From 2d1a85606d61128611f49101854bb8efe4abd638 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Thu, 16 Jan 2014 20:31:37 +0200
Subject: [PATCH 32/34] group-show: resolve external members of the groups

Perform SID to name conversion for existing external members of the
groups if trust is configured.

https://bugzilla.redhat.com/show_bug.cgi?id=1054391
https://fedorahosted.org/freeipa/ticket/4123
---
 ipalib/plugins/group.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 02eeb10ca2ca2a5710e88d6e3c11f1d1cdaa4a7b..dac55003e5a4291e8a3b7db58ae9b3c9c76e271e 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -387,6 +387,21 @@ def pre_callback(self, ldap, filter, attrs_list, base_dn, scope, *args, **option
 class group_show(LDAPRetrieve):
     __doc__ = _('Display information about a named group.')
     has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,)
+    def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+        assert isinstance(dn, DN)
+        if ('ipaexternalmember' in entry_attrs and
+            len(entry_attrs['ipaexternalmember']) > 0 and
+            'trust_resolve' in self.Command and
+            not options.get('raw', False)):
+            sids = entry_attrs['ipaexternalmember']
+            result = self.Command.trust_resolve(sids=sids)
+            for entry in result['result']:
+                try:
+                    idx = sids.index(entry['sid'][0])
+                    sids[idx] = entry['name'][0]
+                except ValueError:
+                    pass
+        return dn
 api.register(group_show)
 
 
-- 
1.8.4.2