diff options
author | rcritten@redhat.com <rcritten@redhat.com> | 2007-10-02 16:56:51 -0400 |
---|---|---|
committer | rcritten@redhat.com <rcritten@redhat.com> | 2007-10-02 16:56:51 -0400 |
commit | 6aa72b44e42ac02487d5dcd08a67940e10dd1ac6 (patch) | |
tree | 4f0421e3a761e0d7eb77db32260990394a0b6aa0 /ipa-server/xmlrpc-server/funcs.py | |
parent | cfac4acf9fb152d685e342bd5adabb5ec2fa2c74 (diff) | |
download | freeipa-6aa72b44e42ac02487d5dcd08a67940e10dd1ac6.tar.gz freeipa-6aa72b44e42ac02487d5dcd08a67940e10dd1ac6.tar.xz freeipa-6aa72b44e42ac02487d5dcd08a67940e10dd1ac6.zip |
Do group operations based on the group DN, not the CN
Add new class of errors for connections
Raise an exception if a connection cannot be made due to missing ccache
Diffstat (limited to 'ipa-server/xmlrpc-server/funcs.py')
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 61 |
1 files changed, 30 insertions, 31 deletions
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index de089b618..129e8f9b6 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -165,16 +165,15 @@ class IPAServer: bindcert = None bindkey = None port = self.port -# Fallback to use proxy authentication. We no longer support this method -# else: -# bindca = self.bindca -# bindcert = self.bindcert -# bindkey = self.bindkey -# port = self.sslport else: - return None + raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CCACHE) - return _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug) + conn = _LDAPPool.getConn(self.host,port,bindca,bindcert,bindkey,proxy_dn,krbccache,debug) + + if conn is None: + raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CONN) + + return conn def releaseConnection(self, conn): global _LDAPPool @@ -740,11 +739,11 @@ class IPAServer: return groups - def add_member_to_group(self, member_dn, group_cn, opts=None): + def add_member_to_group(self, member_dn, group_dn, opts=None): """Add a member to an existing group. """ - old_group = self.get_group_by_cn(group_cn, None, opts) + old_group = self.get_group_by_dn(group_dn, None, opts) if old_group is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) new_group = copy.deepcopy(old_group) @@ -765,7 +764,7 @@ class IPAServer: raise return ret - def add_members_to_group(self, member_dns, group_cn, opts=None): + def add_members_to_group(self, member_dns, group_dn, opts=None): """Given a list of dn's, add them to the group cn denoted by group Returns a list of the member_dns that were not added to the group. """ @@ -777,7 +776,7 @@ class IPAServer: for member_dn in member_dns: try: - self.add_member_to_group(member_dn, group_cn, opts) + self.add_member_to_group(member_dn, group_dn, opts) except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): # User is already in the group failed.append(member_dn) @@ -787,11 +786,11 @@ class IPAServer: return failed - def remove_member_from_group(self, member_dn, group_cn, opts=None): + def remove_member_from_group(self, member_dn, group_dn, opts=None): """Remove a member_dn from an existing group. """ - old_group = self.get_group_by_cn(group_cn, None, opts) + old_group = self.get_group_by_dn(group_dn, None, opts) if old_group is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) new_group = copy.deepcopy(old_group) @@ -816,7 +815,7 @@ class IPAServer: raise return ret - def remove_members_from_group(self, member_dns, group_cn, opts=None): + def remove_members_from_group(self, member_dns, group_dn, opts=None): """Given a list of member dn's remove them from the group. Returns a list of the members not removed from the group. """ @@ -828,7 +827,7 @@ class IPAServer: for member_dn in member_dns: try: - self.remove_member_from_group(member_dn, group_cn, opts) + self.remove_member_from_group(member_dn, group_dn, opts) except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): # member is not in the group failed.append(member_dn) @@ -838,7 +837,7 @@ class IPAServer: return failed - def add_user_to_group(self, user_uid, group_cn, opts=None): + def add_user_to_group(self, user_uid, group_dn, opts=None): """Add a user to an existing group. """ @@ -846,9 +845,9 @@ class IPAServer: if user is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - return self.add_member_to_group(user['dn'], group_cn, opts) + return self.add_member_to_group(user['dn'], group_dn, opts) - def add_users_to_group(self, user_uids, group_cn, opts=None): + def add_users_to_group(self, user_uids, group_dn, opts=None): """Given a list of user uid's add them to the group cn denoted by group Returns a list of the users were not added to the group. """ @@ -860,7 +859,7 @@ class IPAServer: for user_uid in user_uids: try: - self.add_user_to_group(user_uid, group_cn, opts) + self.add_user_to_group(user_uid, group_dn, opts) except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): # User is already in the group failed.append(user_uid) @@ -870,7 +869,7 @@ class IPAServer: return failed - def remove_user_from_group(self, user_uid, group_cn, opts=None): + def remove_user_from_group(self, user_uid, group_dn, opts=None): """Remove a user from an existing group. """ @@ -878,9 +877,9 @@ class IPAServer: if user is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - return self.remove_member_from_group(user['dn'], group_cn, opts) + return self.remove_member_from_group(user['dn'], group_dn, opts) - def remove_users_from_group(self, user_uids, group_cn, opts=None): + def remove_users_from_group(self, user_uids, group_dn, opts=None): """Given a list of user uid's remove them from the group Returns a list of the user uids not removed from the group. """ @@ -892,7 +891,7 @@ class IPAServer: for user_uid in user_uids: try: - self.remove_user_from_group(user_uid, group_cn, opts) + self.remove_user_from_group(user_uid, group_dn, opts) except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): # User is not in the group failed.append(user_uid) @@ -956,14 +955,14 @@ class IPAServer: """Update a group in LDAP""" return self.__update_entry(oldgroup, newgroup, opts) - def delete_group (self, group_cn, opts=None): + def delete_group (self, group_dn, opts=None): """Delete a group - group_cn is the cn of the group to delete + group_dn is the DN of the group to delete The memberOf plugin handles removing the group from any other groups. """ - group = self.get_group_by_cn(group_cn, ['dn', 'cn'], opts) + group = self.get_group_by_dn(group_dn, ['dn', 'cn'], opts) if len(group) != 1: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) @@ -977,16 +976,16 @@ class IPAServer: def add_group_to_group(self, group, tgroup, opts=None): """Add a user to an existing group. - group is a cn of the group to add - tgroup is the cn of the group to be added to + group is a DN of the group to add + tgroup is the DN of the target group to be added to """ - old_group = self.get_group_by_cn(tgroup, None, opts) + old_group = self.get_group_by_dn(tgroup, None, opts) if old_group is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) new_group = copy.deepcopy(old_group) - group_dn = self.get_group_by_cn(group, ['dn', 'cn', 'objectclass'], opts) + group_dn = self.get_group_by_dn(group, ['dn', 'cn', 'objectclass'], opts) if group_dn is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) |