upgrade: fix migration of old dns forward zones

Plugins should call self.api not the global one during upgrade

https://fedorahosted.org/freeipa/ticket/5472

Reviewed-By: Petr Spacek <pspacek@redhat.com>
This commit is contained in:
Martin Basti 2015-11-20 11:53:06 +01:00
parent 457c974670
commit 72b03a5d79

View File

@ -1753,7 +1753,7 @@ def _normalize_zone(zone):
return zone
def _get_auth_zone_ldap(name):
def _get_auth_zone_ldap(api, name):
"""
Find authoritative zone in LDAP for name. Only active zones are considered.
:param name:
@ -1799,7 +1799,7 @@ def _get_auth_zone_ldap(name):
return max(matched_auth_zones, key=len), truncated
def _get_longest_match_ns_delegation_ldap(zone, name):
def _get_longest_match_ns_delegation_ldap(api, zone, name):
"""
Searches for deepest delegation for name in LDAP zone.
@ -1875,7 +1875,7 @@ def _get_longest_match_ns_delegation_ldap(zone, name):
return max(matched_records, key=len), truncated
def _find_subtree_forward_zones_ldap(name, child_zones_only=False):
def _find_subtree_forward_zones_ldap(api, name, child_zones_only=False):
"""
Search for forwardzone <name> and all child forwardzones
Filter: (|(*.<name>.)(<name>.))
@ -1929,7 +1929,7 @@ def _find_subtree_forward_zones_ldap(name, child_zones_only=False):
return result, truncated
def _get_zone_which_makes_fw_zone_ineffective(fwzonename):
def _get_zone_which_makes_fw_zone_ineffective(api, fwzonename):
"""
Check if forward zone is effective.
@ -1954,12 +1954,12 @@ def _get_zone_which_makes_fw_zone_ineffective(fwzonename):
"""
assert isinstance(fwzonename, DNSName)
auth_zone, truncated_zone = _get_auth_zone_ldap(fwzonename)
auth_zone, truncated_zone = _get_auth_zone_ldap(api, fwzonename)
if not auth_zone:
return None, truncated_zone
delegation_record_name, truncated_ns =\
_get_longest_match_ns_delegation_ldap(auth_zone, fwzonename)
_get_longest_match_ns_delegation_ldap(api, auth_zone, fwzonename)
truncated = truncated_ns or truncated_zone
@ -1969,12 +1969,12 @@ def _get_zone_which_makes_fw_zone_ineffective(fwzonename):
return auth_zone, truncated
def _add_warning_fw_zone_is_not_effective(result, fwzone, version):
def _add_warning_fw_zone_is_not_effective(api, result, fwzone, version):
"""
Adds warning message to result, if required
"""
authoritative_zone, truncated = \
_get_zone_which_makes_fw_zone_ineffective(fwzone)
_get_zone_which_makes_fw_zone_ineffective(api, fwzone)
if authoritative_zone:
# forward zone is not effective and forwarding will not work
messages.add_message(
@ -2090,7 +2090,7 @@ class DNSZoneBase(LDAPObject):
def _remove_permission(self, zone):
permission_name = self.permission_name(zone)
try:
api.Command['permission_del'](permission_name, force=True)
self.api.Command['permission_del'](permission_name, force=True)
except errors.NotFound as e:
if zone == DNSName.root: # special case root zone
raise
@ -2100,7 +2100,8 @@ class DNSZoneBase(LDAPObject):
zone.relativize(DNSName.root)
)
try:
api.Command['permission_del'](permission_name_rel, force=True)
self.api.Command['permission_del'](permission_name_rel,
force=True)
except errors.NotFound:
raise e # re-raise original exception
@ -2298,7 +2299,8 @@ class DNSZoneBase_add_permission(LDAPQuery):
keys[-1].relativize(DNSName.root)
)
try:
api.Object['permission'].get_dn_if_exists(permission_name_rel)
self.api.Object['permission'].get_dn_if_exists(
permission_name_rel)
except errors.NotFound:
pass
else:
@ -2309,7 +2311,7 @@ class DNSZoneBase_add_permission(LDAPQuery):
}
)
permission = api.Command['permission_add_noaci'](permission_name,
permission = self.api.Command['permission_add_noaci'](permission_name,
ipapermissiontype=u'SYSTEM'
)['result']
@ -2669,12 +2671,12 @@ class dnszone(DNSZoneBase):
"""
zone = keys[-1]
affected_fw_zones, truncated = _find_subtree_forward_zones_ldap(
zone, child_zones_only=True)
self.api, zone, child_zones_only=True)
if not affected_fw_zones:
return
for fwzone in affected_fw_zones:
_add_warning_fw_zone_is_not_effective(result, fwzone,
_add_warning_fw_zone_is_not_effective(self.api, result, fwzone,
options['version'])
def _warning_dnssec_master_is_not_installed(self, result, **options):
@ -2721,7 +2723,8 @@ class dnszone_add(DNSZoneBase_add):
dn = super(dnszone_add, self).pre_callback(
ldap, dn, entry_attrs, attrs_list, *keys, **options)
nameservers = [normalize_zone(x) for x in api.Object.dnsrecord.get_dns_masters()]
nameservers = [normalize_zone(x) for x in
self.api.Object.dnsrecord.get_dns_masters()]
server = normalize_zone(api.env.host)
zone = keys[-1]
@ -2771,7 +2774,7 @@ class dnszone_add(DNSZoneBase_add):
not zone.is_reverse() and
zone != DNSName.root):
try:
api.Command['realmdomains_mod'](add_domain=unicode(zone),
self.api.Command['realmdomains_mod'](add_domain=unicode(zone),
force=True)
except (errors.EmptyModlist, errors.ValidationError):
pass
@ -2805,8 +2808,8 @@ class dnszone_del(DNSZoneBase_del):
not zone.is_reverse() and zone != DNSName.root
):
try:
api.Command['realmdomains_mod'](del_domain=unicode(zone),
force=True)
self.api.Command['realmdomains_mod'](
del_domain=unicode(zone), force=True)
except (errors.AttrValueNotFound, errors.ValidationError):
pass
@ -3514,12 +3517,12 @@ class dnsrecord(LDAPObject):
record_name_absolute = record_name_absolute.derelativize(zone)
affected_fw_zones, truncated = _find_subtree_forward_zones_ldap(
record_name_absolute)
self.api, record_name_absolute)
if not affected_fw_zones:
return
for fwzone in affected_fw_zones:
_add_warning_fw_zone_is_not_effective(result, fwzone,
_add_warning_fw_zone_is_not_effective(self.api, result, fwzone,
options['version'])
def warning_suspicious_relative_name(self, result, *keys, **options):
@ -3892,7 +3895,7 @@ class dnsrecord_mod(LDAPUpdate):
# get DNS record first so that the NotFound exception is raised
# before the helper would start
dns_record = api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result']
dns_record = self.api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result']
rec_types = [rec_type for rec_type in dns_record if rec_type in _record_attributes]
self.Backend.textui.print_plain(_("No option to modify specific record provided."))
@ -4080,7 +4083,7 @@ class dnsrecord_del(LDAPUpdate):
# get DNS record first so that the NotFound exception is raised
# before the helper would start
dns_record = api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result']
dns_record = self.api.Command['dnsrecord_show'](kw['dnszoneidnsname'], kw['idnsname'])['result']
rec_types = [rec_type for rec_type in dns_record if rec_type in _record_attributes]
self.Backend.textui.print_plain(_("No option to delete specific record provided."))
@ -4395,7 +4398,7 @@ class dnsforwardzone(DNSZoneBase):
def _warning_fw_zone_is_not_effective(self, result, *keys, **options):
fwzone = keys[-1]
_add_warning_fw_zone_is_not_effective(result, fwzone,
_add_warning_fw_zone_is_not_effective(self.api, result, fwzone,
options['version'])
def _warning_if_forwarders_do_not_work(self, result, new_zone,
@ -4435,7 +4438,7 @@ class dnsforwardzone(DNSZoneBase):
# validation is configured just in named.conf per replica
ipa_dns_masters = [normalize_zone(x) for x in
api.Object.dnsrecord.get_dns_masters()]
self.api.Object.dnsrecord.get_dns_masters()]
if not ipa_dns_masters:
# something very bad happened, DNS is installed, but no IPA DNS