From ef7fe9e24844f73a27650d4d2a4f118cc364caac Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Thu, 5 Jul 2018 23:50:37 +0200
Subject: [PATCH] Query for server role IPA master
server_find and server_role plugin were hiding IPA master role
information. It's now possible to fetch IPA master role information and
to filter by IPA master role, e.g. to ignore servers that have some
services configured but not (yet) enabled.
See: https://pagure.io/freeipa/issue/7566
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
API.txt | 3 ++-
ipaserver/plugins/server.py | 9 +++++++--
ipaserver/plugins/serverrole.py | 18 +++++++++++++++---
3 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/API.txt b/API.txt
index 96c1548331750577e899f397f6f5a9a9d863248a..0e09e58a6ecaa4f724fb0c92b4faaf64df9fab5a 100644
--- a/API.txt
+++ b/API.txt
@@ -4421,9 +4421,10 @@ output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: server_role_find/1
-args: 1,8,4
+args: 1,9,4
arg: Str('criteria?')
option: Flag('all', autofill=True, cli_name='all', default=False)
+option: Flag('include_master', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Str('role_servrole?', autofill=False, cli_name='role')
option: Str('server_server?', autofill=False, cli_name='server')
diff --git a/ipaserver/plugins/server.py b/ipaserver/plugins/server.py
index 4ea6f5b4b458db701c6c041d1c05cf4a7c6bc8a4..e265883e3637938e3df5ecf132f4add62413a997 100644
--- a/ipaserver/plugins/server.py
+++ b/ipaserver/plugins/server.py
@@ -205,7 +205,10 @@ class server(LDAPObject):
return
enabled_roles = self.api.Command.server_role_find(
- server_server=entry_attrs['cn'][0], status=ENABLED)['result']
+ server_server=entry_attrs['cn'][0],
+ status=ENABLED,
+ include_master=True,
+ )['result']
enabled_role_names = [r[u'role_servrole'] for r in enabled_roles]
@@ -339,7 +342,9 @@ class server_find(LDAPSearch):
role_status = self.api.Command.server_role_find(
server_server=None,
role_servrole=role,
- status=ENABLED)['result']
+ status=ENABLED,
+ include_master=True,
+ )['result']
return set(
r[u'server_server'] for r in role_status)
diff --git a/ipaserver/plugins/serverrole.py b/ipaserver/plugins/serverrole.py
index 1b19c7e867a0223d1c2e72372d9f3dc65fc5f771..5b7ccfb342d0a54bfd6f2cdc53c7d31201ed5989 100644
--- a/ipaserver/plugins/serverrole.py
+++ b/ipaserver/plugins/serverrole.py
@@ -5,7 +5,7 @@
from ipalib.crud import Retrieve, Search
from ipalib.errors import NotFound
from ipalib.frontend import Object
-from ipalib.parameters import Int, Str, StrEnum
+from ipalib.parameters import Flag, Int, Str, StrEnum
from ipalib.plugable import Registry
from ipalib import _, ngettext
@@ -129,6 +129,10 @@ class server_role_find(Search):
minvalue=0,
autofill=False,
),
+ Flag(
+ 'include_master',
+ doc=_('Include IPA master entries'),
+ )
)
def execute(self, *keys, **options):
@@ -151,8 +155,16 @@ class server_role_find(Search):
role_servrole=role_name,
status=status)
- result = [
- r for r in role_status if r[u'role_servrole'] != "IPA master"]
+ # Don't display "IPA master" information unless the role is
+ # requested explicitly. All servers are considered IPA masters,
+ # except for replicas during installation.
+ if options.get('include_master') or role_name == "IPA master":
+ result = role_status
+ else:
+ result = [
+ r for r in role_status
+ if r[u'role_servrole'] != "IPA master"
+ ]
return dict(
result=result,
count=len(result),
--
2.17.1