diff options
author | Alexander Bokovoy <abokovoy@redhat.com> | 2014-01-15 15:42:10 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-01-15 16:19:26 +0100 |
commit | 0cad0fa1116cf3d23a6a44225d05e4956e3c4d95 (patch) | |
tree | 49fdbcb982e03b30084a144e327bdf7f47a8533b /ipalib | |
parent | 0e2cda9da79b58fc67434d262155e86b718125e4 (diff) | |
download | freeipa-0cad0fa1116cf3d23a6a44225d05e4956e3c4d95.tar.gz freeipa-0cad0fa1116cf3d23a6a44225d05e4956e3c4d95.tar.xz freeipa-0cad0fa1116cf3d23a6a44225d05e4956e3c4d95.zip |
trustdomain-find: report status of the (sub)domain
Show status of each enumerated domain
trustdomain-find shows list of domains associated with the trust.
Each domain except the trust forest root can be enabled or disabled
with the help of trustdomain-enable and trustdomain-disable commands.
https://fedorahosted.org/freeipa/ticket/4096
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/plugins/trust.py | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index a16c23083..3d412c9c9 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -21,7 +21,7 @@ from ipalib.plugins.baseldap import * from ipalib.plugins.dns import dns_container_exists from ipapython.ipautil import realm_to_suffix -from ipalib import api, Str, StrEnum, Password, _, ngettext +from ipalib import api, Str, StrEnum, Password, Bool, _, ngettext from ipalib import Command from ipalib import errors from ldap import SCOPE_SUBTREE @@ -1183,8 +1183,24 @@ api.register(trustdomain) class trustdomain_find(LDAPSearch): __doc__ = _('Search domains of the trust') + has_output_params = LDAPSearch.has_output_params + ( + Flag('domain_enabled', label= _('Domain enabled')), + ) def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options): return (filters, base_dn, ldap.SCOPE_SUBTREE) + + def post_callback(self, ldap, entries, truncated, *args, **options): + trust_dn = self.obj.get_dn(args[0], trust_type=u'ad') + trust_entry = ldap.get_entry(trust_dn) + for entry in entries: + sid = entry['ipanttrusteddomainsid'][0] + if sid in trust_entry['ipantsidblacklistincoming']: + entry['domain_enabled'] = [False] + else: + entry['domain_enabled'] = [True] + return truncated + + api.register(trustdomain_find) class trustdomain_mod(LDAPUpdate): |