From 500be304c4b218b40acfa31cf987e541958b8985 Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Thu, 5 Jul 2018 23:50:37 +0200
Subject: [PATCH] Query for server role IPA master
server_find and server_role plugin were hiding IPA master role
information. It's now possible to fetch IPA master role information and
to filter by IPA master role, e.g. to ignore servers that have some
services configured but not (yet) enabled.
See: https://pagure.io/freeipa/issue/7566
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
---
API.txt | 3 ++-
ipaserver/plugins/server.py | 9 +++++++--
ipaserver/plugins/serverrole.py | 18 +++++++++++++++---
3 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/API.txt b/API.txt
index 5feed54947e044a0a2c908e70b44fe59a86972ff..7262a4122be06ab3ca2296897de84bea458fcf0a 100644
--- a/API.txt
+++ b/API.txt
@@ -4421,9 +4421,10 @@ output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: server_role_find/1
-args: 1,8,4
+args: 1,9,4
arg: Str('criteria?')
option: Flag('all', autofill=True, cli_name='all', default=False)
+option: Flag('include_master', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Str('role_servrole?', autofill=False, cli_name='role')
option: Str('server_server?', autofill=False, cli_name='server')
diff --git a/ipaserver/plugins/server.py b/ipaserver/plugins/server.py
index e0dc953a1ef870c95fdcdb629fb6ab3103e8f999..eb776aa8cf676c26d80c22ec87f8b5a310d0c6dc 100644
--- a/ipaserver/plugins/server.py
+++ b/ipaserver/plugins/server.py
@@ -199,7 +199,10 @@ class server(LDAPObject):
return
enabled_roles = self.api.Command.server_role_find(
- server_server=entry_attrs['cn'][0], status=ENABLED)['result']
+ server_server=entry_attrs['cn'][0],
+ status=ENABLED,
+ include_master=True,
+ )['result']
enabled_role_names = [r[u'role_servrole'] for r in enabled_roles]
@@ -333,7 +336,9 @@ class server_find(LDAPSearch):
role_status = self.api.Command.server_role_find(
server_server=None,
role_servrole=role,
- status=ENABLED)['result']
+ status=ENABLED,
+ include_master=True,
+ )['result']
return set(
r[u'server_server'] for r in role_status)
diff --git a/ipaserver/plugins/serverrole.py b/ipaserver/plugins/serverrole.py
index b5781b0dff4c5d6f433e6a5531fc3e830ffcd972..db88b3885c538c2800f6e4a1d649083859d43641 100644
--- a/ipaserver/plugins/serverrole.py
+++ b/ipaserver/plugins/serverrole.py
@@ -5,7 +5,7 @@
from ipalib.crud import Retrieve, Search
from ipalib.errors import NotFound
from ipalib.frontend import Object
-from ipalib.parameters import Int, Str, StrEnum
+from ipalib.parameters import Flag, Int, Str, StrEnum
from ipalib.plugable import Registry
from ipalib import _, ngettext
@@ -129,6 +129,10 @@ class server_role_find(Search):
minvalue=0,
autofill=False,
),
+ Flag(
+ 'include_master',
+ doc=_('Include IPA master entries'),
+ )
)
def execute(self, *keys, **options):
@@ -151,8 +155,16 @@ class server_role_find(Search):
role_servrole=role_name,
status=status)
- result = [
- r for r in role_status if r[u'role_servrole'] != "IPA master"]
+ # Don't display "IPA master" information unless the role is
+ # requested explicitly. All servers are considered IPA masters,
+ # except for replicas during installation.
+ if options.get('include_master') or role_name == "IPA master":
+ result = role_status
+ else:
+ result = [
+ r for r in role_status
+ if r[u'role_servrole'] != "IPA master"
+ ]
return dict(
result=result,
count=len(result),
--
2.17.1