Add an LDAP attribute -> label mapping function to XML-RPC layer

Move some ACI functions around in preparation for cli delegation
2025-02-25 18:55:28 -06:00 · 2007-10-22 17:06:52 -04:00
parent a47f893957
commit 04636b8ae7
8 changed files with 112 additions and 28 deletions
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
@@ -95,7 +95,7 @@ class DelegationController(IPAController):
        try:
            aci_entry = client.get_aci_entry(aci_fields)
            aci = ipa.aci.ACI(acistr)
-            group_dn_to_cn = self.extract_group_cns([aci], client)
+            group_dn_to_cn = ipa.aci.extract_group_cns([aci], client)

            delegate = aci.to_dict()
            delegate['source_group_dn'] = delegate['source_group']
@@ -192,7 +192,7 @@ class DelegationController(IPAController):
            except SyntaxError:
                # ignore aci_str's that ACI can't parse
                pass
-        group_dn_to_cn = self.extract_group_cns(aci_list, client)
+        group_dn_to_cn = ipa.aci.extract_group_cns(aci_list, client)

        # The list page needs to display field labels, not raw
        # LDAP attributes
@@ -268,29 +268,3 @@ class DelegationController(IPAController):
    @identity.require(identity.not_anonymous())
    def delegatevalidate(self, tg_errors=None, **kw):
        return tg_errors, kw
-
-    def extract_group_cns(self, aci_list, client):
-        """Extracts all the cn's from a list of aci's and returns them as a hash
-           from group_dn to group_cn.
-
-           It first tries to cheat by looking at the first rdn for the
-           group dn.  If that's not cn for some reason, it looks up the group."""
-        group_dn_to_cn = {}
-        for aci in aci_list:
-            for dn in (aci.source_group, aci.dest_group):
-                if not group_dn_to_cn.has_key(dn):
-                    rdn_list = ldap.dn.str2dn(dn)
-                    first_rdn = rdn_list[0]
-                    for (type,value,junk) in first_rdn:
-                        if type == "cn":
-                            group_dn_to_cn[dn] = value
-                            break;
-                    else:
-                        try:
-                            group = client.get_entry_by_dn(dn, ['cn'])
-                            group_dn_to_cn[dn] = group.getValue('cn')
-                        except ipaerror.IPAError, e:
-                            group_dn_to_cn[dn] = 'unknown'
-
-        return group_dn_to_cn
-