Radius proxy multiservers fix

Now radius proxy plugin allows to add more then one radius server
into radius proxy but the first one from ldap response is being
parsed (you can see ./daemons/ipa-optd/parse.c).

So this kind of behaviour is a bug, as it was determined on IRC.

This patch removes possibility to add more then one radius server
into radius proxy.

Pagure: https://pagure.io/freeipa/issue/7542
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Alexander Koksharov <akokshar@redhat.com>

API.txt

@@ -3962,7 +3962,7 @@ option: Flag('all', autofill=True, cli_name='all', default=False)
 option: Str('description?', cli_name='desc')
 option: Int('ipatokenradiusretries?', cli_name='retries')
 option: Password('ipatokenradiussecret', cli_name='secret', confirm=True)
-option: Str('ipatokenradiusserver+', cli_name='server')
+option: Str('ipatokenradiusserver', cli_name='server')
 option: Int('ipatokenradiustimeout?', cli_name='timeout')
 option: Str('ipatokenusermapattribute?', cli_name='userattr')
 option: Flag('raw', autofill=True, cli_name='raw', default=False)
@@ -3987,7 +3987,7 @@ option: Str('cn?', autofill=False, cli_name='name')
 option: Str('description?', autofill=False, cli_name='desc')
 option: Int('ipatokenradiusretries?', autofill=False, cli_name='retries')
 option: Password('ipatokenradiussecret?', autofill=False, cli_name='secret', confirm=True)
-option: Str('ipatokenradiusserver*', autofill=False, cli_name='server')
+option: Str('ipatokenradiusserver?', autofill=False, cli_name='server')
 option: Int('ipatokenradiustimeout?', autofill=False, cli_name='timeout')
 option: Str('ipatokenusermapattribute?', autofill=False, cli_name='userattr')
 option: Flag('pkey_only?', autofill=True, default=False)
@@ -4008,7 +4008,7 @@ option: Str('delattr*', cli_name='delattr')
 option: Str('description?', autofill=False, cli_name='desc')
 option: Int('ipatokenradiusretries?', autofill=False, cli_name='retries')
 option: Password('ipatokenradiussecret?', autofill=False, cli_name='secret', confirm=True)
-option: Str('ipatokenradiusserver*', autofill=False, cli_name='server')
+option: Str('ipatokenradiusserver?', autofill=False, cli_name='server')
 option: Int('ipatokenradiustimeout?', autofill=False, cli_name='timeout')
 option: Str('ipatokenusermapattribute?', autofill=False, cli_name='userattr')
 option: Flag('raw', autofill=True, cli_name='raw', default=False)

install/ui/src/freeipa/radiusproxy.js

@@ -66,10 +66,7 @@ return {
                             $type: 'textarea',
                             name: 'description'
                         },
-                        {
-                            $type: 'multivalued',
-                            name: 'ipatokenradiusserver' // TODO: add validation
-                        },
+                        'ipatokenradiusserver', // TODO: add validation
                         'ipatokenusermapattribute', // TODO: add validation
                         'ipatokenradiustimeout',
                         'ipatokenradiusretries'
@@ -90,10 +87,7 @@ return {
     adder_dialog: {
         fields: [
             'cn',
-            {
-                $type: 'multivalued',
-                name: 'ipatokenradiusserver'
-            },
+            'ipatokenradiusserver',
             {
                 $type: 'password',
                 name: 'ipatokenradiussecret'
@@ -130,4 +124,4 @@ radiusproxy.register = function() {
 phases.on('registration', radiusproxy.register);
 
 return radiusproxy;
-});
+});

ipaserver/plugins/radiusproxy.py

@@ -116,7 +116,7 @@ class radiusproxy(LDAPObject):
             label=_('Description'),
             doc=_('A description of this RADIUS proxy server'),
         ),
-        Str('ipatokenradiusserver+', validate_radiusserver,
+        Str('ipatokenradiusserver', validate_radiusserver,
             cli_name='server',
             label=_('Server'),
             doc=_('The hostname or IP (with or without port)'),