diff options
author | Ana Krivokapic <akrivoka@redhat.com> | 2013-06-10 18:57:08 -0400 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-06-24 14:30:06 +0200 |
commit | 91a5d3349be3a8c6044684405a4e66f4ed1dd543 (patch) | |
tree | c8d6ee3bbe7eaa81e25ab2b576f6db20345c3090 /ipalib/plugins/trust.py | |
parent | 2775dec3bec3499c69de60d5bb581ffad7615cef (diff) | |
download | freeipa-91a5d3349be3a8c6044684405a4e66f4ed1dd543.tar.gz freeipa-91a5d3349be3a8c6044684405a4e66f4ed1dd543.tar.xz freeipa-91a5d3349be3a8c6044684405a4e66f4ed1dd543.zip |
Require rid-base and secondary-rid-base in idrange-add after ipa-adtrust-install
Add a new API command 'adtrust_is_enabled', which can be used to determine
whether ipa-adtrust-install has been run on the system. This new command is not
visible in IPA CLI.
Use this command in idrange_add to conditionally require rid-base and
secondary-rid-base options.
Add tests to cover the new functionality
https://fedorahosted.org/freeipa/ticket/3634
Diffstat (limited to 'ipalib/plugins/trust.py')
-rw-r--r-- | ipalib/plugins/trust.py | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 5c9360b57..d2b58399f 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -20,12 +20,9 @@ from ipalib.plugins.baseldap import * from ipalib.plugins.dns import dns_container_exists -from ipalib import api, Str, StrEnum, Password, DefaultFrom, _, ngettext, Object -from ipalib.parameters import Enum +from ipalib import api, Str, StrEnum, Password, _, ngettext from ipalib import Command from ipalib import errors -from ipapython import ipautil -from ipalib import util try: import pysss_murmur #pylint: disable=F0401 _murmur_installed = True @@ -843,3 +840,30 @@ class trust_resolve(Command): return dict(result=result) api.register(trust_resolve) + + +class adtrust_is_enabled(Command): + NO_CLI = True + + __doc__ = _('Determine whether ipa-adtrust-install has been run on this ' + 'system') + + def execute(self, *keys, **options): + ldap = self.api.Backend.ldap2 + adtrust_dn = DN( + ('cn', 'ADTRUST'), + ('cn', api.env.host), + ('cn', 'masters'), + ('cn', 'ipa'), + ('cn', 'etc'), + api.env.basedn + ) + + try: + ldap.get_entry(adtrust_dn) + except errors.NotFound: + return dict(result=False) + + return dict(result=True) + +api.register(adtrust_is_enabled) |