mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
Fix output of failed managedby hosts, allow a host to manage itself.
The output problem was a missing label for failed managedby. This also fixes a call to print_entry that was missing the flags argument. Add a flag to specify whether a group can be a member of itself, defaulting to False. ticket 708
This commit is contained in:
parent
06179dc105
commit
c7789199f9
@ -360,7 +360,7 @@ class textui(backend.Backend):
|
||||
continue
|
||||
self.print_indented(format % (label, ''), indent)
|
||||
self.print_entry(
|
||||
value, order, labels, print_all, format,
|
||||
value, order, labels, flags, print_all, format,
|
||||
indent=indent+1
|
||||
)
|
||||
else:
|
||||
@ -764,7 +764,7 @@ class help(frontend.Local):
|
||||
mcl = self._topics[t][2][topic][1]
|
||||
commands = self._topics[t][2][topic][2]
|
||||
break
|
||||
|
||||
|
||||
m = '%s.%s' % (self._PLUGIN_BASE_MODULE, topic)
|
||||
doc = (sys.modules[m].__doc__ or '').strip()
|
||||
|
||||
|
@ -1002,6 +1002,7 @@ class LDAPAddMember(LDAPModMember):
|
||||
"""
|
||||
member_param_doc = 'comma-separated list of %s to add'
|
||||
member_count_out = ('%i member added.', '%i members added.')
|
||||
allow_same = False
|
||||
|
||||
has_output = (
|
||||
output.Entry('result'),
|
||||
@ -1039,7 +1040,7 @@ class LDAPAddMember(LDAPModMember):
|
||||
if not m_dn:
|
||||
continue
|
||||
try:
|
||||
ldap.add_entry_to_group(m_dn, dn, attr)
|
||||
ldap.add_entry_to_group(m_dn, dn, attr, allow_same=self.allow_same)
|
||||
except errors.PublicError, e:
|
||||
ldap_obj = self.api.Object[ldap_obj_name]
|
||||
failed[attr][ldap_obj_name].append((
|
||||
|
@ -133,6 +133,10 @@ host_output_params = (
|
||||
),
|
||||
Str('revocation_reason?',
|
||||
label=_('Revocation reason'),
|
||||
),
|
||||
Str('managedby?',
|
||||
label=_('Failed managedby'),
|
||||
flags=['no_create', 'no_update'],
|
||||
)
|
||||
)
|
||||
|
||||
@ -726,6 +730,7 @@ class host_add_managedby(LDAPAddMember):
|
||||
"""
|
||||
member_attributes = ['managedby']
|
||||
has_output_params = LDAPAddMember.has_output_params + host_output_params
|
||||
allow_same = True
|
||||
|
||||
api.register(host_add_managedby)
|
||||
|
||||
|
@ -802,8 +802,14 @@ class ldap2(CrudBackend, Encoder):
|
||||
except _ldap.LDAPError, e:
|
||||
_handle_errors(e, **{})
|
||||
|
||||
def add_entry_to_group(self, dn, group_dn, member_attr='member'):
|
||||
"""Add entry to group."""
|
||||
def add_entry_to_group(self, dn, group_dn, member_attr='member', allow_same=False):
|
||||
"""
|
||||
Add entry designaed by dn to group group_dn in the member attribute
|
||||
member_attr.
|
||||
|
||||
Adding a group as a member of itself is not allowed unless allow_same
|
||||
is True.
|
||||
"""
|
||||
# check if the entry exists
|
||||
(dn, entry_attrs) = self.get_entry(dn, ['objectclass'])
|
||||
|
||||
@ -811,7 +817,7 @@ class ldap2(CrudBackend, Encoder):
|
||||
(group_dn, group_entry_attrs) = self.get_entry(group_dn, [member_attr])
|
||||
|
||||
# check if we're not trying to add group into itself
|
||||
if dn == group_dn:
|
||||
if dn == group_dn and not allow_same:
|
||||
raise errors.SameGroupError()
|
||||
|
||||
# add dn to group entry's `member_attr` attribute
|
||||
|
Loading…
Reference in New Issue
Block a user