gpo: Calculate deleted gpos and unapply them

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>

diff --git a/python/samba/gpclass.py b/python/samba/gpclass.py
index 0aeeba42362aa2e333ecf0ef088389d7d315a210..922b800d3db107028072897be149312fe34f8593 100644 (file)
--- a/python/samba/gpclass.py
+++ b/python/samba/gpclass.py
@@ -460,6 +460,12 @@ def check_refresh_gpo_list(dc_hostname, lp, creds, gpos):
         cache_gpo_dir(conn, cache_path, check_safe_path(gpo.file_sys_path))
 
 
+def get_deleted_gpos_list(gp_db, gpos):
+    applied_gpos = gp_db.get_applied_guids()
+    current_guids = set([p.name for p in gpos])
+    deleted_gpos = [guid for guid in applied_gpos if guid not in current_guids]
+    return gp_db.get_applied_settings(deleted_gpos)
+
 def gpo_version(lp, path):
     # gpo.gpo_get_sysvol_gpt_version() reads the GPT.INI from a local file,
     # read from the gpo client cache.
@@ -471,6 +477,7 @@ def apply_gp(lp, creds, logger, store, gp_extensions):
     gp_db = store.get_gplog(creds.get_username())
     dc_hostname = get_dc_hostname(creds, lp)
     gpos = get_gpo_list(dc_hostname, creds, lp)
+    del_gpos = get_deleted_gpos_list(gp_db, gpos)
     try:
         check_refresh_gpo_list(dc_hostname, lp, creds, gpos)
     except:
@@ -492,7 +499,7 @@ def apply_gp(lp, creds, logger, store, gp_extensions):
     store.start()
     for ext in gp_extensions:
         try:
-            ext.process_group_policy([], changed_gpos)
+            ext.process_group_policy(del_gpos, changed_gpos)
         except Exception as e:
             logger.error('Failed to apply extension  %s' % str(ext))
             logger.error('Message was: ' + str(e))