summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-07-14 14:45:15 -0400
committerRob Crittenden <rcritten@redhat.com>2010-07-15 11:18:18 -0400
commit57a9001f8d12a5caec01c628089a4624499b76bc (patch)
treec230229afc6b7a3b1bc6bb31a73eaf1e10467e87 /ipalib
parent0d12b0344fc8ee05211e65ecf332a46afc542765 (diff)
downloadfreeipa-57a9001f8d12a5caec01c628089a4624499b76bc.tar.gz
freeipa-57a9001f8d12a5caec01c628089a4624499b76bc.tar.xz
freeipa-57a9001f8d12a5caec01c628089a4624499b76bc.zip
Fix netgroup plugin to use correct member attribute names.
When the netgroup plugin was rebased it ended up using the member attribute for its memberships and not memberuser/memberhost. I also fixed this same attribute problem in the tests and tried to beef them up a little. If nis/schema compat are enabled it will try to compare the generated triplets with a known-good value.
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/plugins/netgroup.py72
1 files changed, 41 insertions, 31 deletions
diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py
index ad97c722..755c5f4d 100644
--- a/ipalib/plugins/netgroup.py
+++ b/ipalib/plugins/netgroup.py
@@ -46,6 +46,23 @@ from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
+output_params = (
+ Str('memberuser_user?',
+ label='Member User',
+ ),
+ Str('memberuser_group?',
+ label='Member Group',
+ ),
+ Str('memberhost_host?',
+ label=_('Member Host'),
+ ),
+ Str('memberhost_hostgroup?',
+ label='Member Hostgroup',
+ ),
+ Str('externalhost?',
+ label=_('External host'),
+ ),
+ )
class netgroup(LDAPObject):
"""
Netgroup object.
@@ -55,13 +72,14 @@ class netgroup(LDAPObject):
object_name_plural = 'netgroups'
object_class = ['ipaobject', 'ipaassociation', 'ipanisnetgroup']
default_attributes = [
- 'cn', 'description', 'member', 'memberof', 'externalhost',
- 'nisdomainname',
+ 'cn', 'description', 'memberof', 'externalhost',
+ 'nisdomainname', 'memberuser', 'memberhost',
]
uuid_attribute = 'ipauniqueid'
attribute_members = {
- 'member': ['user', 'group', 'host', 'hostgroup', 'netgroup'],
'memberof': ['netgroup'],
+ 'memberuser': ['user', 'group'],
+ 'memberhost': ['host', 'hostgroup'],
}
label = _('Net Groups')
@@ -88,26 +106,6 @@ class netgroup(LDAPObject):
doc=_('IPA unique ID'),
flags=['no_create', 'no_update'],
),
- Str('member_user?',
- label='Member User',
- flags=['no_create', 'no_update', 'no_search'],
- ),
- Str('member_group?',
- label='Member Group',
- flags=['no_create', 'no_update', 'no_search'],
- ),
- Str('member_host?',
- label=_('Member host'),
- flags=['no_create', 'no_update', 'no_search'],
- ),
- Str('member_hostgroup?',
- label='Member Hostgroup',
- flags=['no_create', 'no_update', 'no_search'],
- ),
- Str('externalhost?',
- label=_('External host'),
- flags=['no_create', 'no_update', 'no_search'],
- ),
)
def get_dn(self, *keys, **kwargs):
@@ -135,6 +133,7 @@ class netgroup_add(LDAPCreate):
"""
Create new netgroup.
"""
+ has_output_params = output_params
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
if not dn.startswith('cn='):
msg = 'netgroup with name "%s" already exists' % keys[-1]
@@ -160,6 +159,7 @@ class netgroup_mod(LDAPUpdate):
"""
Modify netgroup.
"""
+ has_output_params = output_params
api.register(netgroup_mod)
@@ -168,6 +168,7 @@ class netgroup_find(LDAPSearch):
"""
Search the groups.
"""
+ has_output_params = output_params
api.register(netgroup_find)
@@ -176,6 +177,7 @@ class netgroup_show(LDAPRetrieve):
"""
Display netgroup.
"""
+ has_output_params = output_params
api.register(netgroup_show)
@@ -184,14 +186,18 @@ class netgroup_add_member(LDAPAddMember):
"""
Add members to netgroup.
"""
+ has_output_params = output_params
+ member_attributes = ['memberuser', 'memberhost']
def post_callback(self, ldap, completed, failed, dn, entry_attrs, *keys, **options):
- if 'member' in failed and 'host' in failed['member']:
+ completed_external = 0
+ # Sift through the host failures. We assume that these are all
+ # hosts that aren't stored in IPA, aka external hosts.
+ if 'memberhost' in failed and 'host' in failed['memberhost']:
(dn, entry_attrs_) = ldap.get_entry(dn, ['externalhost'])
- members = entry_attrs.get('member', [])
+ members = entry_attrs.get('memberhost', [])
external_hosts = entry_attrs_.get('externalhost', [])
failed_hosts = []
- completed_external = 0
- for host in failed['member']['host']:
+ for host in failed['memberhost']['host']:
host = host.lower()
host_dn = self.api.Object['host'].get_dn(host)
if host not in external_hosts and host_dn not in members:
@@ -204,7 +210,7 @@ class netgroup_add_member(LDAPAddMember):
ldap.update_entry(dn, {'externalhost': external_hosts})
except errors.EmptyModlist:
pass
- failed['member']['host'] = failed_hosts
+ failed['memberhost']['host'] = failed_hosts
entry_attrs['externalhost'] = external_hosts
return (completed + completed_external, dn)
@@ -216,13 +222,17 @@ class netgroup_remove_member(LDAPRemoveMember):
"""
Remove members from netgroup.
"""
+ has_output_params = output_params
+ member_attributes = ['memberuser', 'memberhost']
def post_callback(self, ldap, completed, failed, dn, entry_attrs, *keys, **options):
- if 'member' in failed and 'host' in failed['member']:
+ # Run through the host failures and gracefully remove any defined as
+ # as an externalhost.
+ if 'memberhost' in failed and 'host' in failed['memberhost']:
(dn, entry_attrs) = ldap.get_entry(dn, ['externalhost'])
external_hosts = entry_attrs.get('externalhost', [])
failed_hosts = []
completed_external = 0
- for host in failed['member']['host']:
+ for host in failed['memberhost']['host']:
host = host.lower()
if host in external_hosts:
external_hosts.remove(host)
@@ -234,7 +244,7 @@ class netgroup_remove_member(LDAPRemoveMember):
ldap.update_entry(dn, {'externalhost': external_hosts})
except errors.EmptyModlist:
pass
- failed['member']['host'] = failed_hosts
+ failed['memberhost']['host'] = failed_hosts
entry_attrs['externalhost'] = external_hosts
return (completed + completed_external, dn)