From 29accd3589080e47d8d77f2d86ffe300c4693076 Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 20:33:32 +1000 Subject: [PATCH 1/7] PEP8 --- ipahttp/ipahttp.py | 219 ++++++++++++++++++++------------------------- 1 file changed, 99 insertions(+), 120 deletions(-) diff --git a/ipahttp/ipahttp.py b/ipahttp/ipahttp.py index d5a7ae8..099cc2c 100644 --- a/ipahttp/ipahttp.py +++ b/ipahttp/ipahttp.py @@ -12,26 +12,27 @@ # - Fix the "API version not sent" message # ----------------------------------------------------------------------------- -import requests import json import logging +import requests + class ipa(object): - def __init__(self, server, sslverify=False): + def __init__(self, server, ssl_verify=False): self.server = server - self.sslverify = sslverify + self.ssl_verify = ssl_verify self.log = logging.getLogger(__name__) self.session = requests.Session() + self.login_user = None def login(self, user, password): rv = None - ipaurl = 'https://{0}/ipa/session/login_password'.format(self.server) - header = {'referer': ipaurl, 'Content-Type': - 'application/x-www-form-urlencoded', 'Accept': 'text/plain'} + ipa_url = 'https://{0}/ipa/session/login_password'.format(self.server) + header = {'referer': ipa_url, 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'} login = {'user': user, 'password': password} - rv = self.session.post(ipaurl, headers=header, data=login, - verify=self.sslverify) + rv = self.session.post(ipa_url, headers=header, data=login, + verify=self.ssl_verify) if rv.status_code != 200: self.log.warning('Failed to log {0} in to {1}'.format( @@ -45,23 +46,18 @@ def login(self, user, password): self.login_user = user return rv - def makeReq(self, pdict): - results = None - ipaurl = 'https://{0}/ipa'.format(self.server) - session_url = '{0}/session/json'.format(ipaurl) - header = {'referer': ipaurl, 'Content-Type': 'application/json', - 'Accept': 'application/json'} + def make_req(self, pdict): + ipa_url = 'https://{0}/ipa'.format(self.server) + session_url = '{0}/session/json'.format(ipa_url) + header = {'referer': ipa_url, 'Content-Type': 'application/json', 'Accept': 'application/json'} + data = {'id': 0, 'method': pdict['method'], 'params': [pdict['item'], pdict['params']]} - data = {'id': 0, 'method': pdict['method'], 'params': - [pdict['item'], pdict['params']]} - - self.log.debug('Making {0} request to {1}'.format(pdict['method'], - session_url)) + self.log.debug('Making {0} request to {1}'.format(pdict['method'], session_url)) request = self.session.post( - session_url, headers=header, - data=json.dumps(data), - verify=self.sslverify + session_url, headers=header, + data=json.dumps(data), + verify=self.ssl_verify ) results = request.json() @@ -69,7 +65,7 @@ def makeReq(self, pdict): def config_show(self): m = {'method': 'config_show', 'item': [None], 'params': {'all': True}} - results = self.makeReq(m) + results = self.make_req(m) return results @@ -80,10 +76,10 @@ def group_add(self, group, gidnumber=None, description=None): 'all': True, 'description': description } - } + } if gidnumber is not None: m['params']['gidnumber'] = gidnumber - results = self.makeReq(m) + results = self.make_req(m) return results @@ -92,15 +88,15 @@ def group_add_member(self, group, item, membertype): raise ValueError('Type {0} is not a valid member type,\ specify user or group'.format(membertype)) m = { - 'item': [group], - 'method': 'group_add_member', - 'params': { - 'all': True, - 'raw': True, - membertype: item - } + 'item': [group], + 'method': 'group_add_member', + 'params': { + 'all': True, + 'raw': True, + membertype: item + } } - results = self.makeReq(m) + results = self.make_req(m) return results @@ -118,21 +114,19 @@ def group_remove_member(self, group, items, membertype): "version": "2.164" } } - results = self.makeReq(m) + results = self.make_req(m) return results def group_find(self, group=None, sizelimit=40000): - m = {'method': 'group_find', 'item': [group], 'params': {'all': True, - 'sizelimit': sizelimit}} - results = self.makeReq(m) + m = {'method': 'group_find', 'item': [group], 'params': {'all': True, 'sizelimit': sizelimit}} + results = self.make_req(m) return results def group_show(self, group): - m = {'item': [group], 'method': 'group_show', 'params': - {'all': True, 'raw': False}} - results = self.makeReq(m) + m = {'item': [group], 'method': 'group_show', 'params': {'all': True, 'raw': False}} + results = self.make_req(m) return results @@ -141,11 +135,11 @@ def group_mod(self, group, addattrs=[], setattrs=[], delattrs=[]): 'method': 'group_mod', 'item': [group], 'params': { - 'all': False, - 'no_members': False, - 'raw': False, - 'rights': False, - 'version': '2.164' + 'all': False, + 'no_members': False, + 'raw': False, + 'rights': False, + 'version': '2.164' } } if len(addattrs): @@ -155,55 +149,51 @@ def group_mod(self, group, addattrs=[], setattrs=[], delattrs=[]): if len(delattrs): m['params']['delattr'] = delattrs - return self.makeReq(m) + return self.make_req(m) def host_add(self, hostname, opasswd, force=True): - m = {'item': [hostname], 'method': 'host_add', 'params': {'all': True, - 'force': force, 'userpassword': opasswd}} - results = self.makeReq(m) + m = {'item': [hostname], 'method': 'host_add', 'params': {'all': True, 'force': force, 'userpassword': opasswd}} + results = self.make_req(m) return results def host_del(self, hostname): m = {'item': [hostname], 'method': 'host_del', 'params': {'all': True}} - results = self.makeReq(m) + results = self.make_req(m) return results def host_find(self, hostname=None, in_hg=None, sizelimit=40000): - m = {'method': 'host_find', 'item': [hostname], 'params': - {'all': True, 'in_hostgroup': in_hg, 'sizelimit': sizelimit}} - results = self.makeReq(m) + m = {'method': 'host_find', 'item': [hostname], + 'params': {'all': True, 'in_hostgroup': in_hg, 'sizelimit': sizelimit}} + results = self.make_req(m) return results - def host_mod(self, hostname, description=None, locality=None, - location=None, platform=None, osver=None): - m = {'item': [hostname], 'method': 'host_mod', 'params': - {'all': True, 'description': description, 'locality': locality, - 'nshostlocation': location, 'nshardwareplatform': platform, - 'nsosversion': osver}} - results = self.makeReq(m) + def host_mod(self, hostname, description=None, locality=None, location=None, platform=None, osver=None): + m = {'item': [hostname], 'method': 'host_mod', + 'params': {'all': True, 'description': description, 'locality': locality, 'nshostlocation': location, + 'nshardwareplatform': platform, 'nsosversion': osver}} + results = self.make_req(m) return results def host_show(self, hostname): - m = {'item': [hostname], 'method': 'host_show', 'params': - {'all': True}} - results = self.makeReq(m) + m = {'item': [hostname], 'method': 'host_show', 'params': {'all': True}} + results = self.make_req(m) return results def hostgroup_add(self, hostgroup, description=None): m = { - 'method': 'hostgroup_add', - 'item': [hostgroup], - 'params': { - 'all': True, - 'description': description - } + 'method': 'hostgroup_add', + 'item': [hostgroup], + 'params': { + 'all': True, + 'description': description + } } - results = self.makeReq(m) + results = self.make_req(m) return results @@ -211,18 +201,17 @@ def hostgroup_add_member(self, hostgroup, hostname): if type(hostname) != list: hostname = [hostname] m = { - 'method': 'hostgroup_add_member', - 'item': [hostgroup], - 'params': {'host': hostname, 'all': True} + 'method': 'hostgroup_add_member', + 'item': [hostgroup], + 'params': {'host': hostname, 'all': True} } - results = self.makeReq(m) + results = self.make_req(m) return results def hostgroup_show(self, hostgroup): - m = {'item': [hostgroup], 'method': 'hostgroup_show', 'params': - {'all': True}} - results = self.makeReq(m) + m = {'item': [hostgroup], 'method': 'hostgroup_show', 'params': {'all': True}} + results = self.make_req(m) return results @@ -231,53 +220,46 @@ def passwd(self, principal, passwd): if not principal.split('@')[0] == self.login_user: item.append('CHANGING_PASSWORD_FOR_ANOTHER_USER') m = {'method': 'passwd', 'params': {'version': '2.112'}, 'item': item} - results = self.makeReq(m) + results = self.make_req(m) return results def user_add(self, user, opts): opts['all'] = True m = {'method': 'user_add', 'item': [user], 'params': opts} - results = self.makeReq(m) + results = self.make_req(m) return results def user_find(self, user=None, attrs={}, sizelimit=40000): - params = {'all': True, - 'no_members': False, - 'sizelimit': sizelimit, - 'whoami': False} + params = {'all': True, 'no_members': False, 'sizelimit': sizelimit, 'whoami': False} params.update(attrs) m = {'item': [user], 'method': 'user_find', 'params': params} - results = self.makeReq(m) + results = self.make_req(m) return results def user_show(self, user): - m = {'item': [user], 'method': 'user_show', 'params': - {'all': True, 'raw': False}} - results = self.makeReq(m) + m = {'item': [user], 'method': 'user_show', 'params': {'all': True, 'raw': False}} + results = self.make_req(m) return results def user_status(self, user): - m = {'item': [user], 'method': 'user_status', 'params': - {'all': True, 'raw': False}} - results = self.makeReq(m) + m = {'item': [user], 'method': 'user_status', 'params': {'all': True, 'raw': False}} + results = self.make_req(m) return results def user_unlock(self, user): - m = {'item': [user], 'method': 'user_unlock', 'params': - {'version': '2.112'}} - results = self.makeReq(m) + m = {'item': [user], 'method': 'user_unlock', 'params': {'version': '2.112'}} + results = self.make_req(m) return results def user_disable(self, user): - m = {'item': [user], 'method': 'user_disable', 'params': - {'version': '2.112'}} - results = self.makeReq(m) + m = {'item': [user], 'method': 'user_disable', 'params': {'version': '2.112'}} + results = self.make_req(m) return results @@ -286,11 +268,11 @@ def user_mod(self, user, addattrs=[], setattrs=[], delattrs=[]): 'method': 'user_mod', 'item': [user], 'params': { - 'all': False, - 'no_members': False, - 'raw': False, - 'rights': False, - 'version': '2.164' + 'all': False, + 'no_members': False, + 'raw': False, + 'rights': False, + 'version': '2.164' } } if len(addattrs): @@ -300,7 +282,7 @@ def user_mod(self, user, addattrs=[], setattrs=[], delattrs=[]): if len(delattrs): m['params']['delattr'] = delattrs - return self.makeReq(m) + return self.make_req(m) def user_del(self, user, preserve=True): m = { @@ -313,16 +295,13 @@ def user_del(self, user, preserve=True): } } - return self.makeReq(m) + return self.make_req(m) def stageuser_find(self, user=None, attrs={}, sizelimit=40000): - params = {'all': True, - 'no_members': False, - 'sizelimit': sizelimit, - } + params = {'all': True, 'no_members': False, 'sizelimit': sizelimit} params.update(attrs) m = {'item': [user], 'method': 'stageuser_find', 'params': params} - results = self.makeReq(m) + results = self.make_req(m) return results @@ -337,7 +316,7 @@ def stageuser_add(self, user, opts, addattrs=None, setattrs=None): 'item': [user], 'params': opts } - results = self.makeReq(m) + results = self.make_req(m) return results @@ -349,7 +328,7 @@ def stageuser_del(self, user): 'version': '2.164' } } - results = self.makeReq(m) + results = self.make_req(m) return results @@ -358,11 +337,11 @@ def stageuser_mod(self, user, addattrs=[], setattrs=[], delattrs=[]): 'method': 'stageuser_mod', 'item': [user], 'params': { - 'all': False, - 'no_members': False, - 'raw': False, - 'rights': False, - 'version': '2.164' + 'all': False, + 'no_members': False, + 'raw': False, + 'rights': False, + 'version': '2.164' } } if len(addattrs): @@ -372,7 +351,7 @@ def stageuser_mod(self, user, addattrs=[], setattrs=[], delattrs=[]): if len(delattrs): m['params']['delattr'] = delattrs - return self.makeReq(m) + return self.make_req(m) def stageuser_activate(self, user): m = { @@ -382,7 +361,7 @@ def stageuser_activate(self, user): 'version': '2.164' } } - results = self.makeReq(m) + results = self.make_req(m) return results @@ -399,7 +378,7 @@ def selfservice_add(self, aciname, attrs, permissions=None): } if permissions is not None: m['params']['permissions'] = permissions - results = self.makeReq(m) + results = self.make_req(m) return results @@ -416,7 +395,7 @@ def automember_add(self, name, description='', type='group'): } if description: m['params']['description'] = description - results = self.makeReq(m) + results = self.make_req(m) return results @@ -436,6 +415,6 @@ def automember_add_condition(self, name, key, type, description='', inclusive_re m['params']['automemberinclusiveregex'] = inclusive_regex if exclusive_regex: m['params']['automemberexclusiveregex'] = exclusive_regex - results = self.makeReq(m) + results = self.make_req(m) return results From 35d1d14d076fabe15b3eda688f26f67b03eaf453 Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 20:36:25 +1000 Subject: [PATCH 2/7] PEP8 --- ipahttp/ipahttp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ipahttp/ipahttp.py b/ipahttp/ipahttp.py index 099cc2c..111f3c5 100644 --- a/ipahttp/ipahttp.py +++ b/ipahttp/ipahttp.py @@ -19,7 +19,7 @@ class ipa(object): - def __init__(self, server, ssl_verify=False): + def __init__(self, server, sslverify=False): self.server = server self.ssl_verify = ssl_verify self.log = logging.getLogger(__name__) From 6bf71fbd6b7ba6306a985ec5b91bfc941a5b35f6 Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 20:39:18 +1000 Subject: [PATCH 3/7] Remove unused vars --- ipahttp/ipahttp.py | 1 - 1 file changed, 1 deletion(-) diff --git a/ipahttp/ipahttp.py b/ipahttp/ipahttp.py index 111f3c5..51ada0f 100644 --- a/ipahttp/ipahttp.py +++ b/ipahttp/ipahttp.py @@ -27,7 +27,6 @@ def __init__(self, server, sslverify=False): self.login_user = None def login(self, user, password): - rv = None ipa_url = 'https://{0}/ipa/session/login_password'.format(self.server) header = {'referer': ipa_url, 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'} login = {'user': user, 'password': password} From ad23f4202cf04e439ceec6a93cff608bcb1e8ea0 Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 20:39:37 +1000 Subject: [PATCH 4/7] PEP8 --- ipahttp/ipahttp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ipahttp/ipahttp.py b/ipahttp/ipahttp.py index 51ada0f..e944725 100644 --- a/ipahttp/ipahttp.py +++ b/ipahttp/ipahttp.py @@ -21,7 +21,7 @@ class ipa(object): def __init__(self, server, sslverify=False): self.server = server - self.ssl_verify = ssl_verify + self.ssl_verify = sslverify self.log = logging.getLogger(__name__) self.session = requests.Session() self.login_user = None From 8fa799e54684e490bd1a8c4b28ed4817efc88ba2 Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 20:55:06 +1000 Subject: [PATCH 5/7] Doc string --- ipahttp/ipahttp.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ipahttp/ipahttp.py b/ipahttp/ipahttp.py index e944725..fce8027 100644 --- a/ipahttp/ipahttp.py +++ b/ipahttp/ipahttp.py @@ -20,6 +20,11 @@ class ipa(object): def __init__(self, server, sslverify=False): + """ + server: string with address of your FreeIPA server + sslverify: Either a boolean, in which case it controls whether we verify the server's TLS certificate, + or a string, in which case it must be a path to a CA bundle to use. Defaults to ``False`` + """ self.server = server self.ssl_verify = sslverify self.log = logging.getLogger(__name__) From 7d586b27c9f257a12813fd0a3ea35faa476f11eb Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 21:54:42 +1000 Subject: [PATCH 6/7] Added example of usage --- README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/README.md b/README.md index 83b7078..5d367ed 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,20 @@ ipa.login('apiuser', 'secret_password') reply = ipa.host_find() for host in reply['result']['result']: print('Found host %s' % host['fqdn'][0]) + +first_name = "Fred" +second_name = "Idol" +user = ipa.user_find(attrs={"mail": "fred@example.com"}) +if user["result"]["count"] < 1: + result = ipa.user_add(user=first_name, opts={ + "givenname": first_name, + "sn": second_name, + "cn": f"{first_name} {second_name}" + }) + if result["error"] is not None: + print(result["error"]) + else: + print(f"user {first_name} {second_name} was created") ``` ## License From 079db14670225e0cf394da1580e23baced86d249 Mon Sep 17 00:00:00 2001 From: gilyashenko Date: Fri, 13 Dec 2019 22:24:26 +1000 Subject: [PATCH 7/7] Use old way to string concatination --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5d367ed..deb0c4a 100644 --- a/README.md +++ b/README.md @@ -24,12 +24,12 @@ if user["result"]["count"] < 1: result = ipa.user_add(user=first_name, opts={ "givenname": first_name, "sn": second_name, - "cn": f"{first_name} {second_name}" + "cn": "%s %s" % (first_name, second_name) }) if result["error"] is not None: print(result["error"]) else: - print(f"user {first_name} {second_name} was created") + print("user %s %s was created", (first_name, second_name)) ``` ## License