diff options
author | Martin Kosek <mkosek@redhat.com> | 2012-01-26 13:41:39 +0100 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2012-01-26 10:17:39 -0600 |
commit | 0b9279a30a04de447b324eeb87e7a9e3b288bb1d (patch) | |
tree | ac2633d9c3c3e65908c56c883c1045f82c36032b /ipalib/plugins/host.py | |
parent | 4277253b837f1485a900abee2b5fd0c246fa8d50 (diff) | |
download | freeipa-0b9279a30a04de447b324eeb87e7a9e3b288bb1d.tar.gz freeipa-0b9279a30a04de447b324eeb87e7a9e3b288bb1d.tar.xz freeipa-0b9279a30a04de447b324eeb87e7a9e3b288bb1d.zip |
Add missing managing hosts filtering options
Host object has a virtual attribute "managing" containing all hosts
it manages (governed by managedBy attribute). This patch also adds
standard membership filtering options:
--man-hosts=HOSTS: Only hosts managing _all_ HOSTS are returned
--not-man-hosts=HOSTS: Only hosts which do not manage _any_ host
in HOSTS are returned
https://fedorahosted.org/freeipa/ticket/1675
Diffstat (limited to 'ipalib/plugins/host.py')
-rw-r--r-- | ipalib/plugins/host.py | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index a37297e48..0cae656b7 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -33,6 +33,7 @@ from ipalib.plugins.dns import dns_container_exists, _record_types from ipalib.plugins.dns import add_forward_record from ipalib import _, ngettext from ipalib import x509 +from ipalib.dn import * from ipapython.ipautil import ipa_generate_password, CheckedIPAddress from ipalib.request import context import base64 @@ -733,10 +734,56 @@ class host_find(LDAPSearch): ) member_attributes = ['memberof', 'enrolledby', 'managedby'] + def get_options(self): + for option in super(host_find, self).get_options(): + yield option + # "managing" membership has to be added and processed separately + for option in self.get_member_options('managing'): + yield option + def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **options): if 'locality' in attrs_list: attrs_list.remove('locality') attrs_list.append('l') + if 'man_host' in options or 'not_man_host' in options: + hosts = [] + if options.get('man_host') is not None: + for pkey in options.get('man_host', []): + dn = self.obj.get_dn(pkey) + try: + (dn, entry_attrs) = ldap.get_entry(dn, ['managedby']) + except errors.NotFound: + self.obj.handle_not_found(pkey) + hosts.append(set(entry_attrs.get('managedby', ''))) + hosts = list(reduce(lambda s1, s2: s1 & s2, hosts)) + + if not hosts: + # There is no host managing _all_ hosts in --man-hosts + filter = ldap.combine_filters( + (filter, '(objectclass=disabled)'), ldap.MATCH_ALL + ) + + not_hosts = [] + if options.get('not_man_host') is not None: + for pkey in options.get('not_man_host', []): + dn = self.obj.get_dn(pkey) + try: + (dn, entry_attrs) = ldap.get_entry(dn, ['managedby']) + except errors.NotFound: + self.obj.handle_not_found(pkey) + not_hosts += entry_attrs.get('managedby', []) + not_hosts = list(set(not_hosts)) + + for target_hosts, filter_op in ((hosts, ldap.MATCH_ANY), + (not_hosts, ldap.MATCH_NONE)): + hosts_avas = [DN(host)[0][0] for host in target_hosts] + hosts_filters = [ldap.make_filter_from_attr(ava.attr, ava.value) for ava in hosts_avas] + hosts_filter = ldap.combine_filters(hosts_filters, filter_op) + + filter = ldap.combine_filters( + (filter, hosts_filter), ldap.MATCH_ALL + ) + return (filter.replace('locality', 'l'), base_dn, scope) def post_callback(self, ldap, entries, truncated, *args, **options): |