mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 23:50:03 -06:00
Add range-mod command
range plugin was missing range-mod command that could be used for example to fix a size for a range generated during upgrades. The range should be updated with a caution though, a misconfiguration could break trusts. iparangetype is now also handled better and filled in all commands instead of just range-show. objectclass attribute is deleted only when really needed now.
This commit is contained in:
parent
9d69db80a3
commit
34f8ff4793
19
API.txt
19
API.txt
@ -2411,6 +2411,25 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, None)
|
||||
output: Output('truncated', <type 'bool'>, None)
|
||||
command: range_mod
|
||||
args: 1,13,3
|
||||
arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True)
|
||||
option: Int('ipabaseid', attribute=True, autofill=False, cli_name='base_id', multivalue=False, required=False)
|
||||
option: Int('ipaidrangesize', attribute=True, autofill=False, cli_name='range_size', multivalue=False, required=False)
|
||||
option: Int('ipabaserid', attribute=True, autofill=False, cli_name='rid_base', multivalue=False, required=False)
|
||||
option: Int('ipasecondarybaserid', attribute=True, autofill=False, cli_name='secondary_rid_base', multivalue=False, required=False)
|
||||
option: Str('ipanttrusteddomainsid', attribute=True, autofill=False, cli_name='dom_sid', multivalue=False, required=False)
|
||||
option: Str('iparangetype', attribute=True, autofill=False, cli_name='iparangetype', multivalue=False, required=False)
|
||||
option: Str('setattr*', cli_name='setattr', exclude='webui')
|
||||
option: Str('addattr*', cli_name='addattr', exclude='webui')
|
||||
option: Str('delattr*', cli_name='delattr', exclude='webui')
|
||||
option: Flag('rights', autofill=True, default=False)
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
|
||||
option: Str('version?', exclude='webui')
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
||||
output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
|
||||
output: Output('value', <type 'unicode'>, None)
|
||||
command: range_show
|
||||
args: 1,4,3
|
||||
arg: Str('cn', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True)
|
||||
|
2
VERSION
2
VERSION
@ -79,4 +79,4 @@ IPA_DATA_VERSION=20100614120000
|
||||
# #
|
||||
########################################################
|
||||
IPA_API_VERSION_MAJOR=2
|
||||
IPA_API_VERSION_MINOR=39
|
||||
IPA_API_VERSION_MINOR=40
|
||||
|
@ -80,6 +80,16 @@ class range(LDAPObject):
|
||||
)
|
||||
)
|
||||
|
||||
def handle_iparangetype(self, entry_attrs, options, keep_objectclass=False):
|
||||
if not options.get('pkey_only', False):
|
||||
if 'ipatrustedaddomainrange' in entry_attrs.get('objectclass', []):
|
||||
entry_attrs['iparangetype'] = [unicode(_('Active Directory domain range'))]
|
||||
else:
|
||||
entry_attrs['iparangetype'] = [unicode(_(u'local domain range'))]
|
||||
if not keep_objectclass:
|
||||
if not options.get('all', False) or options.get('pkey_only', False):
|
||||
entry_attrs.pop('objectclass', None)
|
||||
|
||||
class range_add(LDAPCreate):
|
||||
__doc__ = _('Add new ID range.')
|
||||
|
||||
@ -99,6 +109,10 @@ class range_add(LDAPCreate):
|
||||
|
||||
return dn
|
||||
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
self.obj.handle_iparangetype(entry_attrs, options, keep_objectclass=True)
|
||||
return dn
|
||||
|
||||
class range_del(LDAPDelete):
|
||||
__doc__ = _('Delete an ID range.')
|
||||
|
||||
@ -114,8 +128,14 @@ class range_find(LDAPSearch):
|
||||
# Since all range types are stored within separate containers under
|
||||
# 'cn=ranges,cn=etc' search can be done on a one-level scope
|
||||
def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options):
|
||||
attrs_list.append('objectclass')
|
||||
return (filters, base_dn, ldap.SCOPE_ONELEVEL)
|
||||
|
||||
def post_callback(self, ldap, entries, truncated, *args, **options):
|
||||
for dn,entry in entries:
|
||||
self.obj.handle_iparangetype(entry, options)
|
||||
return truncated
|
||||
|
||||
class range_show(LDAPRetrieve):
|
||||
__doc__ = _('Display information about a range.')
|
||||
|
||||
@ -124,16 +144,25 @@ class range_show(LDAPRetrieve):
|
||||
return dn
|
||||
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
if 'ipatrustedaddomainrange' in entry_attrs['objectclass']:
|
||||
entry_attrs['iparangetype']=(u'Active Directory domain range')
|
||||
else:
|
||||
entry_attrs['iparangetype']=(u'local domain range')
|
||||
del entry_attrs['objectclass']
|
||||
self.obj.handle_iparangetype(entry_attrs, options)
|
||||
return dn
|
||||
|
||||
class range_mod(LDAPUpdate):
|
||||
__doc__ = _('Modify ID range.')
|
||||
|
||||
msg_summary = _('Modified ID range "%(value)s"')
|
||||
|
||||
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
|
||||
attrs_list.append('objectclass')
|
||||
return dn
|
||||
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
self.obj.handle_iparangetype(entry_attrs, options)
|
||||
return dn
|
||||
|
||||
api.register(range)
|
||||
api.register(range_add)
|
||||
#api.register(range_mod)
|
||||
api.register(range_mod)
|
||||
api.register(range_del)
|
||||
api.register(range_find)
|
||||
api.register(range_show)
|
||||
|
@ -49,7 +49,8 @@ class test_range(Declarative):
|
||||
ipabaseid=[u'900000'],
|
||||
ipabaserid=[u'1000'],
|
||||
ipasecondarybaserid=[u'20000'],
|
||||
ipaidrangesize=[u'99999']
|
||||
ipaidrangesize=[u'99999'],
|
||||
iparangetype=[u'local domain range'],
|
||||
),
|
||||
value=testrange1,
|
||||
summary=u'Added ID range "%s"' % (testrange1),
|
||||
@ -69,11 +70,29 @@ class test_range(Declarative):
|
||||
ipabaserid=[u'1000'],
|
||||
ipasecondarybaserid=[u'20000'],
|
||||
ipaidrangesize=[u'99999'],
|
||||
iparangetype=u'local domain range',
|
||||
iparangetype=[u'local domain range'],
|
||||
),
|
||||
value=testrange1,
|
||||
summary=None,
|
||||
),
|
||||
),
|
||||
|
||||
|
||||
dict(
|
||||
desc='Modify range %r' % (testrange1),
|
||||
command=('range_mod', [testrange1], dict(ipaidrangesize=90000)),
|
||||
expected=dict(
|
||||
result=dict(
|
||||
cn=[testrange1],
|
||||
ipabaseid=[u'900000'],
|
||||
ipabaserid=[u'1000'],
|
||||
ipasecondarybaserid=[u'20000'],
|
||||
ipaidrangesize=[u'90000'],
|
||||
iparangetype=[u'local domain range'],
|
||||
),
|
||||
value=testrange1,
|
||||
summary=u'Modified ID range "%s"' % (testrange1),
|
||||
),
|
||||
),
|
||||
|
||||
]
|
||||
|
Loading…
Reference in New Issue
Block a user