On 2015-08-19 14:12, Jan Cholasta wrote:
The new flags should be handled in vault_find's pre_callback instead of
vault's get_dn, as they are exclusive to vault_find and worse yet,
conflict with vault_{add,remove}_{owner,member}'s flags, leading to
unwanted behavior:
$ ipa vault-add-member --service testsvc/example.com testvault
--services testsvc/example.com
ipa: ERROR: Service(s), shared, and user(s) options cannot be specified
simultaneously
Here is an updated patch. The new flags are now handled by the
pre_callback method. I have regenerated API.txt, too.
Christian
From a6eb87a73c1462a4de516f19b219b51e415852e5 Mon Sep 17 00:00:00 2001
From: Christian Heimes chei...@redhat.com
Date: Wed, 19 Aug 2015 13:32:01 +0200
Subject: [PATCH] Add flag to list all service and user vaults
The vault-find plugin has two additional arguments to list all
service vaults or user vaults. Since the name of a vault is only unique
for a particular user or service, the commands also print the vault user
or vault service. The virtual attributes were added in rev
01dd951ddc0181b559eb3dd5ff0336c81e245628.
Example:
$ ipa vault-find --users
2 vaults matched
Vault name: myvault
Type: standard
Vault user: admin
Vault name: UserVault
Type: standard
Vault user: admin
Number of entries returned 2
$ ipa vault-find --services
2 vaults matched
Vault name: myvault
Type: standard
Vault service: HTTP/ipatest.freeipa.local@FREEIPA.LOCAL
Vault name: myvault
Type: standard
Vault service: ldap/ipatest.freeipa.local@FREEIPA.LOCAL
Number of entries returned 2
https://fedorahosted.org/freeipa/ticket/5150
---
API.txt | 4 +++-
ipalib/plugins/vault.py | 48 +---
2 files changed, 36 insertions(+), 16 deletions(-)
diff --git a/API.txt b/API.txt
index 4d8d9dc3d3c38d4740bda3574396ecd85877b805..dd6bcc3c39895e6af213fcece85505fa0bd6d2f2 100644
--- a/API.txt
+++ b/API.txt
@@ -5508,7 +5508,7 @@ output: Output('result', type 'dict', None)
output: Output('summary', (type 'unicode', type 'NoneType'), None)
output: ListOfPrimaryKeys('value', None, None)
command: vault_find
-args: 1,13,4
+args: 1,15,4
arg: Str('criteria?', noextrawhitespace=False)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
option: Str('cn', attribute=True, autofill=False, cli_name='name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.-]+$', primary_key=True, query=True, required=False)
@@ -5518,10 +5518,12 @@ option: Flag('no_members', autofill=True, default=False, exclude='webui')
option: Flag('pkey_only?', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
option: Str('service?')
+option: Flag('services?', autofill=True, default=False)
option: Flag('shared?', autofill=True, default=False)
option: Int('sizelimit?', autofill=False, minvalue=0)
option: Int('timelimit?', autofill=False, minvalue=0)
option: Str('username?', cli_name='user')
+option: Flag('users?', autofill=True, default=False)
option: Str('version?', exclude='webui')
output: Output('count', type 'int', None)
output: ListOfEntries('result', (type 'list', type 'tuple'), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py
index 712e2d5ddfa723eb84b80a261289a7cf1c75674f..83dc085b5aadb4e2878e29d17449f0808cc7a9c2 100644
--- a/ipalib/plugins/vault.py
+++ b/ipalib/plugins/vault.py
@@ -343,21 +343,11 @@ class vault(LDAPObject):
Generates vault DN from parameters.
-
service = options.get('service')
shared = options.get('shared')
user = options.get('username')
-count = 0
-if service:
-count += 1
-
-if shared:
-count += 1
-
-if user:
-count += 1
-
+count = (bool(service) + bool(shared) + bool(user))
if count 1:
raise errors.MutuallyExclusiveError(
reason=_('Service, shared, and user options ' +
@@ -387,8 +377,10 @@ class vault(LDAPObject):
parent_dn = DN(('cn', service), ('cn', 'services'), container_dn)
elif shared:
parent_dn = DN(('cn', 'shared'), container_dn)
-else:
+elif user:
parent_dn = DN(('cn', user), ('cn', 'users'), container_dn)
+else:
+raise RuntimeError
return DN(rdns, parent_dn)
@@ -814,7 +806,16 @@ class vault_del(LDAPDelete):
class vault_find(LDAPSearch):
__doc__ = _('Search for vaults.')
-takes_options = LDAPSearch.takes_options + vault_options
+takes_options = LDAPSearch.takes_options + vault_options + (
+Flag(
+'services?',
+