def post_callback(self, ldap, entries, truncated, *args, **options): # we have to sort entries manually instead of relying on inherited # mechanisms def sort_key(x): if 'krbcanonicalname' in x: return x['krbcanonicalname'][0] else: return x['krbprincipalname'][0] entries.sort(key=sort_key) if options.get('pkey_only', False): return truncated for entry_attrs in entries: self.obj.get_password_attributes(ldap, entry_attrs.dn, entry_attrs) principal = entry_attrs['krbprincipalname'] if isinstance(principal, (tuple, list)): principal = principal[0] try: set_certificate_attrs(entry_attrs) except errors.CertificateFormatError as e: self.add_message( messages.CertificateInvalid( subject=principal, reason=e ) ) logger.error("Invalid certificate: %s", e) del(entry_attrs['usercertificate']) set_kerberos_attrs(entry_attrs, options) rename_ipaallowedtoperform_from_ldap(entry_attrs, options) self.obj.populate_krbcanonicalname(entry_attrs, options) return truncated
def post_callback(self, ldap, dn, entry_attrs, *keys, **options): assert isinstance(dn, DN) self.obj.get_password_attributes(ldap, dn, entry_attrs) principal = entry_attrs['krbprincipalname'] if isinstance(principal, (tuple, list)): principal = principal[0] try: set_certificate_attrs(entry_attrs) except errors.CertificateFormatError as e: self.add_message( messages.CertificateInvalid( subject=principal, reason=e, )) self.log.error("Invalid certificate: {err}".format(err=e)) del (entry_attrs['usercertificate']) set_kerberos_attrs(entry_attrs, options) rename_ipaallowedtoperform_from_ldap(entry_attrs, options) self.obj.populate_krbcanonicalname(entry_attrs, options) return dn