freeipa/ipaserver/plugins/serverrole.py
Martin Babinsky 80cbddaa37 Server Roles: public API for server roles
This patch implements the `serverroles` API plugin which introduces the
following commands:

    * server-role-show SERVER ROLE: show status of a single role on a server
    * server-role-find [--server SERVER [--role SERVROLE [--status=STATUS]]]:
      find role(s) SERVROLE and return their status on IPA
      masters. If --server option is given, the query is limited to this
      server. --status options filters the output by status [enabled vs.
      configurer vs. absent]

https://fedorahosted.org/freeipa/ticket/5181
http://www.freeipa.org/page/V4/Server_Roles

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
2016-06-13 17:50:54 +02:00

179 lines
4.6 KiB
Python

#
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
#
from ipalib.crud import Retrieve, Search
from ipalib.errors import NotFound
from ipalib.frontend import Object
from ipalib.parameters import Int, Str, StrEnum
from ipalib.plugable import Registry
from ipalib import _, ngettext
__doc__ = _("""
IPA server roles
""") + _("""
Get status of roles (DNS server, CA, etc. )provided by IPA masters.
""") + _("""
EXAMPLES:
""") + _("""
Show status of 'DNS server' role on a server:
ipa server-role-show ipa.example.com "DNS server"
""") + _("""
Show status of all roles containing 'AD' on a server:
ipa server-role-find --server ipa.example.com --role='AD'
""") + _("""
Show status of all configured roles on a server:
ipa server-role-find ipa.example.com
""")
register = Registry()
@register()
class server_role(Object):
"""
association between certain role (e.g. DNS server) and its status with
an IPA master
"""
backend_name = 'serverroles'
object_name = _('server role')
object_name_plural = _('server roles')
default_attributes = [
'role', 'status'
]
label = _('IPA Server Roles')
label_singular = _('IPA Server Role')
takes_params = (
Str(
'server_server',
cli_name='server',
label=_('Server name'),
doc=_('IPA server hostname'),
),
Str(
'role_servrole',
cli_name='role',
label=_("Role name"),
doc=_("IPA server role name"),
flags={u'virtual_attribute'}
),
StrEnum(
'status?',
cli_name='status',
label=_('Role status'),
doc=_('Status of the role'),
values=(u'enabled', u'configured', u'absent'),
default=u'enabled',
flags={'virtual_attribute', 'no_create', 'no_update'}
)
)
def ensure_master_exists(self, fqdn):
server_obj = self.api.Object.server
try:
server_obj.get_dn_if_exists(fqdn)
except NotFound:
server_obj.handle_not_found(fqdn)
@register()
class server_role_show(Retrieve):
__doc__ = _('Show role status on a server')
obj_name = 'server_role'
attr_name = 'show'
def get_args(self):
for arg in super(server_role_show, self).get_args():
yield arg
for param in self.obj.params():
if param.name != u'status':
yield param.clone()
def execute(self, *keys, **options):
self.obj.ensure_master_exists(keys[0])
role_status = self.obj.backend.server_role_retrieve(
server_server=keys[0], role_servrole=keys[1])
return dict(result=role_status[0], value=None)
@register()
class server_role_find(Search):
__doc__ = _('Find a server role on a server(s)')
obj_name = 'server_role'
attr_name = 'find'
msg_summary = ngettext('%(count)s server role matched',
'%(count)s server roles matched', 0)
takes_options = Search.takes_options + (
Int(
'timelimit?',
label=_('Time Limit'),
doc=_('Time limit of search in seconds (0 is unlimited)'),
flags=['no_display'],
minvalue=0,
autofill=False,
),
Int(
'sizelimit?',
label=_('Size Limit'),
doc=_('Maximum number of entries returned (0 is unlimited)'),
flags=['no_display'],
minvalue=0,
autofill=False,
),
)
def execute(self, *keys, **options):
if keys:
return dict(
result=[],
count=0,
truncated=False
)
server = options.get('server_server', None)
role_name = options.get('role_servrole', None)
status = options.get('status', None)
if server is not None:
self.obj.ensure_master_exists(server)
role_status = self.obj.backend.server_role_search(
server_server=server,
role_servrole=role_name,
status=status)
result = [
r for r in role_status if r[u'role_servrole'] != "IPA master"]
return dict(
result=result,
count=len(result),
truncated=False,
)
@register()
class servrole(Object):
"""
Server role object
"""
object_name = _('role')
object_name_plural = _('roles')
takes_params = (
Str(
'name',
primary_key=True,
label=_("Role name"),
doc=_("IPA role name"),
flags=(u'virtual_attribute',)
)
)