diff options
author | Ondrej Hamada <ohamada@redhat.com> | 2011-12-02 13:51:35 +0100 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-12-01 18:04:30 -0500 |
commit | 8956fdbf40fab0259f65144678d1ffcc759771d9 (patch) | |
tree | 881a9d3c7ca9e64da3fcda85db2db6cacacb5dcf /ipalib/plugins/pwpolicy.py | |
parent | c3dc08b93ffc3c98cef16200752ca2d3badeccd1 (diff) | |
download | freeipa-8956fdbf40fab0259f65144678d1ffcc759771d9.tar.gz freeipa-8956fdbf40fab0259f65144678d1ffcc759771d9.tar.xz freeipa-8956fdbf40fab0259f65144678d1ffcc759771d9.zip |
Sort password policy by priority
'ipa pwpolicy-find' output is now sorted by priority of the policies.
Lower position means lower priority. Global policy is then at the bottom.
The changes has also affected LDAPSearch class in baseldap.py:
LDAPSearch class sorts the search results by primary key be default
(which is usually 'cn'). Therefor a function pointer entries_sortfn
was added. If no sorting function exists, default sorting by primary key
is used.
Sorting function had to be introduced due to the fact that pwpolicy's
primary key is also it's 'cn' and global policy is not allowed to have any
priority.
https://fedorahosted.org/freeipa/ticket/2045
Diffstat (limited to 'ipalib/plugins/pwpolicy.py')
-rw-r--r-- | ipalib/plugins/pwpolicy.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index db42bca04..2b586ec54 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -455,6 +455,18 @@ api.register(pwpolicy_show) class pwpolicy_find(LDAPSearch): __doc__ = _('Search for group password policies.') + def sort_priority(self,x,y): + # global policy will be always last in the output + if x[1]['cn'][0] == global_policy_name: + return 1 + elif y[1]['cn'][0] == global_policy_name: + return -1 + else: + # policies with higher priority will be at the beginning of the list + return cmp(int(x[1]['cospriority'][0]), int(y[1]['cospriority'][0])) + + entries_sortfn = sort_priority + def post_callback(self, ldap, entries, truncated, *args, **options): if options.get('pkey_only', False): return False |