From 1445a3602607c0157f679d1f1a9d50c9673b87f7 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 19 Mar 2009 15:42:16 -0400 Subject: Modify the taskgroup plugin to use the new group baseclass and add tests --- ipalib/plugins/taskgroup.py | 232 ++++++++++++++------------------------------ 1 file changed, 73 insertions(+), 159 deletions(-) (limited to 'ipalib') diff --git a/ipalib/plugins/taskgroup.py b/ipalib/plugins/taskgroup.py index ebd7f11ee..863c0a393 100644 --- a/ipalib/plugins/taskgroup.py +++ b/ipalib/plugins/taskgroup.py @@ -21,208 +21,122 @@ Frontend plugins for taskgroups. """ -from ipalib import api, crud, errors, errors2 -from ipalib import Object, Command # Plugin base classes -from ipalib import Str, Int, Flag # Parameter types +from ipalib import api +from ipalib.plugins.basegroup import * -default_attributes = ['cn','description'] -container_taskgroup = "cn=taskgroups" +display_attributes = ['cn','description', 'member', 'memberof'] +container_taskgroup = "cn=taskgroups,cn=accounts" +container_rolegroup = "cn=rolegroups,cn=accounts" -def make_taskgroup_dn(cn): - """ - Construct group dn from cn. - """ - import ldap - return 'cn=%s,%s,%s' % ( - ldap.dn.escape_dn_chars(cn), - container_taskgroup, - api.env.basedn, - ) - -class taskgroup(Object): +class taskgroup(BaseGroup): """ taskgroup object. """ - takes_params = ( - Str('description', - doc='A description of this group', - attribute=True, - ), - Str('cn', - cli_name='name', - primary_key=True, - normalizer=lambda value: value.lower(), - attribute=True, - ), - ) + container=container_taskgroup + api.register(taskgroup) -class taskgroup_add(crud.Add): - 'Add a new group.' +class taskgroup_add(basegroup_add): + 'Add a new taskgroup.' - def execute(self, cn, **kw): - """ - Execute the taskgroup-add operation. - - The dn should not be passed as a keyword argument as it is constructed - by this method. +api.register(taskgroup_add) - Returns the entry as it will be created in LDAP. - No need to explicitly set gidNumber. The dna_plugin will do this - for us if the value isn't provided by the caller. +class taskgroup_del(basegroup_del): + 'Delete an existing taskgroup.' + container = container_taskgroup - :param cn: The name of the group being added. - :param kw: Keyword arguments for the other LDAP attributes. - """ - assert 'cn' not in kw - assert 'dn' not in kw - ldap = self.api.Backend.ldap - entry = self.args_options_2_entry(cn, **kw) - entry['dn'] = make_taskgroup_dn(cn) +api.register(taskgroup_del) - # some required objectclasses - entry['objectClass'] = ['top','groupofnames'] - return ldap.create(**entry) +class taskgroup_mod(basegroup_mod): + 'Edit an existing taskgroup.' + container = container_taskgroup - def output_for_cli(self, textui, result, *args, **options): - """ - Output result of this command to command line interface. - """ - textui.print_name(self.name) - textui.print_entry(result) - textui.print_dashed('Added group "%s"' % result['cn']) +api.register(taskgroup_mod) -api.register(taskgroup_add) +class taskgroup_find(basegroup_find): + 'Search the groups.' + container = container_taskgroup -class taskgroup_del(crud.Del): - 'Delete an existing group.' - def execute(self, cn, **kw): - """ - Delete a group +api.register(taskgroup_find) - :param cn: The name of the group being removed - :param kw: Unused - """ - ldap = self.api.Backend.ldap - dn = ldap.find_entry_dn("cn", cn, "groupofnames", container_taskgroup) - self.log.info("IPA: taskgroup-del '%s'" % dn) - return ldap.delete(dn) +class taskgroup_show(basegroup_show): + 'Examine an existing taskgroup.' + default_attributes = display_attributes + container = container_taskgroup - def output_for_cli(self, textui, result, cn): - """ - Output result of this command to command line interface. - """ - textui.print_plain("Deleted group %s" % cn) +api.register(taskgroup_show) -api.register(taskgroup_del) +class taskgroup_add_member(basegroup_add_member): + 'Add a member to a taskgroup.' + container = container_taskgroup + takes_options = basegroup_add_member.takes_options + (List('rolegroups?', doc='comma-separated list of role groups to add'),) -class taskgroup_mod(crud.Mod): - 'Edit an existing group.' def execute(self, cn, **kw): """ - Execute the taskgroup-mod operation. - - The dn should not be passed as a keyword argument as it is constructed - by this method. + Execute the group-add-member operation. - Returns the entry + Returns the updated group entry - :param cn: The name of the group to update. - :param kw: Keyword arguments for the other LDAP attributes. + :param cn: The group name to add new members to. + :param kw: groups is a comma-separated list of groups to add + :param kw: users is a comma-separated list of users to add + :param kw: rolegroups is a comma-separated list of rolegroups to add """ - assert 'cn' not in kw - assert 'dn' not in kw + assert self.container ldap = self.api.Backend.ldap - dn = ldap.find_entry_dn("cn", cn, "groupofnames", container_taskgroup) - - return ldap.update(dn, **kw) - - def output_for_cli(self, textui, result, cn, **options): - """ - Output result of this command to command line interface. - """ - if result: - textui.print_plain("Group updated") + dn = ldap.find_entry_dn("cn", cn, self.filter_class, self.container) + add_failed = [] + to_add = [] + completed = 0 -api.register(taskgroup_mod) + # Do the base class additions first + add_failed = super(taskgroup_add_member, self).execute(cn, **kw) + members = kw.get('rolegroups', []) + (to_add, add_failed) = self._find_members(ldap, add_failed, members, "cn", self.filter_class, container_rolegroup) + (completed, add_failed) = self._add_members(ldap, completed, to_add, add_failed, dn, "member") -class taskgroup_find(crud.Find): - 'Search the groups.' - def execute(self, term, **kw): - ldap = self.api.Backend.ldap + return add_failed - # Pull the list of searchable attributes out of the configuration. - config = ldap.get_ipa_config() - search_fields_conf_str = config.get('ipagroupsearchfields') - search_fields = search_fields_conf_str.split(",") - - search_kw = {} - for s in search_fields: - search_kw[s] = term - - object_type = ldap.get_object_type("cn") - if object_type and not kw.get('objectclass'): - search_kw['objectclass'] = object_type - search_kw['base'] = container_taskgroup - search_kw['objectclass'] = "groupofnames" - return ldap.search(**search_kw) - - def output_for_cli(self, textui, result, uid, **options): - counter = result[0] - groups = result[1:] - if counter == 0 or len(groups) == 0: - textui.print_plain("No entries found") - return - if len(groups) == 1: - textui.print_entry(groups[0]) - return - textui.print_name(self.name) - - for g in groups: - textui.print_entry(g) - textui.print_plain('') - if counter == -1: - textui.print_plain("These results are truncated.") - textui.print_plain("Please refine your search and try again.") - textui.print_count(groups, '%d groups matched') +api.register(taskgroup_add_member) -api.register(taskgroup_find) +class taskgroup_remove_member(basegroup_remove_member): + 'Remove a member from a taskgroup.' + container = container_taskgroup + takes_options = basegroup_remove_member.takes_options + (List('rolegroups?', doc='comma-separated list of role groups to remove'),) -class taskgroup_show(crud.Get): - 'Examine an existing group.' - takes_options = ( - Flag('all', doc='Retrieve all attributes'), - ) def execute(self, cn, **kw): """ - Execute the taskgroup-show operation. - - The dn should not be passed as a keyword argument as it is constructed - by this method. + Execute the group-remove-member operation. - Returns the entry + Returns the updated group entry - :param cn: The group name to retrieve. - :param kw: Not used. + :param cn: The group name to remove new members from. + :param kw: groups is a comma-separated list of groups to remove + :param kw: users is a comma-separated list of users to remove + :param kw: rolegroups is a comma-separated list of rolegroups to remove """ + assert self.container ldap = self.api.Backend.ldap - dn = ldap.find_entry_dn("cn", cn, "groupofnames", container_taskgroup) + dn = ldap.find_entry_dn("cn", cn, self.filter_class, self.container) + remove_failed = [] + to_remove = [] + completed = 0 - # FIXME: should kw contain the list of attributes to display? - if kw.get('all', False): - return ldap.retrieve(dn) - else: - return ldap.retrieve(dn, default_attributes) + # Do the base class removals first + remove_failed = super(taskgroup_remove_member, self).execute(cn, **kw) - def output_for_cli(self, textui, result, *args, **options): - textui.print_entry(result) + members = kw.get('rolegroups', []) + (to_remove, remove_failed) = self._find_members(ldap, remove_failed, members, "cn", self.filter_class, container_rolegroup) + (completed, remove_failed) = self._remove_members(ldap, completed, to_remove, remove_failed, dn, "member") -api.register(taskgroup_show) + return remove_failed + +api.register(taskgroup_remove_member) -- cgit