diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-01-10 14:21:45 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-01-11 10:23:31 -0500 |
| commit | c7789199f9541844bf8c36a85311ba957a1c1dcb (patch) | |
| tree | 2c1886530bb4465e961796f25da39bcb6bab2ee5 | |
| parent | 06179dc105239496a7b0e55fc4a19ce576033565 (diff) | |
| download | freeipa-c7789199f9541844bf8c36a85311ba957a1c1dcb.tar.gz freeipa-c7789199f9541844bf8c36a85311ba957a1c1dcb.tar.xz freeipa-c7789199f9541844bf8c36a85311ba957a1c1dcb.zip | |
Fix output of failed managedby hosts, allow a host to manage itself.
The output problem was a missing label for failed managedby.
This also fixes a call to print_entry that was missing the flags argument.
Add a flag to specify whether a group can be a member of itself, defaulting
to False.
ticket 708
| -rw-r--r-- | ipalib/cli.py | 4 | ||||
| -rw-r--r-- | ipalib/plugins/baseldap.py | 3 | ||||
| -rw-r--r-- | ipalib/plugins/host.py | 5 | ||||
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 12 |
4 files changed, 18 insertions, 6 deletions
diff --git a/ipalib/cli.py b/ipalib/cli.py index 892db8081..c5fea8f28 100644 --- a/ipalib/cli.py +++ b/ipalib/cli.py @@ -360,7 +360,7 @@ class textui(backend.Backend): continue self.print_indented(format % (label, ''), indent) self.print_entry( - value, order, labels, print_all, format, + value, order, labels, flags, print_all, format, indent=indent+1 ) else: @@ -764,7 +764,7 @@ class help(frontend.Local): mcl = self._topics[t][2][topic][1] commands = self._topics[t][2][topic][2] break - + m = '%s.%s' % (self._PLUGIN_BASE_MODULE, topic) doc = (sys.modules[m].__doc__ or '').strip() diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index fbe4fcece..e7ccb7724 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -1002,6 +1002,7 @@ class LDAPAddMember(LDAPModMember): """ member_param_doc = 'comma-separated list of %s to add' member_count_out = ('%i member added.', '%i members added.') + allow_same = False has_output = ( output.Entry('result'), @@ -1039,7 +1040,7 @@ class LDAPAddMember(LDAPModMember): if not m_dn: continue try: - ldap.add_entry_to_group(m_dn, dn, attr) + ldap.add_entry_to_group(m_dn, dn, attr, allow_same=self.allow_same) except errors.PublicError, e: ldap_obj = self.api.Object[ldap_obj_name] failed[attr][ldap_obj_name].append(( diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 2abe70a12..f5dad59a9 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -133,6 +133,10 @@ host_output_params = ( ), Str('revocation_reason?', label=_('Revocation reason'), + ), + Str('managedby?', + label=_('Failed managedby'), + flags=['no_create', 'no_update'], ) ) @@ -726,6 +730,7 @@ class host_add_managedby(LDAPAddMember): """ member_attributes = ['managedby'] has_output_params = LDAPAddMember.has_output_params + host_output_params + allow_same = True api.register(host_add_managedby) diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 77133aec2..a728199eb 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -802,8 +802,14 @@ class ldap2(CrudBackend, Encoder): except _ldap.LDAPError, e: _handle_errors(e, **{}) - def add_entry_to_group(self, dn, group_dn, member_attr='member'): - """Add entry to group.""" + def add_entry_to_group(self, dn, group_dn, member_attr='member', allow_same=False): + """ + Add entry designaed by dn to group group_dn in the member attribute + member_attr. + + Adding a group as a member of itself is not allowed unless allow_same + is True. + """ # check if the entry exists (dn, entry_attrs) = self.get_entry(dn, ['objectclass']) @@ -811,7 +817,7 @@ class ldap2(CrudBackend, Encoder): (group_dn, group_entry_attrs) = self.get_entry(group_dn, [member_attr]) # check if we're not trying to add group into itself - if dn == group_dn: + if dn == group_dn and not allow_same: raise errors.SameGroupError() # add dn to group entry's `member_attr` attribute |