diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-10-21 13:24:05 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-10-30 11:50:05 +0100 |
commit | 2c433cdd7ed527ba24c64d4d7cead6eee7ede867 (patch) | |
tree | c379343a0dbfab60b531c2846815b284db56575f /ipalib | |
parent | dadf7cddf0da834feafe234cecd23b4a0e9f39ba (diff) | |
download | freeipa-2c433cdd7ed527ba24c64d4d7cead6eee7ede867.tar.gz freeipa-2c433cdd7ed527ba24c64d4d7cead6eee7ede867.tar.xz freeipa-2c433cdd7ed527ba24c64d4d7cead6eee7ede867.zip |
Use new ipaldap entry API in aci and permission plugin
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/plugins/aci.py | 48 | ||||
-rw-r--r-- | ipalib/plugins/permission.py | 2 |
2 files changed, 27 insertions, 23 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py index 76f87aaf8..328effcbc 100644 --- a/ipalib/plugins/aci.py +++ b/ipalib/plugins/aci.py @@ -367,20 +367,21 @@ def _aci_to_kw(ldap, a, test=False, pkey_only=False): groupdn = DN(groupdn) if len(groupdn) and groupdn[0].attr == 'cn': dn = DN() - entry_attrs = {} + entry = {} try: - (dn, entry_attrs) = ldap.get_entry(groupdn, ['cn']) + entry = ldap.get_entry(groupdn, ['cn']) + dn = entry.dn except errors.NotFound, e: # FIXME, use real name here if test: dn = DN(('cn', 'test'), api.env.container_permission, api.env.basedn) - entry_attrs = {'cn': [u'test']} + entry = {'cn': [u'test']} if api.env.container_permission in dn: - kw['permission'] = entry_attrs['cn'][0] + kw['permission'] = entry['cn'][0] else: - if 'cn' in entry_attrs: - kw['group'] = entry_attrs['cn'][0] + if 'cn' in entry: + kw['group'] = entry['cn'][0] return kw @@ -537,19 +538,20 @@ class aci_add(crud.Create): newaci = _make_aci(ldap, None, aciname, kw) - (dn, entry_attrs) = ldap.get_entry(self.api.env.basedn, ['aci']) + entry = ldap.get_entry(self.api.env.basedn, ['aci']) + dn = entry.dn - acis = _convert_strings_to_acis(entry_attrs.get('aci', [])) + acis = _convert_strings_to_acis(entry.get('aci', [])) for a in acis: # FIXME: add check for permission_group = permission_group if a.isequal(newaci) or newaci.name == a.name: raise errors.DuplicateEntry() newaci_str = unicode(newaci) - entry_attrs['aci'].append(newaci_str) + entry['aci'].append(newaci_str) if not kw.get('test', False): - ldap.update_entry(dn, entry_attrs) + ldap.update_entry(entry) if kw.get('raw', False): result = dict(aci=unicode(newaci_str)) @@ -581,9 +583,10 @@ class aci_del(crud.Delete): """ ldap = self.api.Backend.ldap2 - (dn, entry_attrs) = ldap.get_entry(self.api.env.basedn, ['aci']) + entry = ldap.get_entry(self.api.env.basedn, ['aci']) + dn = entry.dn - acistrs = entry_attrs.get('aci', []) + acistrs = entry.get('aci', []) acis = _convert_strings_to_acis(acistrs) aci = _find_aci_by_name(acis, aciprefix, aciname) for a in acistrs: @@ -592,9 +595,9 @@ class aci_del(crud.Delete): acistrs.remove(a) break - entry_attrs['aci'] = acistrs + entry['aci'] = acistrs - ldap.update_entry(dn, entry_attrs) + ldap.update_entry(entry) return dict( result=True, @@ -624,9 +627,9 @@ class aci_mod(crud.Update): aciprefix = kw['aciprefix'] ldap = self.api.Backend.ldap2 - (dn, entry_attrs) = ldap.get_entry(self.api.env.basedn, ['aci']) + entry = ldap.get_entry(self.api.env.basedn, ['aci']) - acis = _convert_strings_to_acis(entry_attrs.get('aci', [])) + acis = _convert_strings_to_acis(entry.get('aci', [])) aci = _find_aci_by_name(acis, aciprefix, aciname) # The strategy here is to convert the ACI we're updating back into @@ -700,9 +703,10 @@ class aci_find(crud.Search): def execute(self, term, **kw): ldap = self.api.Backend.ldap2 - (dn, entry_attrs) = ldap.get_entry(self.api.env.basedn, ['aci']) + entry = ldap.get_entry(self.api.env.basedn, ['aci']) + dn = entry.dn - acis = _convert_strings_to_acis(entry_attrs.get('aci', [])) + acis = _convert_strings_to_acis(entry.get('aci', [])) results = [] if term: @@ -901,9 +905,9 @@ class aci_show(crud.Retrieve): """ ldap = self.api.Backend.ldap2 - (dn, entry_attrs) = ldap.get_entry(self.api.env.basedn, ['aci']) + entry = ldap.get_entry(self.api.env.basedn, ['aci']) - acis = _convert_strings_to_acis(entry_attrs.get('aci', [])) + acis = _convert_strings_to_acis(entry.get('aci', [])) aci = _find_aci_by_name(acis, kw['aciprefix'], aciname) if kw.get('raw', False): @@ -940,9 +944,9 @@ class aci_rename(crud.Update): def execute(self, aciname, **kw): ldap = self.api.Backend.ldap2 - (dn, entry_attrs) = ldap.get_entry(self.api.env.basedn, ['aci']) + entry = ldap.get_entry(self.api.env.basedn, ['aci']) - acis = _convert_strings_to_acis(entry_attrs.get('aci', [])) + acis = _convert_strings_to_acis(entry.get('aci', [])) aci = _find_aci_by_name(acis, kw['aciprefix'], aciname) for a in acis: diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index 2284dbe4d..0f1fe667f 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -347,7 +347,7 @@ class permission_mod(LDAPUpdate): except (IndexError, KeyError), e: raise ValueError("expected dn starting with 'cn=' but got '%s'" % dn) new_dn[0].value = options['rename'] - (new_dn, attrs) = ldap.get_entry(new_dn, attrs_list) + entry = ldap.get_entry(new_dn, attrs_list) raise errors.DuplicateEntry() except errors.NotFound: pass # permission may be renamed, continue |