On 6.5.2014 15:16, Nathaniel McCallum wrote:
On Tue, 2014-05-06 at 13:46 +0200, Jan Cholasta wrote:
Hi,
On 5.5.2014 18:40, Nathaniel McCallum wrote:
Creating tokens for yourself is the most common operation. Making this
the default optimizes for the common case.
The user-find call should be inside the if statement.
This is actually for a reason. See my patch 0049 for further context.
IMO something like this would be better:
if 'ipatokenowner' not in entry_attrs or 'ipatokenprotected' not in
entry_attrs:
result = self.api.Command.user_find(whoami=True)['result']
if result:
cur_uid = result[0]['uid'][0]
prev_uid = entry_attrs.setdefault('ipatokenowner', cur_uid)
if cur_uid != prev_uid:
entry_attrs.setdefault('ipatokenprotected', True)
Also please check
if there actually is a result, if you run user-find --whoami when
authenticated as non-user, the result will be empty.
Fixed.
Nathaniel
--
Jan Cholasta
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
