diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2015-05-07 21:26:24 -0400 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-06-04 08:27:33 +0000 |
| commit | c09bd35e7c081e968d40ecbd52177446f422d532 (patch) | |
| tree | eb646bc28d8978d40c1866439d72e9c816d6d11c /ipalib/plugins/service.py | |
| parent | b24fe0eb733c68af4042cdd78fca6f609efe843b (diff) | |
| download | freeipa-c09bd35e7c081e968d40ecbd52177446f422d532.tar.gz freeipa-c09bd35e7c081e968d40ecbd52177446f422d532.tar.xz freeipa-c09bd35e7c081e968d40ecbd52177446f422d532.zip | |
Add generic split_any_principal method
There exist methods to split user or service/host principals, but
there is no method to split any kind of principal and allow the
caller to decide what to do.
Generalize ``ipalib.plugins.service.split_principal`` to return a
service of ``None`` if the principal is a user principal, rename it
``split_any_principal`` and reimplement ``split_principal`` to
preserve existing behaviour.
Part of: https://fedorahosted.org/freeipa/ticket/4938
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipalib/plugins/service.py')
| -rw-r--r-- | ipalib/plugins/service.py | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index 2d34eac7d..166d978a2 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -185,19 +185,24 @@ _ticket_flags_map = { _ticket_flags_default = _ticket_flags_map['ipakrbrequirespreauth'] -def split_principal(principal): +def split_any_principal(principal): service = hostname = realm = None # Break down the principal into its component parts, which may or # may not include the realm. sp = principal.split('/') - if len(sp) != 2: - raise errors.MalformedServicePrincipal(reason=_('missing service')) + name_and_realm = None + if len(sp) > 2: + raise errors.MalformedServicePrincipal(reason=_('unable to determine service')) + elif len(sp) == 2: + service = sp[0] + if len(service) == 0: + raise errors.MalformedServicePrincipal(reason=_('blank service')) + name_and_realm = sp[1] + else: + name_and_realm = sp[0] - service = sp[0] - if len(service) == 0: - raise errors.MalformedServicePrincipal(reason=_('blank service')) - sr = sp[1].split('@') + sr = name_and_realm.split('@') if len(sr) > 2: raise errors.MalformedServicePrincipal( reason=_('unable to determine realm')) @@ -212,7 +217,13 @@ def split_principal(principal): realm = api.env.realm # Note that realm may be None. - return (service, hostname, realm) + return service, hostname, realm + +def split_principal(principal): + service, name, realm = split_any_principal(principal) + if service is None: + raise errors.MalformedServicePrincipal(reason=_('missing service')) + return service, name, realm def validate_principal(ugettext, principal): (service, hostname, principal) = split_principal(principal) |