freeipa/ipaserver/plugins/dnsserver.py

209 lines
5.4 KiB
Python
Raw Normal View History

#
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
#
from __future__ import absolute_import
from ipalib import (
_,
ngettext,
api,
DNSNameParam,
Str,
StrEnum,
errors,
)
from ipalib.frontend import Local
from ipalib.plugable import Registry
from ipalib.util import (
normalize_hostname,
hostname_validator,
validate_bind_forwarder,
)
from ipaserver.plugins.baseldap import (
LDAPObject,
LDAPRetrieve,
LDAPUpdate,
LDAPSearch,
LDAPCreate,
LDAPDelete,
)
from .dns import dns_container_exists
from ipapython.dn import DN
__doc__ = _("""
DNS server configuration
""") + _("""
Manipulate DNS server configuration
""") + _("""
EXAMPLES:
""") + _("""
Show configuration of a specific DNS server:
ipa dnsserver-show
""") + _("""
Update configuration of a specific DNS server:
ipa dnsserver-mod
""")
register = Registry()
topic = None
dnsserver_object_class = ['top', 'idnsServerConfigObject']
@register()
class dnsserver(LDAPObject):
"""
DNS Servers
"""
container_dn = api.env.container_dnsservers
object_name = _('DNS server')
object_name_plural = _('DNS servers')
object_class = dnsserver_object_class
default_attributes = [
'idnsServerId',
'idnsSOAmName',
'idnsForwarders',
'idnsForwardPolicy',
]
label = _('DNS Servers')
label_singular = _('DNS Server')
permission_filter_objectclasses = ['idnsServerConfigObject']
managed_permissions = {
'System: Read DNS Servers Configuration': {
'ipapermright': {'read', 'search', 'compare'},
'ipapermdefaultattr': {
'objectclass',
'idnsServerId',
'idnsSOAmName',
'idnsForwarders',
'idnsForwardPolicy',
'idnsSubstitutionVariable',
},
'ipapermlocation': api.env.basedn,
'default_privileges': {
'DNS Servers',
'DNS Administrators'
},
},
'System: Modify DNS Servers Configuration': {
'ipapermright': {'write'},
'ipapermdefaultattr': {
'idnsSOAmName',
'idnsForwarders',
'idnsForwardPolicy',
'idnsSubstitutionVariable',
},
'ipapermlocation': api.env.basedn,
'default_privileges': {'DNS Administrators'},
},
}
takes_params = (
Str(
'idnsserverid',
hostname_validator,
cli_name='hostname',
primary_key=True,
label=_('Server name'),
doc=_('DNS Server name'),
normalizer=normalize_hostname,
),
DNSNameParam(
'idnssoamname?',
cli_name='soa_mname_override',
label=_('SOA mname override'),
doc=_('SOA mname (authoritative server) override'),
),
Str(
'idnsforwarders*',
validate_bind_forwarder,
cli_name='forwarder',
label=_('Forwarders'),
doc=_(
'Per-server forwarders. A custom port can be specified '
'for each forwarder using a standard format '
'"IP_ADDRESS port PORT"'
),
),
StrEnum(
'idnsforwardpolicy?',
cli_name='forward_policy',
label=_('Forward policy'),
doc=_(
'Per-server conditional forwarding policy. Set to "none" to '
'disable forwarding to global forwarder for this zone. In '
'that case, conditional zone forwarders are disregarded.'
),
values=(u'only', u'first', u'none'),
),
)
def get_dn(self, *keys, **options):
if not dns_container_exists(self.api.Backend.ldap2):
raise errors.NotFound(reason=_('DNS is not configured'))
return super(dnsserver, self).get_dn(*keys, **options)
@register()
class dnsserver_mod(LDAPUpdate):
__doc__ = _('Modify DNS server configuration')
topic = 'dns'
msg_summary = _('Modified DNS server "%(value)s"')
@register()
class dnsserver_find(LDAPSearch):
__doc__ = _('Search for DNS servers.')
topic = 'dns'
msg_summary = ngettext(
'%(count)d DNS server matched',
'%(count)d DNS servers matched', 0
)
def pre_callback(self, ldap, filters, attrs_list,
base_dn, scope, *args, **options):
assert isinstance(base_dn, DN)
if not dns_container_exists(self.api.Backend.ldap2):
raise errors.InvocationError(
format=_('IPA DNS Server is not installed'))
return (filters, base_dn, scope)
@register()
class dnsserver_show(LDAPRetrieve):
__doc__=_('Display configuration of a DNS server.')
topic = 'dns'
@register()
class dnsserver_add(LDAPCreate, Local):
"""
Only for internal use, this is not part of public API on purpose.
Be careful in future this will be transformed to public API call
"""
__doc__ = _('Add a new DNS server.')
topic = 'dns'
msg_summary = _('Added new DNS server "%(value)s"')
@register()
class dnsserver_del(LDAPDelete, Local):
"""
Only for internal use, this is not part of public API on purpose.
Be careful in future this will be transformed to public API call
"""
__doc__ = _('Delete a DNS server')
topic = 'dns'
msg_summary = _('Deleted DNS server "%(value)s"')