diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-05-30 18:42:01 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-06-13 17:50:54 +0200 |
commit | 5f7086e7183f0fcfece2bdd5be3d1ea17384717b (patch) | |
tree | 27dab7bd3dae33d40c160f208db09d3d3ad54c6b /ipaserver/plugins/config.py | |
parent | b9aa31191b3067aced1432daa06d18b4382cd77f (diff) | |
download | freeipa-5f7086e7183f0fcfece2bdd5be3d1ea17384717b.tar.gz freeipa-5f7086e7183f0fcfece2bdd5be3d1ea17384717b.tar.xz freeipa-5f7086e7183f0fcfece2bdd5be3d1ea17384717b.zip |
Server Roles: make *config-show consume relevant roles/attributes
This patch modifies config objects so that the roles/attributes relevant to
the configuration are shown in the output:
* config-{show,mod} will show list of all IPA masters, CA servers and CA
renewal master
* dnsconfig-{show,mod} will list all DNS server and DNS key master
* trustconfig-{show,mod} will list all AD trust controllers and agents
* vaultconfig-show will list all Key Recovery Agents
http://www.freeipa.org/page/V4/Server_Roles
https://fedorahosted.org/freeipa/ticket/5181
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
Diffstat (limited to 'ipaserver/plugins/config.py')
-rw-r--r-- | ipaserver/plugins/config.py | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/ipaserver/plugins/config.py b/ipaserver/plugins/config.py index 46a40ddf7..95d1d6409 100644 --- a/ipaserver/plugins/config.py +++ b/ipaserver/plugins/config.py @@ -227,11 +227,40 @@ class config(LDAPObject): doc=_('Default types of supported user authentication'), values=(u'password', u'radius', u'otp', u'disabled'), ), + Str( + 'ipa_master_server*', + label=_('IPA masters'), + doc=_('List of all IPA masters'), + flags={'virtual_attribute', 'no_create', 'no_update'} + ), + Str( + 'ca_server_server*', + label=_('IPA CA servers'), + doc=_('IPA servers configured as certificate authority'), + flags={'virtual_attribute', 'no_create', 'no_update'} + ), + Str( + 'ca_renewal_master_server?', + label=_('IPA CA renewal master'), + doc=_('Renewal master for IPA certificate authority'), + flags={'virtual_attribute', 'no_create', 'no_update'} + ) ) def get_dn(self, *keys, **kwargs): return DN(('cn', 'ipaconfig'), ('cn', 'etc'), api.env.basedn) + def show_servroles_attributes(self, entry_attrs, **options): + if options.get('raw', False): + return + + backend = self.api.Backend.serverroles + + ca_config = backend.config_retrieve("CA server") + master_config = backend.config_retrieve("IPA master") + + entry_attrs.update(ca_config) + entry_attrs.update(master_config) @register() @@ -350,9 +379,15 @@ class config_mod(LDAPUpdate): return dn + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): + self.obj.show_servroles_attributes(entry_attrs, **options) + return dn @register() class config_show(LDAPRetrieve): __doc__ = _('Show the current configuration.') + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): + self.obj.show_servroles_attributes(entry_attrs, **options) + return dn |