From 59cf67c8613dcbc70730bb4f005fa63ad3899c5f Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 6 May 2015 11:47:46 -0400 Subject: Make SSSD config 'preconfigured' and unmodifiable Also fail to enable if not pre-configured Fixes #111 Signed-off-by: Simo Sorce --- ipsilon/admin/common.py | 10 ++++++++-- ipsilon/info/common.py | 8 +++++++- ipsilon/info/infosssd.py | 23 ++++++++++++++++++++++- 3 files changed, 37 insertions(+), 4 deletions(-) diff --git a/ipsilon/admin/common.py b/ipsilon/admin/common.py index 743c71c..a85a15d 100644 --- a/ipsilon/admin/common.py +++ b/ipsilon/admin/common.py @@ -282,7 +282,10 @@ class AdminPlugins(AdminPage): except AdminError, e: return self.root_with_msg(str(e), ADMIN_STATUS_WARN) if not obj.is_enabled: - obj.enable() + try: + obj.enable() + except Exception as e: # pylint: disable=broad-except + return self.root_with_msg(str(e), ADMIN_STATUS_WARN) obj.save_enabled_state() msg = "Plugin %s enabled" % obj.name return self.root_with_msg(msg, ADMIN_STATUS_OK, @@ -297,7 +300,10 @@ class AdminPlugins(AdminPage): except AdminError, e: return self.root_with_msg(str(e), ADMIN_STATUS_WARN) if obj.is_enabled: - obj.disable() + try: + obj.disable() + except Exception as e: # pylint: disable=broad-except + return self.root_with_msg(str(e), ADMIN_STATUS_WARN) obj.save_enabled_state() msg = "Plugin %s disabled" % obj.name return self.root_with_msg(msg, ADMIN_STATUS_OK, diff --git a/ipsilon/info/common.py b/ipsilon/info/common.py index a97d648..6907c72 100644 --- a/ipsilon/info/common.py +++ b/ipsilon/info/common.py @@ -65,7 +65,13 @@ class Info(Log): if item not in plugins.available: self.debug('Info Plugin %s not found' % item) continue - plugins.available[item].enable() + try: + plugins.available[item].enable() + except Exception as e: # pylint: disable=broad-except + while item in plugins.enabled: + plugins.enabled.remove(item) + self.debug("Info Plugin %s couldn't be enabled: %s" % ( + item, str(e))) def get_user_attrs(self, user, requested=None): plugins = self._site[FACILITY].available diff --git a/ipsilon/info/infosssd.py b/ipsilon/info/infosssd.py index 0dd78cc..559469a 100644 --- a/ipsilon/info/infosssd.py +++ b/ipsilon/info/infosssd.py @@ -9,6 +9,7 @@ from ipsilon.info.common import InfoProviderBase from ipsilon.info.common import InfoProviderInstaller from ipsilon.util.plugin import PluginObject from ipsilon.util.policy import Policy +from ipsilon.util import config as pconfig from string import Template import cherrypy import time @@ -46,7 +47,13 @@ class InfoProvider(InfoProviderBase): super(InfoProvider, self).__init__(*pargs) self.mapper = Policy(sssd_mapping) self.name = 'sssd' - self.new_config(self.name) + self.new_config( + self.name, + pconfig.Condition( + 'preconfigured', + 'SSSD can only be used when pre-configured', + False), + ) def _get_user_data(self, user): reply = dict() @@ -80,6 +87,18 @@ class InfoProvider(InfoProviderBase): return reply + def save_plugin_config(self, *args, **kwargs): + raise ValueError('Configuration cannot be modified live for SSSD') + + def get_config_obj(self): + return None + + def enable(self): + self.refresh_plugin_config() + if not self.get_config_value('preconfigured'): + raise Exception("SSSD Can be enabled only if pre-configured") + super(InfoProvider, self).enable() + CONF_TEMPLATE = """ LoadModule lookup_identity_module modules/mod_lookup_identity.so @@ -192,6 +211,8 @@ class Installer(InfoProviderInstaller): po.name = 'sssd' po.wipe_data() po.wipe_config_values() + config = {'preconfigured': True} + po.save_plugin_config(config) # Update global config to add info plugin po.is_enabled = True -- cgit