server: use topologysuffix name in iparepltopomanagedsuffix

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>

3 files changed, 103 insertions, 7 deletions

diff --git a/API.txt b/API.txt
index 43048874b..1e6942d06 100644
--- a/API.txt
+++ b/API.txt
@@ -3821,26 +3821,29 @@ output: Output('result', <type 'dict'>, None)
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: ListOfPrimaryKeys('value', None, None)
 command: server_find
-args: 1,10,4
+args: 1,12,4
 arg: Str('criteria?', noextrawhitespace=False)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
 option: Str('cn', attribute=True, autofill=False, cli_name='name', multivalue=False, primary_key=True, query=True, required=False)
 option: Int('ipamaxdomainlevel', attribute=True, autofill=False, cli_name='maxlevel', multivalue=False, query=True, required=False)
 option: Int('ipamindomainlevel', attribute=True, autofill=False, cli_name='minlevel', multivalue=False, query=True, required=False)
-option: Str('iparepltopomanagedsuffix', attribute=True, autofill=False, cli_name='suffix', multivalue=True, query=True, required=False)
+option: Flag('no_members', autofill=True, default=False, exclude='webui')
+option: Str('no_topologysuffix', cli_name='no_topologysuffixes', csv=True, multivalue=True, required=False)
 option: Flag('pkey_only?', autofill=True, default=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Int('sizelimit?', autofill=False, minvalue=0)
 option: Int('timelimit?', autofill=False, minvalue=0)
+option: Str('topologysuffix', cli_name='topologysuffixes', csv=True, multivalue=True, required=False)
 option: Str('version?', exclude='webui')
 output: Output('count', <type 'int'>, None)
 output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Output('truncated', <type 'bool'>, None)
 command: server_show
-args: 1,4,3
+args: 1,5,3
 arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Flag('no_members', autofill=True, default=False, exclude='webui')
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Flag('rights', autofill=True, default=False)
 option: Str('version?', exclude='webui')
diff --git a/VERSION b/VERSION
index 2c5979ad1..69a8a2970 100644
--- a/VERSION
+++ b/VERSION
@@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
 #                                                      #
 ########################################################
 IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=159
-# Last change: pvoborni - treat server's suffix as multivalued attribute in API
+IPA_API_VERSION_MINOR=160
+# Last change: jcholast - server: use topologysuffix name in iparepltopomanagedsuffix
diff --git a/ipalib/plugins/server.py b/ipalib/plugins/server.py
index af7f10204..8284a5805 100644
--- a/ipalib/plugins/server.py
+++ b/ipalib/plugins/server.py
@@ -45,6 +45,12 @@ class server(LDAPObject):
     ]
     label = _('IPA Servers')
     label_singular = _('IPA Server')
+    attribute_members = {
+        'iparepltopomanagedsuffix': ['topologysuffix'],
+    }
+    relationships = {
+        'iparepltopomanagedsuffix': ('Managed', '', 'no_'),
+    }
     takes_params = (
         Str(
             'cn',
@@ -55,8 +61,12 @@ class server(LDAPObject):
         ),
         Str(
             'iparepltopomanagedsuffix*',
-            cli_name='suffix',
-            label=_('Managed suffix'),
+            flags={'no_create', 'no_update', 'no_search'},
+        ),
+        Str(
+            'iparepltopomanagedsuffix_topologysuffix*',
+            label=_('Managed suffixes'),
+            flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
         ),
         Int(
             'ipamindomainlevel',
@@ -74,6 +84,22 @@ class server(LDAPObject):
         ),
     )
 
+    def _get_suffixes(self):
+        suffixes = self.api.Command.topologysuffix_find(
+            all=True, raw=True,
+        )['result']
+        suffixes = [(s['iparepltopoconfroot'][0], s['dn']) for s in suffixes]
+        return suffixes
+
+    def _apply_suffixes(self, entry, suffixes):
+        # change suffix DNs to topologysuffix entry DNs
+        # this fixes LDAPObject.convert_attribute_members() for suffixes
+        suffixes = dict(suffixes)
+        if 'iparepltopomanagedsuffix' in entry:
+            entry['iparepltopomanagedsuffix'] = [
+                suffixes.get(m, m) for m in entry['iparepltopomanagedsuffix']
+            ]
+
 
 @register()
 class server_find(LDAPSearch):
@@ -83,12 +109,79 @@ class server_find(LDAPSearch):
         '%(count)d IPA server matched',
         '%(count)d IPA servers matched', 0
     )
+    member_attributes = ['iparepltopomanagedsuffix']
+
+    def get_options(self):
+        for option in super(server_find, self).get_options():
+            if option.name == 'topologysuffix':
+                option = option.clone(cli_name='topologysuffixes')
+            elif option.name == 'no_topologysuffix':
+                option = option.clone(cli_name='no_topologysuffixes')
+            yield option
+
+    def get_member_filter(self, ldap, **options):
+        options.pop('topologysuffix', None)
+        options.pop('no_topologysuffix', None)
+
+        return super(server_find, self).get_member_filter(ldap, **options)
+
+    def pre_callback(self, ldap, filters, attrs_list, base_dn, scope,
+                     *args, **options):
+        included = options.get('topologysuffix')
+        excluded = options.get('no_topologysuffix')
+
+        if included or excluded:
+            topologysuffix = self.api.Object.topologysuffix
+            suffixes = self.obj._get_suffixes()
+            suffixes = {s[1]: s[0] for s in suffixes}
+
+            if included:
+                included = [topologysuffix.get_dn(pk) for pk in included]
+                try:
+                    included = [suffixes[dn] for dn in included]
+                except KeyError:
+                    # force empty result
+                    filter = '(!(objectclass=*))'
+                else:
+                    filter = ldap.make_filter_from_attr(
+                        'iparepltopomanagedsuffix', included, ldap.MATCH_ALL
+                    )
+                filters = ldap.combine_filters(
+                    (filters, filter), ldap.MATCH_ALL
+                )
+
+            if excluded:
+                excluded = [topologysuffix.get_dn(pk) for pk in excluded]
+                excluded = [suffixes[dn] for dn in excluded if dn in suffixes]
+                filter = ldap.make_filter_from_attr(
+                    'iparepltopomanagedsuffix', excluded, ldap.MATCH_NONE
+                )
+                filters = ldap.combine_filters(
+                    (filters, filter), ldap.MATCH_ALL
+                )
+
+        return (filters, base_dn, scope)
+
+    def post_callback(self, ldap, entries, truncated, *args, **options):
+        if not options.get('raw', False):
+            suffixes = self.obj._get_suffixes()
+            for entry in entries:
+                self.obj._apply_suffixes(entry, suffixes)
+
+        return truncated
 
 
 @register()
 class server_show(LDAPRetrieve):
     __doc__ = _('Show IPA server.')
 
+    def post_callback(self, ldap, dn, entry, *keys, **options):
+        if not options.get('raw', False):
+            suffixes = self.obj._get_suffixes()
+            self.obj._apply_suffixes(entry, suffixes)
+
+        return dn
+
 
 @register()
 class server_del(LDAPDelete):