Updated KRA VLV management CLI.

A new pki-server kra-db-vlv-find command has been added to list existing KRA VLV indexes. The pki-server kra-db-vlv-reindex has been modified to wait until the reindex is complete.
author: Endi S. Dewata <edewata@redhat.com> 2016-06-08 18:20:16 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2016-06-08 23:17:23 +0200
commit: a2b06f7328bdc0bff832bf8ecc80c5068d1735f6 (patch)
tree: b70ae0d9d9bb5fc8cb053b50577b62434b3b5fe6 /base/server/python
parent: ff624f16bd7321760b98cb9a6c32ff29d1a11055 (diff)
download: pki-a2b06f7328bdc0bff832bf8ecc80c5068d1735f6.tar.gz
pki-a2b06f7328bdc0bff832bf8ecc80c5068d1735f6.tar.xz
pki-a2b06f7328bdc0bff832bf8ecc80c5068d1735f6.zip
1 files changed, 141 insertions, 25 deletions
diff --git a/base/server/python/pki/server/cli/kra.py b/base/server/python/pki/server/cli/kra.py
index 29d9e0168..b4f0df43f 100644
--- a/base/server/python/pki/server/cli/kra.py
+++ b/base/server/python/pki/server/cli/kra.py
@@ -23,14 +23,17 @@ from __future__ import print_function
 import getopt
 import io
 import ldap
+import ldap.modlist
 import ldif
 import os
 import shutil
 import sys
 import tempfile
+import time
 
 import pki.cli
 
+
 KRA_VLVS = ['allKeys', 'kraAll',
             'kraArchival', 'kraRecovery',
             'kraCanceled', 'kraCanceledEnrollment', 'kraCanceledRecovery',
@@ -40,18 +43,6 @@ KRA_VLV_PATH = '/usr/share/pki/kra/conf/vlv.ldif'
 KRA_VLV_TASKS_PATH = '/usr/share/pki/kra/conf/vlvtasks.ldif'
 
 
-def create_ldif(instance, subsystem, ldif_path, out_file):
-    subs = {'{instanceId}': instance.name,
-            '{database}': subsystem.config['internaldb.database'],
-            '{rootSuffix}': subsystem.config['internaldb.basedn']}
-
-    with open(ldif_path) as infile, open(out_file, 'w') as outfile:
-        for line in infile:
-            for src, target in subs.items():
-                line = line.replace(src, target)
-            outfile.write(line)
-
-
 class KRACLI(pki.cli.CLI):
 
     def __init__(self):
@@ -170,7 +161,7 @@ class KRADBCLI(pki.cli.CLI):
 
     def __init__(self):
         super(KRADBCLI, self).__init__(
-            'db', 'KRA DB management commands')
+            'db', 'KRA database management commands')
 
         self.add_module(KRADBVLVCLI())
 
@@ -181,14 +172,120 @@ class KRADBVLVCLI(pki.cli.CLI):
         super(KRADBVLVCLI, self).__init__(
             'vlv', 'KRA VLV management commands')
 
+        self.add_module(KRADBVLVFindCLI())
         self.add_module(KRADBVLVAddCLI())
         self.add_module(KRADBVLVDeleteCLI())
         self.add_module(KRADBVLVReindexCLI())
 
 
-class KRADBVLVAddCLI(pki.cli.CLI):
+class KRADBVLVFindCLI(pki.cli.CLI):
+
+    def __init__(self):
+        super(KRADBVLVFindCLI, self).__init__(
+            'find', 'Find KRA VLVs')
+
+    def print_help(self):
+        print('Usage: pki-server kra-db-vlv-find [OPTIONS]')
+        print()
+        print('  -i, --instance <instance ID>       Instance ID (default: pki-tomcat).')
+        print('  -D, --bind-dn <Bind DN>            Connect DN (default: cn=Directory Manager).')
+        print('  -w, --bind-password <password>     Password to connect to database.')
+        print('  -v, --verbose                      Run in verbose mode.')
+        print('      --help                         Show help message.')
+        print()
+
+    def execute(self, args):
+        try:
+            opts, _ = getopt.gnu_getopt(
+                args,
+                'i:D:w:x:g:v',
+                ['instance=', 'bind-dn=', 'bind-password=', 'generate-ldif=',
+                 'verbose', 'help']
+            )
+
+        except getopt.GetoptError as e:
+            print('ERROR: ' + str(e))
+            self.print_help()
+            sys.exit(1)
 
-    KRA_VLV_PATH = '/usr/share/pki/kra/conf/vlv.ldif'
+        instance_name = 'pki-tomcat'
+        bind_dn = None
+        bind_password = None
+
+        for o, a in opts:
+            if o in ('-i', '--instance'):
+                instance_name = a
+
+            elif o in ('-D', '--bind-dn'):
+                bind_dn = a
+
+            elif o in ('-w', '--bind-password'):
+                bind_password = a
+
+            elif o in ('-v', '--verbose'):
+                self.set_verbose(True)
+
+            elif o == '--help':
+                self.print_help()
+                sys.exit()
+
+            else:
+                print('ERROR: unknown option ' + o)
+                self.print_help()
+                sys.exit(1)
+
+        instance = pki.server.PKIInstance(instance_name)
+        instance.load()
+
+        subsystem = instance.get_subsystem('kra')
+
+        if not subsystem:
+            raise Exception('Subsystem not found')
+
+        self.find_vlv(subsystem, bind_dn, bind_password)
+
+    def find_vlv(self, subsystem, bind_dn, bind_password):
+
+        conn = subsystem.open_database(bind_dn=bind_dn,
+                                       bind_password=bind_password)
+
+        try:
+            database = subsystem.config['internaldb.database']
+            base_dn = 'cn=' + database + ',cn=ldbm database, cn=plugins, cn=config'
+
+            if self.verbose:
+                print('Searching %s' % base_dn)
+
+            entries = conn.ldap.search_s(
+                base_dn,
+                ldap.SCOPE_SUBTREE,
+                '(|(objectClass=vlvSearch)(objectClass=vlvIndex))')
+
+            self.print_message('%d entries found' % len(entries))
+
+            if not entries:
+                return
+
+            first = True
+            for entry in entries:
+                dn = entry[0]
+                attrs = entry[1]
+
+                if first:
+                    first = False
+                else:
+                    print()
+
+                print('  dn: %s' % dn)
+                for key, values in attrs.items():
+                    for value in values:
+                        print('  %s: %s' % (key, value))
+
+        finally:
+            conn.close()
+
+
+class KRADBVLVAddCLI(pki.cli.CLI):
 
     def __init__(self):
         super(KRADBVLVAddCLI, self).__init__(
@@ -200,7 +297,7 @@ class KRADBVLVAddCLI(pki.cli.CLI):
         print()
         print('  -i, --instance <instance ID>       Instance ID (default: pki-tomcat).')
         print('  -D, --bind-dn <Bind DN>            Connect DN (default: cn=Directory Manager).')
-        print('  -w, --bind-password <password>     Password to connect to DB.')
+        print('  -w, --bind-password <password>     Password to connect to database.')
         print('  -v, --verbose                      Run in verbose mode.')
         print('  -g, --generate-ldif <outfile>      Generate LDIF of required changes.')
         print('      --help                         Show help message.')
@@ -260,12 +357,12 @@ class KRADBVLVAddCLI(pki.cli.CLI):
             return
 
         if self.out_file:
-            create_ldif(instance, subsystem, self.KRA_VLV_PATH, self.out_file)
+            subsystem.customize_file(KRA_VLV_PATH, self.out_file)
             print('KRA VLVs written to ' + self.out_file)
             return
 
         ldif_file = tempfile.NamedTemporaryFile(delete=False)
-        create_ldif(instance, subsystem, self.KRA_VLV_PATH, ldif_file.name)
+        subsystem.customize_file(KRA_VLV_PATH, ldif_file.name)
 
         conn = subsystem.open_database(bind_dn=bind_dn,
                                        bind_password=bind_password)
@@ -280,7 +377,7 @@ class KRADBVLVAddCLI(pki.cli.CLI):
             os.unlink(ldif_file.name)
             conn.close()
 
-        print('KRA VLVs added to the DB for ' + instance.name)
+        print('KRA VLVs added to the database for ' + instance.name)
 
 
 class KRADBVLVDeleteCLI(pki.cli.CLI):
@@ -295,7 +392,7 @@ class KRADBVLVDeleteCLI(pki.cli.CLI):
         print()
         print('  -i, --instance <instance ID>       Instance ID (default: pki-tomcat).')
         print('  -D, --bind-dn <Bind DN>            Connect DN (default: cn=Directory Manager).')
-        print('  -w, --bind-password <password>     Password to connect to DB.')
+        print('  -w, --bind-password <password>     Password to connect to database.')
         print('  -g, --generate-ldif <outfile>      Generate LDIF of required changes.')
         print('  -v, --verbose                      Run in verbose mode.')
         print('      --help                         Show help message.')
@@ -395,7 +492,7 @@ class KRADBVLVDeleteCLI(pki.cli.CLI):
         finally:
             conn.close()
 
-        print('KRA VLVs deleted from the DB for ' + instance.name)
+        print('KRA VLVs deleted from the database for ' + instance.name)
 
 
 class KRADBVLVReindexCLI(pki.cli.CLI):
@@ -410,7 +507,7 @@ class KRADBVLVReindexCLI(pki.cli.CLI):
         print()
         print('  -i, --instance <instance ID>       Instance ID (default: pki-tomcat).')
         print('  -D, --bind-dn <Bind DN>            Connect DN (default: cn=Directory Manager).')
-        print('  -w, --bind-password <password>     Password to connect to DB.')
+        print('  -w, --bind-password <password>     Password to connect to database.')
         print('  -g, --generate-ldif <outfile>      Generate LDIF of required changes.')
         print('  -v, --verbose                      Run in verbose mode.')
         print('      --help                         Show help message.')
@@ -472,24 +569,43 @@ class KRADBVLVReindexCLI(pki.cli.CLI):
                 return
 
         if self.out_file:
-            create_ldif(instance, subsystem, KRA_VLV_TASKS_PATH, self.out_file)
+            subsystem.customize_file(KRA_VLV_TASKS_PATH, self.out_file)
             print('KRA VLV reindex task written to ' + self.out_file)
             return
 
         ldif_file = tempfile.NamedTemporaryFile(delete=False)
-        create_ldif(instance, subsystem, KRA_VLV_TASKS_PATH, ldif_file.name)
+        subsystem.customize_file(KRA_VLV_TASKS_PATH, ldif_file.name)
 
         conn = subsystem.open_database(bind_dn=bind_dn,
                                        bind_password=bind_password)
 
+        print('Initiating KRA VLV reindex for ' + instance.name)
+
         try:
             parser = ldif.LDIFRecordList(open(ldif_file.name, "rb"))
             parser.parse()
+
             for dn, entry in parser.all_records:
+
+                if self.verbose:
+                    print('Adding %s' % dn)
+
                 add_modlist = ldap.modlist.addModlist(entry)
                 conn.ldap.add_s(dn, add_modlist)
+
+                while True:
+                    time.sleep(1)
+
+                    try:
+                        if self.verbose:
+                            print('Checking %s' % dn)
+
+                        conn.ldap.search_s(dn, ldap.SCOPE_BASE)
+                    except ldap.NO_SUCH_OBJECT:
+                        break
+
         finally:
             os.unlink(ldif_file.name)
             conn.close()
 
-        print('KRA VLV reindex initiated for ' + instance.name)
+        print('KRA VLV reindex completed for ' + instance.name)
author	Endi S. Dewata <edewata@redhat.com>	2016-06-08 18:20:16 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2016-06-08 23:17:23 +0200
commit	a2b06f7328bdc0bff832bf8ecc80c5068d1735f6 (patch)
tree	b70ae0d9d9bb5fc8cb053b50577b62434b3b5fe6 /base/server/python
parent	ff624f16bd7321760b98cb9a6c32ff29d1a11055 (diff)
download	pki-a2b06f7328bdc0bff832bf8ecc80c5068d1735f6.tar.gz pki-a2b06f7328bdc0bff832bf8ecc80c5068d1735f6.tar.xz pki-a2b06f7328bdc0bff832bf8ecc80c5068d1735f6.zip