[Freeipa-devel] [PATCH] 0132 Show status of the trusted domain in trustdomain-find

Alexander Bokovoy abokovoy at redhat.com
Wed Jan 15 13:47:57 UTC 2014 

Hi!

This patch implements showing whether domains associated with the trust
enabled or disabled. One can enable/disable child domains through
trustdomain-enable/trustdomain-disable. Forest root domain will always
be enabled.

Implements https://fedorahosted.org/freeipa/ticket/4096

-- 
/ Alexander Bokovoy
-------------- next part --------------
>From bcab61dbe7f4dbf96fcb892e26b96f8d4565b3c9 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Wed, 15 Jan 2014 15:42:10 +0200
Subject: [PATCH 3/3] trustdomain-find: report status of the (sub)domain

Show status of each enumerated domain

trustdomain-find shows list of domains associated with the trust.
Each domain except the trust forest root can be enabled or disabled
with the help of trustdomain-enable and trustdomain-disable commands.

https://fedorahosted.org/freeipa/ticket/4096
---
 ipalib/plugins/trust.py | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index f563ac4..b11ee7c 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -21,7 +21,7 @@
 from ipalib.plugins.baseldap import *
 from ipalib.plugins.dns import dns_container_exists
 from ipapython.ipautil import realm_to_suffix
-from ipalib import api, Str, StrEnum, Password, _, ngettext
+from ipalib import api, Str, StrEnum, Password, Bool, _, ngettext
 from ipalib import Command
 from ipalib import errors
 from ldap import SCOPE_SUBTREE
@@ -1187,8 +1187,24 @@ api.register(trustdomain)
 class trustdomain_find(LDAPSearch):
     __doc__ = _('Search domains of the trust')
 
+    has_output_params = LDAPSearch.has_output_params + (
+        Flag('domain_enabled', label= _('Domain enabled')),
+    )
     def pre_callback(self, ldap, filters, attrs_list, base_dn, scope, *args, **options):
         return (filters, base_dn, ldap.SCOPE_SUBTREE)
+
+    def post_callback(self, ldap, entries, truncated, *args, **options):
+        trust_dn = self.obj.get_dn(args[0], trust_type=u'ad')
+        trust_entry = ldap.get_entry(trust_dn)
+        for entry in entries:
+            sid = entry['ipanttrusteddomainsid'][0]
+            if sid in trust_entry['ipantsidblacklistincoming']:
+                entry['domain_enabled'] = [False]
+            else:
+                entry['domain_enabled'] = [True]
+        return truncated
+
+
 api.register(trustdomain_find)
 
 class trustdomain_mod(LDAPUpdate):
-- 
1.8.4.2

More information about the Freeipa-devel mailing list