areguera / rpms / ipa

Forked from rpms/ipa 5 years ago
Clone
Blob Blame History Raw
From c805cd76acc8fbc9c2cb689deaf6e5eae78700c5 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Wed, 15 Jan 2014 15:42:10 +0200
Subject: [PATCH 24/25] trustdomain-find: report status of the (sub)domain

Show status of each enumerated domain

trustdomain-find shows list of domains associated with the trust.
Each domain except the trust forest root can be enabled or disabled
with the help of trustdomain-enable and trustdomain-disable commands.

https://fedorahosted.org/freeipa/ticket/4096
---
 ipalib/plugins/trust.py | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index a16c23083662fd674c45ba54b9dfb9f4837160df..3d412c9c9f518347769e88ddc9089d6d92ccc4be 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -21,7 +21,7 @@
 from ipalib.plugins.baseldap import *
 from ipalib.plugins.dns import dns_container_exists
 from ipapython.ipautil import realm_to_suffix
-from ipalib import api, Str, StrEnum, Password, _, ngettext
+from ipalib import api, Str, StrEnum, Password, Bool, _, ngettext
 from ipalib import Command
 from ipalib import errors
 from ldap import SCOPE_SUBTREE
@@ -1183,8 +1183,24 @@ def get_dn(self, *keys, **kwargs):
 class trustdomain_find(LDAPSearch):
     __doc__ = _('Search domains of the trust')
 
+    has_output_params = LDAPSearch.has_output_params + (
+        Flag('domain_enabled', label= _('Domain enabled')),
+    )
     def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options):
         return (filters, base_dn, ldap.SCOPE_SUBTREE)
+
+    def post_callback(self, ldap, entries, truncated, *args, **options):
+        trust_dn = self.obj.get_dn(args[0], trust_type=u'ad')
+        trust_entry = ldap.get_entry(trust_dn)
+        for entry in entries:
+            sid = entry['ipanttrusteddomainsid'][0]
+            if sid in trust_entry['ipantsidblacklistincoming']:
+                entry['domain_enabled'] = [False]
+            else:
+                entry['domain_enabled'] = [True]
+        return truncated
+
+
 api.register(trustdomain_find)
 
 class trustdomain_mod(LDAPUpdate):
-- 
1.8.4.2