plugable: Pass API to plugins on initialization rather than using set_api

https://fedorahosted.org/freeipa/ticket/3090

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>

ipaserver/advise/base.py

@@ -104,8 +104,8 @@ class Advice(Plugin):
     require_root = False
     description = ''
 
-    def __init__(self):
-        super(Advice, self).__init__()
+    def __init__(self, api):
+        super(Advice, self).__init__(api)
         self.log = _AdviceOutput()
 
     def set_options(self, options):

ipaserver/install/bindinstance.py

@@ -1179,7 +1179,7 @@ class BindInstance(service.Service):
         print "Global DNS configuration in LDAP server is not empty"
         print "The following configuration options override local settings in named.conf:"
         print ""
-        textui = ipalib.cli.textui()
+        textui = ipalib.cli.textui(api)
         api.Command.dnsconfig_show.output_for_cli(textui, result, None, reverse=False)
 
     def uninstall(self):

ipaserver/install/cainstance.py

@@ -1588,7 +1588,7 @@ def update_people_entry(dercert):
     while attempts < 10:
         conn = None
         try:
-            conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri)
+            conn = ldap2.ldap2(api, ldap_uri=dogtag_uri)
             conn.connect(autobind=True)
 
             db_filter = conn.make_filter(
@@ -1643,7 +1643,7 @@ def ensure_ldap_profiles_container():
     server_id = installutils.realm_to_serverid(api.env.realm)
     dogtag_uri = 'ldapi://%%2fvar%%2frun%%2fslapd-%s.socket' % server_id
 
-    conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri)
+    conn = ldap2.ldap2(api, ldap_uri=dogtag_uri)
     if not conn.isconnected():
         conn.connect(autobind=True)
 
@@ -1675,7 +1675,7 @@ def configure_profiles_acl():
     )
     modlist = [(ldap.MOD_ADD, 'resourceACLS', [rule])]
 
-    conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri)
+    conn = ldap2.ldap2(api, ldap_uri=dogtag_uri)
     if not conn.isconnected():
         conn.connect(autobind=True)
     rules = conn.get_entry(dn).get('resourceACLS', [])
@@ -1696,7 +1696,7 @@ def import_included_profiles():
 
     server_id = installutils.realm_to_serverid(api.env.realm)
     dogtag_uri = 'ldapi://%%2fvar%%2frun%%2fslapd-%s.socket' % server_id
-    conn = ldap2.ldap2(shared_instance=False, ldap_uri=dogtag_uri)
+    conn = ldap2.ldap2(api, ldap_uri=dogtag_uri)
     if not conn.isconnected():
         conn.connect(autobind=True)
 

ipaserver/install/ipa_cacert_manage.py

@@ -121,7 +121,7 @@ class CACertManage(admintool.AdminTool):
         return rc
 
     def ldap_connect(self):
-        conn = ldap2()
+        conn = ldap2(api)
 
         password = self.options.password
         if not password:

ipaserver/install/ipa_otptoken_import.py

@@ -507,7 +507,7 @@ class OTPTokenImport(admintool.AdminTool):
         api.bootstrap(in_server=True)
         api.finalize()
 
-        conn = ldap2()
+        conn = ldap2(api)
         try:
             ccache = krbV.default_context().default_ccache()
             conn.connect(ccache=ccache)

ipaserver/install/ipa_replica_prepare.py

@@ -637,7 +637,7 @@ class ReplicaPrepare(admintool.AdminTool):
             os.remove(agent_name)
 
     def update_pki_admin_password(self):
-        ldap = ldap2(shared_instance=False)
+        ldap = ldap2(api)
         ldap.connect(
             bind_dn=DN(('cn', 'directory manager')),
             bind_pw=self.dirman_password

ipaserver/install/server/install.py

@@ -240,8 +240,7 @@ def set_subject_in_config(realm_name, dm_password, suffix, subject_base):
             installutils.realm_to_serverid(realm_name)
         )
         try:
-            conn = ldap2(shared_instance=False, ldap_uri=ldapuri,
-                         base_dn=suffix)
+            conn = ldap2(api, ldap_uri=ldapuri)
             conn.connect(bind_dn=DN(('cn', 'directory manager')),
                          bind_pw=dm_password)
         except errors.ExecutionError, e:

ipaserver/plugins/dogtag.py

@@ -1286,7 +1286,7 @@ class ra(rabase.rabase):
     """
     DEFAULT_PROFILE = dogtag.DEFAULT_PROFILE
 
-    def __init__(self):
+    def __init__(self, api):
         if api.env.in_tree:
             self.sec_dir = api.env.dot_ipa + os.sep + 'alias'
             self.pwd_file = self.sec_dir + os.sep + '.pwd'
@@ -1303,7 +1303,7 @@ class ra(rabase.rabase):
             f.close()
         except IOError:
             self.password = ''
-        super(ra, self).__init__()
+        super(ra, self).__init__(api)
 
     def raise_certificate_operation_error(self, func_name, err_msg=None, detail=None):
         """
@@ -1896,11 +1896,11 @@ class kra(Backend):
     KRA backend plugin (for Vault)
     """
 
-    def __init__(self, kra_port=443):
+    def __init__(self, api, kra_port=443):
 
         self.kra_port = kra_port
 
-        super(kra, self).__init__()
+        super(kra, self).__init__(api)
 
     def get_client(self):
         """
@@ -1958,7 +1958,7 @@ class RestClient(Backend):
         except:
             return None
 
-    def __init__(self):
+    def __init__(self, api):
         if api.env.in_tree:
             self.sec_dir = api.env.dot_ipa + os.sep + 'alias'
             self.pwd_file = self.sec_dir + os.sep + '.pwd'
@@ -1970,7 +1970,7 @@ class RestClient(Backend):
         self.ipa_certificate_nickname = "ipaCert"
         self.ca_certificate_nickname = "caCert"
         self._read_password()
-        super(RestClient, self).__init__()
+        super(RestClient, self).__init__(api)
 
         # session cookie
         self.override_port = None

ipaserver/plugins/ldap2.py

@@ -56,47 +56,20 @@ from ipalib.crud import CrudBackend
 from ipalib.request import context
 
 
-class ldap2(LDAPClient, CrudBackend):
+class ldap2(CrudBackend, LDAPClient):
     """
     LDAP Backend Take 2.
     """
 
-    def __init__(self, shared_instance=False, ldap_uri=None, base_dn=None,
-                 schema=None):
-        self.__ldap_uri = None
+    def __init__(self, api, ldap_uri=None):
+        if ldap_uri is None:
+            ldap_uri = api.env.ldap_uri
 
-        CrudBackend.__init__(self, shared_instance=shared_instance)
-        LDAPClient.__init__(self, ldap_uri)
+        force_schema_updates = api.env.context in ('installer', 'updates')
 
-        self.__base_dn = base_dn
-
-    @property
-    def api(self):
-        self_api = super(ldap2, self).api
-        if self_api is None:
-            self_api = api
-        return self_api
-
-    @property
-    def ldap_uri(self):
-        try:
-            return self.__ldap_uri or self.api.env.ldap_uri
-        except AttributeError:
-            return 'ldap://example.com'
-
-    @ldap_uri.setter
-    def ldap_uri(self, value):
-        self.__ldap_uri = value
-
-    @property
-    def base_dn(self):
-        try:
-            if self.__base_dn is not None:
-                return DN(self.__base_dn)
-            else:
-                return DN(self.api.env.basedn)
-        except AttributeError:
-            return DN()
+        CrudBackend.__init__(self, api)
+        LDAPClient.__init__(self, ldap_uri,
+                            force_schema_updates=force_schema_updates)
 
     def _connect(self):
         # Connectible.conn is a proxy to thread-local storage;
@@ -145,8 +118,6 @@ class ldap2(LDAPClient, CrudBackend):
         if debug_level:
             _ldap.set_option(_ldap.OPT_DEBUG_LEVEL, debug_level)
 
-        object.__setattr__(self, '_force_schema_updates',
-                           self.api.env.context in ('installer', 'updates'))
         LDAPClient._connect(self)
         conn = self._conn
 

ipaserver/plugins/rabase.py

@@ -41,14 +41,14 @@ class rabase(Backend):
     """
     Request Authority backend plugin.
     """
-    def __init__(self):
+    def __init__(self, api):
         if api.env.in_tree:
             self.sec_dir = api.env.dot_ipa + os.sep + 'alias'
             self.pwd_file = self.sec_dir + os.sep + '.pwd'
         else:
             self.sec_dir = paths.HTTPD_ALIAS_DIR
             self.pwd_file = paths.ALIAS_PWDFILE_TXT
-        super(rabase, self).__init__()
+        super(rabase, self).__init__(api)
 
 
     def check_request_status(self, request_id):

ipaserver/rpcserver.py

@@ -238,8 +238,8 @@ class wsgi_dispatch(Executioner, HTTP_Status):
     handler which is specific to the authentication and RPC mechanism.
     """
 
-    def __init__(self):
-        super(wsgi_dispatch, self).__init__()
+    def __init__(self, api):
+        super(wsgi_dispatch, self).__init__(api)
         self.__apps = {}
 
     def __iter__(self):
@@ -301,14 +301,11 @@ class WSGIExecutioner(Executioner):
 
     _system_commands = {}
 
-    def set_api(self, api):
-        super(WSGIExecutioner, self).set_api(api)
-        if 'wsgi_dispatch' in self.api.Backend:
-            self.api.Backend.wsgi_dispatch.mount(self, self.key)
-
     def _on_finalize(self):
         self.url = self.env.mount_ipa + self.key
         super(WSGIExecutioner, self)._on_finalize()
+        if 'wsgi_dispatch' in self.api.Backend:
+            self.api.Backend.wsgi_dispatch.mount(self, self.key)
 
     def wsgi_execute(self, environ):
         result = None
@@ -746,8 +743,8 @@ class jsonserver_session(jsonserver, KerberosSession):
 
     key = '/session/json'
 
-    def __init__(self):
-        super(jsonserver_session, self).__init__()
+    def __init__(self, api):
+        super(jsonserver_session, self).__init__(api)
         name = '{0}_{1}'.format(self.__class__.__name__, id(self))
         auth_mgr = AuthManagerKerb(name)
         session_mgr.auth_mgr.register(auth_mgr.name, auth_mgr)
@@ -849,9 +846,6 @@ class jsonserver_kerb(jsonserver, KerberosWSGIExecutioner):
 class login_kerberos(Backend, KerberosSession, HTTP_Status):
     key = '/session/login_kerberos'
 
-    def __init__(self):
-        super(login_kerberos, self).__init__()
-
     def _on_finalize(self):
         super(login_kerberos, self)._on_finalize()
         self.api.Backend.wsgi_dispatch.mount(self, self.key)
@@ -873,9 +867,6 @@ class login_password(Backend, KerberosSession, HTTP_Status):
     content_type = 'text/plain'
     key = '/session/login_password'
 
-    def __init__(self):
-        super(login_password, self).__init__()
-
     def _on_finalize(self):
         super(login_password, self)._on_finalize()
         self.api.Backend.wsgi_dispatch.mount(self, self.key)
@@ -998,9 +989,6 @@ class change_password(Backend, HTTP_Status):
     content_type = 'text/plain'
     key = '/session/change_password'
 
-    def __init__(self):
-        super(change_password, self).__init__()
-
     def _on_finalize(self):
         super(change_password, self)._on_finalize()
         self.api.Backend.wsgi_dispatch.mount(self, self.key)
@@ -1051,8 +1039,7 @@ class change_password(Backend, HTTP_Status):
             pw = data['old_password']
             if data.get('otp'):
                 pw = data['old_password'] + data['otp']
-            conn = ldap2(shared_instance=False,
-                         ldap_uri=self.api.env.ldap_uri)
+            conn = ldap2(self.api)
             conn.connect(bind_dn=bind_dn, bind_pw=pw)
         except (NotFound, ACIError):
             result = 'invalid-password'
@@ -1104,9 +1091,6 @@ class sync_token(Backend, HTTP_Status):
             namedtype.OptionalNamedType('tokenDN', univ.OctetString())
         )
 
-    def __init__(self):
-        super(sync_token, self).__init__()
-
     def _on_finalize(self):
         super(sync_token, self)._on_finalize()
         self.api.Backend.wsgi_dispatch.mount(self, self.key)
@@ -1165,7 +1149,7 @@ class sync_token(Backend, HTTP_Status):
         title = 'Token sync rejected'
 
         # Perform the synchronization.
-        conn = ldap2(shared_instance=False, ldap_uri=self.api.env.ldap_uri)
+        conn = ldap2(self.api)
         try:
             conn.connect(bind_dn=bind_dn,
                          bind_pw=data['password'],
@@ -1199,8 +1183,8 @@ class xmlserver_session(xmlserver, KerberosSession):
 
     key = '/session/xml'
 
-    def __init__(self):
-        super(xmlserver_session, self).__init__()
+    def __init__(self, api):
+        super(xmlserver_session, self).__init__(api)
         name = '{0}_{1}'.format(self.__class__.__name__, id(self))
         auth_mgr = AuthManagerKerb(name)
         session_mgr.auth_mgr.register(auth_mgr.name, auth_mgr)