diff options
author | Ana Krivokapic <akrivoka@redhat.com> | 2013-04-12 17:38:09 +0200 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2013-04-12 14:07:55 -0400 |
commit | b8b573a966f4be268031ccca5abce09767928ff7 (patch) | |
tree | 8f0e2b55e7ff18c4ba4274153fbc3ac8d80e42f1 /ipalib/plugins/hbactest.py | |
parent | d03255571c9d4c81d92c692fd0b6db6539856cf8 (diff) | |
download | freeipa-b8b573a966f4be268031ccca5abce09767928ff7.tar.gz freeipa-b8b573a966f4be268031ccca5abce09767928ff7.tar.xz freeipa-b8b573a966f4be268031ccca5abce09767928ff7.zip |
Deprecate HBAC source hosts from CLI
Hide the commands and options listed below from the CLI,
but keep them in the API. When called directly from the API,
raise appropriate exceptions informing the user that the
functionality has been deprecated.
Affected commands: hbacrule_add_sourcehost, hbacrule_remove_sourcehost.
Affected options: sourcehostcategory, sourcehost_host and
sourcehost_hostgroup (hbacrule); sourcehost (hbactest).
https://fedorahosted.org/freeipa/ticket/3528
Diffstat (limited to 'ipalib/plugins/hbactest.py')
-rw-r--r-- | ipalib/plugins/hbactest.py | 26 |
1 files changed, 3 insertions, 23 deletions
diff --git a/ipalib/plugins/hbactest.py b/ipalib/plugins/hbactest.py index 25c64ea4d..eeb0281f5 100644 --- a/ipalib/plugins/hbactest.py +++ b/ipalib/plugins/hbactest.py @@ -18,7 +18,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. from ipalib import api, errors, output, util -from ipalib import Command, Str, Flag, Int +from ipalib import Command, Str, Flag, Int, DeprecatedParam from types import NoneType from ipalib.cli import to_cli from ipalib import _, ngettext @@ -255,10 +255,7 @@ class hbactest(Command): label=_('User name'), primary_key=True, ), - Str('sourcehost?', - cli_name='srchost', - label=_('Source host'), - ), + DeprecatedParam('sourcehost?'), Str('targethost', cli_name='host', label=_('Target host'), @@ -304,7 +301,7 @@ class hbactest(Command): def execute(self, *args, **options): # First receive all needed information: # 1. HBAC rules (whether enabled or disabled) - # 2. Required options are (user, source host, target host, service) + # 2. Required options are (user, target host, service) # 3. Options: rules to test (--rules, --enabled, --disabled), request for detail output rules = [] @@ -436,21 +433,6 @@ class hbactest(Command): except: pass - if options.get('sourcehost'): - warning_flag = True - if options['sourcehost'] != u'all': - try: - request.srchost.name = self.canonicalize(options['sourcehost']) - srchost_result = self.api.Command.host_show(request.srchost.name)['result'] - groups = srchost_result['memberof_hostgroup'] - if 'memberofindirect_hostgroup' in srchost_result: - groups += srchost_result['memberofindirect_hostgroup'] - request.srchost.groups = sorted(set(groups)) - except: - pass - else: - warning_flag = False - if options['targethost'] != u'all': try: request.targethost.name = self.canonicalize(options['targethost']) @@ -477,8 +459,6 @@ class hbactest(Command): matched_rules.append(ipa_rule.name) if res == pyhbac.HBAC_EVAL_DENY: notmatched_rules.append(ipa_rule.name) - if warning_flag: - warning_rules.append(_(u'Sourcehost value of rule "%s" is ignored') % (ipa_rule.name)) except pyhbac.HbacError as (code, rule_name): if code == pyhbac.HBAC_EVAL_ERROR: error_rules.append(rule_name) |