diff options
author | Martin Kosek <mkosek@redhat.com> | 2012-04-25 16:24:20 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-04-26 14:31:53 +0200 |
commit | b137b7137176fbcc02db0b9b9fdf53a896fdd11a (patch) | |
tree | 4af77975938f963c02007ac54fa4bdebb8b48f99 /ipalib/plugins/pwpolicy.py | |
parent | 81c65ee0b2961a96a7a3b2d072f6cb0ec6933a27 (diff) | |
download | freeipa-b137b7137176fbcc02db0b9b9fdf53a896fdd11a.tar.gz freeipa-b137b7137176fbcc02db0b9b9fdf53a896fdd11a.tar.xz freeipa-b137b7137176fbcc02db0b9b9fdf53a896fdd11a.zip |
Sort password policies properly with --pkey-only
Password policy plugin sorts password policies by its COS priority.
However, when the pwpolicy-find command is run with --pkey-only,
the resulting entries do not contain COS priority and the sort
function crashes.
This patch makes sure that cospriority is present in the time
of the result sorting process and removes the cospriority again
when the sorting is done. This way, the entries are sorted properly
both with and without --pkey-only flag.
Previous entries_sortfn member attribute of LDAPSearch class
containing custom user sorting function was replaced just with
a flag indicating if a sorting in LDAPSearch shall be done at all.
This change makes it possible to sort entries in a custom
post_callback which is much more powerful (and essential for
sorting like in pwpolicy plugin) approach than a plain sorting
function.
https://fedorahosted.org/freeipa/ticket/2676
Diffstat (limited to 'ipalib/plugins/pwpolicy.py')
-rw-r--r-- | ipalib/plugins/pwpolicy.py | 32 |
1 files changed, 26 insertions, 6 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 90a2ea110..330f9f7e5 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -456,6 +456,9 @@ api.register(pwpolicy_show) class pwpolicy_find(LDAPSearch): __doc__ = _('Search for group password policies.') + # this command does custom sorting in post_callback + sort_result_entries = False + def sort_priority(self,x,y): # global policy will be always last in the output if x[1]['cn'][0] == global_policy_name: @@ -464,17 +467,34 @@ class pwpolicy_find(LDAPSearch): return -1 else: # policies with higher priority will be at the beginning of the list - return cmp(int(x[1]['cospriority'][0]), int(y[1]['cospriority'][0])) - - entries_sortfn = sort_priority + try: + x = cmp(int(x[1]['cospriority'][0]), int(y[1]['cospriority'][0])) + except KeyError: + # if cospriority is not present in the entry, rather return 0 + # than crash + x = 0 + return x def post_callback(self, ldap, entries, truncated, *args, **options): - if options.get('pkey_only', False): - return False for e in entries: # attribute rights are not allowed for pwpolicy_find self.obj.add_cospriority(e[1], e[1]['cn'][0], rights=False) - self.obj.convert_time_for_output(e[1], **options) + if options.get('pkey_only', False): + # when pkey_only flag is on, entries should contain only a cn + # and a cospriority attribute that will be used for sorting + # When the entries are sorted, cosentry is removed + self.obj.convert_time_for_output(e[1], **options) + + # do custom entry sorting by its cospriority + entries.sort(self.sort_priority) + + if options.get('pkey_only', False): + # remove cospriority that was used for sorting + for e in entries: + try: + del e[1]['cospriority'] + except KeyError: + pass api.register(pwpolicy_find) |