group-show: resolve external members of the groups

Perform SID to name conversion for existing external members of the groups if trust is configured. https://bugzilla.redhat.com/show_bug.cgi?id=1054391 https://fedorahosted.org/freeipa/ticket/4123
2025-02-25 18:55:28 -06:00 · 2014-01-16 20:31:37 +02:00 · 2014-01-16 20:31:37 +02:00 · fcd9a66b16
commit fcd9a66b16
parent be2c5d22b3
1 changed files with 15 additions and 0 deletions
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@ -387,6 +387,21 @@ api.register(group_find)
 class group_show(LDAPRetrieve):
    __doc__ = _('Display information about a named group.')
    has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,)
+    def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+        assert isinstance(dn, DN)
+        if ('ipaexternalmember' in entry_attrs and
+            len(entry_attrs['ipaexternalmember']) > 0 and
+            'trust_resolve' in self.Command and
+            not options.get('raw', False)):
+            sids = entry_attrs['ipaexternalmember']
+            result = self.Command.trust_resolve(sids=sids)
+            for entry in result['result']:
+                try:
+                    idx = sids.index(entry['sid'][0])
+                    sids[idx] = entry['name'][0]
+                except ValueError:
+                    pass
+        return dn
 api.register(group_show)