Domain levels: use constants rather than hardcoded values

Added constants for domain levels
DOMAIN_LEVEL_0 = 0
DOMAIN_LEVEL_1 = 1

This allows to search for domain level easier in code.

Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Tomas Babej <tbabej@redhat.com>

8 files changed, 25 insertions, 18 deletions

diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install
index 9d3e93273..7f4c62176 100755
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@@ -33,6 +33,7 @@ from ipaserver.install import cainstance, custodiainstance, service
 from ipapython import dogtag
 from ipapython import version
 from ipalib import api
+from ipalib.constants import DOMAIN_LEVEL_0
 from ipapython.dn import DN
 from ipapython.config import IPAOptionParser
 from ipapython.ipa_log_manager import *
@@ -108,7 +109,7 @@ def get_dirman_password():
 
 def install_replica(safe_options, options, filename):
     domain_level = dsinstance.get_domain_level(api)
-    if domain_level > 0:
+    if domain_level > DOMAIN_LEVEL_0:
         options.promote = True
     else:
         options.promote = False
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index c01092d53..1350590b6 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -37,7 +37,7 @@ from ipaserver.install import bindinstance, cainstance, certs
 from ipaserver.install import opendnssecinstance, dnskeysyncinstance
 from ipapython import version, ipaldap
 from ipalib import api, errors, util
-from ipalib.constants import CACERT
+from ipalib.constants import CACERT, DOMAIN_LEVEL_0
 from ipalib.util import create_topology_graph, get_topology_connection_errors
 from ipapython.ipa_log_manager import *
 from ipapython.dn import DN
@@ -804,7 +804,8 @@ def del_master_managed(realm, hostname, options):
 
 def del_master_direct(realm, hostname, options):
     """
-    Removing of master for realm without managed topology (domain level < 1)
+    Removing of master for realm without managed topology
+    (domain level < DOMAIN_LEVEL_1)
     """
 
     force_del = False
@@ -1349,8 +1350,8 @@ def set_DNA_range(hostname, range, realm, dirman_passwd, next_range=False,
             sys.exit("Updating range failed: %s" % e)
 
 def has_managed_topology():
-    domainlevel = api.Command['domainlevel_get']().get('result', 0)
-    return domainlevel > 0
+    domainlevel = api.Command['domainlevel_get']().get('result', DOMAIN_LEVEL_0)
+    return domainlevel > DOMAIN_LEVEL_0
 
 def exit_on_managed_topology(what):
     sys.exit("{0} is deprecated with managed IPA replication topology. "
diff --git a/ipalib/constants.py b/ipalib/constants.py
index b3642bc85..fc0560ba4 100644
--- a/ipalib/constants.py
+++ b/ipalib/constants.py
@@ -234,8 +234,12 @@ LDAP_GENERALIZED_TIME_FORMAT = "%Y%m%d%H%M%SZ"
 IPA_ANCHOR_PREFIX = ':IPA:'
 SID_ANCHOR_PREFIX = ':SID:'
 
-MIN_DOMAIN_LEVEL = 0
-MAX_DOMAIN_LEVEL = 1
+# domains levels
+DOMAIN_LEVEL_0 = 0  # compat
+DOMAIN_LEVEL_1 = 1  # replica promotion, topology plugin
+
+MIN_DOMAIN_LEVEL = DOMAIN_LEVEL_0
+MAX_DOMAIN_LEVEL = DOMAIN_LEVEL_1
 
 # Constants used in generation of replication agreements and as topology
 # defaults
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 22155cac3..f9315f4f0 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -1530,7 +1530,7 @@ class CAInstance(DogtagInstance):
                           ca_type=None):
         """Creates a replica CA, creating a local DS backend and using
         the topology plugin to manage replication.
-        Requires domain_level >=1 and custodia on the master.
+        Requires domain_level >= DOMAIN_LEVEL_1 and custodia on the master.
         """
         self.ds_port = DEFAULT_DSPORT
         self.master_host = master_host
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 2952836d6..15b23a870 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -175,7 +175,7 @@ def get_domain_level(api=api):
     try:
         entry = conn.get_entry(dn, ['ipaDomainLevel'])
     except errors.NotFound:
-        return 0
+        return constants.DOMAIN_LEVEL_0
     return int(entry.single_value['ipaDomainLevel'])
 
 
diff --git a/ipaserver/install/ipa_kra_install.py b/ipaserver/install/ipa_kra_install.py
index 069c87278..1ae361edc 100644
--- a/ipaserver/install/ipa_kra_install.py
+++ b/ipaserver/install/ipa_kra_install.py
@@ -24,6 +24,7 @@ import tempfile
 
 from textwrap import dedent
 from ipalib import api
+from ipalib.constants import DOMAIN_LEVEL_0
 from ipaplatform import services
 from ipaplatform.paths import paths
 from ipapython import admintool
@@ -138,7 +139,7 @@ class KRAInstaller(KRAInstall):
 
         if self.installing_replica:
             domain_level = dsinstance.get_domain_level(api)
-            if domain_level > 0:
+            if domain_level > DOMAIN_LEVEL_0:
                 self.options.promote = True
                 return
 
diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py
index c573428ed..8998bc094 100644
--- a/ipaserver/install/ipa_replica_prepare.py
+++ b/ipaserver/install/ipa_replica_prepare.py
@@ -41,12 +41,12 @@ from ipapython import version
 from ipalib import api
 from ipalib import errors
 from ipaplatform.paths import paths
-from ipalib.constants import CACERT, MIN_DOMAIN_LEVEL
+from ipalib.constants import CACERT, DOMAIN_LEVEL_0
 
 
 UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE = """
 Replica creation using '{command_name}' to generate replica file
-is supported only in {min_domain_level}-level IPA domain.
+is supported only in {domain_level}-level IPA domain.
 
 The current IPA domain level is {curr_domain_level} and thus the replica must
 be created by promoting an existing IPA client.
@@ -692,10 +692,10 @@ class ReplicaPrepare(admintool.AdminTool):
 
     def check_domainlevel(self, api):
         domain_level = dsinstance.get_domain_level(api)
-        if domain_level > MIN_DOMAIN_LEVEL:
+        if domain_level > DOMAIN_LEVEL_0:
             raise RuntimeError(
                 UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE.format(
                     command_name=self.command_name,
-                    min_domain_level=MIN_DOMAIN_LEVEL,
+                    domain_level=DOMAIN_LEVEL_0,
                     curr_domain_level=domain_level)
             )
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index f07daead5..b01df9526 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -530,9 +530,9 @@ def install_check(installer):
         except errors.NotFound:
             # If we're joining an older master, domain entry is not
             # available
-            current = 0
+            current = constants.DOMAIN_LEVEL_0
 
-        if current != 0:
+        if current != constants.DOMAIN_LEVEL_0:
             raise RuntimeError(
                 "You cannot use a replica file to join a replica when the "
                 "domain is above level 0. Please join the system to the "
@@ -858,9 +858,9 @@ def promote_check(installer):
         except errors.NotFound:
             # If we're joining an older master, domain entry is not
             # available
-            current = 0
+            current = constants.DOMAIN_LEVEL_0
 
-        if current == 0:
+        if current == constants.DOMAIN_LEVEL_0:
             raise RuntimeError(
                 "You must provide a file generated by ipa-replica-prepare to "
                 "create a replica when the domain is at level 0."