Revision 4d3f2dfa
Added by Stephen Benjamin about 10 years ago
| lib/proxy/realm.rb | ||
|---|---|---|
|
module Proxy::Realm
|
||
|
class Error < RuntimeError; end
|
||
|
class NotFound < Error; end
|
||
|
|
||
|
class Client
|
||
|
include Proxy::Log
|
||
| lib/proxy/realm/freeipa.rb | ||
|---|---|---|
|
raise Proxy::Realm::Error.new "Unknown realm #{realm}" unless realm.casecmp(@realm_name).zero?
|
||
|
end
|
||
|
|
||
|
def find hostname
|
||
|
@ipa.call("host_show", [hostname])
|
||
|
rescue XMLRPC::FaultException => e
|
||
|
if e.message =~ /not found/
|
||
|
nil
|
||
|
else
|
||
|
raise
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def create realm, params
|
||
|
check_realm realm
|
||
|
|
||
| ... | ... | |
|
end
|
||
|
|
||
|
# Determine if we're updating a host or creating a new one
|
||
|
if @ipa.call("host_find", [params[:hostname]])["count"].zero?
|
||
|
host = find params[:hostname]
|
||
|
if host.nil?
|
||
|
options.merge!(:random => 1, :force => 1)
|
||
|
operation = "host_add"
|
||
|
else
|
||
|
# If the host is being rebuilt, disable it in order to revoke existing certs, keytabs, etc.
|
||
|
if params[:rebuild] == "true"
|
||
|
begin
|
||
|
options.merge!(:random => 1)
|
||
|
# If the host is being rebuilt and is already enrolled, then
|
||
|
# disable it in order to revoke existing certs, keytabs, etc.
|
||
|
if host["result"]["has_keytab"]
|
||
|
logger.info "Attempting to disable host #{params[:hostname]} in FreeIPA"
|
||
|
@ipa.call("host_disable", [params[:hostname]])
|
||
|
rescue => e
|
||
|
logger.info "Disabling failed for host #{params[:hostname]}: #{e}. Continuing anyway."
|
||
|
end
|
||
|
end
|
||
|
options.merge!(:random => 1)
|
||
|
operation = "host_mod"
|
||
|
end
|
||
|
|
||
| ... | ... | |
|
|
||
|
def delete realm, hostname
|
||
|
check_realm realm
|
||
|
JSON.pretty_generate(@ipa.call("host_del", [hostname], {"updatedns" => SETTINGS.freeipa_remove_dns}))
|
||
|
raise Proxy::Realm::NotFound, "Host #{hostname} not found in realm!" unless find hostname
|
||
|
begin
|
||
|
result = @ipa.call("host_del", [hostname], {"updatedns" => SETTINGS.freeipa_remove_dns})
|
||
|
rescue => e
|
||
|
if SETTINGS.freeipa_remove_dns
|
||
|
# If the host doesn't have a DNS record (e.g. deleting a system in Foreman before it's built)
|
||
|
# the above call will fail. Try again with updatedns => false
|
||
|
result = @ipa.call("host_del", [hostname], {"updatedns" => false})
|
||
|
else
|
||
|
raise
|
||
|
end
|
||
|
end
|
||
|
JSON.pretty_generate(result)
|
||
|
end
|
||
|
end
|
||
|
end
|
||
| lib/realm_api.rb | ||
|---|---|---|
|
begin
|
||
|
content_type :json
|
||
|
@realm.delete params[:realm], params[:hostname]
|
||
|
rescue Proxy::Realm::NotFound => e
|
||
|
log halt 404, "#{e}"
|
||
|
rescue Exception => e
|
||
|
log_halt 400, e
|
||
|
end
|
||
Also available in: Unified diff
fixes #5054 - Minor bug fixes to FreeIPA Smart Proxy