-
Notifications
You must be signed in to change notification settings - Fork 492
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor kerberos plugin to use api_method
This commit performs boiler-plate conversion of kerberos.py to new api_method schema. kerberos.config and kerberos.update are deliberately excluded at this point due to in-progress changes to ConfigService api_method plumbing.
- Loading branch information
Showing
7 changed files
with
361 additions
and
120 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 28 additions & 0 deletions
28
src/middlewared/middlewared/api/v25_04_0/activedirectory.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
from middlewared.api.base import ( | ||
BaseModel, | ||
NonEmptyString, | ||
single_argument_args, | ||
) | ||
from middlewared.utils.directoryservices.krb5_constants import ( | ||
krb5ccache, | ||
) | ||
from pydantic import Field, Secret | ||
from typing import Literal | ||
|
||
|
||
__all__ = [ | ||
'ActivedirectoryLeaveArgs', 'ActivedirectoryLeaveResult', | ||
] | ||
|
||
|
||
class ActivedirectoryUsernamePassword(BaseModel): | ||
username: NonEmptyString | ||
password: Secret[NonEmptyString] | ||
|
||
|
||
class ActivedirectoryLeaveArgs(BaseModel): | ||
ad_cred: ActivedirectoryUsernamePassword | ||
|
||
|
||
class ActivedirectoryLeaveResult(BaseModel): | ||
result: Literal[True] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,156 @@ | ||
from middlewared.api.base import ( | ||
BaseModel, | ||
NonEmptyString, | ||
single_argument_args, | ||
) | ||
from middlewared.utils.directoryservices.krb5_constants import ( | ||
krb5ccache, | ||
) | ||
from pydantic import Field, Secret | ||
from typing import Literal | ||
|
||
|
||
__all__ = [ | ||
'KerberosKdestroyArgs', 'KerberosKdestroyResult', | ||
'KerberosKinitArgs', 'KerberosKinitResult', | ||
'KerberosKlistArgs', 'KerberosKlistResult', | ||
'KerberosCheckTicketArgs', 'KerberosCheckTicketResult', | ||
'KerberosGetCredArgs', 'KerberosGetCredResult', | ||
] | ||
|
||
|
||
class KerberosCredentialUsernamePassword(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
username: NonEmptyString | ||
password: Secret[NonEmptyString] | ||
|
||
|
||
class KerberosCredentialKeytab(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
kerberos_principal: NonEmptyString | ||
|
||
|
||
class KerberosCcacheOptions(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
ccache: Literal[ | ||
krb5ccache.SYSTEM.value, | ||
krb5ccache.TEMP.value, | ||
krb5ccache.USER.value, | ||
] = krb5ccache.SYSTEM.value | ||
cache_uid: int = 0 | ||
|
||
|
||
class KerberosKinitKdcOverride(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
domain: str | None = None | ||
kdc: str | None = None | ||
libdefaults_aux: list[str] | None = None | ||
|
||
|
||
class KerberosKinitOptions(KerberosCcacheOptions): | ||
""" Private API entry defined for normalization purposes """ | ||
renewal_period: int = 7 | ||
lifetime: int = 0 | ||
kdc_override: KerberosKinitKdcOverride = Field(default=KerberosKinitKdcOverride()) | ||
|
||
|
||
class KerberosKlistOptions(KerberosCcacheOptions): | ||
""" Private API entry defined for normalization purposes """ | ||
timeout: int = 10 | ||
|
||
|
||
@single_argument_args('kerberos_kinit') | ||
class KerberosKinitArgs(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
krb5_cred: KerberosCredentialUsernamePassword | KerberosCredentialKeytab | ||
kinit_options: KerberosKinitOptions = Field(alias='kinit-options', default=KerberosKinitOptions()) | ||
|
||
|
||
class KerberosKinitResult(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
result: Literal[None] | ||
|
||
|
||
class KerberosKlistArgs(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
klist_options: KerberosKlistOptions | ||
|
||
|
||
class KerberosKlistEntry(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
issued: int | ||
expires: int | ||
renew_until: int | ||
client: NonEmptyString | ||
server: NonEmptyString | ||
etype: NonEmptyString | ||
flags: list[str] | ||
|
||
|
||
class KerberosKlistFull(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
default_principal: NonEmptyString | ||
ticket_cache: NonEmptyString | ||
tickets: list[KerberosKlistEntry] | ||
|
||
|
||
class KerberosKlistResult(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
result: KerberosKlistFull | ||
|
||
|
||
class KerberosKdestroyArgs(KerberosCcacheOptions): | ||
""" Private API entry defined for normalization purposes """ | ||
pass | ||
|
||
|
||
class KerberosKdestroyResult(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
result: Literal[None] | ||
|
||
|
||
class KerberosCheckTicketArgs(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
kerberos_options: KerberosCcacheOptions = Field(alias='kerberos-options', default=KerberosCcacheOptions()) | ||
raise_error: bool = True | ||
|
||
|
||
class KerberosGssCred(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
name: NonEmptyString | ||
name_type: NonEmptyString | ||
name_type_oid: str | ||
lifetime: int | ||
|
||
|
||
class KerberosCheckTicketResult(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
result: KerberosGssCred | ||
|
||
|
||
class ADKinitParameters(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
bindname: NonEmptyString | ||
bindpw: Secret[NonEmptyString] | ||
domainname: NonEmptyString | ||
kerberos_principal: NonEmptyString | ||
|
||
|
||
class LDAPKinitParameters(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
binddn: NonEmptyString | None | ||
bindpw: Secret[NonEmptyString | None] | ||
kerberos_realm: int | ||
kerberos_principal: str | None | ||
|
||
|
||
@single_argument_args('kerberos_get_cred') | ||
class KerberosGetCredArgs(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
ds_type: Literal['ACTIVEDIRECTORY', 'LDAP', 'IPA'] | ||
conf: ADKinitParameters | LDAPKinitParameters | ||
|
||
|
||
class KerberosGetCredResult(BaseModel): | ||
""" Private API entry defined for normalization purposes """ | ||
result: KerberosCredentialUsernamePassword | KerberosCredentialKeytab |
56 changes: 56 additions & 0 deletions
56
src/middlewared/middlewared/api/v25_04_0/kerberos_keytab.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
from middlewared.api.base import ( | ||
BaseModel, | ||
Excluded, | ||
excluded_field, | ||
ForUpdateMetaclass, | ||
NonEmptyString, | ||
) | ||
from pydantic import Secret | ||
from typing import Literal | ||
|
||
|
||
__all__ = [ | ||
'KerberosKeytabEntry', | ||
'KerberosKeytabCreateArgs', 'KerberosKeytabCreateResult', | ||
'KerberosKeytabUpdateArgs', 'KerberosKeytabUpdateResult', | ||
'KerberosKeytabDeleteArgs', 'KerberosKeytabDeleteResult', | ||
] | ||
|
||
|
||
class KerberosKeytabEntry(BaseModel): | ||
id: int | ||
file: Secret[NonEmptyString] | ||
name: NonEmptyString | ||
|
||
|
||
class KerberosKeytabCreate(KerberosKeytabEntry): | ||
id: Excluded = excluded_field() | ||
|
||
|
||
class KerberosKeytabUpdate(KerberosKeytabCreate, metaclass=ForUpdateMetaclass): | ||
pass | ||
|
||
|
||
class KerberosKeytabCreateArgs(BaseModel): | ||
kerberos_keytab_create: KerberosKeytabCreate | ||
|
||
|
||
class KerberosKeytabUpdateArgs(BaseModel): | ||
id: int | ||
kerberos_keytab_update: KerberosKeytabUpdate | ||
|
||
|
||
class KerberosKeytabCreateResult(BaseModel): | ||
result: KerberosKeytabEntry | ||
|
||
|
||
class KerberosKeytabUpdateResult(BaseModel): | ||
result: KerberosKeytabEntry | ||
|
||
|
||
class KerberosKeytabDeleteArgs(BaseModel): | ||
id: int | ||
|
||
|
||
class KerberosKeytabDeleteResult(BaseModel): | ||
result: Literal[True] |
57 changes: 57 additions & 0 deletions
57
src/middlewared/middlewared/api/v25_04_0/kerberos_realm.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
from middlewared.api.base import ( | ||
BaseModel, | ||
Excluded, | ||
excluded_field, | ||
ForUpdateMetaclass, | ||
NonEmptyString, | ||
) | ||
from typing import Literal | ||
|
||
|
||
__all__ = [ | ||
'KerberosRealmEntry', | ||
'KerberosRealmCreateArgs', 'KerberosRealmCreateResult', | ||
'KerberosRealmUpdateArgs', 'KerberosRealmUpdateResult', | ||
'KerberosRealmDeleteArgs', 'KerberosRealmDeleteResult', | ||
] | ||
|
||
|
||
class KerberosRealmEntry(BaseModel): | ||
id: int | ||
realm: NonEmptyString | ||
kdc: list[str] | ||
admin_server: list[str] | ||
kpasswd_server: list[str] | ||
|
||
|
||
class KerberosRealmCreate(KerberosRealmEntry): | ||
id: Excluded = excluded_field() | ||
|
||
|
||
class KerberosRealmUpdate(KerberosRealmCreate, metaclass=ForUpdateMetaclass): | ||
pass | ||
|
||
|
||
class KerberosRealmCreateArgs(BaseModel): | ||
kerberos_realm_create: KerberosRealmCreate | ||
|
||
|
||
class KerberosRealmUpdateArgs(BaseModel): | ||
id: int | ||
kerberos_realm_update: KerberosRealmUpdate | ||
|
||
|
||
class KerberosRealmCreateResult(BaseModel): | ||
result: KerberosRealmEntry | ||
|
||
|
||
class KerberosRealmUpdateResult(BaseModel): | ||
result: KerberosRealmEntry | ||
|
||
|
||
class KerberosRealmDeleteArgs(BaseModel): | ||
id: int | ||
|
||
|
||
class KerberosRealmDeleteResult(BaseModel): | ||
result: Literal[True] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.