diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2015-06-22 10:58:43 +0000 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-07-01 13:05:30 +0000 |
| commit | e39fe4ed31042bd28357d093fdbd93b4d6d59aaa (patch) | |
| tree | c9edd3b3d710ae642d91eb8ca0c060cb5f6d0f0c /ipaserver | |
| parent | 2d1515323acb4125306817096bafab6623de0b47 (diff) | |
| download | freeipa-e39fe4ed31042bd28357d093fdbd93b4d6d59aaa.tar.gz freeipa-e39fe4ed31042bd28357d093fdbd93b4d6d59aaa.tar.xz freeipa-e39fe4ed31042bd28357d093fdbd93b4d6d59aaa.zip | |
plugable: Pass API to plugins on initialization rather than using set_api
https://fedorahosted.org/freeipa/ticket/3090
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/advise/base.py | 4 | ||||
| -rw-r--r-- | ipaserver/install/bindinstance.py | 2 | ||||
| -rw-r--r-- | ipaserver/install/cainstance.py | 8 | ||||
| -rw-r--r-- | ipaserver/install/ipa_cacert_manage.py | 2 | ||||
| -rw-r--r-- | ipaserver/install/ipa_otptoken_import.py | 2 | ||||
| -rw-r--r-- | ipaserver/install/ipa_replica_prepare.py | 2 | ||||
| -rw-r--r-- | ipaserver/install/server/install.py | 3 | ||||
| -rw-r--r-- | ipaserver/plugins/dogtag.py | 12 | ||||
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 45 | ||||
| -rw-r--r-- | ipaserver/plugins/rabase.py | 4 | ||||
| -rw-r--r-- | ipaserver/rpcserver.py | 36 |
11 files changed, 37 insertions, 83 deletions
diff --git a/ipaserver/advise/base.py b/ipaserver/advise/base.py index 9913e555d..e9873ac10 100644 --- a/ipaserver/advise/base.py +++ b/ipaserver/advise/base.py @@ -104,8 +104,8 @@ class Advice(Plugin): require_root = False description = '' - def __init__(self): - super(Advice, self).__init__() + def __init__(self, api): + super(Advice, self).__init__(api) self.log = _AdviceOutput() def set_options(self, options): diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 102a8e5f6..2228342dc 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -1179,7 +1179,7 @@ class BindInstance(service.Service): print "Global DNS configuration in LDAP server is not empty" print "The following configuration options override local settings in named.conf:" print "" - textui = ipalib.cli.textui() + textui = ipalib.cli.textui(api) api.Command.dnsconfig_show.output_for_cli(textui, result, None, reverse=False) def uninstall(self): diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 884d27a91..5fd3017e1 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1588,7 +1588,7 @@ def update_people_entry(dercert): while attempts < 10: conn = None try: - conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri) + conn = ldap2.ldap2(api, ldap_uri=dogtag_uri) conn.connect(autobind=True) db_filter = conn.make_filter( @@ -1643,7 +1643,7 @@ def ensure_ldap_profiles_container(): server_id = installutils.realm_to_serverid(api.env.realm) dogtag_uri = 'ldapi://%%2fvar%%2frun%%2fslapd-%s.socket' % server_id - conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri) + conn = ldap2.ldap2(api, ldap_uri=dogtag_uri) if not conn.isconnected(): conn.connect(autobind=True) @@ -1675,7 +1675,7 @@ def configure_profiles_acl(): ) modlist = [(ldap.MOD_ADD, 'resourceACLS', [rule])] - conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri) + conn = ldap2.ldap2(api, ldap_uri=dogtag_uri) if not conn.isconnected(): conn.connect(autobind=True) rules = conn.get_entry(dn).get('resourceACLS', []) @@ -1696,7 +1696,7 @@ def import_included_profiles(): server_id = installutils.realm_to_serverid(api.env.realm) dogtag_uri = 'ldapi://%%2fvar%%2frun%%2fslapd-%s.socket' % server_id - conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri) + conn = ldap2.ldap2(api, ldap_uri=dogtag_uri) if not conn.isconnected(): conn.connect(autobind=True) diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py index e07460169..01ec805fc 100644 --- a/ipaserver/install/ipa_cacert_manage.py +++ b/ipaserver/install/ipa_cacert_manage.py @@ -121,7 +121,7 @@ class CACertManage(admintool.AdminTool): return rc def ldap_connect(self): - conn = ldap2() + conn = ldap2(api) password = self.options.password if not password: diff --git a/ipaserver/install/ipa_otptoken_import.py b/ipaserver/install/ipa_otptoken_import.py index c6a69c997..386ca4273 100644 --- a/ipaserver/install/ipa_otptoken_import.py +++ b/ipaserver/install/ipa_otptoken_import.py @@ -507,7 +507,7 @@ class OTPTokenImport(admintool.AdminTool): api.bootstrap(in_server=True) api.finalize() - conn = ldap2() + conn = ldap2(api) try: ccache = krbV.default_context().default_ccache() conn.connect(ccache=ccache) diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index 3a2975bf6..c2e7a0fb5 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -637,7 +637,7 @@ class ReplicaPrepare(admintool.AdminTool): os.remove(agent_name) def update_pki_admin_password(self): - ldap = ldap2(shared_instance=False) + ldap = ldap2(api) ldap.connect( bind_dn=DN(('cn', 'directory manager')), bind_pw=self.dirman_password diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 2c5183ba4..72376357b 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -240,8 +240,7 @@ def set_subject_in_config(realm_name, dm_password, suffix, subject_base): installutils.realm_to_serverid(realm_name) ) try: - conn = ldap2(shared_instance=False, ldap_uri=ldapuri, - base_dn=suffix) + conn = ldap2(api, ldap_uri=ldapuri) conn.connect(bind_dn=DN(('cn', 'directory manager')), bind_pw=dm_password) except errors.ExecutionError, e: diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index a5b7d2382..3dc8f5c93 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1286,7 +1286,7 @@ class ra(rabase.rabase): """ DEFAULT_PROFILE = dogtag.DEFAULT_PROFILE - def __init__(self): + def __init__(self, api): if api.env.in_tree: self.sec_dir = api.env.dot_ipa + os.sep + 'alias' self.pwd_file = self.sec_dir + os.sep + '.pwd' @@ -1303,7 +1303,7 @@ class ra(rabase.rabase): f.close() except IOError: self.password = '' - super(ra, self).__init__() + super(ra, self).__init__(api) def raise_certificate_operation_error(self, func_name, err_msg=None, detail=None): """ @@ -1896,11 +1896,11 @@ class kra(Backend): KRA backend plugin (for Vault) """ - def __init__(self, kra_port=443): + def __init__(self, api, kra_port=443): self.kra_port = kra_port - super(kra, self).__init__() + super(kra, self).__init__(api) def get_client(self): """ @@ -1958,7 +1958,7 @@ class RestClient(Backend): except: return None - def __init__(self): + def __init__(self, api): if api.env.in_tree: self.sec_dir = api.env.dot_ipa + os.sep + 'alias' self.pwd_file = self.sec_dir + os.sep + '.pwd' @@ -1970,7 +1970,7 @@ class RestClient(Backend): self.ipa_certificate_nickname = "ipaCert" self.ca_certificate_nickname = "caCert" self._read_password() - super(RestClient, self).__init__() + super(RestClient, self).__init__(api) # session cookie self.override_port = None diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 36a6fedda..68feee4f0 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -56,47 +56,20 @@ from ipalib.crud import CrudBackend from ipalib.request import context -class ldap2(LDAPClient, CrudBackend): +class ldap2(CrudBackend, LDAPClient): """ LDAP Backend Take 2. """ - def __init__(self, shared_instance=False, ldap_uri=None, base_dn=None, - schema=None): - self.__ldap_uri = None + def __init__(self, api, ldap_uri=None): + if ldap_uri is None: + ldap_uri = api.env.ldap_uri - CrudBackend.__init__(self, shared_instance=shared_instance) - LDAPClient.__init__(self, ldap_uri) + force_schema_updates = api.env.context in ('installer', 'updates') - self.__base_dn = base_dn - - @property - def api(self): - self_api = super(ldap2, self).api - if self_api is None: - self_api = api - return self_api - - @property - def ldap_uri(self): - try: - return self.__ldap_uri or self.api.env.ldap_uri - except AttributeError: - return 'ldap://example.com' - - @ldap_uri.setter - def ldap_uri(self, value): - self.__ldap_uri = value - - @property - def base_dn(self): - try: - if self.__base_dn is not None: - return DN(self.__base_dn) - else: - return DN(self.api.env.basedn) - except AttributeError: - return DN() + CrudBackend.__init__(self, api) + LDAPClient.__init__(self, ldap_uri, + force_schema_updates=force_schema_updates) def _connect(self): # Connectible.conn is a proxy to thread-local storage; @@ -145,8 +118,6 @@ class ldap2(LDAPClient, CrudBackend): if debug_level: _ldap.set_option(_ldap.OPT_DEBUG_LEVEL, debug_level) - object.__setattr__(self, '_force_schema_updates', - self.api.env.context in ('installer', 'updates')) LDAPClient._connect(self) conn = self._conn diff --git a/ipaserver/plugins/rabase.py b/ipaserver/plugins/rabase.py index cf4426235..fae30ff2f 100644 --- a/ipaserver/plugins/rabase.py +++ b/ipaserver/plugins/rabase.py @@ -41,14 +41,14 @@ class rabase(Backend): """ Request Authority backend plugin. """ - def __init__(self): + def __init__(self, api): if api.env.in_tree: self.sec_dir = api.env.dot_ipa + os.sep + 'alias' self.pwd_file = self.sec_dir + os.sep + '.pwd' else: self.sec_dir = paths.HTTPD_ALIAS_DIR self.pwd_file = paths.ALIAS_PWDFILE_TXT - super(rabase, self).__init__() + super(rabase, self).__init__(api) def check_request_status(self, request_id): diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py index 43ee63e63..ead830def 100644 --- a/ipaserver/rpcserver.py +++ b/ipaserver/rpcserver.py @@ -238,8 +238,8 @@ class wsgi_dispatch(Executioner, HTTP_Status): handler which is specific to the authentication and RPC mechanism. """ - def __init__(self): - super(wsgi_dispatch, self).__init__() + def __init__(self, api): + super(wsgi_dispatch, self).__init__(api) self.__apps = {} def __iter__(self): @@ -301,14 +301,11 @@ class WSGIExecutioner(Executioner): _system_commands = {} - def set_api(self, api): - super(WSGIExecutioner, self).set_api(api) - if 'wsgi_dispatch' in self.api.Backend: - self.api.Backend.wsgi_dispatch.mount(self, self.key) - def _on_finalize(self): self.url = self.env.mount_ipa + self.key super(WSGIExecutioner, self)._on_finalize() + if 'wsgi_dispatch' in self.api.Backend: + self.api.Backend.wsgi_dispatch.mount(self, self.key) def wsgi_execute(self, environ): result = None @@ -746,8 +743,8 @@ class jsonserver_session(jsonserver, KerberosSession): key = '/session/json' - def __init__(self): - super(jsonserver_session, self).__init__() + def __init__(self, api): + super(jsonserver_session, self).__init__(api) name = '{0}_{1}'.format(self.__class__.__name__, id(self)) auth_mgr = AuthManagerKerb(name) session_mgr.auth_mgr.register(auth_mgr.name, auth_mgr) @@ -849,9 +846,6 @@ class jsonserver_kerb(jsonserver, KerberosWSGIExecutioner): class login_kerberos(Backend, KerberosSession, HTTP_Status): key = '/session/login_kerberos' - def __init__(self): - super(login_kerberos, self).__init__() - def _on_finalize(self): super(login_kerberos, self)._on_finalize() self.api.Backend.wsgi_dispatch.mount(self, self.key) @@ -873,9 +867,6 @@ class login_password(Backend, KerberosSession, HTTP_Status): content_type = 'text/plain' key = '/session/login_password' - def __init__(self): - super(login_password, self).__init__() - def _on_finalize(self): super(login_password, self)._on_finalize() self.api.Backend.wsgi_dispatch.mount(self, self.key) @@ -998,9 +989,6 @@ class change_password(Backend, HTTP_Status): content_type = 'text/plain' key = '/session/change_password' - def __init__(self): - super(change_password, self).__init__() - def _on_finalize(self): super(change_password, self)._on_finalize() self.api.Backend.wsgi_dispatch.mount(self, self.key) @@ -1051,8 +1039,7 @@ class change_password(Backend, HTTP_Status): pw = data['old_password'] if data.get('otp'): pw = data['old_password'] + data['otp'] - conn = ldap2(shared_instance=False, - ldap_uri=self.api.env.ldap_uri) + conn = ldap2(self.api) conn.connect(bind_dn=bind_dn, bind_pw=pw) except (NotFound, ACIError): result = 'invalid-password' @@ -1104,9 +1091,6 @@ class sync_token(Backend, HTTP_Status): namedtype.OptionalNamedType('tokenDN', univ.OctetString()) ) - def __init__(self): - super(sync_token, self).__init__() - def _on_finalize(self): super(sync_token, self)._on_finalize() self.api.Backend.wsgi_dispatch.mount(self, self.key) @@ -1165,7 +1149,7 @@ class sync_token(Backend, HTTP_Status): title = 'Token sync rejected' # Perform the synchronization. - conn = ldap2(shared_instance=False, ldap_uri=self.api.env.ldap_uri) + conn = ldap2(self.api) try: conn.connect(bind_dn=bind_dn, bind_pw=data['password'], @@ -1199,8 +1183,8 @@ class xmlserver_session(xmlserver, KerberosSession): key = '/session/xml' - def __init__(self): - super(xmlserver_session, self).__init__() + def __init__(self, api): + super(xmlserver_session, self).__init__(api) name = '{0}_{1}'.format(self.__class__.__name__, id(self)) auth_mgr = AuthManagerKerb(name) session_mgr.auth_mgr.register(auth_mgr.name, auth_mgr) |