipa.config.init_config(sys.argv)
+    options, args = opt_parser.parse_args(args)
+
+    if len(args) < 2:
+        opt_parser.error("missing uid")
+
+    uid = args[1]
+    pairs['UID'] = uid
+
+    user_profile = not options.shared
+
+    # Verify profile previously exists and get current values
+    radius_profile = radius_util.RadiusClient()
+    ipa_client = ipaclient.IPAClient()
+    try:
+        radius_profile = ipa_client.get_radius_profile_by_uid(uid, user_profile)
+    except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND):
+        print "profile %s not found" % uid
+        return 1
+    except ipa.ipaerror.IPAError, e:
+        print "%s" % e.message
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1
+
+    # Populate the pair list with pre-existing values
+    for attr in radius_attrs:
+        value = radius_profile.getValues(radius_util.radius_profile_attr_to_ldap_attr[attr])
+        if value is None: continue
+        pairs[attr] = value
+
+    # Get pairs from a file or stdin
+    if options.pair_file:
+        try:
+            av = radius_util.read_pairs_file(options.pair_file)
+            pairs.update(av)
+        except Exception, e:
+            print "ERROR, could not read pairs (%s)" % (e)
+
+    # Get pairs specified on the command line as a named argument
+    if options.uid is not None: pairs['UID'] = options.uid
+    if options.desc is not None: pairs['Description'] = options.desc
+
+    # Get pairs specified on the command line as a pair argument
+    if options.pairs:
+        for p in options.pairs:
+            av = ipautil.parse_key_value_pairs(p)
+            pairs.update(av)
+
+    # Get pairs interactively
+    if options.interactive:
+        # Remove any mandatory attriubtes which have been previously specified
+        interactive_mandatory_attrs = copy.copy(mandatory_radius_attrs)
+        for attr in pairs.keys():
+            try:
+                interactive_mandatory_attrs.remove(attr)
+            except ValueError:
+                pass
+        c = ipautil.AttributeValueCompleter(radius_attrs, pairs)
+        c.open()
+        av = c.get_pairs("Enter: ", interactive_mandatory_attrs, radius_util.validate)
+        pairs.update(av)
+        c.close()
+
+    # FIXME: validation should be moved to xmlrpc server
+
+    # Data collection done, assure mandatory data has been specified
+
+    if pairs.has_key('UID') and pairs['UID'] != uid:
+        print "ERROR, uid specified on command line (%s) does not match value found in pairs (%s)" % \
+            (uid, pairs['UID'])
+        return 1
+
+    valid = True
+    for attr in mandatory_radius_attrs:
+        if not pairs.has_key(attr):
+            valid = False
+            print "ERROR, %s is mandatory, but has not been specified" % (attr)
+    if not valid:
+        return 1
+
+    # Make sure each attribute is a member of the set of valid attributes
+    valid = True
+    for attr,value in pairs.items():
+        if attr not in radius_attrs:
+            valid = False
+            print "ERROR, %s is not a valid attribute" % (attr)
+    if not valid:
+        print "Valid attributes are:"
+        print ipautil.format_list(radius_attrs, quote='"')
+        return 1
+
+    # Makse sure each value is valid
+    valid = True
+    for attr,value in pairs.items():
+        if not radius_util.validate(attr, value):
+            valid = False
+    if not valid:
+        return 1
+
+    # Dump what we've got so far
+    if options.verbose:
+        print "Pairs:"
+        for attr,value in pairs.items():
+            print "\t%s = %s" % (attr, value)
+
+    for attr,value in pairs.items():
+        radius_profile.setValue(radius_util.radius_profile_attr_to_ldap_attr[attr], value)
+
+    try:
+        ipa_client.update_radius_profile(radius_profile)
+        print "successfully modified"
+    except xmlrpclib.Fault, f:
+        print f.faultString
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1
+    except xmlrpclib.ProtocolError, e:
+        print "Unable to connect to IPA server: %s" % (e.errmsg)
+        return 1
+    except ipa.ipaerror.IPAError, e:
+        print "%s" % (e.message)
+        return 1
+
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index fab337752..7a140308a 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -338,7 +338,7 @@ class IPAClient:
         result = self.transport.get_radius_client_by_ip_addr(ip_addr, container, sattrs)
         return radius_util.RadiusClient(result)
 
-    def add_radius_client(self,client, container=None):
+    def add_radius_client(self, client, container=None):
         client_dict = client.toDict()
 
         # dn is set on the server-side
@@ -348,7 +348,7 @@ class IPAClient:
         result = self.transport.add_radius_client(client_dict, container)
         return result
 
-    def update_radius_client(self,client):
+    def update_radius_client(self, client):
         result = self.transport.update_radius_client(client.origDataDict(), client.toDict())
         return result
 
@@ -366,3 +366,35 @@ class IPAClient:
 
         return users
 
+    def get_radius_profile_by_uid(self, uid, user_profile=None, sattrs=None):
+        result = self.transport.get_radius_profile_by_uid(uid, user_profile, sattrs)
+        return radius_util.RadiusClient(result)
+
+    def add_radius_profile(self, profile, user_profile=None):
+        profile_dict = profile.toDict()
+
+        # dn is set on the server-side
+        del profile_dict['dn']
+
+        # convert to a regular dict before sending
+        result = self.transport.add_radius_profile(profile_dict, user_profile)
+        return result
+
+    def update_radius_profile(self, profile):
+        result = self.transport.update_radius_profile(profile.origDataDict(), profile.toDict())
+        return result
+
+    def delete_radius_profile(self, ip_addr, user_profile=None):
+        return self.transport.delete_radius_profile(ip_addr, user_profile)
+
+    def find_radius_profiles(self, criteria, user_profile=None, sattrs=None, searchlimit=0, timelimit=-1):
+        result = self.transport.find_radius_profiles(criteria, user_profile, sattrs, searchlimit, timelimit)
+        counter = result[0]
+
+        users = [counter]
+        for attrs in result[1:]:
+            if attrs is not None:
+                users.append(user.User(attrs))
+
+        return users
+
diff --git a/ipa-python/radius_util.py b/ipa-python/radius_util.py
index 24eb949ab..e502fecec 100644
--- a/ipa-python/radius_util.py
+++ b/ipa-python/radius_util.py
@@ -140,7 +140,8 @@ radius_client_attr_to_ldap_attr = reverse_map_dict(radius_client_ldap_attr_to_ra
 
 #------------------------------------------------------------------------------
 
-radius_profile_ldap_attr_to_radius_attr = {
+radius_profile_ldap_attr_to_radius_attr = ipautil.CIDict({
+    'uid'                           : 'UID',
     'radiusArapFeatures'            : 'Arap-Features',
     'radiusArapSecurity'            : 'Arap-Security',
     'radiusArapZoneAccess'          : 'Arap-Zone-Access',
@@ -200,7 +201,7 @@ radius_profile_ldap_attr_to_radius_attr = {
     'radiusTunnelType'              : 'Tunnel-Type',
     'radiusUserCategory'            : 'User-Category',
     'radiusVSA'                     : 'VSA',
-}
+})
 
 radius_profile_attr_to_ldap_attr = reverse_map_dict(radius_profile_ldap_attr_to_radius_attr)
 
diff --git a/ipa-python/rpcclient.py b/ipa-python/rpcclient.py
index 531bf72bf..ed23015e1 100644
--- a/ipa-python/rpcclient.py
+++ b/ipa-python/rpcclient.py
@@ -594,7 +594,7 @@ class RPCClient:
 
 # radius support
 
-    def get_radius_client_by_ip_addr(self,ip_addr, container, sattrs=None):
+    def get_radius_client_by_ip_addr(self, ip_addr, container, sattrs=None):
         server = self.setup_server()
         if container is None: container = "__NONE__"
         if sattrs is None: sattrs = "__NONE__"
@@ -607,7 +607,7 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
-    def add_radius_client(self,client, container=None):
+    def add_radius_client(self, client, container=None):
         server = self.setup_server()
 
         if container is None: container = "__NONE__"
@@ -621,7 +621,7 @@ class RPCClient:
 
         return ipautil.unwrap_binary_data(result)
 
-    def update_radius_client(self,oldclient,newclient):
+    def update_radius_client(self, oldclient, newclient):
         server = self.setup_server()
     
         try:
@@ -635,7 +635,7 @@ class RPCClient:
         return ipautil.unwrap_binary_data(result)
 
         
-    def delete_radius_client(self,ip_addr, container=None):
+    def delete_radius_client(self, ip_addr, container=None):
         server = self.setup_server()
         if container is None: container = "__NONE__"
     
@@ -663,3 +663,72 @@ class RPCClient:
     
         return ipautil.unwrap_binary_data(result)
 
+    def get_radius_profile_by_uid(self, ip_addr, user_profile, sattrs=None):
+        server = self.setup_server()
+        if user_profile is None: user_profile = "__NONE__"
+        if sattrs is None: sattrs = "__NONE__"
+        try:
+            result = server.get_radius_profile_by_uid(ip_addr, user_profile, sattrs)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def add_radius_profile(self, profile, user_profile=None):
+        server = self.setup_server()
+
+        if user_profile is None: user_profile = "__NONE__"
+
+        try:
+            result = server.add_radius_profile(ipautil.wrap_binary_data(profile), user_profile)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def update_radius_profile(self, oldprofile, newprofile):
+        server = self.setup_server()
+    
+        try:
+            result = server.update_radius_profile(ipautil.wrap_binary_data(oldprofile),
+                                                 ipautil.wrap_binary_data(newprofile))
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+        
+    def delete_radius_profile(self, ip_addr, user_profile=None):
+        server = self.setup_server()
+        if user_profile is None: user_profile = "__NONE__"
+    
+        try:
+            result = server.delete_radius_profile(ip_addr, user_profile)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)
+
+    def find_radius_profiles(self, criteria, user_profile=None, sattrs=None, searchlimit=0, timelimit=-1):
+        server = self.setup_server()
+        if user_profile is None: user_profile = "__NONE__"
+        try:
+            # None values are not allowed in XML-RPC
+            if sattrs is None:
+                sattrs = "__NONE__"
+            result = server.find_radius_profiles(criteria, user_profile, sattrs, searchlimit, timelimit)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+    
+        return ipautil.unwrap_binary_data(result)
+
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py
index aa557f79c..de9b265e3 100644
--- a/ipa-server/xmlrpc-server/funcs.py
+++ b/ipa-server/xmlrpc-server/funcs.py
@@ -574,8 +574,10 @@ class IPAServer:
         except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND):
             return False
 
-    def add_radius_profile (self, uid, user_profile=True, opts=None):
-        if self.__radius_profile_exists(profile['uid'], user_profile, opts):
+    def add_radius_profile (self, profile, user_profile=True, opts=None):
+        uid = profile['uid']
+
+        if self.__radius_profile_exists(uid, user_profile, opts):
             raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE)
 
         if user_profile:
@@ -587,7 +589,7 @@ class IPAServer:
         entry = ipaserver.ipaldap.Entry(dn)
 
         # some required objectclasses
-        entry.setValues('objectClass', 'top', 'radiusClientProfile')
+        entry.setValues('objectClass', 'top', 'radiusprofile')
 
         # fill in our new entry with everything sent by the profile
         for attr in profile:
@@ -631,8 +633,7 @@ class IPAServer:
         else:
             container = radius_util.profiles_container
 
-        uid = self.__safe_filter(uid)
-        filter = gen_filter('radiusClientProfile' 'uid', uids)
+        filter = gen_filter('radiusprofile', 'uid', uids)
         basedn="%s,%s" % (container, self.basedn)
         conn = self.getConnection(opts)
         try:
author	John Dennis <jdennis@redhat.com>	2007-11-26 19:30:33 -0500
committer	John Dennis <jdennis@redhat.com>	2007-11-26 19:30:33 -0500
commit	09238510ff0dced7998e6a1b72f450070e8c6116 (patch)
tree	990ecb78d559c97a86e25e816d58ce7e295619f5
parent	4f33d674188268432b3d8ef0921be0de3e6c5ef7 (diff)
download	freeipa-09238510ff0dced7998e6a1b72f450070e8c6116.tar.gz freeipa-09238510ff0dced7998e6a1b72f450070e8c6116.tar.xz freeipa-09238510ff0dced7998e6a1b72f450070e8c6116.zip