Global DNS options

Implement API for DNS global options supported in bind-dyndb-ldap. Currently, global DNS option overrides any relevant option in named.conf. Thus they are not filled by default they are left as a possibility for a user. Bool encoding had to be fixed so that Bool LDAP attribute can also be deleted and not just set to True or False. https://fedorahosted.org/freeipa/ticket/2216
author: Martin Kosek <mkosek@redhat.com> 2012-02-10 12:54:49 +0100
committer: Martin Kosek <mkosek@redhat.com> 2012-02-24 09:40:40 +0100
commit: 2cf58937615c28527d1c78f883dad8726331c6df (patch)
tree: f1d696b248406bb2daa50c4e4c0e9a275bebf035
parent: 1816643a43802ca2a353930cb2bbb2781b39c80f (diff)
download: freeipa-2cf58937615c28527d1c78f883dad8726331c6df.tar.gz
freeipa-2cf58937615c28527d1c78f883dad8726331c6df.tar.xz
freeipa-2cf58937615c28527d1c78f883dad8726331c6df.zip
7 files changed, 94 insertions, 3 deletions
diff --git a/API.txt b/API.txt
index 66713317c..9942e630f 100644
--- a/API.txt
+++ b/API.txt
@@ -610,6 +610,28 @@ arg: Str('hostname')
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Output('result', <type 'bool'>, None)
 output: Output('value', <type 'unicode'>, None)
+command: dnsconfig_mod
+args: 0,8,3
+option: Str('idnsforwarders', attribute=True, autofill=False, cli_name='forwarder', csv=True, multivalue=True, required=False)
+option: Str('setattr*', cli_name='setattr', exclude='webui')
+option: Str('addattr*', cli_name='addattr', exclude='webui')
+option: Str('delattr*', cli_name='delattr', exclude='webui')
+option: Flag('rights', autofill=True, default=False)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('version?', exclude='webui')
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('value', <type 'unicode'>, None)
+command: dnsconfig_show
+args: 0,4,3
+option: Flag('rights', autofill=True, default=False)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('version?', exclude='webui')
+output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
+output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
+output: Output('value', <type 'unicode'>, None)
 command: dnsrecord_add
 args: 2,114,3
 arg: Str('dnszoneidnsname', cli_name='dnszone', query=True, required=True)
diff --git a/install/share/dns.ldif b/install/share/dns.ldif
index 1ffadb5a9..5a60bc11b 100644
--- a/install/share/dns.ldif
+++ b/install/share/dns.ldif
@@ -1,5 +1,6 @@
 dn: cn=dns,$SUFFIX
 changetype: add
+objectClass: idnsConfigObject
 objectClass: nsContainer
 objectClass: top
 cn: dns
diff --git a/install/updates/40-dns.update b/install/updates/40-dns.update
index 7b1c45754..ef2627bd7 100644
--- a/install/updates/40-dns.update
+++ b/install/updates/40-dns.update
@@ -20,3 +20,6 @@ add: basedn: 'cn=privileges,cn=pbac,$SUFFIX'
 add: filter: (objectclass=*)
 add: ttl: 10
 
+# add idnsConfigObject if it is not there already
+dn: cn=dns, $SUFFIX
+addifexist: objectClass: idnsConfigObject
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index fe32efccd..495a21b1d 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -148,6 +148,12 @@ EXAMPLES:
  if one is not included):
    ipa dns-resolve www.example.com
    ipa dns-resolve www
+
+ Show global DNS configuration:
+   ipa dnsconfig-show
+
+ Modify global DNS configuration and set a list of global forwarders:
+   ipa dnsconfig-mod --forwarder=10.0.0.1
 """)
 
 # supported resource record types
@@ -2100,3 +2106,47 @@ class dns_is_enabled(Command):
         return dict(result=dns_enabled, value=u'')
 
 api.register(dns_is_enabled)
+
+
+class dnsconfig(LDAPObject):
+    """
+    DNS global configuration object
+    """
+    object_name = _('DNS configuration options')
+    default_attributes = [ 'idnsforwarders', ]
+
+    label = _('DNS Global Configuration')
+    label_singular = _('DNS Global Configuration')
+
+    takes_params = (
+        Str('idnsforwarders*',
+            _validate_ipaddr,
+            cli_name='forwarder',
+            label=_('Global forwarders'),
+            doc=_('A list of global forwarders'),
+            csv=True,
+        ),
+    )
+
+    def get_dn(self, *keys, **kwargs):
+        return api.env.container_dns
+
+    def get_dnsconfig(self, ldap):
+        (dn, entry) = ldap.get_entry(self.get_dn(), None,
+                           normalize=self.normalize_dn)
+
+        return entry
+
+api.register(dnsconfig)
+
+
+class dnsconfig_mod(LDAPUpdate):
+    __doc__ = _('Modify global DNS configuration.')
+
+api.register(dnsconfig_mod)
+
+
+class dnsconfig_show(LDAPRetrieve):
+    __doc__ = _('Show the current global DNS configuration.')
+
+api.register(dnsconfig_show)
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 6ed21217a..0a76670d9 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -67,10 +67,11 @@ SASL_AUTH = _ldap_sasl.sasl({}, 'GSSAPI')
 # OID 1.3.6.1.4.1.1466.115.121.1.7 (Boolean) syntax encoding
 def _encode_bool(self, value):
     def encode_bool_value(value):
+        if value is None:
+            return None
         if value:
             return u'TRUE'
-        else:
-            return u'FALSE'
+        return u'FALSE'
 
     if type(value) in (tuple, list):
         return tuple(encode_bool_value(v) for v in value)
diff --git a/tests/test_xmlrpc/test_dns_plugin.py b/tests/test_xmlrpc/test_dns_plugin.py
index 9d83d924e..4ad67ce8c 100644
--- a/tests/test_xmlrpc/test_dns_plugin.py
+++ b/tests/test_xmlrpc/test_dns_plugin.py
@@ -64,6 +64,7 @@ class test_dns(Declarative):
         ('dnsrecord_del', [dnszone1, dnsres1], {'del_all' : True}),
         ('dnszone_del', [dnszone2], {}),
         ('dnszone_del', [revdnszone1], {}),
+        ('dnsconfig_mod', [], {'idnsforwarders' : None,})
     ]
 
     tests = [
@@ -774,6 +775,19 @@ class test_dns(Declarative):
 
 
         dict(
+            desc='Update global DNS settings',
+            command=('dnsconfig_mod', [], {'idnsforwarders' : [u'80.142.15.80'],}),
+            expected={
+                'value': u'',
+                'summary': None,
+                'result': {
+                    'idnsforwarders': [u'80.142.15.80'],
+                },
+            },
+        ),
+
+
+        dict(
             desc='Delete zone %r' % dnszone1,
             command=('dnszone_del', [dnszone1], {}),
             expected={
diff --git a/tests/test_xmlrpc/xmlrpc_test.py b/tests/test_xmlrpc/xmlrpc_test.py
index 4966cb1fb..fd30cc63b 100644
--- a/tests/test_xmlrpc/xmlrpc_test.py
+++ b/tests/test_xmlrpc/xmlrpc_test.py
@@ -222,7 +222,7 @@ class Declarative(XMLRPC_test):
             )
         try:
             api.Command[cmd](*args, **options)
-        except errors.NotFound:
+        except (errors.NotFound, errors.EmptyModlist):
             pass
 
     def test_generator(self):
author	Martin Kosek <mkosek@redhat.com>	2012-02-10 12:54:49 +0100
committer	Martin Kosek <mkosek@redhat.com>	2012-02-24 09:40:40 +0100
commit	2cf58937615c28527d1c78f883dad8726331c6df (patch)
tree	f1d696b248406bb2daa50c4e4c0e9a275bebf035
parent	1816643a43802ca2a353930cb2bbb2781b39c80f (diff)
download	freeipa-2cf58937615c28527d1c78f883dad8726331c6df.tar.gz freeipa-2cf58937615c28527d1c78f883dad8726331c6df.tar.xz freeipa-2cf58937615c28527d1c78f883dad8726331c6df.zip