diff options
-rw-r--r-- | API.txt | 3 | ||||
-rw-r--r-- | VERSION | 4 | ||||
-rw-r--r-- | ipaserver/plugins/config.py | 23 |
3 files changed, 26 insertions, 4 deletions
@@ -789,9 +789,10 @@ args: 0,1,1 option: Str('version?') output: Output('result') command: config_mod -args: 0,25,3 +args: 0,26,3 option: Str('addattr*', cli_name='addattr') option: Flag('all', autofill=True, cli_name='all', default=False) +option: Str('ca_renewal_master_server?', autofill=False) option: Str('delattr*', cli_name='delattr') option: StrEnum('ipaconfigstring*', autofill=False, cli_name='ipaconfigstring', values=[u'AllowNThash', u'KDC:Disable Last Success', u'KDC:Disable Lockout', u'KDC:Disable Default Preauth for SPNs']) option: Str('ipadefaultemaildomain?', autofill=False, cli_name='emaildomain') @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=179 -# Last change: mbabinsk - Server Roles: make server-{show,find} utilize role information +IPA_API_VERSION_MINOR=180 +# Last change: mbabink - Server Roles: provide an API for setting CA renewal master diff --git a/ipaserver/plugins/config.py b/ipaserver/plugins/config.py index 95d1d6409..94a48a27d 100644 --- a/ipaserver/plugins/config.py +++ b/ipaserver/plugins/config.py @@ -243,7 +243,7 @@ class config(LDAPObject): 'ca_renewal_master_server?', label=_('IPA CA renewal master'), doc=_('Renewal master for IPA certificate authority'), - flags={'virtual_attribute', 'no_create', 'no_update'} + flags={'virtual_attribute', 'no_create'} ) ) @@ -377,8 +377,29 @@ class config_mod(LDAPUpdate): raise errors.ValidationError(name=failedattr, error=_('SELinux user map default user not in order list')) + if 'ca_renewal_master_server' in options: + new_master = options['ca_renewal_master_server'] + + try: + self.api.Object.server.get_dn_if_exists(new_master) + except errors.NotFound: + self.api.Object.server.handle_not_found(new_master) + + backend = self.api.Backend.serverroles + backend.config_update(ca_renewal_master_server=new_master) + return dn + def exc_callback(self, keys, options, exc, call_func, + *call_args, **call_kwargs): + if (isinstance(exc, errors.EmptyModlist) and + call_func.__name__ == 'update_entry' and + 'ca_renewal_master_server' in options): + return + + super(config_mod, self).exc_callback( + keys, options, exc, call_func, *call_args, **call_kwargs) + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): self.obj.show_servroles_attributes(entry_attrs, **options) return dn |