subject:"\[Freeipa\-devel\] \[freeipa PR#741\]\[synchronized\] 6.9 \-> 7.4 migration fixes"

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

2017-05-02 Thread stlaz

   URL: https://github.com/freeipa/freeipa/pull/741
Author: stlaz
 Title: #741: 6.9 -> 7.4 migration fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/741/head:pr741
git checkout pr741
From 802b2ad635f3e62290c95bb0636c85d90199d84b Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Thu, 27 Apr 2017 12:51:30 +0200
Subject: [PATCH 1/2] Refresh Dogtag RestClient.ca_host property

Refresh the ca_host property of the Dogtag's RestClient class when
it's requested as a context manager.

This solves the problem which would occur on DL0 when installing
CA which needs to perform a set of steps against itself accessing
8443 port. This port should however only be available locally so
trying to connect to remote master would fail. We need to make
sure the right CA host is accessed.

https://pagure.io/freeipa/issue/6878
---
 ipaserver/install/cainstance.py |  5 ++---
 ipaserver/plugins/dogtag.py | 30 ++
 2 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 84d60bf..d72feb8 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -425,6 +425,8 @@ def configure_instance(self, host_name, dm_password, admin_password,
 self.step("Configure HTTP to proxy connections",
   self.http_proxy)
 self.step("restarting certificate server", self.restart_instance)
+self.step("updating IPA configuration", update_ipa_conf)
+self.step("enabling CA instance", self.__enable_instance)
 if not promote:
 self.step("migrating certificate profiles to LDAP",
   migrate_profiles_to_ldap)
@@ -432,9 +434,6 @@ def configure_instance(self, host_name, dm_password, admin_password,
   import_included_profiles)
 self.step("adding default CA ACL", ensure_default_caacl)
 self.step("adding 'ipa' CA entry", ensure_ipa_authority_entry)
-self.step("updating IPA configuration", update_ipa_conf)
-
-self.step("enabling CA instance", self.__enable_instance)
 
 self.step("configuring certmonger renewal for lightweight CAs",
   self.__add_lightweight_ca_tracking_requests)
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 3997531..bddaab5 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1202,7 +1202,6 @@ def select_any_master(ldap2, service='CA'):
 import random
 from ipaserver.plugins import rabase
 from ipalib.constants import TYPE_ERROR
-from ipalib.util import cachedproperty
 from ipalib import _
 from ipaplatform.paths import paths
 
@@ -1250,34 +1249,41 @@ def __init__(self, api):
 self.client_keyfile = paths.RA_AGENT_KEY
 super(RestClient, self).__init__(api)
 
+self._ca_host = None
 # session cookie
 self.override_port = None
 self.cookie = None
 
-@cachedproperty
+@property
 def ca_host(self):
 """
-:return:   host
-   as str
+:returns: FQDN of a host hopefully providing a CA service
 
-Select our CA host.
+Select our CA host, cache it for the first time.
 """
+if self._ca_host is not None:
+return self._ca_host
+
 ldap2 = self.api.Backend.ldap2
 if host_has_service(api.env.ca_host, ldap2, "CA"):
-return api.env.ca_host
-if api.env.host != api.env.ca_host:
+object.__setattr__(self, '_ca_host', api.env.ca_host)
+elif api.env.host != api.env.ca_host:
 if host_has_service(api.env.host, ldap2, "CA"):
-return api.env.host
-host = select_any_master(ldap2)
-if host:
-return host
+object.__setattr__(self, '_ca_host', api.env.host)
 else:
-return api.env.ca_host
+object.__setattr__(self, '_ca_host', select_any_master(ldap2))
+if self._ca_host is None:
+object.__setattr__(self, '_ca_host', api.env.ca_host)
+return self._ca_host
 
 def __enter__(self):
 """Log into the REST API"""
 if self.cookie is not None:
 return
+
+# Refresh the ca_host property
+object.__setattr__(self, '_ca_host', None)
+
 status, resp_headers, _resp_body = dogtag.https_request(
 self.ca_host, self.override_port or self.env.ca_agent_port,
 url='/ca/rest/account/login',

From f57ed03e97836876f21d18e68fd0f13f394dc471 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Fri, 28 Apr 2017 09:31:45 +0200
Subject: [PATCH 2/2] Remove the cachedproperty class

The

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

2017-05-02 Thread stlaz

   URL: https://github.com/freeipa/freeipa/pull/741
Author: stlaz
 Title: #741: 6.9 -> 7.4 migration fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/741/head:pr741
git checkout pr741
From 169dea79ade3283c25821fef3c4a6062ec6aef6d Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Thu, 27 Apr 2017 12:51:30 +0200
Subject: [PATCH 1/2] Refresh Dogtag RestClient.ca_host property

Refresh the ca_host property of the Dogtag's RestClient class when
it's requested as a context manager.

This solves the problem which would occur on DL0 when installing
CA against an old master which does not have port 8443 accessible.
The setup tries to update the cert profiles via this port but
fail. This operation should be performed against the local instance
anyway.

https://pagure.io/freeipa/issue/6878
---
 ipaserver/plugins/dogtag.py | 30 ++
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 3997531..bddaab5 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1202,7 +1202,6 @@ def select_any_master(ldap2, service='CA'):
 import random
 from ipaserver.plugins import rabase
 from ipalib.constants import TYPE_ERROR
-from ipalib.util import cachedproperty
 from ipalib import _
 from ipaplatform.paths import paths
 
@@ -1250,34 +1249,41 @@ def __init__(self, api):
 self.client_keyfile = paths.RA_AGENT_KEY
 super(RestClient, self).__init__(api)
 
+self._ca_host = None
 # session cookie
 self.override_port = None
 self.cookie = None
 
-@cachedproperty
+@property
 def ca_host(self):
 """
-:return:   host
-   as str
+:returns: FQDN of a host hopefully providing a CA service
 
-Select our CA host.
+Select our CA host, cache it for the first time.
 """
+if self._ca_host is not None:
+return self._ca_host
+
 ldap2 = self.api.Backend.ldap2
 if host_has_service(api.env.ca_host, ldap2, "CA"):
-return api.env.ca_host
-if api.env.host != api.env.ca_host:
+object.__setattr__(self, '_ca_host', api.env.ca_host)
+elif api.env.host != api.env.ca_host:
 if host_has_service(api.env.host, ldap2, "CA"):
-return api.env.host
-host = select_any_master(ldap2)
-if host:
-return host
+object.__setattr__(self, '_ca_host', api.env.host)
 else:
-return api.env.ca_host
+object.__setattr__(self, '_ca_host', select_any_master(ldap2))
+if self._ca_host is None:
+object.__setattr__(self, '_ca_host', api.env.ca_host)
+return self._ca_host
 
 def __enter__(self):
 """Log into the REST API"""
 if self.cookie is not None:
 return
+
+# Refresh the ca_host property
+object.__setattr__(self, '_ca_host', None)
+
 status, resp_headers, _resp_body = dogtag.https_request(
 self.ca_host, self.override_port or self.env.ca_agent_port,
 url='/ca/rest/account/login',

From 225fc310606916445fcc152ec21f627e67f95494 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Fri, 28 Apr 2017 09:31:45 +0200
Subject: [PATCH 2/2] Remove the cachedproperty class

The cachedproperty class was used in one special use-case where it only
caused issues. Let's get rid of it.

https://pagure.io/freeipa/issue/6878
---
 ipalib/util.py | 34 --
 1 file changed, 34 deletions(-)

diff --git a/ipalib/util.py b/ipalib/util.py
index e9d4105..8973a19 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -34,7 +34,6 @@
 import encodings
 import sys
 import ssl
-from weakref import WeakKeyDictionary
 
 import netaddr
 from dns import resolver, rdatatype
@@ -492,39 +491,6 @@ def remove_sshpubkey_from_output_list_post(context, entries):
 delattr(context, 'ipasshpubkey_added')
 
 
-class cachedproperty(object):
-"""
-A property-like attribute that caches the return value of a method call.
-
-When the attribute is first read, the method is called and its return
-value is saved and returned. On subsequent reads, the saved value is
-returned.
-
-Typical usage:
-class C(object):
-@cachedproperty
-def attr(self):
-return 'value'
-"""
-__slots__ = ('getter', 'store')
-
-def __init__(self, getter):
-self.getter = getter
-self.store = WeakKeyDictionary()
-
-def __get__(self, obj, cls):
-if obj is None:
-return None
-if obj not in self.store:
-self.store[obj] = self.getter(obj)
-return self.store[obj]
-
-def __set__(self, obj, value):
-raise

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

2017-05-02 Thread stlaz

   URL: https://github.com/freeipa/freeipa/pull/741
Author: stlaz
 Title: #741: 6.9 -> 7.4 migration fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/741/head:pr741
git checkout pr741
From 8cfc0770191003f9100e3405230e83a2e7059abf Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Thu, 27 Apr 2017 12:51:30 +0200
Subject: [PATCH 1/2] Refresh Dogtag RestClient.ca_host property

Refresh the ca_host property of the Dogtag's RestClient class when
it's requested as a context manager.

This solves the problem which would occur on DL0 when installing
CA against an old master which does not have port 8443 accessible.
The setup tries to update the cert profiles via this port but
fail. This operation should be performed against the local instance
anyway.

https://pagure.io/freeipa/issue/6878
---
 ipaserver/plugins/dogtag.py | 30 ++
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 3997531..3fb93fd 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1202,7 +1202,6 @@ def select_any_master(ldap2, service='CA'):
 import random
 from ipaserver.plugins import rabase
 from ipalib.constants import TYPE_ERROR
-from ipalib.util import cachedproperty
 from ipalib import _
 from ipaplatform.paths import paths
 
@@ -1250,34 +1249,41 @@ def __init__(self, api):
 self.client_keyfile = paths.RA_AGENT_KEY
 super(RestClient, self).__init__(api)
 
+self._ca_host = None
 # session cookie
 self.override_port = None
 self.cookie = None
 
-@cachedproperty
+@property
 def ca_host(self):
 """
-:return:   host
-   as str
+:returns: FQDN of a host hopefully providing a CA service
 
-Select our CA host.
+Select our CA host, cache it for the first time.
 """
+if self._ca_host is not None:
+return self._ca_host
+
 ldap2 = self.api.Backend.ldap2
 if host_has_service(api.env.ca_host, ldap2, "CA"):
-return api.env.ca_host
-if api.env.host != api.env.ca_host:
+self._ca_host = api.env.ca_host
+elif api.env.host != api.env.ca_host:
 if host_has_service(api.env.host, ldap2, "CA"):
-return api.env.host
-host = select_any_master(ldap2)
-if host:
-return host
+self._ca_host = api.env.host
 else:
-return api.env.ca_host
+self._ca_host = select_any_master(ldap2)
+if self._ca_host is None:
+self._ca_host = api.env.ca_host
+return self._ca_host
 
 def __enter__(self):
 """Log into the REST API"""
 if self.cookie is not None:
 return
+
+# Refresh the ca_host property
+object.__setattr__(self, '_ca_host', None)
+
 status, resp_headers, _resp_body = dogtag.https_request(
 self.ca_host, self.override_port or self.env.ca_agent_port,
 url='/ca/rest/account/login',

From 1ccd4c16d8f2043cea5bd271ada4492db9fceca2 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Fri, 28 Apr 2017 09:31:45 +0200
Subject: [PATCH 2/2] Remove the cachedproperty class

The cachedproperty class was used in one special use-case where it only
caused issues. Let's get rid of it.

https://pagure.io/freeipa/issue/6878
---
 ipalib/util.py | 34 --
 1 file changed, 34 deletions(-)

diff --git a/ipalib/util.py b/ipalib/util.py
index e9d4105..8973a19 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -34,7 +34,6 @@
 import encodings
 import sys
 import ssl
-from weakref import WeakKeyDictionary
 
 import netaddr
 from dns import resolver, rdatatype
@@ -492,39 +491,6 @@ def remove_sshpubkey_from_output_list_post(context, entries):
 delattr(context, 'ipasshpubkey_added')
 
 
-class cachedproperty(object):
-"""
-A property-like attribute that caches the return value of a method call.
-
-When the attribute is first read, the method is called and its return
-value is saved and returned. On subsequent reads, the saved value is
-returned.
-
-Typical usage:
-class C(object):
-@cachedproperty
-def attr(self):
-return 'value'
-"""
-__slots__ = ('getter', 'store')
-
-def __init__(self, getter):
-self.getter = getter
-self.store = WeakKeyDictionary()
-
-def __get__(self, obj, cls):
-if obj is None:
-return None
-if obj not in self.store:
-self.store[obj] = self.getter(obj)
-return self.store[obj]
-
-def __set__(self, obj, value):
-raise AttributeError("can't set attribute")
-
-def __delete__(self, obj):
-raise

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

2017-04-28 Thread stlaz

   URL: https://github.com/freeipa/freeipa/pull/741
Author: stlaz
 Title: #741: 6.9 -> 7.4 migration fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/741/head:pr741
git checkout pr741
From fddf366557e23806a5e05ba06c8471828c8daa7b Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Thu, 27 Apr 2017 12:51:30 +0200
Subject: [PATCH 1/2] Refresh Dogtag RestClient.ca_host property

Refresh the ca_host property of the Dogtag's RestClient class when
it's requested as a context manager.

This solves the problem which would occur on DL0 when installing
CA against an old master which does not have port 8443 accessible.
The setup tries to update the cert profiles via this port but
fail. This operation should be performed against the local instance
anyway.

https://pagure.io/freeipa/issue/6878
---
 ipaserver/plugins/dogtag.py | 34 ++
 1 file changed, 22 insertions(+), 12 deletions(-)

diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 3997531..2ac4674 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1202,7 +1202,6 @@ def select_any_master(ldap2, service='CA'):
 import random
 from ipaserver.plugins import rabase
 from ipalib.constants import TYPE_ERROR
-from ipalib.util import cachedproperty
 from ipalib import _
 from ipaplatform.paths import paths
 
@@ -1250,34 +1249,45 @@ def __init__(self, api):
 self.client_keyfile = paths.RA_AGENT_KEY
 super(RestClient, self).__init__(api)
 
+self._ca_host = None
 # session cookie
 self.override_port = None
 self.cookie = None
 
-@cachedproperty
+@property
 def ca_host(self):
 """
-:return:   host
-   as str
+:returns: FQDN of a host hopefully providing a CA service
 
-Select our CA host.
+Select our CA host, cache it for the first time.
 """
+if self._ca_host is not None:
+return self._ca_host
+
 ldap2 = self.api.Backend.ldap2
 if host_has_service(api.env.ca_host, ldap2, "CA"):
-return api.env.ca_host
-if api.env.host != api.env.ca_host:
+self._ca_host = api.env.ca_host
+elif api.env.host != api.env.ca_host:
 if host_has_service(api.env.host, ldap2, "CA"):
-return api.env.host
-host = select_any_master(ldap2)
-if host:
-return host
+self._ca_host = api.env.host
 else:
-return api.env.ca_host
+self._ca_host = select_any_master(ldap2)
+if self._ca_host is None:
+self._ca_host = api.env.ca_host
+return self._ca_host
+
+@ca_host.setter
+def ca_host(self, value):
+self._ca_host = value
 
 def __enter__(self):
 """Log into the REST API"""
 if self.cookie is not None:
 return
+
+# Refresh the ca_host property
+self._ca_host = None
+
 status, resp_headers, _resp_body = dogtag.https_request(
 self.ca_host, self.override_port or self.env.ca_agent_port,
 url='/ca/rest/account/login',

From 6d7589e8654d11a7d73256d862ecad8168a5e4da Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Fri, 28 Apr 2017 09:31:45 +0200
Subject: [PATCH 2/2] Remove the cachedproperty class

The cachedproperty class was used in one special use-case where it only
caused issues. Let's get rid of it.

https://pagure.io/freeipa/issue/6878
---
 ipalib/util.py | 34 --
 1 file changed, 34 deletions(-)

diff --git a/ipalib/util.py b/ipalib/util.py
index e9d4105..8973a19 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -34,7 +34,6 @@
 import encodings
 import sys
 import ssl
-from weakref import WeakKeyDictionary
 
 import netaddr
 from dns import resolver, rdatatype
@@ -492,39 +491,6 @@ def remove_sshpubkey_from_output_list_post(context, entries):
 delattr(context, 'ipasshpubkey_added')
 
 
-class cachedproperty(object):
-"""
-A property-like attribute that caches the return value of a method call.
-
-When the attribute is first read, the method is called and its return
-value is saved and returned. On subsequent reads, the saved value is
-returned.
-
-Typical usage:
-class C(object):
-@cachedproperty
-def attr(self):
-return 'value'
-"""
-__slots__ = ('getter', 'store')
-
-def __init__(self, getter):
-self.getter = getter
-self.store = WeakKeyDictionary()
-
-def __get__(self, obj, cls):
-if obj is None:
-return None
-if obj not in self.store:
-self.store[obj] = self.getter(obj)
-return self.store[obj]
-
-def __set__(self, obj, value):
-raise AttributeError("can't set attribute")
-

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

2017-04-27 Thread stlaz

   URL: https://github.com/freeipa/freeipa/pull/741
Author: stlaz
 Title: #741: 6.9 -> 7.4 migration fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/741/head:pr741
git checkout pr741
From 84f049e2dc5e617b4f49c0e079640bd2ca76c288 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Thu, 27 Apr 2017 12:38:19 +0200
Subject: [PATCH 1/2] Allow rewriting of cached properties

Cached property should not be treated anyway special from a normal
property. If we need to rewrite/remove it, we should be able to do
just so.

https://pagure.io/freeipa/issue/6878
---
 ipalib/util.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/ipalib/util.py b/ipalib/util.py
index e9d4105..b9206eb 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -520,10 +520,8 @@ def __get__(self, obj, cls):
 return self.store[obj]
 
 def __set__(self, obj, value):
-raise AttributeError("can't set attribute")
+self.store[obj] = value
 
-def __delete__(self, obj):
-raise AttributeError("can't delete attribute")
 
 # regexp matching signed floating point number (group 1) followed by
 # optional whitespace followed by time unit, e.g. day, hour (group 7)

From ff579bb9f613d375faae62e2508a876052fa61fb Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka 
Date: Thu, 27 Apr 2017 12:51:30 +0200
Subject: [PATCH 2/2] Refresh Dogtag RestClient.ca_host property

Refresh the ca_host property of the Dogtag's RestClient class when
it's requested as a context manager.

This solves the problem which would occur on DL0 when installing
CA against an old master which does not have port 8443 accessible.
The setup tries to update the cert profiles via this port but
fail. This operation should be performed against the local instance
anyway.

https://pagure.io/freeipa/issue/6878
---
 ipaserver/plugins/dogtag.py | 4 
 1 file changed, 4 insertions(+)

diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 3997531..48dc6b3 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1278,6 +1278,10 @@ def __enter__(self):
 """Log into the REST API"""
 if self.cookie is not None:
 return
+
+if not host_has_service(api.env.ca_host, self.api.Backend.ldap2, "CA"):
+self.ca_host = api.env.ca_host
+
 status, resp_headers, _resp_body = dogtag.https_request(
 self.ca_host, self.override_port or self.env.ca_agent_port,
 url='/ca/rest/account/login',
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

[Freeipa-devel] [freeipa PR#741][synchronized] 6.9 -> 7.4 migration fixes

5 matches

Site Navigation

Mail list logo

Footer information