|
 |
ac7d03 |
From 352b1bc2735e8571bd4bf3a46f599834c6b0aefa Mon Sep 17 00:00:00 2001
|
|
|
ac7d03 |
From: Martin Babinsky <mbabinsk@redhat.com>
|
|
|
ac7d03 |
Date: Tue, 16 May 2017 17:29:39 +0200
|
|
|
ac7d03 |
Subject: [PATCH] Refactor the role/attribute member reporting code
|
|
|
ac7d03 |
|
|
|
ac7d03 |
The `config` object now hosts a generic method for updating the config
|
|
|
ac7d03 |
entry for desired server role configuration (if not empty). The
|
|
|
ac7d03 |
duplicated code in dns/trust/vaultconfig commands was replaced by a call
|
|
|
ac7d03 |
to a common method.
|
|
|
ac7d03 |
|
|
|
ac7d03 |
https://pagure.io/freeipa/issue/6937
|
|
|
ac7d03 |
|
|
|
ac7d03 |
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
|
|
|
ac7d03 |
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
|
|
|
ac7d03 |
---
|
|
|
ac7d03 |
ipaserver/plugins/config.py | 24 ++++++++++++++++--------
|
|
|
ac7d03 |
ipaserver/plugins/dns.py | 16 ++++------------
|
|
|
ac7d03 |
ipaserver/plugins/trust.py | 22 ++++------------------
|
|
|
ac7d03 |
ipaserver/plugins/vault.py | 6 +++---
|
|
|
ac7d03 |
4 files changed, 27 insertions(+), 41 deletions(-)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/ipaserver/plugins/config.py b/ipaserver/plugins/config.py
|
|
|
ac7d03 |
index b50e7a4691bd76bfaf7c332cd89b0f1bf55bac46..c88cb99b47ac746f8e18cf189708d457b535416a 100644
|
|
|
ac7d03 |
--- a/ipaserver/plugins/config.py
|
|
|
ac7d03 |
+++ b/ipaserver/plugins/config.py
|
|
|
ac7d03 |
@@ -267,15 +267,21 @@ class config(LDAPObject):
|
|
|
ac7d03 |
def get_dn(self, *keys, **kwargs):
|
|
|
ac7d03 |
return DN(('cn', 'ipaconfig'), ('cn', 'etc'), api.env.basedn)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
- def show_servroles_attributes(self, entry_attrs, **options):
|
|
|
ac7d03 |
+ def update_entry_with_role_config(self, role_name, entry_attrs):
|
|
|
ac7d03 |
+ backend = self.api.Backend.serverroles
|
|
|
ac7d03 |
+
|
|
|
ac7d03 |
+ role_config = backend.config_retrieve(role_name)
|
|
|
ac7d03 |
+ for key, value in role_config.items():
|
|
|
ac7d03 |
+ if value:
|
|
|
ac7d03 |
+ entry_attrs.update({key: value})
|
|
|
ac7d03 |
+
|
|
|
ac7d03 |
+
|
|
|
ac7d03 |
+ def show_servroles_attributes(self, entry_attrs, *roles, **options):
|
|
|
ac7d03 |
if options.get('raw', False):
|
|
|
ac7d03 |
return
|
|
|
ac7d03 |
|
|
|
ac7d03 |
- backend = self.api.Backend.serverroles
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
- for role in ("CA server", "IPA master", "NTP server"):
|
|
|
ac7d03 |
- config = backend.config_retrieve(role)
|
|
|
ac7d03 |
- entry_attrs.update(config)
|
|
|
ac7d03 |
+ for role in roles:
|
|
|
ac7d03 |
+ self.update_entry_with_role_config(role, entry_attrs)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def gather_trusted_domains(self):
|
|
|
ac7d03 |
"""
|
|
|
ac7d03 |
@@ -525,7 +531,8 @@ class config_mod(LDAPUpdate):
|
|
|
ac7d03 |
keys, options, exc, call_func, *call_args, **call_kwargs)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
ac7d03 |
- self.obj.show_servroles_attributes(entry_attrs, **options)
|
|
|
ac7d03 |
+ self.obj.show_servroles_attributes(
|
|
|
ac7d03 |
+ entry_attrs, "CA server", "IPA master", "NTP server", **options)
|
|
|
ac7d03 |
return dn
|
|
|
ac7d03 |
|
|
|
ac7d03 |
|
|
|
ac7d03 |
@@ -534,5 +541,6 @@ class config_show(LDAPRetrieve):
|
|
|
ac7d03 |
__doc__ = _('Show the current configuration.')
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
ac7d03 |
- self.obj.show_servroles_attributes(entry_attrs, **options)
|
|
|
ac7d03 |
+ self.obj.show_servroles_attributes(
|
|
|
ac7d03 |
+ entry_attrs, "CA server", "IPA master", "NTP server", **options)
|
|
|
ac7d03 |
return dn
|
|
|
ac7d03 |
diff --git a/ipaserver/plugins/dns.py b/ipaserver/plugins/dns.py
|
|
|
ac7d03 |
index 47ac963a0ae26fcaa81e70a8143bd7d0c172d20e..f0e6c48f06313def57cdd6a4c7114357c9d8de8a 100644
|
|
|
ac7d03 |
--- a/ipaserver/plugins/dns.py
|
|
|
ac7d03 |
+++ b/ipaserver/plugins/dns.py
|
|
|
ac7d03 |
@@ -4184,16 +4184,6 @@ class dnsconfig(LDAPObject):
|
|
|
ac7d03 |
if is_config_empty:
|
|
|
ac7d03 |
result['summary'] = unicode(_('Global DNS configuration is empty'))
|
|
|
ac7d03 |
|
|
|
ac7d03 |
- def show_servroles_attributes(self, entry_attrs, **options):
|
|
|
ac7d03 |
- if options.get('raw', False):
|
|
|
ac7d03 |
- return
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
- backend = self.api.Backend.serverroles
|
|
|
ac7d03 |
- entry_attrs.update(
|
|
|
ac7d03 |
- backend.config_retrieve("DNS server")
|
|
|
ac7d03 |
- )
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
@register()
|
|
|
ac7d03 |
class dnsconfig_mod(LDAPUpdate):
|
|
|
ac7d03 |
__doc__ = _('Modify global DNS configuration.')
|
|
|
ac7d03 |
@@ -4247,7 +4237,8 @@ class dnsconfig_mod(LDAPUpdate):
|
|
|
ac7d03 |
return result
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
ac7d03 |
- self.obj.show_servroles_attributes(entry_attrs, **options)
|
|
|
ac7d03 |
+ self.api.Object.config.show_servroles_attributes(
|
|
|
ac7d03 |
+ entry_attrs, "DNS server", **options)
|
|
|
ac7d03 |
return dn
|
|
|
ac7d03 |
|
|
|
ac7d03 |
|
|
|
ac7d03 |
@@ -4261,7 +4252,8 @@ class dnsconfig_show(LDAPRetrieve):
|
|
|
ac7d03 |
return result
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
ac7d03 |
- self.obj.show_servroles_attributes(entry_attrs, **options)
|
|
|
ac7d03 |
+ self.api.Object.config.show_servroles_attributes(
|
|
|
ac7d03 |
+ entry_attrs, "DNS server", **options)
|
|
|
ac7d03 |
return dn
|
|
|
ac7d03 |
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/ipaserver/plugins/trust.py b/ipaserver/plugins/trust.py
|
|
|
ac7d03 |
index 0829f8c714f15c4384a89e18ba29e417405c249c..075b39dcc33a79f3e73e8e1e9e31ebbef17618fe 100644
|
|
|
ac7d03 |
--- a/ipaserver/plugins/trust.py
|
|
|
ac7d03 |
+++ b/ipaserver/plugins/trust.py
|
|
|
ac7d03 |
@@ -1278,22 +1278,6 @@ class trustconfig(LDAPObject):
|
|
|
ac7d03 |
|
|
|
ac7d03 |
entry_attrs['ipantfallbackprimarygroup'] = [groupdn[0][0].value]
|
|
|
ac7d03 |
|
|
|
ac7d03 |
- def show_servroles(self, entry_attrs, **options):
|
|
|
ac7d03 |
- if options.get('raw', False):
|
|
|
ac7d03 |
- return
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
- backend = self.api.Backend.serverroles
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
- adtrust_agents = backend.config_retrieve(
|
|
|
ac7d03 |
- "AD trust agent"
|
|
|
ac7d03 |
- )
|
|
|
ac7d03 |
- adtrust_controllers = backend.config_retrieve(
|
|
|
ac7d03 |
- "AD trust controller"
|
|
|
ac7d03 |
- )
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
- entry_attrs.update(adtrust_agents)
|
|
|
ac7d03 |
- entry_attrs.update(adtrust_controllers)
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
|
|
|
ac7d03 |
@register()
|
|
|
ac7d03 |
class trustconfig_mod(LDAPUpdate):
|
|
|
ac7d03 |
@@ -1314,7 +1298,8 @@ class trustconfig_mod(LDAPUpdate):
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
ac7d03 |
self.obj._convert_groupdn(entry_attrs, options)
|
|
|
ac7d03 |
- self.obj.show_servroles(entry_attrs, **options)
|
|
|
ac7d03 |
+ self.api.Object.config.show_servroles_attributes(
|
|
|
ac7d03 |
+ entry_attrs, "AD trust agent", "AD trust controller", **options)
|
|
|
ac7d03 |
return dn
|
|
|
ac7d03 |
|
|
|
ac7d03 |
|
|
|
ac7d03 |
@@ -1333,7 +1318,8 @@ class trustconfig_show(LDAPRetrieve):
|
|
|
ac7d03 |
|
|
|
ac7d03 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
ac7d03 |
self.obj._convert_groupdn(entry_attrs, options)
|
|
|
ac7d03 |
- self.obj.show_servroles(entry_attrs, **options)
|
|
|
ac7d03 |
+ self.api.Object.config.show_servroles_attributes(
|
|
|
ac7d03 |
+ entry_attrs, "AD trust agent", "AD trust controller", **options)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
return dn
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/ipaserver/plugins/vault.py b/ipaserver/plugins/vault.py
|
|
|
ac7d03 |
index d46aca821d2ec94a38dd7cc930f26038d5d80a90..d05a240c39bc1b47f1eba19cb893ab7408b35fa8 100644
|
|
|
ac7d03 |
--- a/ipaserver/plugins/vault.py
|
|
|
ac7d03 |
+++ b/ipaserver/plugins/vault.py
|
|
|
ac7d03 |
@@ -997,9 +997,9 @@ class vaultconfig_show(Retrieve):
|
|
|
ac7d03 |
with self.api.Backend.kra.get_client() as kra_client:
|
|
|
ac7d03 |
transport_cert = kra_client.system_certs.get_transport_cert()
|
|
|
ac7d03 |
config = {'transport_cert': transport_cert.binary}
|
|
|
ac7d03 |
- config.update(
|
|
|
ac7d03 |
- self.api.Backend.serverroles.config_retrieve("KRA server")
|
|
|
ac7d03 |
- )
|
|
|
ac7d03 |
+
|
|
|
ac7d03 |
+ self.api.Object.config.show_servroles_attributes(
|
|
|
ac7d03 |
+ config, "KRA server", **options)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
return {
|
|
|
ac7d03 |
'result': config,
|
|
|
ac7d03 |
--
|
|
|
ac7d03 |
2.9.4
|
|
|
ac7d03 |
|