-$: << File.join(File.dirname(__FILE__), "../dutils")
+$: << File.join(File.dirname(__FILE__), '../dutils')
require 'active_record_env'
-require 'rubygems'
-
-gem 'activeldap'
-require 'active_ldap'
-
-require '/usr/share/ovirt-wui/app/models/account'
-
+# Get configuration options...
ldap_config = YAML::load(File.open("#{OVIRT_DIR}/config/ldap.yml"))
uid = ARGV[0]
-base, host, port = ldap_config["production"]["base"],
ldap_config["production"]["host"],
ldap_config["production"]["port"]
-
-ActiveLdap::Base.establish_connection(:base => base, :host => host, :port
=> port)
+base, host = ldap_config["production"]["base"],
ldap_config["production"]["host"]
-#
-# If the uid is found in LDAP, then create an admin account
-# for that user. Otherwise, report an error and fail.
-#
+ActiveLdap::Base.establish_connection :base => base, :host => host,
:try_sasl => false
-puts "Validating UID #{uid} in LDAP"
-
-begin
- user = Account.find("uid=#{uid}")
-rescue StandardError => error
- puts "Unable to verify user in LDAP or no such user exists:
uid=#{uid}"
-else
+if Account.exists?("uid=#{uid}")
+ puts "Creating an admin account for #{uid}..."
$hwpool = HardwarePool.get_default_pool
- if $hwpool
- Permission.new( {:user_role => Permission::ROLE_SUPER_ADMIN,
- :uid => $uid,
- :pool_id => $hwpool.id}).save
- end
+ permission = Permission.create(:user_role => Permission::ROLE_SUPER_ADMIN,
+ :uid => uid,
+ :pool_id => $hwpool.id)
+else
+ puts "Unable to verify user: uid=#{uid}"
end
For general interest on the list, below is the patch Darryl just pushed to grant_admin_privileges to finally get ldap working with activeLdap and freeipa. --Hugh> > require 'active_record_env' > > -require 'rubygems' > - > -gem 'activeldap' > -require 'active_ldap' > - > -require '/usr/share/ovirt-wui/app/models/account' > - > +# Get configuration options... > ldap_config = YAML::load(File.open("#{OVIRT_DIR}/config/ldap.yml")) > uid = ARGV[0] > -base, host, port = ldap_config["production"]["base"], ldap_config["production"]["host"], ldap_config["production"]["port"] > - > -ActiveLdap::Base.establish_connection(:base => base, :host => host, :port => port) > +base, host = ldap_config["production"]["base"], ldap_config["production"]["host"] > > -# > -# If the uid is found in LDAP, then create an admin account > -# for that user. Otherwise, report an error and fail. > -# > +ActiveLdap::Base.establish_connection :base => base, :host => host, :try_sasl => false > > -puts "Validating UID #{uid} in LDAP" > - > -begin > - user = Account.find("uid=#{uid}") > -rescue StandardError => error > - puts "Unable to verify user in LDAP or no such user exists: uid=#{uid}" > -else > +if Account.exists?("uid=#{uid}") > + puts "Creating an admin account for #{uid}..." > $hwpool = HardwarePool.get_default_pool > - if $hwpool > - Permission.new( {:user_role => Permission::ROLE_SUPER_ADMIN, > - :uid => $uid, > - :pool_id => $hwpool.id}).save > - end > + permission = Permission.create(:user_role => Permission::ROLE_SUPER_ADMIN, > + :uid => uid, > + :pool_id => $hwpool.id) > +else > + puts "Unable to verify user: uid=#{uid}" > end > > _______________________________________________ > Ovirt-devel mailing list > Ovirt-devel at redhat.com > https://www.redhat.com/mailman/listinfo/ovirt-devel
Here's the commit to the repo in its entirety, for those who like to know
what files were actually touched in a particular diff. :)
Thanks,
Perry
commit 39f901124d261460f899113950a2de1516c9501e
Author: Darryl L. Pierce <dpierce at redhat.com>
Date: Wed May 21 13:35:06 2008 -0400
Fixed the grant script by pretty much rewriting the guts of it.
diff --git a/wui/src/app/models/account.rb b/wui/src/app/models/account.rb
index 59bb160..a2ed1d2 100644
--- a/wui/src/app/models/account.rb
+++ b/wui/src/app/models/account.rb
@@ -20,7 +20,7 @@
# +Account+ represents a single user's account from the LDAP server.
#
class Account < ActiveLdap::Base
- ldap_mapping :dn_attribute => 'cn', :prefix =>
'cn=users,cn=account', :scope => :one
+ ldap_mapping :dn_attribute => 'cn', :scope => :one, :prefix
=> 'cn=users,cn=accounts'
@@users = nil
diff --git a/wui/src/script/grant_admin_privileges
b/wui/src/script/grant_admin_privileges
index 13deae2..82595cb 100755
--- a/wui/src/script/grant_admin_privileges
+++ b/wui/src/script/grant_admin_privileges
@@ -1,38 +1,22 @@
#!/usr/bin/ruby
-$: << File.join(File.dirname(__FILE__), "../dutils")
+$: << File.join(File.dirname(__FILE__), '../dutils')
require 'active_record_env'
-require 'rubygems'
-
-gem 'activeldap'
-require 'active_ldap'
-
-require '/usr/share/ovirt-wui/app/models/account'
-
+# Get configuration options...
ldap_config = YAML::load(File.open("#{OVIRT_DIR}/config/ldap.yml"))
uid = ARGV[0]
-base, host, port = ldap_config["production"]["base"],
ldap_config["production"]["host"],
ldap_config["production"]["port"]
-
-ActiveLdap::Base.establish_connection(:base => base, :host => host, :port
=> port)
+base, host = ldap_config["production"]["base"],
ldap_config["production"]["host"]
-#
-# If the uid is found in LDAP, then create an admin account
-# for that user. Otherwise, report an error and fail.
-#
+ActiveLdap::Base.establish_connection :base => base, :host => host,
:try_sasl => false
-puts "Validating UID #{uid} in LDAP"
-
-begin
- user = Account.find("uid=#{uid}")
-rescue StandardError => error
- puts "Unable to verify user in LDAP or no such user exists:
uid=#{uid}"
-else
+if Account.exists?("uid=#{uid}")
+ puts "Creating an admin account for #{uid}..."
$hwpool = HardwarePool.get_default_pool
- if $hwpool
- Permission.new( {:user_role => Permission::ROLE_SUPER_ADMIN,
- :uid => $uid,
- :pool_id => $hwpool.id}).save
- end
+ permission = Permission.create(:user_role => Permission::ROLE_SUPER_ADMIN,
+ :uid => uid,
+ :pool_id => $hwpool.id)
+else
+ puts "Unable to verify user: uid=#{uid}"
end