idrange: only issue warning to restart services for a local range

SIDGEN plugin only uses local ID ranges and thus a restart is really needed only when a local range is added, modified or removed. Also fix the SSSD warning because removal of any range requires restart everywhere, not just on a specific server. Fixes: https://pagure.io/freeipa/issue/9558 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
2025-02-25 18:55:28 -06:00 · 2024-03-21 08:41:07 +02:00 · 2024-03-21 08:41:07 +02:00 · a57b665be0
commit a57b665be0
parent adf95dcf86
2 changed files with 43 additions and 10 deletions
--- a/ipaserver/plugins/idrange.py
+++ b/ipaserver/plugins/idrange.py
@ -552,12 +552,15 @@ class idrange_add(LDAPCreate):
        self.obj.handle_ipabaserid(entry_attrs, options)
        self.obj.handle_iparangetype(entry_attrs, options,
                                     keep_objectclass=True)
-        self.add_message(
-            messages.ServiceRestartRequired(
-                service=services.knownservices.dirsrv.service_instance(""),
-                server=_('<all IPA servers>')
+
+        if entry_attrs.single_value.get('iparangetype') in (
+                'ipa-local', self.obj.range_types.get('ipa-local', None)):
+            self.add_message(
+                messages.ServiceRestartRequired(
+                    service=services.knownservices.dirsrv.service_instance(""),
+                    server=_('<all IPA servers>')
+                )
            )
-        )
        return dn


@ -571,7 +574,8 @@ class idrange_del(LDAPDelete):
        try:
            old_attrs = ldap.get_entry(dn, ['ipabaseid',
                                            'ipaidrangesize',
-                                            'ipanttrusteddomainsid'])
+                                            'ipanttrusteddomainsid',
+                                            'iparangetype'])
        except errors.NotFound:
            raise self.obj.handle_not_found(*keys)

@ -605,6 +609,20 @@ class idrange_del(LDAPDelete):
                    key=keys[0],
                    dependent=trust_domains[0].dn[0].value)

+        self.add_message(
+            messages.ServiceRestartRequired(
+                service=services.knownservices['sssd'].systemd_name,
+                server=_('<all IPA servers>')
+            )
+        )
+
+        if old_attrs.single_value.get('iparangetype') == 'ipa-local':
+            self.add_message(
+                messages.ServiceRestartRequired(
+                    service=services.knownservices.dirsrv.service_instance(""),
+                    server=_('<all IPA servers>')
+                )
+            )

        return dn

@ -809,10 +827,20 @@ class idrange_mod(LDAPUpdate):
        assert isinstance(dn, DN)
        self.obj.handle_ipabaserid(entry_attrs, options)
        self.obj.handle_iparangetype(entry_attrs, options)
+
+        if entry_attrs.single_value.get('iparangetype') in (
+                'ipa-local', self.obj.range_types.get('ipa-local', None)):
+            self.add_message(
+                messages.ServiceRestartRequired(
+                    service=services.knownservices.dirsrv.service_instance(""),
+                    server=_('<all IPA servers>')
+                )
+            )
+
        self.add_message(
            messages.ServiceRestartRequired(
                service=services.knownservices['sssd'].systemd_name,
-                server=keys[0]
+                server=_('<all IPA servers>')
            )
        )
        return dn
--- a/ipatests/test_xmlrpc/test_range_plugin.py
+++ b/ipatests/test_xmlrpc/test_range_plugin.py
@ -26,7 +26,8 @@ import six
 from ipalib import api, errors, messages
 from ipalib import constants
 from ipaplatform import services
-from ipatests.test_xmlrpc.xmlrpc_test import Declarative, fuzzy_uuid
+from ipatests.test_xmlrpc.xmlrpc_test import (
+    Declarative, fuzzy_uuid, Fuzzy, fuzzy_sequence_of)
 from ipatests.test_xmlrpc import objectclasses
 from ipatests.util import MockLDAP
 from ipapython.dn import DN
@ -374,6 +375,8 @@ IPA_LOCAL_RANGE_MOD_ERR = (

 dirsrv_instance = services.knownservices.dirsrv.service_instance("")

+fuzzy_restart_messages = fuzzy_sequence_of(Fuzzy(type=dict))
+

@pytest.mark.tier1
 class test_range(Declarative):
@ -610,7 +613,8 @@ class test_range(Declarative):
            desc='Delete ID range %r' % testrange1,
            command=('idrange_del', [testrange1], {}),
            expected=dict(
-                result=dict(failed=[]),
+                result=dict(failed=[],
+                            messages=fuzzy_restart_messages),
                value=[testrange1],
                summary=u'Deleted ID range "%s"' % testrange1,
            ),
@ -714,7 +718,8 @@ class test_range(Declarative):
            desc='Delete ID range %r' % testrange2,
            command=('idrange_del', [testrange2], {}),
            expected=dict(
-                result=dict(failed=[]),
+                result=dict(failed=[],
+                            messages=fuzzy_restart_messages),
                value=[testrange2],
                summary=u'Deleted ID range "%s"' % testrange2,
            ),