IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use full DNs in plugin code.

Browse Source
This commit is contained in:
Jan Cholasta 2013-02-04 09:47:00 +01:00 committed by Martin Kosek
parent 3aa39547df
commit a09c50671e
15 changed files with 59 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ipalib/plugins/aci.py
View File

@ -245,7 +245,10 @@ def _make_aci(ldap, current, aciname, kw):
if 'test' in kw and not kw.get('test'):
raise e
else:
entry_attrs = {'dn': DN(('cn', kw['permission']), api.env.container_permission)}
entry_attrs = {
'dn': DN(('cn', kw['permission']),
api.env.container_permission, api.env.basedn),
}
elif group:
# Not so friendly with groups. This will raise
try:
@ -366,7 +369,8 @@ def _aci_to_kw(ldap, a, test=False, pkey_only=False):
except errors.NotFound, e:
# FIXME, use real name here
if test:
dn = DN(('cn', 'test'), api.env.container_permission)
dn = DN(('cn', 'test'), api.env.container_permission,
api.env.basedn)
entry_attrs = {'cn': [u'test']}
if api.env.container_permission in dn:
kw['permission'] = entry_attrs['cn'][0]

13
ipalib/plugins/automember.py
View File

@ -197,7 +197,7 @@ class automember(LDAPObject):
if self.parent_object:
parent_dn = self.api.Object[self.parent_object].get_dn(*keys[:-1])
else:
parent_dn = self.container_dn
parent_dn = DN(self.container_dn, api.env.basedn)
grouptype = options['type']
try:
ndn = DN(('cn', keys[-1]), ('cn', grouptype), parent_dn)
@ -221,7 +221,7 @@ api.register(automember)
def automember_container_exists(ldap):
try:
ldap.get_entry(api.env.container_automember, [])
ldap.get_entry(DN(api.env.container_automember, api.env.basedn), [])
except errors.NotFound:
return False
return True
@ -524,7 +524,8 @@ class automember_default_group_set(LDAPUpdate):
msg_summary = _('Set default (fallback) group for automember "%(value)s"')
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
dn = DN(('cn', options['type']), api.env.container_automember)
dn = DN(('cn', options['type']), api.env.container_automember,
api.env.basedn)
entry_attrs['automemberdefaultgroup'] = self.obj.dn_exists(options['type'], options['automemberdefaultgroup'])
return dn
@ -545,7 +546,8 @@ class automember_default_group_remove(LDAPUpdate):
msg_summary = _('Removed default (fallback) group for automember "%(value)s"')
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
dn = DN(('cn', options['type']), api.env.container_automember)
dn = DN(('cn', options['type']), api.env.container_automember,
api.env.basedn)
attr = 'automemberdefaultgroup'
(dn, entry_attrs_) = ldap.get_entry(
@ -579,7 +581,8 @@ class automember_default_group_show(LDAPRetrieve):
takes_options = group_type
def pre_callback(self, ldap, dn, attrs_list, *keys, **options):
dn = DN(('cn', options['type']), api.env.container_automember)
dn = DN(('cn', options['type']), api.env.container_automember,
api.env.basedn)
return dn
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):

6
ipalib/plugins/automount.py
View File

@ -605,7 +605,7 @@ class automountmap_del(LDAPDelete):
try:
(dn_, entry_attrs) = ldap.find_entry_by_attr(
'automountinformation', keys[0], 'automount',
base_dn=self.obj.container_dn
base_dn=DN(self.obj.container_dn, api.env.basedn)
)
ldap.delete_entry(dn_)
except errors.NotFound:
@ -724,7 +724,9 @@ class automountkey(LDAPObject):
(kwargs['automountkey'], kwargs['automountinformation'])
else:
sfilter = '(automountkey=%s)' % kwargs['automountkey']
basedn = DN(('automountmapname', parent_keys[1]), ('cn', parent_keys[0]), self.container_dn)
basedn = DN(('automountmapname', parent_keys[1]),
('cn', parent_keys[0]), self.container_dn,
api.env.basedn)
attrs_list = ['*']
(entries, truncated) = ldap.find_entries(sfilter, attrs_list,
basedn, _ldap.SCOPE_ONELEVEL)

14
ipalib/plugins/baseldap.py
View File

@ -470,12 +470,12 @@ class LDAPObject(Object):
if self.parent_object:
parent_dn = self.api.Object[self.parent_object].get_dn(*keys[:-1])
else:
parent_dn = self.container_dn
parent_dn = DN(self.container_dn, api.env.basedn)
if self.rdn_attribute:
try:
(dn, entry_attrs) = self.backend.find_entry_by_attr(
self.primary_key.name, keys[-1], self.object_class, [''],
self.container_dn
DN(self.container_dn, api.env.basedn)
)
except errors.NotFound:
pass
@ -534,7 +534,8 @@ class LDAPObject(Object):
for member in entry_attrs.setdefault(attr, []):
for ldap_obj_name in self.attribute_members[attr]:
ldap_obj = self.api.Object[ldap_obj_name]
if ldap_obj.container_dn in member:
container_dn = DN(ldap_obj.container_dn, api.env.basedn)
if member.endswith(container_dn):
new_attr = '%s_%s' % (attr, ldap_obj.name)
entry_attrs.setdefault(new_attr, []).append(
ldap_obj.get_primary_key_from_dn(member)
@ -1012,7 +1013,8 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
if dn_attr != self.obj.primary_key.name:
self.obj.handle_duplicate_entry(*keys)
dn = ldap.make_dn(
entry_attrs, self.obj.rdn_attribute, self.obj.container_dn
entry_attrs, self.obj.rdn_attribute,
DN(self.obj.container_dn, api.env.basedn)
)
if options.get('all', False):
@ -1059,7 +1061,7 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
object_class = None
(dn, entry_attrs) = self._exc_wrapper(keys, options, ldap.find_entry_by_attr)(
self.obj.primary_key.name, keys[-1], object_class, attrs_list,
self.obj.container_dn
DN(self.obj.container_dn, api.env.basedn)
)
assert isinstance(dn, DN)
else:
@ -1807,7 +1809,7 @@ class LDAPSearch(BaseLDAPCommand, crud.Search):
if self.obj.parent_object:
base_dn = self.api.Object[self.obj.parent_object].get_dn(*args[:-1])
else:
base_dn = self.obj.container_dn
base_dn = DN(self.obj.container_dn, api.env.basedn)
assert isinstance(base_dn, DN)
search_kw = self.args_options_2_entry(**options)

2
ipalib/plugins/config.py
View File

@ -200,7 +200,7 @@ class config(LDAPObject):
)
def get_dn(self, *keys, **kwargs):
return DN(('cn', 'ipaconfig'), ('cn', 'etc'))
return DN(('cn', 'ipaconfig'), ('cn', 'etc'), api.env.basedn)
api.register(config)

4
ipalib/plugins/dns.py
View File

@ -1528,7 +1528,7 @@ def check_ns_rec_resolvable(zone, name):
def dns_container_exists(ldap):
try:
ldap.get_entry(api.env.container_dns, [])
ldap.get_entry(DN(api.env.container_dns, api.env.basedn), [])
except errors.NotFound:
return False
return True
@ -2954,7 +2954,7 @@ class dnsconfig(LDAPObject):
)
def get_dn(self, *keys, **kwargs):
return api.env.container_dns
return DN(api.env.container_dns, api.env.basedn)
def get_dnsconfig(self, ldap):
(dn, entry) = ldap.get_entry(self.get_dn(), None,

14
ipalib/plugins/entitle.py
View File

@ -144,7 +144,8 @@ def get_uuid(ldap):
entry_attrs = dict(ipaentitlementid=uuid)
dn = ldap.make_dn(
entry_attrs, 'ipaentitlementid', api.env.container_entitlements,
entry_attrs, 'ipaentitlementid',
DN(api.env.container_entitlements, api.env.basedn)
)
if not ldap.can_read(dn, 'userpkcs12'):
raise errors.ACIError(
@ -196,7 +197,7 @@ class entitle(LDAPObject):
try:
(dn, entry_attrs) = self.backend.find_entry_by_attr(
self.primary_key.name, keys[-1], self.object_class, [''],
self.container_dn
DN(self.container_dn, api.env.basedn)
)
except errors.NotFound:
dn = super(entitle, self).get_dn(*keys, **kwargs)
@ -328,7 +329,8 @@ class entitle_consume(LDAPUpdate):
(db, uuid, certfile, keyfile) = get_uuid(ldap)
entry_attrs['ipaentitlementid'] = uuid
dn = ldap.make_dn(
entry_attrs, self.obj.uuid_attribute, self.obj.container_dn
entry_attrs, self.obj.uuid_attribute,
DN(self.obj.container_dn, api.env.basedn)
)
if db is None:
raise errors.NotRegisteredError()
@ -562,7 +564,8 @@ class entitle_register(LDAPCreate):
raise errors.ACIError(info=e.args[1])
dn = ldap.make_dn(
entry_attrs, self.obj.uuid_attribute, self.obj.container_dn
entry_attrs, self.obj.uuid_attribute,
DN(self.obj.container_dn, api.env.basedn)
)
return dn
@ -718,7 +721,8 @@ class entitle_sync(LDAPUpdate):
shutil.rmtree(db, ignore_errors=True)
dn = ldap.make_dn(
entry_attrs, self.obj.uuid_attribute, self.obj.container_dn
entry_attrs, self.obj.uuid_attribute,
DN(self.obj.container_dn, api.env.basedn)
)
return dn

8
ipalib/plugins/host.py
View File

@ -334,8 +334,7 @@ class host(LDAPObject):
try:
(dn, entry_attrs) = self.backend.find_entry_by_attr(
'serverhostname', hostname, self.object_class, [''],
self.container_dn
)
DN(self.container_dn, api.env.basedn))
except errors.NotFound:
pass
return dn
@ -347,8 +346,9 @@ class host(LDAPObject):
managed_hosts = []
try:
(hosts, truncated) = ldap.find_entries(base_dn=self.container_dn,
filter=host_filter, attrs_list=host_attrs)
(hosts, truncated) = ldap.find_entries(
base_dn=DN(self.container_dn, api.env.basedn),
filter=host_filter, attrs_list=host_attrs)
for host in hosts:
managed_hosts.append(host[0])

2
ipalib/plugins/krbtpolicy.py
View File

@ -103,7 +103,7 @@ class krbtpolicy(LDAPObject):
def get_dn(self, *keys, **kwargs):
if keys[-1] is not None:
return self.api.Object.user.get_dn(*keys, **kwargs)
return self.container_dn
return DN(self.container_dn, api.env.basedn)
api.register(krbtpolicy)

9
ipalib/plugins/migration.py
View File

@ -336,10 +336,12 @@ def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwarg
if m.endswith(search_bases['user']):
api.log.info('migrating %s user %s' % (member_attr, m))
m = DN((api.Object.user.primary_key.name, rdnval), api.env.container_user)
m = DN((api.Object.user.primary_key.name, rdnval),
api.env.container_user, api.env.basedn)
elif m.endswith(search_bases['group']):
api.log.info('migrating %s group %s' % (member_attr, m))
m = DN((api.Object.group.primary_key.name, rdnval), api.env.container_group)
m = DN((api.Object.group.primary_key.name, rdnval),
api.env.container_group, api.env.basedn)
else:
api.log.error('entry %s does not belong into any known container' % m)
continue
@ -359,7 +361,8 @@ def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwarg
new_members = []
entry_attrs.setdefault(member_attr, [])
for m in entry_attrs[member_attr]:
memberdn = DN((api.Object.user.primary_key.name, m), api.env.container_user)
memberdn = DN((api.Object.user.primary_key.name, m),
api.env.container_user, api.env.basedn)
new_members.append(ldap.normalize_dn(memberdn))
entry_attrs['member'] = new_members

5
ipalib/plugins/pwpolicy.py
View File

@ -93,7 +93,7 @@ class cosentry(LDAPObject):
def get_dn(self, *keys, **options):
group_dn = self.api.Object.group.get_dn(keys[-1])
return self.backend.make_dn_from_attr(
'cn', group_dn, self.container_dn
'cn', group_dn, DN(self.container_dn, api.env.basedn)
)
def check_priority_uniqueness(self, *keys, **options):
@ -272,7 +272,8 @@ class pwpolicy(LDAPObject):
def get_dn(self, *keys, **options):
if keys[-1] is not None:
return self.backend.make_dn_from_attr(
self.primary_key.name, keys[-1], self.container_dn
self.primary_key.name, keys[-1],
DN(self.container_dn, api.env.basedn)
)
return global_policy_dn

2
ipalib/plugins/selinuxusermap.py
View File

@ -222,7 +222,7 @@ class selinuxusermap(LDAPObject):
seealso,
self.api.Object['hbacrule'].object_class,
[''],
self.api.Object['hbacrule'].container_dn)
DN(self.api.Object['hbacrule'].container_dn, api.env.basedn))
seealso = dn
except errors.NotFound:
raise errors.NotFound(reason=_('HBAC rule %(rule)s not found') % dict(rule=seealso))

2
ipalib/plugins/sudocmd.py
View File

@ -89,7 +89,7 @@ class sudocmd(LDAPObject):
try:
(dn, entry_attrs) = self.backend.find_entry_by_attr(
'sudocmd', keys[-1], self.object_class, [''],
self.container_dn
DN(self.container_dn, api.env.basedn)
)
except errors.NotFound:
pass

2
ipalib/plugins/user.py
View File

@ -411,7 +411,7 @@ class user(LDAPObject):
continue
(dn, entry_attrs) = self.backend.find_entry_by_attr(
self.primary_key.name, manager[m], self.object_class, [''],
self.container_dn
container_dn
)
manager[m] = dn
except errors.NotFound:

10
ipaserver/plugins/ldap2.py
View File

@ -199,10 +199,8 @@ class ldap2(LDAPClient, CrudBackend):
def get_ipa_config(self, attrs_list=None):
"""Returns the IPA configuration entry (dn, entry_attrs)."""
odn = api.Object.config.get_dn()
assert isinstance(odn, DN)
assert isinstance(api.env.basedn, DN)
cdn = DN(odn, api.env.basedn)
dn = api.Object.config.get_dn()
assert isinstance(dn, DN)
try:
config_entry = getattr(context, 'config_entry')
@ -213,14 +211,14 @@ class ldap2(LDAPClient, CrudBackend):
pass
try:
(entry, truncated) = self.find_entries(
None, attrs_list, base_dn=cdn, scope=self.SCOPE_BASE,
None, attrs_list, base_dn=dn, scope=self.SCOPE_BASE,
time_limit=2, size_limit=10
)
if truncated:
raise errors.LimitsExceeded()
config_entry = entry[0]
except errors.NotFound:
config_entry = self.make_entry(cdn)
config_entry = self.make_entry(dn)
for a in self.config_defaults:
if a not in config_entry:
config_entry[a] = self.config_defaults[a]