Martin Kosek wrote:
On Tue, 2011-08-30 at 23:50 -0400, Rob Crittenden wrote:
This was spawned by another recent patch I pushed that showed netgroups
that a hostgroup is a member of. We want to suppress the automatic
netgroup that is created with hostgroups.
rob
NACK. I see several issues with the patch:
1) Lint problem:
ipalib/plugins/hostgroup.py:107: [E0602, hostgroup.suppress_netgroup_memberof]
Undefined variable 'NotFound'
2) When there is not hostgroup, `ipa hostgroup-find` throws an
exception:
[Wed Aug 31 04:36:11 2011] [error] ipa: ERROR: non-public: UnboundLocalError:
local variable 'dn' referenced before assignment
[Wed Aug 31 04:36:11 2011] [error] Traceback (most recent call last):
[Wed Aug 31 04:36:11 2011] [error] File
/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py, line 223, in
wsgi_execute
[Wed Aug 31 04:36:11 2011] [error] result = self.Command[name](*args,
**options)
[Wed Aug 31 04:36:11 2011] [error] File
/usr/lib/python2.7/site-packages/ipalib/frontend.py, line 432, in __call__
[Wed Aug 31 04:36:11 2011] [error] ret = self.run(*args, **options)
[Wed Aug 31 04:36:11 2011] [error] File
/usr/lib/python2.7/site-packages/ipalib/frontend.py, line 738, in run
[Wed Aug 31 04:36:11 2011] [error] return self.execute(*args, **options)
[Wed Aug 31 04:36:11 2011] [error] File
/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py, line 1596, in
execute
[Wed Aug 31 04:36:11 2011] [error] callback(ldap, entries, truncated,
*args, **options)
[Wed Aug 31 04:36:11 2011] [error] File
/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py, line 163, in
post_callback
[Wed Aug 31 04:36:11 2011] [error] return dn
[Wed Aug 31 04:36:11 2011] [error] UnboundLocalError: local variable 'dn'
referenced before assignment
3) JR's automember tests that were pushed today will need to have
memberof_netgroup removed too.
Martin
All issues addressed.
rob
From 79ce49eb3ce5d35b22efe9c8019e66ff56686ee5 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Tue, 30 Aug 2011 18:38:22 -0400
Subject: [PATCH] Suppress managed netgroups from showing as memberof hostgroups.
By design these managed netgroups are not supposed to show unless you
specifically want to see them.
https://fedorahosted.org/freeipa/ticket/1738
---
ipalib/plugins/hostgroup.py | 50 --
tests/test_xmlrpc/test_automember_plugin.py | 12 +--
tests/test_xmlrpc/test_hostgroup_plugin.py |7
tests/test_xmlrpc/test_nesting.py |5 ---
tests/test_xmlrpc/test_netgroup_plugin.py |1 -
5 files changed, 47 insertions(+), 28 deletions(-)
diff --git a/ipalib/plugins/hostgroup.py b/ipalib/plugins/hostgroup.py
index d75f381..0d69d09 100644
--- a/ipalib/plugins/hostgroup.py
+++ b/ipalib/plugins/hostgroup.py
@@ -19,7 +19,8 @@
# along with this program. If not, see http://www.gnu.org/licenses/.
from ipalib.plugins.baseldap import *
-from ipalib import api, Int, _, ngettext
+from ipalib import api, Int, _, ngettext, errors
+from ipalib.dn import DN
__doc__ = _(
Groups of hosts.
@@ -88,6 +89,24 @@ class hostgroup(LDAPObject):
),
)
+def suppress_netgroup_memberof(self, dn, entry_attrs):
+
+We don't want to show managed netgroups so remove them from the
+memberOf list.
+
+if 'memberof' in entry_attrs:
+hgdn = DN(dn)
+for member in entry_attrs['memberof']:
+ngdn = DN(member)
+if ngdn['cn'] == hgdn['cn']:
+try:
+netgroup = api.Command['netgroup_show'](ngdn['cn'], all=True)['result']
+if self.has_objectclass(netgroup['objectclass'], 'mepmanagedentry'):
+entry_attrs['memberof'].remove(member)
+return
+except errors.NotFound:
+pass
+
api.register(hostgroup)
@@ -97,9 +116,11 @@ class hostgroup_add(LDAPCreate):
msg_summary = _('Added hostgroup %(value)s')
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
-if self.api.env.wait_for_attr:
-newentry = wait_for_value(ldap, dn, 'objectclass', 'mepOriginEntry')
-entry_from_entry(entry_attrs, newentry)
+# Always wait for the associated netgroup to be created so we can
+# be sure to ignore it in memberOf
+newentry = wait_for_value(ldap, dn, 'objectclass', 'mepOriginEntry')
+entry_from_entry(entry_attrs, newentry)
+self.obj.suppress_netgroup_memberof(dn, entry_attrs)
return dn
@@ -120,6 +141,10 @@ class hostgroup_mod(LDAPUpdate):
msg_summary = _('Modified hostgroup %(value)s')
+def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+self.obj.suppress_netgroup_memberof(dn, entry_attrs)
+return dn
+
api.register(hostgroup_mod)
@@
