-$: << File.join(File.dirname(__FILE__), "../dutils") +$: << File.join(File.dirname(__FILE__), '../dutils') require 'active_record_env' -require 'rubygems' - -gem 'activeldap' -require 'active_ldap' - -require '/usr/share/ovirt-wui/app/models/account' - +# Get configuration options... ldap_config = YAML::load(File.open("#{OVIRT_DIR}/config/ldap.yml")) uid = ARGV[0] -base, host, port = ldap_config["production"]["base"], ldap_config["production"]["host"], ldap_config["production"]["port"] - -ActiveLdap::Base.establish_connection(:base => base, :host => host, :port => port) +base, host = ldap_config["production"]["base"], ldap_config["production"]["host"] -# -# If the uid is found in LDAP, then create an admin account -# for that user. Otherwise, report an error and fail. -# +ActiveLdap::Base.establish_connection :base => base, :host => host, :try_sasl => false -puts "Validating UID #{uid} in LDAP" - -begin - user = Account.find("uid=#{uid}") -rescue StandardError => error - puts "Unable to verify user in LDAP or no such user exists: uid=#{uid}" -else +if Account.exists?("uid=#{uid}") + puts "Creating an admin account for #{uid}..." $hwpool = HardwarePool.get_default_pool - if $hwpool - Permission.new( {:user_role => Permission::ROLE_SUPER_ADMIN, - :uid => $uid, - :pool_id => $hwpool.id}).save - end + permission = Permission.create(:user_role => Permission::ROLE_SUPER_ADMIN, + :uid => uid, + :pool_id => $hwpool.id) +else + puts "Unable to verify user: uid=#{uid}" end
For general interest on the list, below is the patch Darryl just pushed to grant_admin_privileges to finally get ldap working with activeLdap and freeipa. --Hugh> > require 'active_record_env' > > -require 'rubygems' > - > -gem 'activeldap' > -require 'active_ldap' > - > -require '/usr/share/ovirt-wui/app/models/account' > - > +# Get configuration options... > ldap_config = YAML::load(File.open("#{OVIRT_DIR}/config/ldap.yml")) > uid = ARGV[0] > -base, host, port = ldap_config["production"]["base"], ldap_config["production"]["host"], ldap_config["production"]["port"] > - > -ActiveLdap::Base.establish_connection(:base => base, :host => host, :port => port) > +base, host = ldap_config["production"]["base"], ldap_config["production"]["host"] > > -# > -# If the uid is found in LDAP, then create an admin account > -# for that user. Otherwise, report an error and fail. > -# > +ActiveLdap::Base.establish_connection :base => base, :host => host, :try_sasl => false > > -puts "Validating UID #{uid} in LDAP" > - > -begin > - user = Account.find("uid=#{uid}") > -rescue StandardError => error > - puts "Unable to verify user in LDAP or no such user exists: uid=#{uid}" > -else > +if Account.exists?("uid=#{uid}") > + puts "Creating an admin account for #{uid}..." > $hwpool = HardwarePool.get_default_pool > - if $hwpool > - Permission.new( {:user_role => Permission::ROLE_SUPER_ADMIN, > - :uid => $uid, > - :pool_id => $hwpool.id}).save > - end > + permission = Permission.create(:user_role => Permission::ROLE_SUPER_ADMIN, > + :uid => uid, > + :pool_id => $hwpool.id) > +else > + puts "Unable to verify user: uid=#{uid}" > end > > _______________________________________________ > Ovirt-devel mailing list > Ovirt-devel at redhat.com > https://www.redhat.com/mailman/listinfo/ovirt-devel
Here's the commit to the repo in its entirety, for those who like to know what files were actually touched in a particular diff. :) Thanks, Perry commit 39f901124d261460f899113950a2de1516c9501e Author: Darryl L. Pierce <dpierce at redhat.com> Date: Wed May 21 13:35:06 2008 -0400 Fixed the grant script by pretty much rewriting the guts of it. diff --git a/wui/src/app/models/account.rb b/wui/src/app/models/account.rb index 59bb160..a2ed1d2 100644 --- a/wui/src/app/models/account.rb +++ b/wui/src/app/models/account.rb @@ -20,7 +20,7 @@ # +Account+ represents a single user's account from the LDAP server. # class Account < ActiveLdap::Base - ldap_mapping :dn_attribute => 'cn', :prefix => 'cn=users,cn=account', :scope => :one + ldap_mapping :dn_attribute => 'cn', :scope => :one, :prefix => 'cn=users,cn=accounts' @@users = nil diff --git a/wui/src/script/grant_admin_privileges b/wui/src/script/grant_admin_privileges index 13deae2..82595cb 100755 --- a/wui/src/script/grant_admin_privileges +++ b/wui/src/script/grant_admin_privileges @@ -1,38 +1,22 @@ #!/usr/bin/ruby -$: << File.join(File.dirname(__FILE__), "../dutils") +$: << File.join(File.dirname(__FILE__), '../dutils') require 'active_record_env' -require 'rubygems' - -gem 'activeldap' -require 'active_ldap' - -require '/usr/share/ovirt-wui/app/models/account' - +# Get configuration options... ldap_config = YAML::load(File.open("#{OVIRT_DIR}/config/ldap.yml")) uid = ARGV[0] -base, host, port = ldap_config["production"]["base"], ldap_config["production"]["host"], ldap_config["production"]["port"] - -ActiveLdap::Base.establish_connection(:base => base, :host => host, :port => port) +base, host = ldap_config["production"]["base"], ldap_config["production"]["host"] -# -# If the uid is found in LDAP, then create an admin account -# for that user. Otherwise, report an error and fail. -# +ActiveLdap::Base.establish_connection :base => base, :host => host, :try_sasl => false -puts "Validating UID #{uid} in LDAP" - -begin - user = Account.find("uid=#{uid}") -rescue StandardError => error - puts "Unable to verify user in LDAP or no such user exists: uid=#{uid}" -else +if Account.exists?("uid=#{uid}") + puts "Creating an admin account for #{uid}..." $hwpool = HardwarePool.get_default_pool - if $hwpool - Permission.new( {:user_role => Permission::ROLE_SUPER_ADMIN, - :uid => $uid, - :pool_id => $hwpool.id}).save - end + permission = Permission.create(:user_role => Permission::ROLE_SUPER_ADMIN, + :uid => uid, + :pool_id => $hwpool.id) +else + puts "Unable to verify user: uid=#{uid}" end