Add new command compat-is-enabled

Add a new API command 'compat-is-enabled' which can be used to determine
whether Schema Compatibility plugin is configured to serve trusted domain
users and groups. The new command is not visible in IPA CLI.

https://fedorahosted.org/freeipa/ticket/3671
https://fedorahosted.org/freeipa/ticket/3672
This commit is contained in:
Ana Krivokapic 2013-08-02 16:14:27 +02:00 committed by Martin Kosek
parent efe5a96725
commit 6e28e709ed
3 changed files with 49 additions and 1 deletions

View File

@ -490,6 +490,10 @@ args: 1,1,1
arg: Str('request_id')
option: Str('version?', exclude='webui')
output: Output('result', None, None)
command: compat_is_enabled
args: 0,1,1
option: Str('version?', exclude='webui')
output: Output('result', None, None)
command: config_mod
args: 0,24,3
option: Str('addattr*', cli_name='addattr', exclude='webui')

View File

@ -89,4 +89,4 @@ IPA_DATA_VERSION=20100614120000
# #
########################################################
IPA_API_VERSION_MAJOR=2
IPA_API_VERSION_MINOR=63
IPA_API_VERSION_MINOR=64

View File

@ -990,3 +990,47 @@ class adtrust_is_enabled(Command):
return dict(result=True)
api.register(adtrust_is_enabled)
class compat_is_enabled(Command):
NO_CLI = True
__doc__ = _('Determine whether Schema Compatibility plugin is configured '
'to serve trusted domain users and groups')
def execute(self, *keys, **options):
ldap = self.api.Backend.ldap2
users_dn = DN(
('cn', 'users'),
('cn', 'Schema Compatibility'),
('cn', 'plugins'),
('cn', 'config')
)
groups_dn = DN(
('cn', 'groups'),
('cn', 'Schema Compatibility'),
('cn', 'plugins'),
('cn', 'config')
)
try:
users_entry = ldap.get_entry(users_dn)
except errors.NotFound:
return dict(result=False)
attr = users_entry.get('schema-compat-lookup-nsswitch')
if not attr or 'user' not in attr:
return dict(result=False)
try:
groups_entry = ldap.get_entry(groups_dn)
except errors.NotFound:
return dict(result=False)
attr = groups_entry.get('schema-compat-lookup-nsswitch')
if not attr or 'group' not in attr:
return dict(result=False)
return dict(result=True)
api.register(compat_is_enabled)