r107415 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r107414‎ \| r107415 \| r107416 >
Date:	20:36, 27 December 2011
Author:	laner
Status:	resolved
Tags:
Comment:	* Compatibility with LdapAuthentication 2.0a ldap function wrappers * Initial changes for project-level puppet configuration
Modified paths:	/trunk/extensions/OpenStackManager/OpenStackManager.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaDomain.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaHost.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaProject.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaPuppetGroup.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaRole.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaSudoer.php (modified) (history) /trunk/extensions/OpenStackManager/OpenStackNovaUser.php (modified) (history) /trunk/extensions/OpenStackManager/openstack.sql (modified) (history)

Diff [purge]

Index: trunk/extensions/OpenStackManager/OpenStackNovaSudoer.php
—	—	@@ -31,11 +31,9 @@
32	32	if ( is_array( $sudoerInfo ) ) {
33	33	$this->sudoerInfo = $sudoerInfo;
34	34	} else {
35		~~- wfSuppressWarnings();~~
36		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPSudoerBaseDN,~~
	35	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPSudoerBaseDN,
37	36	'(cn=' . $this->sudoername . ')' );
38		~~- $this->sudoerInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
39		~~- wfRestoreWarnings();~~
	37	+ $this->sudoerInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
40	38	$wgMemc->set( $key, $this->sudoerInfo, 3600 * 24 );
41	39	}
42	40	if ( $this->sudoerInfo ) {
—	—	@@ -138,9 +136,7 @@
139	137	$sudoer['sudooption'][] = $option;
140	138	}
141	139
142		~~- wfSuppressWarnings();~~
143		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->sudoerDN, $sudoer );~~
144		~~- wfRestoreWarnings();~~
	140	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->sudoerDN, $sudoer );
145	141	if ( $success ) {
146	142	$wgAuth->printDebug( "Successfully modified sudoer $this->sudoerDN", NONSENSITIVE );
147	143	return true;
—	—	@@ -162,13 +158,9 @@
163	159	OpenStackNovaLdapConnection::connect();
164	160
165	161	$sudoers = array();
166		~~- wfSuppressWarnings();~~
167		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPSudoerBaseDN, '(&(cn=*)(objectclass=sudorole))' );~~
168		~~- wfRestoreWarnings();~~
	162	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPSudoerBaseDN, '(&(cn=*)(objectclass=sudorole))' );
169	163	if ( $result ) {
170		~~- wfSuppressWarnings();~~
171		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
172		~~- wfRestoreWarnings();~~
	164	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
173	165	if ( $entries ) {
174	166	# First entry is always a count
175	167	array_shift( $entries );
—	—	@@ -232,9 +224,7 @@
233	225	$sudoer['cn'] = $sudoername;
234	226	$dn = 'cn=' . $sudoername . ',' . $wgOpenStackManagerLDAPSudoerBaseDN;
235	227
236		~~- wfSuppressWarnings();~~
237		~~- $success = ldap_add( $wgAuth->ldapconn, $dn, $sudoer );~~
238		~~- wfRestoreWarnings();~~
	228	+ $success = LdapAuthenticationPlugin::ldap_add( $wgAuth->ldapconn, $dn, $sudoer );
239	229	if ( $success ) {
240	230	$wgAuth->printDebug( "Successfully added sudoer $sudoername", NONSENSITIVE );
241	231	return new OpenStackNovaSudoer( $sudoername );
—	—	@@ -263,9 +253,7 @@
264	254	}
265	255	$dn = $sudoer->sudoerDN;
266	256
267		~~- wfSuppressWarnings();~~
268		~~- $success = ldap_delete( $wgAuth->ldapconn, $dn );~~
269		~~- wfRestoreWarnings();~~
	257	+ $success = LdapAuthenticationPlugin::ldap_delete( $wgAuth->ldapconn, $dn );
270	258	if ( $success ) {
271	259	$wgAuth->printDebug( "Successfully deleted sudoer $sudoername", NONSENSITIVE );
272	260	return true;
Index: trunk/extensions/OpenStackManager/OpenStackNovaRole.php
—	—	@@ -45,10 +45,8 @@
46	46	$dn = $this->project->projectDN;
47	47	$query = '(cn=' . $this->rolename . ')';
48	48	}
49		~~- wfSuppressWarnings();~~
50		~~- $result = ldap_search( $wgAuth->ldapconn, $dn, $query );~~
51		~~- $this->roleInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
52		~~- wfRestoreWarnings();~~
	49	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $dn, $query );
	50	+ $this->roleInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
53	51	if ( $this->roleInfo['count'] != "0" ) {
54	52	$this->roleDN = $this->roleInfo[0]['dn'];
55	53	}
—	—	@@ -117,9 +115,7 @@
118	116	foreach ( $members as $member ) {
119	117	$values['member'][] = $member;
120	118	}
121		~~- wfSuppressWarnings();~~
122		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->roleDN, $values );~~
123		~~- wfRestoreWarnings();~~
	119	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->roleDN, $values );
124	120	if ( $success ) {
125	121	$this->fetchRoleInfo();
126	122	$wgAuth->printDebug( "Successfully removed $user->userDN from $this->roleDN", NONSENSITIVE );
—	—	@@ -153,9 +149,7 @@
154	150	$members[] = $user->userDN;
155	151	$values = array();
156	152	$values['member'] = $members;
157		~~- wfSuppressWarnings();~~
158		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->roleDN, $values );~~
159		~~- wfRestoreWarnings();~~
	153	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->roleDN, $values );
160	154	if ( $success ) {
161	155	$this->fetchRoleInfo();
162	156	$wgAuth->printDebug( "Successfully added $user->userDN to $this->roleDN", NONSENSITIVE );
—	—	@@ -228,9 +222,7 @@
229	223	$role['objectclass'][] = 'groupofnames';
230	224	$role['cn'] = $rolename;
231	225	$roledn = 'cn=' . $rolename . ',' . $project->projectDN;
232		~~- wfSuppressWarnings();~~
233		~~- $success = ldap_add( $wgAuth->ldapconn, $roledn, $role );~~
234		~~- wfRestoreWarnings();~~
	226	+ $success = LdapAuthenticationPlugin::ldap_add( $wgAuth->ldapconn, $roledn, $role );
235	227	# TODO: If role addition fails, find a way to fail gracefully
236	228	# Though, if the project was added successfully, it is unlikely
237	229	# that role addition will fail.
Index: trunk/extensions/OpenStackManager/openstack.sql
—	—	@@ -9,6 +9,9 @@
10	10	-- Position of group when displayed
11	11	group_position int not null
12	12
	13	+ -- OpenStack project to which this group belongs, if any
	14	+ group_project varchar(255) binary,
	15	+
13	16	) /$wgDBTableOptions/;
14	17
15	18	CREATE INDEX /i/group_name on /_/openstack_puppet_groups (group_name);
—	—	@@ -26,6 +29,9 @@
27	30	-- Position of variable inside its group
28	31	var_position int not null
29	32
	33	+ -- OpenStack project to which this variable belongs, if any
	34	+ var_project varchar(255) binary,
	35	+
30	36	) /$wgDBTableOptions/;
31	37
32	38	CREATE TABLE /_/openstack_puppet_classes (
—	—	@@ -41,4 +47,7 @@
42	48	-- Position of class inside its group
43	49	class_position int not null
44	50
	51	+ -- OpenStack project to which this class belongs, if any
	52	+ class_project varchar(255) binary,
	53	+
45	54	) /$wgDBTableOptions/;
Index: trunk/extensions/OpenStackManager/OpenStackNovaProject.php
—	—	@@ -26,11 +26,9 @@
27	27	global $wgAuth;
28	28	global $wgOpenStackManagerLDAPProjectBaseDN;
29	29
30		~~- wfSuppressWarnings();~~
31		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN,~~
	30	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN,
32	31	'(&(cn=' . $this->projectname . ')(owner=*))' );
33		~~- $this->projectInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
34		~~- wfRestoreWarnings();~~
	32	+ $this->projectInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
35	33	$this->projectDN = $this->projectInfo[0]['dn'];
36	34	$this->roles = array();
37	35	foreach ( self::$rolenames as $rolename ) {
—	—	@@ -113,9 +111,7 @@
114	112	foreach ( $members as $member ) {
115	113	$values['member'][] = $member;
116	114	}
117		~~- wfSuppressWarnings();~~
118		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->projectDN, $values );~~
119		~~- wfRestoreWarnings();~~
	115	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->projectDN, $values );
120	116	if ( $success ) {
121	117	foreach ( $this->roles as $role ) {
122	118	$success = $role->deleteMember( $username );
—	—	@@ -156,9 +152,7 @@
157	153	$members[] = $user->userDN;
158	154	$values = array();
159	155	$values['member'] = $members;
160		~~- wfSuppressWarnings();~~
161		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->projectDN, $values );~~
162		~~- wfRestoreWarnings();~~
	156	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->projectDN, $values );
163	157	if ( $success ) {
164	158	$this->fetchProjectInfo();
165	159	$wgAuth->printDebug( "Successfully added $user->userDN to $this->projectDN", NONSENSITIVE );
—	—	@@ -198,13 +192,9 @@
199	193	OpenStackNovaLdapConnection::connect();
200	194
201	195	$projects = array();
202		~~- wfSuppressWarnings();~~
203		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, '(owner=*)' );~~
204		~~- wfRestoreWarnings();~~
	196	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, '(owner=*)' );
205	197	if ( $result ) {
206		~~- wfSuppressWarnings();~~
207		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
208		~~- wfRestoreWarnings();~~
	198	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
209	199	if ( $entries ) {
210	200	# First entry is always a count
211	201	array_shift( $entries );
—	—	@@ -241,9 +231,7 @@
242	232	$project['gidnumber'] = OpenStackNovaUser::getNextIdNumber( $wgAuth, 'gidnumber' );
243	233	$projectdn = 'cn=' . $projectname . ',' . $wgOpenStackManagerLDAPProjectBaseDN;
244	234
245		~~- wfSuppressWarnings();~~
246		~~- $success = ldap_add( $wgAuth->ldapconn, $projectdn, $project );~~
247		~~- wfRestoreWarnings();~~
	235	+ $success = LdapAuthenticationPlugin::ldap_add( $wgAuth->ldapconn, $projectdn, $project );
248	236	$project = new OpenStackNovaProject( $projectname );
249	237	if ( $success ) {
250	238	foreach ( self::$rolenames as $rolename ) {
—	—	@@ -279,23 +267,19 @@
280	268	$dn = $project->projectDN;
281	269
282	270	# Projects can have roles as sub-entries, we need to delete them first
283		~~- $result = ldap_list( $wgAuth->ldapconn, $dn, 'objectclass=*' );~~
284		~~- $roles = ldap_get_entries( $wgAuth->ldapconn, $result );~~
	271	+ $result = LdapAuthenticationPlugin::ldap_list( $wgAuth->ldapconn, $dn, 'objectclass=*' );
	272	+ $roles = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
285	273	array_shift( $roles );
286	274	foreach ( $roles as $role ) {
287	275	$roledn = $role['dn'];
288		~~- wfSuppressWarnings();~~
289		~~- $success = ldap_delete( $wgAuth->ldapconn, $roledn );~~
290		~~- wfRestoreWarnings();~~
	276	+ $success = LdapAuthenticationPlugin::ldap_delete( $wgAuth->ldapconn, $roledn );
291	277	if ( $success ){
292	278	$wgAuth->printDebug( "Successfully deleted role $roledn", NONSENSITIVE );
293	279	} else {
294	280	$wgAuth->printDebug( "Failed to delete role $roledn", NONSENSITIVE );
295	281	}
296	282	}
297		~~- wfSuppressWarnings();~~
298		~~- $success = ldap_delete( $wgAuth->ldapconn, $dn );~~
299		~~- wfRestoreWarnings();~~
	283	+ $success = LdapAuthenticationPlugin::ldap_delete( $wgAuth->ldapconn, $dn );
300	284	if ( $success ) {
301	285	$wgAuth->printDebug( "Successfully deleted project $projectname", NONSENSITIVE );
302	286	return true;
—	—	@@ -319,8 +303,8 @@
320	304
321	305	OpenStackNovaLdapConnection::connect();
322	306
323		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, 'owner=*' );~~
324		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
	307	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, 'owner=*' );
	308	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
325	309	if ( $entries ) {
326	310	array_shift( $entries );
327	311	foreach ( $entries as $entry ) {
Index: trunk/extensions/OpenStackManager/OpenStackNovaDomain.php
—	—	@@ -32,11 +32,9 @@
33	33	if ( is_array( $domainInfo ) ) {
34	34	$this->domainInfo = $domainInfo;
35	35	} else {
36		~~- wfSuppressWarnings();~~
37		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN,~~
	36	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN,
38	37	'(dc=' . $this->domainname . ')' );
39		~~- $this->domainInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
40		~~- wfRestoreWarnings();~~
	38	+ $this->domainInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
41	39	$wgMemc->set( $key, $this->domainInfo, 3600 * 24 );
42	40	}
43	41	if ( $this->domainInfo ) {
—	—	@@ -88,9 +86,7 @@
89	87
90	88	$domain = array();
91	89	$domain['soarecord'] = OpenStackNovaDomain::generateSOA();
92		~~- wfSuppressWarnings();~~
93		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->domainDN, $domain );~~
94		~~- wfRestoreWarnings();~~
	90	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->domainDN, $domain );
95	91	if ( $success ) {
96	92	$wgAuth->printDebug( "Successfully modified soarecord for " . $this->domainDN, NONSENSITIVE );
97	93	$this->fetchDomainInfo();
—	—	@@ -122,13 +118,9 @@
123	119	} else {
124	120	$query = '(soarecord=*)';
125	121	}
126		~~- wfSuppressWarnings();~~
127		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, $query );~~
128		~~- wfRestoreWarnings();~~
	122	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, $query );
129	123	if ( $result ) {
130		~~- wfSuppressWarnings();~~
131		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
132		~~- wfRestoreWarnings();~~
	124	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
133	125	if ( $entries ) {
134	126	# First entry is always a count
135	127	array_shift( $entries );
—	—	@@ -173,11 +165,9 @@
174	166
175	167	OpenStackNovaLdapConnection::connect();
176	168
177		~~- wfSuppressWarnings();~~
178		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN,~~
	169	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN,
179	170	'(arecord=' . $ip . ')' );
180		~~- $hostInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
181		~~- wfRestoreWarnings();~~
	171	+ $hostInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
182	172	if ( $hostInfo['count'] == "0" ) {
183	173	return null;
184	174	}
—	—	@@ -206,11 +196,9 @@
207	197
208	198	OpenStackNovaLdapConnection::connect();
209	199
210		~~- wfSuppressWarnings();~~
211		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN,~~
	200	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN,
212	201	'(associateddomain=' . $instanceid . '.*)' );
213		~~- $hostInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
214		~~- wfRestoreWarnings();~~
	202	+ $hostInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
215	203	if ( $hostInfo['count'] == "0" ) {
216	204	return null;
217	205	}
—	—	@@ -258,9 +246,7 @@
259	247	}
260	248	$dn = 'dc=' . $domainname . ',' . $wgOpenStackManagerLDAPInstanceBaseDN;
261	249
262		~~- wfSuppressWarnings();~~
263		~~- $success = ldap_add( $wgAuth->ldapconn, $dn, $domain );~~
264		~~- wfRestoreWarnings();~~
	250	+ $success = LdapAuthenticationPlugin::ldap_add( $wgAuth->ldapconn, $dn, $domain );
265	251	if ( $success ) {
266	252	$wgAuth->printDebug( "Successfully added domain $domainname", NONSENSITIVE );
267	253	return new OpenStackNovaDomain( $domainname );
—	—	@@ -291,15 +277,12 @@
292	278	$dn = $domain->domainDN;
293	279
294	280	# Domains can have records as sub entries. If sub-entries exist, fail.
295		~~- $result = ldap_list( $wgAuth->ldapconn, $dn, 'objectclass=*' );~~
296		~~- $hosts = ldap_get_entries( $wgAuth->ldapconn, $result );~~
	281	+ $result = LdapAuthenticationPlugin::ldap_list( $wgAuth->ldapconn, $dn, 'objectclass=*' );
	282	+ $hosts = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
297	283	if ( $hosts['count'] != "0" ) {
298	284	$wgAuth->printDebug( "Failed to delete domain $domainname, since it had sub entries", NONSENSITIVE );
299	285	return false;
300	286	}
301		~~- wfSuppressWarnings();~~
302		~~- $success = ldap_delete( $wgAuth->ldapconn, $dn );~~
303		~~- wfRestoreWarnings();~~
304	287	if ( $success ) {
305	288	$wgAuth->printDebug( "Successfully deleted domain $domainname", NONSENSITIVE );
306	289	return true;
Index: trunk/extensions/OpenStackManager/OpenStackNovaHost.php
—	—	@@ -43,10 +43,8 @@
44	44
45	45	$this->searchvalue = $wgAuth->getLdapEscapedString( $this->searchvalue );
46	46	$fqdn = $this->searchvalue . '.' . $this->domain->getFullyQualifiedDomainName();
47		~~- wfSuppressWarnings();~~
48		~~- $result = ldap_search( $wgAuth->ldapconn, $this->domain->domainDN, '(\|(associateddomain=' . $fqdn . ')(cnamerecord=' . $fqdn . ')(dc=' . $this->searchvalue . '))' );~~
49		~~- $this->hostInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
50		~~- wfRestoreWarnings();~~
	47	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $this->domain->domainDN, '(\|(associateddomain=' . $fqdn . ')(cnamerecord=' . $fqdn . ')(dc=' . $this->searchvalue . '))' );
	48	+ $this->hostInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
51	49	if ( $this->hostInfo["count"] == "0" ) {
52	50	$this->hostInfo = null;
53	51	} else {
—	—	@@ -194,9 +192,7 @@
195	193	}
196	194	}
197	195	if ( $hostEntry ) {
198		~~- wfSuppressWarnings();~~
199		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->hostDN, $hostEntry );~~
200		~~- wfRestoreWarnings();~~
	196	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->hostDN, $hostEntry );
201	197	if ( $success ) {
202	198	$this->fetchHostInfo();
203	199	$wgAuth->printDebug( "Successfully modified puppet configuration for host", NONSENSITIVE );
—	—	@@ -236,9 +232,7 @@
237	233	foreach ( $associateddomains as $associateddomain ) {
238	234	$values['associateddomain'][] = $associateddomain;
239	235	}
240		~~- wfSuppressWarnings();~~
241		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );~~
242		~~- wfRestoreWarnings();~~
	236	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );
243	237	if ( $success ) {
244	238	$wgAuth->printDebug( "Successfully removed $fqdn from $this->hostDN", NONSENSITIVE );
245	239	$this->domain->updateSOA();
—	—	@@ -276,9 +270,7 @@
277	271	foreach ( $arecords as $arecord ) {
278	272	$values['arecord'][] = $arecord;
279	273	}
280		~~- wfSuppressWarnings();~~
281		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );~~
282		~~- wfRestoreWarnings();~~
	274	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );
283	275	if ( $success ) {
284	276	$wgAuth->printDebug( "Successfully removed $ip from $this->hostDN", NONSENSITIVE );
285	277	$this->domain->updateSOA();
—	—	@@ -310,9 +302,7 @@
311	303	$associatedomains[] = $fqdn;
312	304	$values = array();
313	305	$values['associateddomain'] = $associatedomains;
314		~~- wfSuppressWarnings();~~
315		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );~~
316		~~- wfRestoreWarnings();~~
	306	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );
317	307	if ( $success ) {
318	308	$wgAuth->printDebug( "Successfully added $fqdn to $this->hostDN", NONSENSITIVE );
319	309	$this->domain->updateSOA();
—	—	@@ -341,9 +331,7 @@
342	332	$arecords[] = $ip;
343	333	$values = array();
344	334	$values['arecord'] = $arecords;
345		~~- wfSuppressWarnings();~~
346		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );~~
347		~~- wfRestoreWarnings();~~
	335	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );
348	336	if ( $success ) {
349	337	$wgAuth->printDebug( "Successfully added $ip to $this->hostDN", NONSENSITIVE );
350	338	$this->domain->updateSOA();
—	—	@@ -365,9 +353,7 @@
366	354	global $wgAuth;
367	355
368	356	$values = array( 'arecord' => array( $ip ) );
369		~~- wfSuppressWarnings();~~
370		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );~~
371		~~- wfRestoreWarnings();~~
	357	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->hostDN, $values );
372	358	if ( $success ) {
373	359	$wgAuth->printDebug( "Successfully set $ip on $this->hostDN", NONSENSITIVE );
374	360	$this->domain->updateSOA();
—	—	@@ -429,10 +415,8 @@
430	416	if ( ! $domain ) {
431	417	return null;
432	418	}
433		~~- wfSuppressWarnings();~~
434		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, '(arecord=' . $ip . ')' );~~
435		~~- $hostInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
436		~~- wfRestoreWarnings();~~
	419	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, '(arecord=' . $ip . ')' );
	420	+ $hostInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
437	421	if ( $hostInfo["count"] == "0" ) {
438	422	return null;
439	423	} else {
—	—	@@ -455,10 +439,8 @@
456	440	global $wgAuth;
457	441	global $wgOpenStackManagerLDAPInstanceBaseDN;
458	442
459		~~- wfSuppressWarnings();~~
460		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, '(arecord=' . $ip . ')' );~~
461		~~- $hostsInfo = ldap_get_entries( $wgAuth->ldapconn, $result );~~
462		~~- wfRestoreWarnings();~~
	443	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, '(arecord=' . $ip . ')' );
	444	+ $hostsInfo = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
463	445	if ( $hostsInfo["count"] == "0" ) {
464	446	return array();
465	447	} else {
—	—	@@ -492,13 +474,9 @@
493	475	OpenStackNovaLdapConnection::connect();
494	476
495	477	$hosts = array();
496		~~- wfSuppressWarnings();~~
497		~~- $result = ldap_search( $wgAuth->ldapconn, $domain->domainDN, '(dc=*)' );~~
498		~~- wfRestoreWarnings();~~
	478	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $domain->domainDN, '(dc=*)' );
499	479	if ( $result ) {
500		~~- wfSuppressWarnings();~~
501		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
502		~~- wfRestoreWarnings();~~
	480	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
503	481	if ( $entries ) {
504	482	# First entry is always a count
505	483	array_shift( $entries );
—	—	@@ -531,9 +509,7 @@
532	510	}
533	511	$dn = $host->hostDN;
534	512
535		~~- wfSuppressWarnings();~~
536		~~- $success = ldap_delete( $wgAuth->ldapconn, $dn );~~
537		~~- wfRestoreWarnings();~~
	513	+ $success = LdapAuthenticationPlugin::ldap_delete( $wgAuth->ldapconn, $dn );
538	514	if ( $success ) {
539	515	$domain->updateSOA();
540	516	$wgAuth->printDebug( "Successfully deleted host $hostname", NONSENSITIVE );
—	—	@@ -564,9 +540,7 @@
565	541	$dn = $host->hostDN;
566	542	$domain = $host->getDomain();
567	543
568		~~- wfSuppressWarnings();~~
569		~~- $success = ldap_delete( $wgAuth->ldapconn, $dn );~~
570		~~- wfRestoreWarnings();~~
	544	+ $success = LdapAuthenticationPlugin::ldap_delete( $wgAuth->ldapconn, $dn );
571	545	if ( $success ) {
572	546	$domain->updateSOA();
573	547	$wgAuth->printDebug( "Successfully deleted host $instanceid", NONSENSITIVE );
—	—	@@ -648,9 +622,7 @@
649	623	}
650	624	$dn = 'dc=' . $instanceid . ',dc=' . $domain->getDomainName() . ',' . $wgOpenStackManagerLDAPInstanceBaseDN;
651	625
652		~~- wfSuppressWarnings();~~
653		~~- $success = ldap_add( $wgAuth->ldapconn, $dn, $hostEntry );~~
654		~~- wfRestoreWarnings();~~
	626	+ $success = LdapAuthenticationPlugin::ldap_add( $wgAuth->ldapconn, $dn, $hostEntry );
655	627	if ( $success ) {
656	628	$domain->updateSOA();
657	629	$wgAuth->printDebug( "Successfully added host $hostname", NONSENSITIVE );
—	—	@@ -693,9 +665,7 @@
694	666	$hostEntry['associateddomain'][] = $hostname . '.' . $domainname;
695	667	$dn = 'dc=' . $hostname . ',dc=' . $domain->getDomainName() . ',' . $wgOpenStackManagerLDAPInstanceBaseDN;
696	668
697		~~- wfSuppressWarnings();~~
698		~~- $success = ldap_add( $wgAuth->ldapconn, $dn, $hostEntry );~~
699		~~- wfRestoreWarnings();~~
	669	+ $success = LdapAuthenticationPlugin::ldap_add( $wgAuth->ldapconn, $dn, $hostEntry );
700	670	if ( $success ) {
701	671	$domain->updateSOA();
702	672	$wgAuth->printDebug( "Successfully added public host $hostname", NONSENSITIVE );
Index: trunk/extensions/OpenStackManager/OpenStackNovaUser.php
—	—	@@ -107,13 +107,9 @@
108	108	# roles do not
109	109	$projects = array();
110	110	$filter = "(&(owner=*)(member=$this->userDN))";
111		~~- wfSuppressWarnings();~~
112		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, $filter );~~
113		~~- wfRestoreWarnings();~~
	111	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, $filter );
114	112	if ( $result ) {
115		~~- wfSuppressWarnings();~~
116		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
117		~~- wfRestoreWarnings();~~
	113	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
118	114	if ( $entries ) {
119	115	# First entry is always a count
120	116	array_shift( $entries );
—	—	@@ -145,13 +141,9 @@
146	142	global $wgOpenStackManagerLDAPProjectBaseDN;
147	143
148	144	$filter = "(&(cn=$project)(member=$this->userDN)(owner=*))";
149		~~- wfSuppressWarnings();~~
150		~~- $result = ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, $filter );~~
151		~~- wfRestoreWarnings();~~
	145	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $wgOpenStackManagerLDAPProjectBaseDN, $filter );
152	146	if ( $result ) {
153		~~- wfSuppressWarnings();~~
154		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
155		~~- wfRestoreWarnings();~~
	147	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
156	148	if ( $entries ) {
157	149	if ( $entries['count'] == "0" ) {
158	150	$wgAuth->printDebug( "Couldn't find the user in project: $project", NONSENSITIVE );
—	—	@@ -195,13 +187,9 @@
196	188	return false;
197	189	}
198	190	$filter = "(&(cn=$role)(member=$this->userDN))";
199		~~- wfSuppressWarnings();~~
200		~~- $result = ldap_search( $wgAuth->ldapconn, $project->projectDN, $filter );~~
201		~~- wfRestoreWarnings();~~
	191	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $project->projectDN, $filter );
202	192	if ( $result ) {
203		~~- wfSuppressWarnings();~~
204		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
205		~~- wfRestoreWarnings();~~
	193	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
206	194	if ( $entries ) {
207	195	if ( $entries['count'] == "0" ) {
208	196	$wgAuth->printDebug( "Couldn't find the user in role: $role", NONSENSITIVE );
—	—	@@ -238,13 +226,9 @@
239	227	# Check global role
240	228	$roledn = $wgOpenStackManagerLDAPGlobalRoles["$role"];
241	229	$filter = "(member=$this->userDN)";
242		~~- wfSuppressWarnings();~~
243		~~- $result = ldap_search( $wgAuth->ldapconn, $roledn, $filter );~~
244		~~- wfRestoreWarnings();~~
	230	+ $result = LdapAuthenticationPlugin::ldap_search( $wgAuth->ldapconn, $roledn, $filter );
245	231	if ( $result ) {
246		~~- wfSuppressWarnings();~~
247		~~- $entries = ldap_get_entries( $wgAuth->ldapconn, $result );~~
248		~~- wfRestoreWarnings();~~
	232	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $wgAuth->ldapconn, $result );
249	233	return ( (int)$entries['count'] > 0 );
250	234	}
251	235	}
—	—	@@ -266,9 +250,7 @@
267	251	$keypairs[] = $key;
268	252	$values = array();
269	253	$values['sshpublickey'] = $keypairs;
270		~~- wfSuppressWarnings();~~
271		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->userDN, $values );~~
272		~~- wfRestoreWarnings();~~
	254	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->userDN, $values );
273	255	if ( $success ) {
274	256	$wgAuth->printDebug( "Successfully imported the user's sshpublickey", NONSENSITIVE );
275	257	$this->fetchUserInfo();
—	—	@@ -300,9 +282,7 @@
301	283	foreach ( $keypairs as $keypair ) {
302	284	$values['sshpublickey'][] = $keypair;
303	285	}
304		~~- wfSuppressWarnings();~~
305		~~- $success = ldap_modify( $wgAuth->ldapconn, $this->userDN, $values );~~
306		~~- wfRestoreWarnings();~~
	286	+ $success = LdapAuthenticationPlugin::ldap_modify( $wgAuth->ldapconn, $this->userDN, $values );
307	287	if ( $success ) {
308	288	$wgAuth->printDebug( "Successfully deleted the user's sshpublickey", NONSENSITIVE );
309	289	$this->fetchUserInfo();
—	—	@@ -351,13 +331,9 @@
352	332	$filter = "(objectclass=posixaccount)";
353	333	$base = USERDN;
354	334	}
355		~~- wfSuppressWarnings();~~
356		~~- $result = ldap_search( $auth->ldapconn, $auth->getBaseDN( $base ), $filter );~~
357		~~- wfRestoreWarnings();~~
	335	+ $result = LdapAuthenticationPlugin::ldap_search( $auth->ldapconn, $auth->getBaseDN( $base ), $filter );
358	336	if ( $result ) {
359		~~- wfSuppressWarnings();~~
360		~~- $entries = ldap_get_entries( $auth->ldapconn, $result );~~
361		~~- wfRestoreWarnings();~~
	337	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $auth->ldapconn, $result );
362	338	if ( $entries ) {
363	339	if ( $entries['count'] == "0" ) {
364	340	$highest = '500';
—	—	@@ -429,13 +405,9 @@
430	406	$base = $auth->getBaseDN( USERDN );
431	407	# Though the LDAP plugin checks to see if the user account exists,
432	408	# it does not check to see if the uid attribute is already used.
433		~~- wfSuppressWarnings();~~
434		~~- $result = ldap_search( $auth->ldapconn, $base, "(uid=$username)" );~~
435		~~- wfRestoreWarnings();~~
	409	+ $result = LdapAuthenticationPlugin::ldap_search( $auth->ldapconn, $base, "(uid=$username)" );
436	410	if ( $result ) {
437		~~- wfSuppressWarnings();~~
438		~~- $entries = ldap_get_entries( $auth->ldapconn, $result );~~
439		~~- wfRestoreWarnings();~~
	411	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $auth->ldapconn, $result );
440	412	if ( (int)$entries['count'] > 0 ) {
441	413	$auth->printDebug( "User $username already exists.", NONSENSITIVE );
442	414	# uid attribute is already in use, fail.
—	—	@@ -473,10 +445,8 @@
474	446	*/
475	447	static function LDAPSetNovaInfo( $auth ) {
476	448	OpenStackNovaLdapConnection::connect();
477		~~- wfSuppressWarnings();~~
478		~~- $result = ldap_read( $auth->ldapconn, $auth->userInfo[0]['dn'], '(objectclass=*)', array( 'secretkey', 'accesskey', 'objectclass' ) );~~
479		~~- $userInfo = ldap_get_entries( $auth->ldapconn, $result );~~
480		~~- wfRestoreWarnings();~~
	449	+ $result = LdapAuthenticationPlugin::ldap_read( $auth->ldapconn, $auth->userInfo[0]['dn'], '(objectclass=*)', array( 'secretkey', 'accesskey', 'objectclass' ) );
	450	+ $userInfo = LdapAuthenticationPlugin::ldap_get_entries( $auth->ldapconn, $result );
481	451	if ( !isset( $userInfo[0]['accesskey'] ) or !isset( $userInfo[0]['secretkey'] ) ) {
482	452	$objectclasses = $userInfo[0]['objectclass'];
483	453	# First entry is a count
—	—	@@ -494,9 +464,7 @@
495	465	$values['secretkey'] = OpenStackNovaUser::uuid4();
496	466	$values['isnovaadmin'] = 'FALSE';
497	467
498		~~- wfSuppressWarnings();~~
499		~~- $success = ldap_modify( $auth->ldapconn, $auth->userdn, $values );~~
500		~~- wfRestoreWarnings();~~
	468	+ $success = LdapAuthenticationPlugin::ldap_modify( $auth->ldapconn, $auth->userdn, $values );
501	469	if ( $success ) {
502	470	$auth->printDebug( "Successfully modified the user's nova attributes", NONSENSITIVE );
503	471	return true;
Index: trunk/extensions/OpenStackManager/OpenStackManager.php
—	—	@@ -168,6 +168,12 @@
169	169	$updater->addExtensionTable( 'openstack_puppet_groups', "$base/openstack.sql" );
170	170	$updater->addExtensionTable( 'openstack_puppet_vars', "$base/openstack.sql" );
171	171	$updater->addExtensionTable( 'openstack_puppet_classes', "$base/openstack.sql" );
	172	+ $updater->addExtensionField( 'openstack_puppet_groups', 'group_project',
	173	+ "$base/schema-changes/openstack_project_field.sql" );
	174	+ $updater->addExtensionField( 'openstack_puppet_classes', 'class_project',
	175	+ "$base/schema-changes/openstack_project_field.sql" );
	176	+ $updater->addExtensionField( 'openstack_puppet_vars', 'var_project',
	177	+ "$base/schema-changes/openstack_project_field.sql" );
172	178	break;
173	179	}
174	180	return true;
Index: trunk/extensions/OpenStackManager/OpenStackNovaPuppetGroup.php
—	—	@@ -12,10 +12,11 @@
13	13	* @param $id Int Database id for the group
14	14	* @param $name String User-defined name of the group
15	15	*/
16		~~- public function __construct( $id, $name, $position ) {~~
	16	+ public function __construct( $id, $name, $position, $project=null ) {
17	17	$this->id = $id;
18	18	$this->name = $name;
19	19	$this->position = $position;
	20	+ $this->project = $project;
20	21	$this->loadVars( $id );
21	22	$this->loadClasses( $id );
22	23	}
—	—	@@ -40,6 +41,10 @@
41	42	return $this->classes;
42	43	}
43	44
	45	+ public funtion getProject() {
	46	+ return $this->project;
	47	+ }
	48	+
44	49	/**
45	50	* @param $name string
46	51	* @return OpenStackNovaPuppetGroup\|null
—	—	@@ -97,10 +102,20 @@
98	103	}
99	104
100	105	/**
	106	+ * @param $projects array Optionally get list for a set of projects
101	107	* @return array
102	108	*/
103		~~- public static function getGroupList() {~~
	109	+ public static function getGroupList( $projects = array() ) {
104	110	$dbr = wfGetDB( DB_SLAVE );
	111	+ $condition = '';
	112	+ if ( $projects ) {
	113	+ $condition .= 'group_project =';
	114	+ foreach ( $projects as $project ) {
	115	+ $condition .= $project . ',';
	116	+ }
	117	+ $condition = $dbr->addQuotes( $condition );
	118	+ $condition = $condition[0,-1];
	119	+ }
105	120	$rows = $dbr->select(
106	121	'openstack_puppet_groups',
107	122	array(
—	—	@@ -108,7 +123,7 @@
109	124	'group_name',
110	125	'group_position'
111	126	),
112		~~- '',~~
	127	+ $condition,
113	128	__METHOD__,
114	129	array( 'ORDER BY' => 'group_position ASC' )
115	130	);

Follow-up revisions

Revision	Commit summary	Author	Date
r107422	Use implode rather than a poor foreach equivalent. Follow up to r107415.	laner	21:12, 27 December 2011

Status & tagging log

09:01, 18 January 2012 Siebrand (talk | contribs) changed the tags for r107415 [removed: openstack]
21:02, 13 January 2012 Reedy (talk | contribs) changed the status of r107415 [removed: new added: resolved]
06:13, 5 January 2012 RobLa-WMF (talk | contribs) changed the tags for r107415 [added: openstack]