|
 |
86baa9 |
From 483fea9c199d76f1e759241ad32c990f5e0eaabc Mon Sep 17 00:00:00 2001
|
|
|
86baa9 |
From: Christian Heimes <cheimes@redhat.com>
|
|
|
86baa9 |
Date: Mon, 25 Mar 2019 08:36:53 +0100
|
|
|
86baa9 |
Subject: [PATCH] Implement server-state --state=enabled/hidden
|
|
|
86baa9 |
|
|
|
86baa9 |
server-state modified the hidden / enabled flags of all configured
|
|
|
86baa9 |
services of a server. Since the command does not directly modify the
|
|
|
86baa9 |
server LDAP entry, the command has to be implemented as a dedicated plugin.
|
|
|
86baa9 |
|
|
|
86baa9 |
Fixes: https://pagure.io/freeipa/issue/7892
|
|
|
86baa9 |
Signed-off-by: Christian Heimes <cheimes@redhat.com>
|
|
|
86baa9 |
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
|
|
|
86baa9 |
Reviewed-By: Francois Cami <fcami@redhat.com>
|
|
|
86baa9 |
---
|
|
|
86baa9 |
API.txt | 9 ++++++
|
|
|
86baa9 |
ipaserver/plugins/server.py | 58 +++++++++++++++++++++++++++++++++++--
|
|
|
86baa9 |
2 files changed, 65 insertions(+), 2 deletions(-)
|
|
|
86baa9 |
|
|
|
86baa9 |
diff --git a/API.txt b/API.txt
|
|
|
86baa9 |
index 2135300183e3dc2126309e8f892e79fe6b5178fb..222e30915ccc1fb4a6f3ce228669453f346fdde4 100644
|
|
|
86baa9 |
--- a/API.txt
|
|
|
86baa9 |
+++ b/API.txt
|
|
|
86baa9 |
@@ -4471,6 +4471,14 @@ option: Str('version?')
|
|
|
86baa9 |
output: Entry('result')
|
|
|
86baa9 |
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
|
|
|
86baa9 |
output: PrimaryKey('value')
|
|
|
86baa9 |
+command: server_state/1
|
|
|
86baa9 |
+args: 1,2,3
|
|
|
86baa9 |
+arg: Str('cn', cli_name='name')
|
|
|
86baa9 |
+option: StrEnum('state', values=[u'enabled', u'hidden'])
|
|
|
86baa9 |
+option: Str('version?')
|
|
|
86baa9 |
+output: Output('result', type=[<type 'bool'>])
|
|
|
86baa9 |
+output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
|
|
|
86baa9 |
+output: PrimaryKey('value')
|
|
|
86baa9 |
command: service_add/1
|
|
|
86baa9 |
args: 1,13,3
|
|
|
86baa9 |
arg: Principal('krbcanonicalname', cli_name='canonical_principal')
|
|
|
86baa9 |
@@ -6900,6 +6908,7 @@ default: server_role/1
|
|
|
86baa9 |
default: server_role_find/1
|
|
|
86baa9 |
default: server_role_show/1
|
|
|
86baa9 |
default: server_show/1
|
|
|
86baa9 |
+default: server_state/1
|
|
|
86baa9 |
default: service/1
|
|
|
86baa9 |
default: service_add/1
|
|
|
86baa9 |
default: service_add_cert/1
|
|
|
86baa9 |
diff --git a/ipaserver/plugins/server.py b/ipaserver/plugins/server.py
|
|
|
86baa9 |
index e265883e3637938e3df5ecf132f4add62413a997..0d144d13bca66b65de64328139fd7126eea24c89 100644
|
|
|
86baa9 |
--- a/ipaserver/plugins/server.py
|
|
|
86baa9 |
+++ b/ipaserver/plugins/server.py
|
|
|
86baa9 |
@@ -12,7 +12,7 @@ import ldap
|
|
|
86baa9 |
import time
|
|
|
86baa9 |
|
|
|
86baa9 |
from ipalib import api, crud, errors, messages
|
|
|
86baa9 |
-from ipalib import Int, Flag, Str, DNSNameParam
|
|
|
86baa9 |
+from ipalib import Int, Flag, Str, StrEnum, DNSNameParam
|
|
|
86baa9 |
from ipalib.plugable import Registry
|
|
|
86baa9 |
from .baseldap import (
|
|
|
86baa9 |
LDAPSearch,
|
|
|
86baa9 |
@@ -28,8 +28,9 @@ from ipaplatform import services
|
|
|
86baa9 |
from ipapython.dn import DN
|
|
|
86baa9 |
from ipapython.dnsutil import DNSName
|
|
|
86baa9 |
from ipaserver import topology
|
|
|
86baa9 |
-from ipaserver.servroles import ENABLED
|
|
|
86baa9 |
+from ipaserver.servroles import ENABLED, HIDDEN
|
|
|
86baa9 |
from ipaserver.install import bindinstance, dnskeysyncinstance
|
|
|
86baa9 |
+from ipaserver.install.service import hide_services, enable_services
|
|
|
86baa9 |
|
|
|
86baa9 |
__doc__ = _("""
|
|
|
86baa9 |
IPA servers
|
|
|
86baa9 |
@@ -949,3 +950,56 @@ class server_conncheck(crud.PKQuery):
|
|
|
86baa9 |
messages.ExternalCommandOutput(line=line))
|
|
|
86baa9 |
|
|
|
86baa9 |
return result
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+@register()
|
|
|
86baa9 |
+class server_state(crud.PKQuery):
|
|
|
86baa9 |
+ __doc__ = _("Set enabled/hidden state of a server.")
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ takes_options = (
|
|
|
86baa9 |
+ StrEnum(
|
|
|
86baa9 |
+ 'state',
|
|
|
86baa9 |
+ values=(u'enabled', u'hidden'),
|
|
|
86baa9 |
+ label=_('State'),
|
|
|
86baa9 |
+ doc=_('Server state'),
|
|
|
86baa9 |
+ flags={'virtual_attribute', 'no_create', 'no_search'},
|
|
|
86baa9 |
+ ),
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ msg_summary = _('Changed server state of "%(value)s".')
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ has_output = output.standard_boolean
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ def execute(self, *keys, **options):
|
|
|
86baa9 |
+ fqdn = keys[0]
|
|
|
86baa9 |
+ if options['state'] == u'enabled':
|
|
|
86baa9 |
+ to_status = ENABLED
|
|
|
86baa9 |
+ from_status = HIDDEN
|
|
|
86baa9 |
+ else:
|
|
|
86baa9 |
+ to_status = HIDDEN
|
|
|
86baa9 |
+ from_status = ENABLED
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ roles = self.api.Command.server_role_find(
|
|
|
86baa9 |
+ server_server=fqdn,
|
|
|
86baa9 |
+ status=from_status,
|
|
|
86baa9 |
+ include_master=True,
|
|
|
86baa9 |
+ )['result']
|
|
|
86baa9 |
+ from_roles = [r[u'role_servrole'] for r in roles]
|
|
|
86baa9 |
+ if not from_roles:
|
|
|
86baa9 |
+ # no server role is in source status
|
|
|
86baa9 |
+ raise errors.EmptyModlist
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ if to_status == ENABLED:
|
|
|
86baa9 |
+ enable_services(fqdn)
|
|
|
86baa9 |
+ else:
|
|
|
86baa9 |
+ hide_services(fqdn)
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ # update system roles
|
|
|
86baa9 |
+ result = self.api.Command.dns_update_system_records()
|
|
|
86baa9 |
+ if not result.get('value'):
|
|
|
86baa9 |
+ self.add_message(messages.AutomaticDNSRecordsUpdateFailed())
|
|
|
86baa9 |
+
|
|
|
86baa9 |
+ return {
|
|
|
86baa9 |
+ 'value': fqdn,
|
|
|
86baa9 |
+ 'result': True,
|
|
|
86baa9 |
+ }
|
|
|
86baa9 |
--
|
|
|
86baa9 |
2.20.1
|
|
|
86baa9 |
|