From 8dde1201ed9b0ca839ffe7421be7efd04b666e11 Mon Sep 17 00:00:00 2001
From: Martin Basti <mbasti@redhat.com>
Date: Jun 17 2016 16:05:03 +0000
Subject: DNS Locations: show warning if there is no DNS servers in location


DNS servers must be in each location, otherwise DNS location without DNS
server assigned will not work.

https://fedorahosted.org/freeipa/ticket/2008

Reviewed-By: Petr Spacek <pspacek@redhat.com>

---

diff --git a/ipalib/messages.py b/ipalib/messages.py
index 0f1dc63..910a93e 100644
--- a/ipalib/messages.py
+++ b/ipalib/messages.py
@@ -437,6 +437,15 @@ class ServiceRestartRequired(PublicMessage):
     )
 
 
+class LocationWithoutDNSServer(PublicMessage):
+    errno = 13026
+    type = "warning"
+    format = _(
+        "No DNS servers in IPA location %(location)s. Without DNS servers "
+        "location is not working as expected."
+    )
+
+
 def iter_messages(variables, base):
     """Return a tuple with all subclasses
     """
diff --git a/ipaserver/plugins/location.py b/ipaserver/plugins/location.py
index be7291b..073c1f9 100644
--- a/ipaserver/plugins/location.py
+++ b/ipaserver/plugins/location.py
@@ -14,6 +14,7 @@ from ipalib import (
     Str,
     DNSNameParam,
     output,
+    messages
 )
 from ipalib.plugable import Registry
 from ipaserver.plugins.baseldap import (
@@ -180,6 +181,7 @@ class location_show(LDAPRetrieve):
     def execute(self, *keys, **options):
         result = super(location_show, self).execute(*keys, **options)
 
+        dns_server_in_loc = False
         servers_additional_info = {}
         if not options.get('raw'):
             servers_name = []
@@ -197,6 +199,13 @@ class location_show(LDAPRetrieve):
                         'ipalocationweight', [u'100']),
                 }
 
+                if not dns_server_in_loc:
+                    show_result = self.api.Command.server_show(
+                        server['cn'][0])['result']
+                    if 'DNS server' in show_result.get(
+                            'enabled_role_servrole', ()):
+                        dns_server_in_loc = True
+
             for server in servers_additional_info.values():
                 server['location_relative_weight'] = [
                     u'{:.1f}%'.format(
@@ -206,4 +215,9 @@ class location_show(LDAPRetrieve):
                 result['result']['servers_server'] = servers_name
         result['servers'] = servers_additional_info
 
+        if not dns_server_in_loc and servers_additional_info:
+            self.add_message(messages.LocationWithoutDNSServer(
+                location=keys[0]
+            ))
+
         return result
diff --git a/ipaserver/plugins/server.py b/ipaserver/plugins/server.py
index 956e7e5..d338595 100644
--- a/ipaserver/plugins/server.py
+++ b/ipaserver/plugins/server.py
@@ -263,6 +263,20 @@ class server_mod(LDAPUpdate):
                 self.add_message(messages.AutomaticDNSRecordsUpdateFailed())
         self.obj.convert_location(entry_attrs, **options)
 
+        ipalocation = entry_attrs.get('ipalocation_location', [None])[0]
+        if ipalocation:
+            servers_in_loc = self.api.Command.server_find(
+                in_location=ipalocation, no_members=False)['result']
+            dns_server_in_loc = False
+            for server in servers_in_loc:
+                if 'DNS server' in server.get('enabled_role_servrole', ()):
+                    dns_server_in_loc = True
+                    break
+            if not dns_server_in_loc:
+                self.add_message(messages.LocationWithoutDNSServer(
+                    location=ipalocation
+                ))
+
         return dn