Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-tools / 7883527878a55ba332a4ff2d64016aff21b7acad^! / . / thalerj / openbmctool.py
commit7883527878a55ba332a4ff2d64016aff21b7acad[log] [tgz]
authorSivas SRR <sivas.srr@in.ibm.com>Tue Nov 27 05:27:19 2018 -0600
committerSivas SRR <sivas.srr@in.ibm.com>Thu Nov 29 23:30:40 2018 -0600
treef61690eee15ddb79b8e6e66f046135f3fafdcc19
parentf21d43cf9472f25607ffc4628b0319f50e013651 [diff] [blame]
To delete all group and its privileges

- Single command to delete all group and its privileges.

Change-Id: I47c7b63017a8b2fc661be2e54a5eff9e544b2c86
Signed-off-by: Sivas SRR <sivas.srr@in.ibm.com>

diff --git a/thalerj/openbmctool.py b/thalerj/openbmctool.py
index babf6c6..20b9c2f 100755
--- a/thalerj/openbmctool.py
+++ b/thalerj/openbmctool.py

@@ -3057,6 +3057,36 @@
         return connectionErrHandler(args.json, "ConnectionError", err)
     return res.text
 
+def deleteAllPrivilegeMapping(host, args, session):
+    """
+         Called by the ldap function. Deletes all the privilege mapping and group defined.
+         @param host: string, the hostname or IP address of the bmc
+         @param args: contains additional arguments used by the ldap subcommand
+         @param session: the active session to use
+         @param args.json: boolean, if this flag is set to true, the output
+                will be provided in json format for programmatic consumption
+    """
+    ldapNameSpaceObjects = listPrivilegeMapping(host, args, session)
+    ldapNameSpaceObjects = json.loads(ldapNameSpaceObjects)["data"]
+    path = ''
+
+    # Remove the config object.
+    ldapNameSpaceObjects.pop('/xyz/openbmc_project/user/ldap/config', None)
+    httpHeader = {'Content-Type': 'application/json'}
+    data = {"data": []}
+
+    try:
+        # search for GroupName property and delete if it is available.
+        for path in ldapNameSpaceObjects.keys():
+            # delete the object
+            url = 'https://'+host+path+'/action/delete'
+            res = session.post(url, headers=httpHeader, json = data, verify=False, timeout=30)
+    except(requests.exceptions.Timeout):
+        return(connectionErrHandler(args.json, "Timeout", None))
+    except(requests.exceptions.ConnectionError) as err:
+        return connectionErrHandler(args.json, "ConnectionError", err)
+    return res.text
+
 def viewLDAPConfig(host, args, session):
     """
          Called by the ldap function. Prints out LDAP's configured properties
@@ -3434,6 +3464,10 @@
     parser_ldap_mapper_delete.add_argument("-g","--groupName",required=True,help="Group Name")
     parser_ldap_mapper_delete.set_defaults(func=deletePrivilegeMapping)
 
+    #deleteAll group privilege mapping
+    parser_ldap_mapper_delete = parser_ldap_mapper_sub.add_parser("purge",help="Delete All privilege mapping")
+    parser_ldap_mapper_delete.set_defaults(func=deleteAllPrivilegeMapping)
+
     # set local user password
     parser_set_password = subparsers.add_parser("set_password",
         help="Set password of local user")