diff options
| author | Martin Basti <mbasti@redhat.com> | 2015-11-20 11:53:06 +0100 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2015-11-20 16:44:27 +0100 |
| commit | 72b03a5d7931635b8563e374f217fa48c729450b (patch) | |
| tree | 173d0c661ce6667d5531fe95d238fd5244b9fc36 | |
| parent | 457c9746709042e6f4f8f37a85ca8ad562962405 (diff) | |
upgrade: fix migration of old dns forward zones
Plugins should call self.api not the global one during upgrade
https://fedorahosted.org/freeipa/ticket/5472
Reviewed-By: Petr Spacek <pspacek@redhat.com>
| -rw-r--r-- | ipalib/plugins/dns.py | 51 |
1 files changed, 27 insertions, 24 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 686eb7585..81a672d5e 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -1753,7 +1753,7 @@ def _normalize_zone(zone): return zone -def _get_auth_zone_ldap(name): +def _get_auth_zone_ldap(api, name): """ Find authoritative zone in LDAP for name. Only active zones are considered. :param name: @@ -1799,7 +1799,7 @@ def _get_auth_zone_ldap(name): return max(matched_auth_zones, key=len), truncated -def _get_longest_match_ns_delegation_ldap(zone, name): +def _get_longest_match_ns_delegation_ldap(api, zone, name): """ Searches for deepest delegation for name in LDAP zone. @@ -1875,7 +1875,7 @@ def _get_longest_match_ns_delegation_ldap(zone, name): return max(matched_records, key=len), truncated -def _find_subtree_forward_zones_ldap(name, child_zones_only=False): +def _find_subtree_forward_zones_ldap(api, name, child_zones_only=False): """ Search for forwardzone <name> and all child forwardzones Filter: (|(*.<name>.)(<name>.)) @@ -1929,7 +1929,7 @@ def _find_subtree_forward_zones_ldap(name, child_zones_only=False): return result, truncated -def _get_zone_which_makes_fw_zone_ineffective(fwzonename): +def _get_zone_which_makes_fw_zone_ineffective(api, fwzonename): """ Check if forward zone is effective. @@ -1954,12 +1954,12 @@ def _get_zone_which_makes_fw_zone_ineffective(fwzonename): """ assert isinstance(fwzonename, DNSName) - auth_zone, truncated_zone = _get_auth_zone_ldap(fwzonename) + auth_zone, truncated_zone = _get_auth_zone_ldap(api, fwzonename) if not auth_zone: return None, truncated_zone delegation_record_name, truncated_ns =\ - _get_longest_match_ns_delegation_ldap(auth_zone, fwzonename) + _get_longest_match_ns_delegation_ldap(api, auth_zone, fwzonename) truncated = truncated_ns or truncated_zone @@ -1969,12 +1969,12 @@ def _get_zone_which_makes_fw_zone_ineffective(fwzonename): return auth_zone, truncated -def _add_warning_fw_zone_is_not_effective(result, fwzone, version): +def _add_warning_fw_zone_is_not_effective(api, result, fwzone, version): """ Adds warning message to result, if required """ authoritative_zone, truncated = \ - _get_zone_which_makes_fw_zone_ineffective(fwzone) + _get_zone_which_makes_fw_zone_ineffective(api, fwzone) if authoritative_zone: # forward zone is not effective and forwarding will not work messages.add_message( @@ -2090,7 +2090,7 @@ class DNSZoneBase(LDAPObject): def _remove_permission(self, zone): permission_name = self.permission_name(zone) try: - api.Command['permission_del'](permission_name, force=True) + self.api.Command['permission_del'](permission_name, force=True) except errors.NotFound as e: if zone == DNSName.root: # special case root zone raise @@ -2100,7 +2100,8 @@ class DNSZoneBase(LDAPObject): zone.relativize(DNSName.root) ) try: - api.Command['permission_del'](permission_name_rel, force=True) + self.api.Command['permission_del'](permission_name_rel, + force=True) except errors.NotFound: raise e # re-raise original exception @@ -2298,7 +2299,8 @@ class DNSZoneBase_add_permission(LDAPQuery): keys[-1].relativize(DNSName.root) ) try: - api.Object['permission'].get_dn_if_exists(permission_name_rel) + self.api.Object['permission'].get_dn_if_exists( + permission_name_rel) except errors.NotFound: pass else: @@ -2309,7 +2311,7 @@ class DNSZoneBase_add_permission(LDAPQuery): } ) - permission = api.Command['permission_add_noaci'](permission_name, + permission = self.api.Command['permission_add_noaci'](permission_name, ipapermissiontype=u'SYSTEM' )['result'] @@ -2669,12 +2671,12 @@ class dnszone(DNSZoneBase): """ zone = keys[-1] affected_fw_zones, truncated = _find_subtree_forward_zones_ldap( - zone, child_zones_only=True) + self.api, zone, child_zones_only=True) if not affected_fw_zones: return for fwzone in affected_fw_zones: - _add_warning_fw_zone_is_not_effective(result, fwzone, + _add_warning_fw_zone_is_not_effective(self.api, result, fwzone, options['version']) def _warning_dnssec_master_is_not_installed(self, result, **options): @@ -2721,7 +2723,8 @@ class dnszone_add(DNSZoneBase_add): dn = super(dnszone_add, self).pre_callback( ldap, dn, entry_attrs, attrs_list, *keys, **options) - nameservers = [normalize_zone(x) for x in api.Object.dnsrecord.get_dns_masters()] + nameservers = [normalize_zone(x) for x in + self.api.Object.dnsrecord.get_dns_masters()] server = normalize_zone(api.env.host) zone = keys[-1] @@ -2771,7 +2774,7 @@ class dnszone_add(DNSZoneBase_add): not zone.is_reverse() and zone != DNSName.root): try: - api.Command['realmdomains_mod'](add_domain=unicode(zone), + self.api.Command['realmdomains_mod'](add_domain=unicode(zone), force=True) except (errors.EmptyModlist, errors.ValidationError): pass @@ -2805,8 +2808,8 @@ class dnszone_del(DNSZoneBase_del): not zone.is_reverse() and zone != DNSName.root ): try: - api.Command['realmdomains_mod'](del_domain=unicode(zone), - force=True) + self.api.Command['realmdomains_mod']( + del_domain=unicode(zone), force=True) except (errors.AttrValueNotFound, errors.ValidationError): pass @@ -3514,12 +3517,12 @@ class dnsrecord(LDAPObject): record_name_absolute = record_name_absolute.derelativize(zone) affected_fw_zones, truncated = _find_subtree_forward_zones_ldap( - record_name_absolute) + self.api, record_name_absolute) if not affected_fw_zones: return for fwzone in affected_fw_zones: - _add_warning_fw_zone_is_not_effective(result, fwzone, + _add_warning_fw_zone_is_not_effective(self.api, result, fwzone, options['version']) def warning_suspicious_relative_name(self, result, *keys, **options): @@ -3892,7 +3895,7 @@ class dnsrecord_mod(LDAPUpdate): # get DNS record first so that the NotFound exception is raised # before the helper would start - dns_record = api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result'] + dns_record = self.api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result'] rec_types = [rec_type for rec_type in dns_record if rec_type in _record_attributes] self.Backend.textui.print_plain(_("No option to modify specific record provided.")) @@ -4080,7 +4083,7 @@ class dnsrecord_del(LDAPUpdate): # get DNS record first so that the NotFound exception is raised # before the helper would start - dns_record = api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result'] + dns_record = self.api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result'] rec_types = [rec_type for rec_type in dns_record if rec_type in _record_attributes] self.Backend.textui.print_plain(_("No option to delete specific record provided.")) @@ -4395,7 +4398,7 @@ class dnsforwardzone(DNSZoneBase): def _warning_fw_zone_is_not_effective(self, result, *keys, **options): fwzone = keys[-1] - _add_warning_fw_zone_is_not_effective(result, fwzone, + _add_warning_fw_zone_is_not_effective(self.api, result, fwzone, options['version']) def _warning_if_forwarders_do_not_work(self, result, new_zone, @@ -4435,7 +4438,7 @@ class dnsforwardzone(DNSZoneBase): # validation is configured just in named.conf per replica ipa_dns_masters = [normalize_zone(x) for x in - api.Object.dnsrecord.get_dns_masters()] + self.api.Object.dnsrecord.get_dns_masters()] if not ipa_dns_masters: # something very bad happened, DNS is installed, but no IPA DNS |