From f35e212eb5cc6df5bdb03237ac5bcd654bc114b8 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Thu, 31 Jul 2014 14:22:59 +0200 Subject: idviews: Extend idview-show command to display assigned idoverrides and hosts Part of: https://fedorahosted.org/freeipa/ticket/3979 --- API.txt | 3 +- ipalib/plugins/idviews.py | 169 +++++++++++++++++++++++++++++++++++----------- 2 files changed, 131 insertions(+), 41 deletions(-) diff --git a/API.txt b/API.txt index 08af899bd..122bf9e54 100644 --- a/API.txt +++ b/API.txt @@ -2248,11 +2248,12 @@ output: Entry('result', , Gettext('A dictionary representing an LDA output: Output('summary', (, ), None) output: PrimaryKey('value', None, None) command: idview_show -args: 1,4,3 +args: 1,5,3 arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Flag('rights', autofill=True, default=False) +option: Flag('show_hosts?', autofill=True, cli_name='show_hosts', default=False) option: Str('version?', exclude='webui') output: Entry('result', , Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Output('summary', (, ), None) diff --git a/ipalib/plugins/idviews.py b/ipalib/plugins/idviews.py index c27a014cb..0b985a5fa 100644 --- a/ipalib/plugins/idviews.py +++ b/ipalib/plugins/idviews.py @@ -22,7 +22,7 @@ from ipalib.plugins.baseldap import (LDAPQuery, LDAPObject, LDAPCreate, LDAPDelete, LDAPUpdate, LDAPSearch, LDAPRetrieve, global_output_params) from ipalib.plugins.hostgroup import get_complete_hostgroup_member_list -from ipalib import api, Str, Int, _, ngettext, errors, output +from ipalib import api, Str, Int, Flag, _, ngettext, errors, output from ipalib.plugable import Registry from ipapython.dn import DN @@ -107,50 +107,95 @@ class idview_find(LDAPSearch): class idview_show(LDAPRetrieve): __doc__ = _('Display information about an ID view.') - -@register() -class idview_apply(LDAPQuery): - __doc__ = _('Applies ID view to specified hosts or current members of ' - 'specified hostgroups. If any other ID view is applied to ' - 'the host, it is overriden.') - - member_count_out = (_('ID view applied to %i host.'), - _('ID view applied to %i hosts.')) - - msg_summary = 'Applied ID view "%(value)s"' - - takes_options = ( - Str('host*', - cli_name='hosts', - doc=_('Hosts to apply the ID view to'), - label=_('hosts'), - ), - Str('hostgroup*', - cli_name='hostgroups', - doc=_('Hostgroups to whose hosts apply the ID view to. Please note ' - 'that view is not applied automatically to any hosts added ' - 'to the hostgroup after running the idview-apply command.'), - label=_('hostgroups'), + takes_options = LDAPRetrieve.takes_options + ( + Flag('show_hosts?', + cli_name='show_hosts', + doc=_('Enumerate all the hosts the view applies to.'), ), ) - has_output = ( - output.summary, - output.Output('succeeded', - type=dict, - doc=_('Hosts that this ID view was applied to.'), - ), - output.Output('failed', - type=dict, - doc=_('Hosts or hostgroups that this ID view could not be ' - 'applied to.'), - ), - output.Output('completed', - type=int, - doc=_('Number of hosts the ID view was applied to:'), + has_output_params = global_output_params + ( + Str('useroverrides', + label=_('User object overrides'), + ), + Str('groupoverrides', + label=_('Group object overrides'), + ), + Str('appliedtohosts', + label=_('Hosts the view applies to') ), ) + def show_id_overrides(self, dn, entry_attrs): + ldap = self.obj.backend + + try: + (useroverrides, truncated) = ldap.find_entries( + filter="objectclass=ipaUserOverride", + attrs_list=['ipaanchoruuid'], + base_dn=dn, + scope=ldap.SCOPE_ONELEVEL, + paged_search=True) + + entry_attrs['useroverrides'] = [ + view.single_value.get('ipaanchoruuid') + for view in useroverrides + ] + + except errors.NotFound: + pass + + try: + (groupoverrides, truncated) = ldap.find_entries( + filter="objectclass=ipaGroupOverride", + attrs_list=['ipaanchoruuid'], + base_dn=dn, + scope=ldap.SCOPE_ONELEVEL, + paged_search=True) + + entry_attrs['groupoverrides'] = [ + view.single_value.get('ipaanchoruuid') + for view in groupoverrides + ] + + except errors.NotFound: + pass + + def enumerate_hosts(self, dn, entry_attrs): + ldap = self.obj.backend + + filter_params = { + 'ipaAssignedIDView': dn, + 'objectClass': 'ipaHost', + } + + try: + (hosts, truncated) = ldap.find_entries( + filter=ldap.make_filter(filter_params, rules=ldap.MATCH_ALL), + attrs_list=['cn'], + base_dn=api.env.container_host + api.env.basedn, + scope=ldap.SCOPE_ONELEVEL, + paged_search=True) + + entry_attrs['appliedtohosts'] = [host.single_value['cn'] + for host in hosts] + except errors.NotFound: + pass + + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): + self.show_id_overrides(dn, entry_attrs) + + if options.get('show_hosts', False): + self.enumerate_hosts(dn, entry_attrs) + + return dn + + +class baseidview_apply(LDAPQuery): + """ + Base class for idview_apply and idview_unapply commands. + """ + has_output_params = global_output_params def execute(self, *keys, **options): @@ -228,7 +273,51 @@ class idview_apply(LDAPQuery): @register() -class idview_unapply(idview_apply): +class idview_apply(baseidview_apply): + __doc__ = _('Applies ID view to specified hosts or current members of ' + 'specified hostgroups. If any other ID view is applied to ' + 'the host, it is overriden.') + + member_count_out = (_('ID view applied to %i host.'), + _('ID view applied to %i hosts.')) + + msg_summary = 'Applied ID view "%(value)s"' + + takes_options = ( + Str('host*', + cli_name='hosts', + doc=_('Hosts to apply the ID view to'), + label=_('hosts'), + ), + Str('hostgroup*', + cli_name='hostgroups', + doc=_('Hostgroups to whose hosts apply the ID view to. Please note ' + 'that view is not applied automatically to any hosts added ' + 'to the hostgroup after running the idview-apply command.'), + label=_('hostgroups'), + ), + ) + + has_output = ( + output.summary, + output.Output('succeeded', + type=dict, + doc=_('Hosts that this ID view was applied to.'), + ), + output.Output('failed', + type=dict, + doc=_('Hosts or hostgroups that this ID view could not be ' + 'applied to.'), + ), + output.Output('completed', + type=int, + doc=_('Number of hosts the ID view was applied to:'), + ), + ) + + +@register() +class idview_unapply(baseidview_apply): __doc__ = _('Clears ID view from specified hosts or current members of ' 'specified hostgroups.') -- cgit