URL: https://github.com/freeipa/freeipa/pull/5875 Author: flo-renaud Title: #5875: [Backport][ipa-4-9] stageuser: add ipauserauthtypeclass when required Action: opened
PR body: """ This PR was opened automatically because PR #5871 was pushed to master and backport to ipa-4-9 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5875/head:pr5875 git checkout pr5875
From 696e8e3b937c6bb224c289e3cef0b447aa8529e4 Mon Sep 17 00:00:00 2001 From: Florence Blanc-Renaud <[email protected]> Date: Mon, 5 Jul 2021 09:51:41 +0200 Subject: [PATCH 1/2] stageuser: add ipauserauthtypeclass when required The command ipa stageuser-add --user-auth-type=xxx is currently failing because the objectclass ipauserauthtypeclass is missing from the created entry. There is code adding the missing objectclass in the pre_common_callback method of user_add, and this code should be common to user_add and stageuser_add. In order to avoid code duplication, it makes more sense to move the existing code to pre_common_callback of baseuser_add, that is called by both classes. Fixes: https://pagure.io/freeipa/issue/8909 --- ipaserver/plugins/baseuser.py | 3 +++ ipaserver/plugins/user.py | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/ipaserver/plugins/baseuser.py b/ipaserver/plugins/baseuser.py index ae16a978ab0..6035228f19e 100644 --- a/ipaserver/plugins/baseuser.py +++ b/ipaserver/plugins/baseuser.py @@ -539,6 +539,9 @@ def pre_common_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, if entry_attrs.get('ipatokenradiususername', None): add_missing_object_class(ldap, u'ipatokenradiusproxyuser', dn, entry_attrs, update=False) + if entry_attrs.get('ipauserauthtype', None): + add_missing_object_class(ldap, u'ipauserauthtypeclass', dn, + entry_attrs, update=False) def post_common_callback(self, ldap, dn, entry_attrs, *keys, **options): assert isinstance(dn, DN) diff --git a/ipaserver/plugins/user.py b/ipaserver/plugins/user.py index 6f7facb5380..e4ee572b236 100644 --- a/ipaserver/plugins/user.py +++ b/ipaserver/plugins/user.py @@ -617,10 +617,6 @@ def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): 'ipauser' not in entry_attrs['objectclass']: entry_attrs['objectclass'].append('ipauser') - if 'ipauserauthtype' in entry_attrs and \ - 'ipauserauthtypeclass' not in entry_attrs['objectclass']: - entry_attrs['objectclass'].append('ipauserauthtypeclass') - rcl = entry_attrs.get('ipatokenradiusconfiglink', None) if rcl: if 'ipatokenradiusproxyuser' not in entry_attrs['objectclass']: From ce5becf0071110b177896ec81f7f3a2501b26619 Mon Sep 17 00:00:00 2001 From: Florence Blanc-Renaud <[email protected]> Date: Mon, 5 Jul 2021 10:22:31 +0200 Subject: [PATCH 2/2] XMLRPC test: add a test for stageuser-add --user-auth-type Related: https://pagure.io/freeipa/issue/8909 --- ipatests/test_xmlrpc/test_stageuser_plugin.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ipatests/test_xmlrpc/test_stageuser_plugin.py b/ipatests/test_xmlrpc/test_stageuser_plugin.py index 5586fc607e1..bc606b093c9 100644 --- a/ipatests/test_xmlrpc/test_stageuser_plugin.py +++ b/ipatests/test_xmlrpc/test_stageuser_plugin.py @@ -343,6 +343,12 @@ def test_without_posixaccount(self, stageduser_notposix): result = command() assert result['count'] == 1 + def test_create_withuserauthtype(self, stageduser): + stageduser.ensure_missing() + command = stageduser.make_create_command( + options={u'ipauserauthtype': u'password'}) + command() + @pytest.mark.tier1 class TestCreateInvalidAttributes(XMLRPC_test):
_______________________________________________ FreeIPA-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
