Revision 4d3f2dfa
Added by Stephen Benjamin about 10 years ago
lib/proxy/realm.rb | ||
---|---|---|
module Proxy::Realm
|
||
class Error < RuntimeError; end
|
||
class NotFound < Error; end
|
||
|
||
class Client
|
||
include Proxy::Log
|
lib/proxy/realm/freeipa.rb | ||
---|---|---|
raise Proxy::Realm::Error.new "Unknown realm #{realm}" unless realm.casecmp(@realm_name).zero?
|
||
end
|
||
|
||
def find hostname
|
||
@ipa.call("host_show", [hostname])
|
||
rescue XMLRPC::FaultException => e
|
||
if e.message =~ /not found/
|
||
nil
|
||
else
|
||
raise
|
||
end
|
||
end
|
||
|
||
def create realm, params
|
||
check_realm realm
|
||
|
||
... | ... | |
end
|
||
|
||
# Determine if we're updating a host or creating a new one
|
||
if @ipa.call("host_find", [params[:hostname]])["count"].zero?
|
||
host = find params[:hostname]
|
||
if host.nil?
|
||
options.merge!(:random => 1, :force => 1)
|
||
operation = "host_add"
|
||
else
|
||
# If the host is being rebuilt, disable it in order to revoke existing certs, keytabs, etc.
|
||
if params[:rebuild] == "true"
|
||
begin
|
||
options.merge!(:random => 1)
|
||
# If the host is being rebuilt and is already enrolled, then
|
||
# disable it in order to revoke existing certs, keytabs, etc.
|
||
if host["result"]["has_keytab"]
|
||
logger.info "Attempting to disable host #{params[:hostname]} in FreeIPA"
|
||
@ipa.call("host_disable", [params[:hostname]])
|
||
rescue => e
|
||
logger.info "Disabling failed for host #{params[:hostname]}: #{e}. Continuing anyway."
|
||
end
|
||
end
|
||
options.merge!(:random => 1)
|
||
operation = "host_mod"
|
||
end
|
||
|
||
... | ... | |
|
||
def delete realm, hostname
|
||
check_realm realm
|
||
JSON.pretty_generate(@ipa.call("host_del", [hostname], {"updatedns" => SETTINGS.freeipa_remove_dns}))
|
||
raise Proxy::Realm::NotFound, "Host #{hostname} not found in realm!" unless find hostname
|
||
begin
|
||
result = @ipa.call("host_del", [hostname], {"updatedns" => SETTINGS.freeipa_remove_dns})
|
||
rescue => e
|
||
if SETTINGS.freeipa_remove_dns
|
||
# If the host doesn't have a DNS record (e.g. deleting a system in Foreman before it's built)
|
||
# the above call will fail. Try again with updatedns => false
|
||
result = @ipa.call("host_del", [hostname], {"updatedns" => false})
|
||
else
|
||
raise
|
||
end
|
||
end
|
||
JSON.pretty_generate(result)
|
||
end
|
||
end
|
||
end
|
lib/realm_api.rb | ||
---|---|---|
begin
|
||
content_type :json
|
||
@realm.delete params[:realm], params[:hostname]
|
||
rescue Proxy::Realm::NotFound => e
|
||
log halt 404, "#{e}"
|
||
rescue Exception => e
|
||
log_halt 400, e
|
||
end
|
Also available in: Unified diff
fixes #5054 - Minor bug fixes to FreeIPA Smart Proxy