From dc53a5be9e63d76fe46cff6c18561731690bdd0d Mon Sep 17 00:00:00 2001 From: Louis Abel Date: Wed, 2 Oct 2024 10:30:39 -0700 Subject: [PATCH] catch all category --- mangle/ipa/ipaauditor.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/mangle/ipa/ipaauditor.py b/mangle/ipa/ipaauditor.py index 8722665..d4be31f 100644 --- a/mangle/ipa/ipaauditor.py +++ b/mangle/ipa/ipaauditor.py @@ -465,6 +465,7 @@ class IPAAudit: Does a recursive dig on a user """ hbac_rule_list = [] + hbac_rule_all_hosts = [] host_list = [] hostgroup_list = [] for group in groups: @@ -482,6 +483,8 @@ class IPAAudit: hbac_results = IPAQuery.hbac_data(api, hbac) hbac_host_list = [] if not hbac_results.get('memberhost_host', None) else hbac_results['memberhost_host'] hbac_hostgroup_list = [] if not hbac_results.get('memberhost_hostgroup', None) else hbac_results['memberhost_hostgroup'] + if hbac_results.get('servicecategory'): + hbac_rule_all_hosts.append(hbac) for host in hbac_host_list: hbac_hosts.append(host) @@ -493,9 +496,14 @@ class IPAAudit: new_hbac_hosts = sorted(set(hbac_hosts)) print('User Has Access To These Hosts') - print('----------------------------------------') + print('------------------------------------------') for hhost in new_hbac_hosts: print(hhost) + if len(hbac_rule_all_hosts) > 0: + print('!! Notice: User has access to ALL hosts from the following rules:') + hbac_rule_all_hosts = sorted(set(hbac_rule_all_hosts)) + for allrule in hbac_rule_all_hosts: + print(allrule) @staticmethod def group_deep_list(api, group):