Create pkey-only option for find commands

New option --pkey-only is available for all LDAPSearch based classes with primary key visible in the output. This option makes LDAPSearch commands search for primary attribute only. This may be useful when manipulating large data sets. User can at first retrieve all primary keys in a relatively small data package and then run further commands with retrieved primary keys. https://fedorahosted.org/freeipa/ticket/1262
author: Martin Kosek <mkosek@redhat.com> 2011-10-26 11:12:38 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2011-10-27 14:17:51 +0000
commit: a486f49a3726934f99763cc6ae93a41dafc40deb (patch)
tree: 23063e2a18b0fa2ff0a6aeafaee22d642cb759f6 /ipalib
parent: 52981883aba2a2ce7a0152c50ad94201f327f411 (diff)
download: freeipa-a486f49a3726934f99763cc6ae93a41dafc40deb.tar.gz
freeipa-a486f49a3726934f99763cc6ae93a41dafc40deb.tar.xz
freeipa-a486f49a3726934f99763cc6ae93a41dafc40deb.zip
7 files changed, 23 insertions, 1 deletions
diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py
index 20f23c2e0..88f312998 100644
--- a/ipalib/plugins/baseldap.py
+++ b/ipalib/plugins/baseldap.py
@@ -1465,6 +1465,13 @@ class LDAPSearch(CallbackInterface, crud.Search):
     def get_options(self):
         for option in super(LDAPSearch, self).get_options():
             yield option
+        if self.obj.primary_key and \
+                'no_output' not in self.obj.primary_key.flags:
+            yield Flag('pkey_only?',
+                       label=_('Primary key only'),
+                       doc=_('Results should contain primary key attribute only ("%s")') \
+                               % to_cli(self.obj.primary_key.cli_name),
+                      )
         for attr in self.member_attributes:
             for ldap_obj_name in self.obj.attribute_members[attr]:
                 ldap_obj = self.api.Object[ldap_obj_name]
@@ -1539,7 +1546,10 @@ class LDAPSearch(CallbackInterface, crud.Search):
             defattrs = self.obj.search_display_attributes
         else:
             defattrs = self.obj.default_attributes
-        if options.get('all', False):
+
+        if options.get('pkey_only', False):
+            attrs_list = [self.obj.primary_key.name]
+        elif options.get('all', False):
             attrs_list = ['*'] + defattrs
         else:
             attrs_list = list(
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 52907eebe..0f3f91565 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -721,6 +721,8 @@ class host_find(LDAPSearch):
         return (filter.replace('locality', 'l'), base_dn, scope)
 
     def post_callback(self, ldap, entries, truncated, *args, **options):
+        if options.get('pkey_only', False):
+            return
         for entry in entries:
             (dn, entry_attrs) = entry
             set_certificate_attrs(entry_attrs)
diff --git a/ipalib/plugins/hostgroup.py b/ipalib/plugins/hostgroup.py
index 4e6dbbdae..28e3ef5dd 100644
--- a/ipalib/plugins/hostgroup.py
+++ b/ipalib/plugins/hostgroup.py
@@ -178,6 +178,8 @@ class hostgroup_find(LDAPSearch):
     )
 
     def post_callback(self, ldap, entries, truncated, *args, **options):
+        if options.get('pkey_only', False):
+            return
         for entry in entries:
             (dn, entry_attrs) = entry
             self.obj.suppress_netgroup_memberof(dn, entry_attrs)
diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py
index 24d57c46d..e51e3b859 100644
--- a/ipalib/plugins/permission.py
+++ b/ipalib/plugins/permission.py
@@ -352,6 +352,8 @@ class permission_find(LDAPSearch):
     has_output_params = LDAPSearch.has_output_params + output_params
 
     def post_callback(self, ldap, entries, truncated, *args, **options):
+        if options.get('pkey_only', False):
+            return
         for entry in entries:
             (dn, attrs) = entry
             try:
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py
index f261de562..6c5e6c56b 100644
--- a/ipalib/plugins/pwpolicy.py
+++ b/ipalib/plugins/pwpolicy.py
@@ -458,6 +458,8 @@ class pwpolicy_find(LDAPSearch):
     __doc__ = _('Search for group password policies.')
 
     def post_callback(self, ldap, entries, truncated, *args, **options):
+        if options.get('pkey_only', False):
+            return False
         for e in entries:
             # attribute rights are not allowed for pwpolicy_find
             self.obj.add_cospriority(e[1], e[1]['cn'][0], rights=False)
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py
index 87d25d6bb..048a6b4f0 100644
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@@ -373,6 +373,8 @@ class service_find(LDAPSearch):
         )
 
     def post_callback(self, ldap, entries, truncated, *args, **options):
+        if options.get('pkey_only', False):
+            return
         for entry in entries:
             (dn, entry_attrs) = entry
             self.obj.get_password_attributes(ldap, dn, entry_attrs)
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 35866d6e9..273c68fb2 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -514,6 +514,8 @@ class user_find(LDAPSearch):
         return (filter, base_dn, scope)
 
     def post_callback(self, ldap, entries, truncated, *args, **options):
+        if options.get('pkey_only', False):
+            return
         for entry in entries:
             (dn, attrs) = entry
             self.obj._convert_manager(attrs, **options)
author	Martin Kosek <mkosek@redhat.com>	2011-10-26 11:12:38 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2011-10-27 14:17:51 +0000
commit	a486f49a3726934f99763cc6ae93a41dafc40deb (patch)
tree	23063e2a18b0fa2ff0a6aeafaee22d642cb759f6 /ipalib
parent	52981883aba2a2ce7a0152c50ad94201f327f411 (diff)
download	freeipa-a486f49a3726934f99763cc6ae93a41dafc40deb.tar.gz freeipa-a486f49a3726934f99763cc6ae93a41dafc40deb.tar.xz freeipa-a486f49a3726934f99763cc6ae93a41dafc40deb.zip