[Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members
Alexander Bokovoy
abokovoy at redhat.com
Fri Jan 17 09:49:18 UTC 2014
On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
>Hi,
>
>when group contains external members, they are specified using SIDs. Use
>trust-resolve command to convert them back on group-show.
>
>https://bugzilla.redhat.com/show_bug.cgi?id=1054391
Sumit found omission on name translation. New patch is attached.
--
/ Alexander Bokovoy
-------------- next part --------------
>From d7ce2cd8e646b7d07f80d19f4aa945e74b084aa7 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Thu, 16 Jan 2014 20:31:37 +0200
Subject: [PATCH 4/4] group-show: resolve external members of the groups
Perform SID to name conversion for existing external members of the
groups if trust is configured.
https://bugzilla.redhat.com/show_bug.cgi?id=1054391
https://fedorahosted.org/freeipa/ticket/4123
---
ipalib/plugins/group.py | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 02eeb10..dac5500 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -387,6 +387,21 @@ api.register(group_find)
class group_show(LDAPRetrieve):
__doc__ = _('Display information about a named group.')
has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,)
+ def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+ assert isinstance(dn, DN)
+ if ('ipaexternalmember' in entry_attrs and
+ len(entry_attrs['ipaexternalmember']) > 0 and
+ 'trust_resolve' in self.Command and
+ not options.get('raw', False)):
+ sids = entry_attrs['ipaexternalmember']
+ result = self.Command.trust_resolve(sids=sids)
+ for entry in result['result']:
+ try:
+ idx = sids.index(entry['sid'][0])
+ sids[idx] = entry['name'][0]
+ except ValueError:
+ pass
+ return dn
api.register(group_show)
--
1.8.4.2
More information about the Freeipa-devel
mailing list