From 34f8ff47932c49ab3a2b19a64c84b7d3ae0b514a Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Wed, 11 Jul 2012 14:09:17 +0200
Subject: Add range-mod command

range plugin was missing range-mod command that could be used for
example to fix a size for a range generated during upgrades. The
range should be updated with a caution though, a misconfiguration
could break trusts.

iparangetype is now also handled better and filled in all commands
instead of just range-show. objectclass attribute is deleted only
when really needed now.
---
 API.txt                                | 19 ++++++++++++++++
 VERSION                                |  2 +-
 ipalib/plugins/range.py                | 41 +++++++++++++++++++++++++++++-----
 tests/test_xmlrpc/test_range_plugin.py | 23 +++++++++++++++++--
 4 files changed, 76 insertions(+), 9 deletions(-)

diff --git a/API.txt b/API.txt
index 543134041..691a9c4de 100644
--- a/API.txt
+++ b/API.txt
@@ -2411,6 +2411,25 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
 output: Output('count', <type 'int'>, None)
 output: Output('truncated', <type 'bool'>, None)
+command: range_mod
+args: 1,13,3
+arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True)
+option: Int('ipabaseid', attribute=True, autofill=False, cli_name='base_id', multivalue=False, required=False)
+option: Int('ipaidrangesize', attribute=True, autofill=False, cli_name='range_size', multivalue=False, required=False)
+option: Int('ipabaserid', attribute=True, autofill=False, cli_name='rid_base', multivalue=False, required=False)
+option: Int('ipasecondarybaserid', attribute=True, autofill=False, cli_name='secondary_rid_base', multivalue=False, required=False)
+option: Str('ipanttrusteddomainsid', attribute=True, autofill=False, cli_name='dom_sid', multivalue=False, required=False)
+option: Str('iparangetype', attribute=True, autofill=False, cli_name='iparangetype', multivalue=False, required=False)
+option: Str('setattr*', cli_name='setattr', exclude='webui')
+option: Str('addattr*', cli_name='addattr', exclude='webui')
+option: Str('delattr*', cli_name='delattr', exclude='webui')
+option: Flag('rights', autofill=True, default=False)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('version?', exclude='webui')
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('value', <type 'unicode'>, None)
 command: range_show
 args: 1,4,3
 arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True)
diff --git a/VERSION b/VERSION
index 542dd5fca..8d9efe657 100644
--- a/VERSION
+++ b/VERSION
@@ -79,4 +79,4 @@ IPA_DATA_VERSION=20100614120000
 #                                                      #
 ########################################################
 IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=39
+IPA_API_VERSION_MINOR=40
diff --git a/ipalib/plugins/range.py b/ipalib/plugins/range.py
index 4448aad81..39849b661 100644
--- a/ipalib/plugins/range.py
+++ b/ipalib/plugins/range.py
@@ -80,6 +80,16 @@ class range(LDAPObject):
         )
     )
 
+    def handle_iparangetype(self, entry_attrs, options, keep_objectclass=False):
+        if not options.get('pkey_only', False):
+            if 'ipatrustedaddomainrange' in entry_attrs.get('objectclass', []):
+                entry_attrs['iparangetype'] = [unicode(_('Active Directory domain range'))]
+            else:
+                entry_attrs['iparangetype'] = [unicode(_(u'local domain range'))]
+        if not keep_objectclass:
+            if not options.get('all', False) or options.get('pkey_only', False):
+                entry_attrs.pop('objectclass', None)
+
 class range_add(LDAPCreate):
     __doc__ = _('Add new ID range.')
 
@@ -99,6 +109,10 @@ class range_add(LDAPCreate):
 
         return dn
 
+    def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+        self.obj.handle_iparangetype(entry_attrs, options, keep_objectclass=True)
+        return dn
+
 class range_del(LDAPDelete):
     __doc__ = _('Delete an ID range.')
 
@@ -114,8 +128,14 @@ class range_find(LDAPSearch):
     # Since all range types are stored within separate containers under
     # 'cn=ranges,cn=etc' search can be done on a one-level scope
     def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options):
+        attrs_list.append('objectclass')
         return (filters, base_dn, ldap.SCOPE_ONELEVEL)
 
+    def post_callback(self, ldap, entries, truncated, *args, **options):
+        for dn,entry in entries:
+            self.obj.handle_iparangetype(entry, options)
+        return truncated
+
 class range_show(LDAPRetrieve):
     __doc__ = _('Display information about a range.')
 
@@ -124,16 +144,25 @@ class range_show(LDAPRetrieve):
         return dn
 
     def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
-        if 'ipatrustedaddomainrange' in entry_attrs['objectclass']:
-            entry_attrs['iparangetype']=(u'Active Directory domain range')
-        else:
-            entry_attrs['iparangetype']=(u'local domain range')
-        del entry_attrs['objectclass']
+        self.obj.handle_iparangetype(entry_attrs, options)
+        return dn
+
+class range_mod(LDAPUpdate):
+    __doc__ = _('Modify ID range.')
+
+    msg_summary = _('Modified ID range "%(value)s"')
+
+    def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
+        attrs_list.append('objectclass')
+        return dn
+
+    def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+        self.obj.handle_iparangetype(entry_attrs, options)
         return dn
 
 api.register(range)
 api.register(range_add)
-#api.register(range_mod)
+api.register(range_mod)
 api.register(range_del)
 api.register(range_find)
 api.register(range_show)
diff --git a/tests/test_xmlrpc/test_range_plugin.py b/tests/test_xmlrpc/test_range_plugin.py
index 7c95cd57a..76ffc58b7 100644
--- a/tests/test_xmlrpc/test_range_plugin.py
+++ b/tests/test_xmlrpc/test_range_plugin.py
@@ -49,7 +49,8 @@ class test_range(Declarative):
                     ipabaseid=[u'900000'],
                     ipabaserid=[u'1000'],
                     ipasecondarybaserid=[u'20000'],
-                    ipaidrangesize=[u'99999']
+                    ipaidrangesize=[u'99999'],
+                    iparangetype=[u'local domain range'],
                 ),
                 value=testrange1,
                 summary=u'Added ID range "%s"' % (testrange1),
@@ -69,11 +70,29 @@ class test_range(Declarative):
                     ipabaserid=[u'1000'],
                     ipasecondarybaserid=[u'20000'],
                     ipaidrangesize=[u'99999'],
-                    iparangetype=u'local domain range',
+                    iparangetype=[u'local domain range'],
                 ),
                 value=testrange1,
                 summary=None,
             ),
         ),
 
+
+        dict(
+            desc='Modify range %r' % (testrange1),
+            command=('range_mod', [testrange1], dict(ipaidrangesize=90000)),
+            expected=dict(
+                result=dict(
+                    cn=[testrange1],
+                    ipabaseid=[u'900000'],
+                    ipabaserid=[u'1000'],
+                    ipasecondarybaserid=[u'20000'],
+                    ipaidrangesize=[u'90000'],
+                    iparangetype=[u'local domain range'],
+                ),
+                value=testrange1,
+                summary=u'Modified ID range "%s"' % (testrange1),
+            ),
+        ),
+
     ]
-- 
cgit