IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use the dn attribute of LDAPEntry to set/get DNs of entries.

Browse Source 
Convert all code that uses the 'dn' key of LDAPEntry for this to use the dn
attribute instead.
This commit is contained in:
Jan Cholasta 2013-01-31 11:19:13 +01:00 committed by Martin Kosek
parent 982b782777
commit bb36683c84
11 changed files with 74 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
install/tools/ipa-compliance
View File

@ -116,7 +116,7 @@ def check_compliance(tmpdir, debug=False):
hostcount = 0 hostcount = 0
# Get the hosts first # Get the hosts first
try: try:
(entries, truncated) = conn.find_entries('(krblastpwdchange=*)', ['dn'], (entries, truncated) = conn.find_entries('(krblastpwdchange=*)', [],
DN(api.env.container_host, api.env.basedn), DN(api.env.container_host, api.env.basedn),
conn.SCOPE_ONELEVEL, conn.SCOPE_ONELEVEL,
size_limit = -1) size_limit = -1)
@ -136,10 +136,10 @@ def check_compliance(tmpdir, debug=False):
available = 0 available = 0
try: try:
(entries, truncated) = conn.find_entries('(objectclass=ipaentitlement)', (entries, truncated) = conn.find_entries('(objectclass=ipaentitlement)',
['dn', 'userCertificate'], ['userCertificate'],
DN(api.env.container_entitlements, api.env.basedn), DN(api.env.container_entitlements, api.env.basedn),
conn.SCOPE_ONELEVEL, conn.SCOPE_ONELEVEL,
size_limit = -1) size_limit = -1)
for entry in entries: for entry in entries:
(dn, attrs) = entry (dn, attrs) = entry

2
install/tools/ipa-replica-install
View File

@ -572,7 +572,7 @@ def main():
config.dirman_password) config.dirman_password)
found = False found = False
try: try:
entry = conn.find_entries(u'fqdn=%s' % host, ['dn', 'fqdn'], DN(api.env.container_host, api.env.basedn)) entry = conn.find_entries(u'fqdn=%s' % host, ['fqdn'], DN(api.env.container_host, api.env.basedn))
print "The host %s already exists on the master server.\nYou should remove it before proceeding:" % host print "The host %s already exists on the master server.\nYou should remove it before proceeding:" % host
print " %% ipa host-del %s" % host print " %% ipa host-del %s" % host
found = True found = True

9
ipalib/plugins/automember.py
View File

@ -316,10 +316,12 @@ class automember_add_condition(LDAPUpdate):
except errors.NotFound: except errors.NotFound:
failed['failed'][attr].append(regex) failed['failed'][attr].append(regex)
entry_attrs = entry_to_dict(entry_attrs, **options)
# Set failed and completed to they can be harvested in the execute super # Set failed and completed to they can be harvested in the execute super
setattr(context, 'failed', failed) setattr(context, 'failed', failed)
setattr(context, 'completed', completed) setattr(context, 'completed', completed)
setattr(context, 'entry_attrs', dict(entry_attrs)) setattr(context, 'entry_attrs', entry_attrs)
# Make sure to returned the failed results if there is nothing to remove # Make sure to returned the failed results if there is nothing to remove
if completed == 0: if completed == 0:
@ -406,10 +408,13 @@ class automember_remove_condition(LDAPUpdate):
else: else:
failed['failed'][attr].append(regex) failed['failed'][attr].append(regex)
entry_attrs[attr] = old_entry entry_attrs[attr] = old_entry
entry_attrs = entry_to_dict(entry_attrs, **options)
# Set failed and completed to they can be harvested in the execute super # Set failed and completed to they can be harvested in the execute super
setattr(context, 'failed', failed) setattr(context, 'failed', failed)
setattr(context, 'completed', completed) setattr(context, 'completed', completed)
setattr(context, 'entry_attrs', dict(entry_attrs)) setattr(context, 'entry_attrs', entry_attrs)
# Make sure to returned the failed results if there is nothing to remove # Make sure to returned the failed results if there is nothing to remove
if completed == 0: if completed == 0:

60
ipalib/plugins/baseldap.py
View File

@ -229,6 +229,12 @@ def entry_from_entry(entry, newentry):
for e in newentry.keys(): for e in newentry.keys():
entry[e] = newentry[e] entry[e] = newentry[e]
def entry_to_dict(entry, **options):
result = dict(entry)
if options.get('all', False):
result['dn'] = entry.dn
return result
def wait_for_value(ldap, dn, attr, value): def wait_for_value(ldap, dn, attr, value):
""" """
389-ds postoperation plugins are executed after the data has been 389-ds postoperation plugins are executed after the data has been
@ -978,6 +984,7 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
ldap = self.obj.backend ldap = self.obj.backend
entry_attrs = self.args_options_2_entry(*keys, **options) entry_attrs = self.args_options_2_entry(*keys, **options)
entry_attrs = ldap.make_entry(DN(), entry_attrs)
self.process_attr_options(entry_attrs, None, keys, options) self.process_attr_options(entry_attrs, None, keys, options)
@ -1063,13 +1070,15 @@ class LDAPCreate(BaseLDAPCommand, crud.Create):
for callback in self.get_callbacks('post'): for callback in self.get_callbacks('post'):
dn = callback(self, ldap, dn, entry_attrs, *keys, **options) dn = callback(self, ldap, dn, entry_attrs, *keys, **options)
self.obj.convert_attribute_members(entry_attrs, *keys, **options)
assert isinstance(dn, DN) assert isinstance(dn, DN)
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn entry_attrs['dn'] = dn
self.obj.convert_attribute_members(entry_attrs, *keys, **options)
if self.obj.primary_key and keys[-1] is not None: if self.obj.primary_key and keys[-1] is not None:
return dict(result=dict(entry_attrs), value=keys[-1]) return dict(result=entry_attrs, value=keys[-1])
return dict(result=dict(entry_attrs), value=u'') return dict(result=entry_attrs, value=u'')
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
assert isinstance(dn, DN) assert isinstance(dn, DN)
@ -1190,11 +1199,14 @@ class LDAPRetrieve(LDAPQuery):
assert isinstance(dn, DN) assert isinstance(dn, DN)
self.obj.convert_attribute_members(entry_attrs, *keys, **options) self.obj.convert_attribute_members(entry_attrs, *keys, **options)
assert isinstance(dn, DN) assert isinstance(dn, DN)
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn entry_attrs['dn'] = dn
if self.obj.primary_key and keys[-1] is not None: if self.obj.primary_key and keys[-1] is not None:
return dict(result=dict(entry_attrs), value=keys[-1]) return dict(result=entry_attrs, value=keys[-1])
return dict(result=dict(entry_attrs), value=u'') return dict(result=entry_attrs, value=u'')
def pre_callback(self, ldap, dn, attrs_list, *keys, **options): def pre_callback(self, ldap, dn, attrs_list, *keys, **options):
assert isinstance(dn, DN) assert isinstance(dn, DN)
@ -1253,6 +1265,7 @@ class LDAPUpdate(LDAPQuery, crud.Update):
assert isinstance(dn, DN) assert isinstance(dn, DN)
entry_attrs = self.args_options_2_entry(**options) entry_attrs = self.args_options_2_entry(**options)
entry_attrs = ldap.make_entry(dn, entry_attrs)
self.process_attr_options(entry_attrs, dn, keys, options) self.process_attr_options(entry_attrs, dn, keys, options)
@ -1321,9 +1334,12 @@ class LDAPUpdate(LDAPQuery, crud.Update):
assert isinstance(dn, DN) assert isinstance(dn, DN)
self.obj.convert_attribute_members(entry_attrs, *keys, **options) self.obj.convert_attribute_members(entry_attrs, *keys, **options)
entry_attrs = entry_to_dict(entry_attrs, **options)
if self.obj.primary_key and keys[-1] is not None: if self.obj.primary_key and keys[-1] is not None:
return dict(result=dict(entry_attrs), value=keys[-1]) return dict(result=entry_attrs, value=keys[-1])
return dict(result=dict(entry_attrs), value=u'') return dict(result=entry_attrs, value=u'')
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
assert isinstance(dn, DN) assert isinstance(dn, DN)
@ -1544,13 +1560,16 @@ class LDAPAddMember(LDAPModMember):
**options) **options)
assert isinstance(dn, DN) assert isinstance(dn, DN)
assert isinstance(dn, DN)
entry_attrs['dn'] = dn
self.obj.convert_attribute_members(entry_attrs, *keys, **options) self.obj.convert_attribute_members(entry_attrs, *keys, **options)
assert isinstance(dn, DN)
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn
return dict( return dict(
completed=completed, completed=completed,
failed=failed, failed=failed,
result=dict(entry_attrs), result=entry_attrs,
) )
def pre_callback(self, ldap, dn, found, not_found, *keys, **options): def pre_callback(self, ldap, dn, found, not_found, *keys, **options):
@ -1642,14 +1661,16 @@ class LDAPRemoveMember(LDAPModMember):
**options) **options)
assert isinstance(dn, DN) assert isinstance(dn, DN)
self.obj.convert_attribute_members(entry_attrs, *keys, **options)
assert isinstance(dn, DN) assert isinstance(dn, DN)
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn entry_attrs['dn'] = dn
self.obj.convert_attribute_members(entry_attrs, *keys, **options)
return dict( return dict(
completed=completed, completed=completed,
failed=failed, failed=failed,
result=dict(entry_attrs), result=entry_attrs,
) )
def pre_callback(self, ldap, dn, found, not_found, *keys, **options): def pre_callback(self, ldap, dn, found, not_found, *keys, **options):
@ -1856,10 +1877,9 @@ class LDAPSearch(BaseLDAPCommand, crud.Search):
for e in entries: for e in entries:
self.obj.convert_attribute_members(e[1], *args, **options) self.obj.convert_attribute_members(e[1], *args, **options)
for e in entries: for (i, e) in enumerate(entries):
assert isinstance(e[0], DN) entries[i] = entry_to_dict(e, **options)
e[1]['dn'] = e[0] entries[i]['dn'] = e.dn
entries = [dict(e) for (dn, e) in entries]
return dict( return dict(
result=entries, result=entries,
@ -1994,11 +2014,13 @@ class LDAPAddReverseMember(LDAPModReverseMember):
assert isinstance(dn, DN) assert isinstance(dn, DN)
assert isinstance(dn, DN) assert isinstance(dn, DN)
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn entry_attrs['dn'] = dn
return dict( return dict(
completed=completed, completed=completed,
failed=failed, failed=failed,
result=dict(entry_attrs), result=entry_attrs,
) )
def pre_callback(self, ldap, dn, *keys, **options): def pre_callback(self, ldap, dn, *keys, **options):
@ -2094,11 +2116,13 @@ class LDAPRemoveReverseMember(LDAPModReverseMember):
assert isinstance(dn, DN) assert isinstance(dn, DN)
assert isinstance(dn, DN) assert isinstance(dn, DN)
entry_attrs = entry_to_dict(entry_attrs, **options)
entry_attrs['dn'] = dn entry_attrs['dn'] = dn
return dict( return dict(
completed=completed, completed=completed,
failed=failed, failed=failed,
result=dict(entry_attrs), result=entry_attrs,
) )
def pre_callback(self, ldap, dn, *keys, **options): def pre_callback(self, ldap, dn, *keys, **options):

6
ipalib/plugins/krbtpolicy.py
View File

@ -176,8 +176,10 @@ class krbtpolicy_reset(LDAPQuery):
dn = self.obj.get_dn(None) dn = self.obj.get_dn(None)
(dn, entry_attrs) = ldap.get_entry(dn, self.obj.default_attributes) (dn, entry_attrs) = ldap.get_entry(dn, self.obj.default_attributes)
entry_attrs = entry_to_dict(entry_attrs, **options)
if keys[-1] is not None: if keys[-1] is not None:
return dict(result=dict(entry_attrs), value=keys[-1]) return dict(result=entry_attrs, value=keys[-1])
return dict(result=dict(entry_attrs), value=u'') return dict(result=entry_attrs, value=u'')
api.register(krbtpolicy_reset) api.register(krbtpolicy_reset)

6
ipalib/plugins/permission.py
View File

@ -474,10 +474,10 @@ class permission_find(LDAPSearch):
dn = permission['dn'] dn = permission['dn']
del permission['dn'] del permission['dn']
if pkey_only: if pkey_only:
new_entry = (dn, {self.obj.primary_key.name: \ pk = self.obj.primary_key.name
permission[self.obj.primary_key.name]}) new_entry = ldap.make_entry(dn, {pk: permission[pk]})
else: else:
new_entry = (dn, permission) new_entry = ldap.make_entry(dn, permission)
if (dn, permission) not in entries: if (dn, permission) not in entries:
if len(entries) < max_entries: if len(entries) < max_entries:

8
ipalib/plugins/sudorule.py
View File

@ -642,7 +642,9 @@ class sudorule_add_option(LDAPQuery):
dn, attrs_list, normalize=self.obj.normalize_dn dn, attrs_list, normalize=self.obj.normalize_dn
) )
return dict(result=dict(entry_attrs)) entry_attrs = entry_to_dict(entry_attrs, **options)
return dict(result=entry_attrs)
def output_for_cli(self, textui, result, cn, **options): def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Added option "%(option)s" to Sudo Rule "%(rule)s"') % \ textui.print_dashed(_('Added option "%(option)s" to Sudo Rule "%(rule)s"') % \
@ -697,7 +699,9 @@ class sudorule_remove_option(LDAPQuery):
dn, attrs_list, normalize=self.obj.normalize_dn dn, attrs_list, normalize=self.obj.normalize_dn
) )
return dict(result=dict(entry_attrs)) entry_attrs = entry_to_dict(entry_attrs, **options)
return dict(result=entry_attrs)
def output_for_cli(self, textui, result, cn, **options): def output_for_cli(self, textui, result, cn, **options):
textui.print_dashed(_('Removed option "%(option)s" from Sudo Rule "%(rule)s"') % \ textui.print_dashed(_('Removed option "%(option)s" from Sudo Rule "%(rule)s"') % \

2
ipalib/plugins/trust.py
View File

@ -311,7 +311,7 @@ sides.
base_dn = DN(api.env.container_trusts, api.env.basedn), base_dn = DN(api.env.container_trusts, api.env.basedn),
filter = trust_filter) filter = trust_filter)
result['result'] = dict(trusts[0][1]) result['result'] = entry_to_dict(trusts[0][1], **options)
result['result']['trusttype'] = [trust_type_string(result['result']['ipanttrusttype'][0])] result['result']['trusttype'] = [trust_type_string(result['result']['ipanttrusttype'][0])]
result['result']['trustdirection'] = [trust_direction_string(result['result']['ipanttrustdirection'][0])] result['result']['trustdirection'] = [trust_direction_string(result['result']['ipanttrustdirection'][0])]
result['result']['truststatus'] = [trust_status_string(result['verified'])] result['result']['truststatus'] = [trust_status_string(result['verified'])]

9
ipalib/plugins/user.py
View File

@ -838,15 +838,14 @@ class user_status(LDAPQuery):
other_ldap.connect(ccache=os.environ['KRB5CCNAME']) other_ldap.connect(ccache=os.environ['KRB5CCNAME'])
except Exception, e: except Exception, e:
self.error("user_status: Connecting to %s failed with %s" % (host, str(e))) self.error("user_status: Connecting to %s failed with %s" % (host, str(e)))
newresult = dict() newresult = ldap.make_entry(dn)
newresult['dn'] = dn
newresult['server'] = _("%(host)s failed: %(error)s") % dict(host=host, error=str(e)) newresult['server'] = _("%(host)s failed: %(error)s") % dict(host=host, error=str(e))
entries.append(newresult) entries.append(newresult)
count += 1 count += 1
continue continue
try: try:
entry = other_ldap.get_entry(dn, attr_list) entry = other_ldap.get_entry(dn, attr_list)
newresult = dict() newresult = ldap.make_entry(dn)
for attr in ['krblastsuccessfulauth', 'krblastfailedauth']: for attr in ['krblastsuccessfulauth', 'krblastfailedauth']:
newresult[attr] = entry[1].get(attr, [u'N/A']) newresult[attr] = entry[1].get(attr, [u'N/A'])
newresult['krbloginfailedcount'] = entry[1].get('krbloginfailedcount', u'0') newresult['krbloginfailedcount'] = entry[1].get('krbloginfailedcount', u'0')
@ -860,7 +859,6 @@ class user_status(LDAPQuery):
except Exception, e: except Exception, e:
self.debug("time conversion failed with %s" % str(e)) self.debug("time conversion failed with %s" % str(e))
pass pass
newresult['dn'] = dn
newresult['server'] = host newresult['server'] = host
if options.get('raw', False): if options.get('raw', False):
time_format = '%Y%m%d%H%M%SZ' time_format = '%Y%m%d%H%M%SZ'
@ -876,8 +874,7 @@ class user_status(LDAPQuery):
self.obj.handle_not_found(*keys) self.obj.handle_not_found(*keys)
except Exception, e: except Exception, e:
self.error("user_status: Retrieving status for %s failed with %s" % (dn, str(e))) self.error("user_status: Retrieving status for %s failed with %s" % (dn, str(e)))
newresult = dict() newresult = ldap.make_entry(dn)
newresult['dn'] = dn
newresult['server'] = _("%(host)s failed") % dict(host=host) newresult['server'] = _("%(host)s failed") % dict(host=host)
entries.append(newresult) entries.append(newresult)
count += 1 count += 1

4
ipaserver/ipaldap.py
View File

@ -1244,7 +1244,7 @@ class LDAPClient(object):
return ([], []) return ([], [])
search_entry_dn = ldap.filter.escape_filter_chars(str(entry_dn)) search_entry_dn = ldap.filter.escape_filter_chars(str(entry_dn))
attr_list = ["dn", "memberof"] attr_list = ["memberof"]
searchfilter = "(|(member=%s)(memberhost=%s)(memberuser=%s))" % ( searchfilter = "(|(member=%s)(memberhost=%s)(memberuser=%s))" % (
search_entry_dn, search_entry_dn, search_entry_dn) search_entry_dn, search_entry_dn, search_entry_dn)
@ -1358,7 +1358,7 @@ class LDAPClient(object):
return entries return entries
dn, group = self.get_entry( dn, group = self.get_entry(
group_dn, ['dn', 'member'], group_dn, ['member'],
size_limit=size_limit, time_limit=time_limit) size_limit=size_limit, time_limit=time_limit)
real_members = group.get('member', []) real_members = group.get('member', [])

2
ipaserver/plugins/ldap2.py
View File

@ -476,7 +476,6 @@ class ldap2(LDAPClient, CrudBackend):
assert isinstance(dn, DN) assert isinstance(dn, DN)
(dn, entry_attrs) = self.get_entry(dn, attrs_list) (dn, entry_attrs) = self.get_entry(dn, attrs_list)
entry_attrs['dn'] = dn
return entry_attrs return entry_attrs
def create(self, **kw): def create(self, **kw):
@ -552,7 +551,6 @@ class ldap2(LDAPClient, CrudBackend):
filter, attrs_list, base_dn, scope filter, attrs_list, base_dn, scope
) )
for (dn, entry_attrs) in entries: for (dn, entry_attrs) in entries:
entry_attrs['dn'] = [dn]
output.append(entry_attrs) output.append(entry_attrs)
if truncated: if truncated: