subject:"\[Freeipa\-devel\] \[PATCH 023\] Add flag to list all service and user vaults"

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

2015-08-19 Thread Petr Vobornik


On 08/19/2015 02:12 PM, Jan Cholasta wrote:

Hi,

On 19.8.2015 13:39, Christian Heimes wrote:

The vault-find plugin has two additional arguments to list all
service vaults or user vaults. Since the name of a vault is only unique
for a particular user or service, the commands also print the vault user
or vault service. The virtual attributes were added in rev
01dd951ddc0181b559eb3dd5ff0336c81e245628.

Example:

$ ipa vault-find --users

2 vaults matched

   Vault name: myvault
   Type: standard
   Vault user: admin

   Vault name: UserVault
   Type: standard
   Vault user: admin

Number of entries returned 2


$ ipa vault-find --services

2 vaults matched

   Vault name: myvault
   Type: standard
   Vault service: HTTP/ipatest.freeipa.local@FREEIPA.LOCAL

   Vault name: myvault
   Type: standard
   Vault service: ldap/ipatest.freeipa.local@FREEIPA.LOCAL

Number of entries returned 2


https://fedorahosted.org/freeipa/ticket/5150


The new flags should be handled in vault_find's pre_callback instead of
vault's get_dn, as they are exclusive to vault_find and worse yet,
conflict with vault_{add,remove}_{owner,member}'s flags, leading to
unwanted behavior:

$ ipa vault-add-member --service testsvc/example.com testvault
--services testsvc/example.com
ipa: ERROR: Service(s), shared, and user(s) options cannot be specified
simultaneously

Honza



Also you forgot to update API.txt and VERSION
 ./makeapi

--
Petr Vobornik

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

2015-08-19 Thread Jan Cholasta


On 19.8.2015 14:39, Christian Heimes wrote:

On 2015-08-19 14:12, Jan Cholasta wrote:

The new flags should be handled in vault_find's pre_callback instead of
vault's get_dn, as they are exclusive to vault_find and worse yet,
conflict with vault_{add,remove}_{owner,member}'s flags, leading to
unwanted behavior:

$ ipa vault-add-member --service testsvc/example.com testvault
--services testsvc/example.com
ipa: ERROR: Service(s), shared, and user(s) options cannot be specified
simultaneously


Here is an updated patch. The new flags are now handled by the
pre_callback method. I have regenerated API.txt, too.

Christian



Thanks, ACK.

Bumped VERSION and pushed to:
master: 0abaf195dc3b0920d2439dd4ec6df61e0aadc4f9
ipa-4-2: 89c9feaf93299c96bb227b3705246193a1de1d82

Honza

--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

2015-08-19 Thread Jan Cholasta


Hi,

On 19.8.2015 13:39, Christian Heimes wrote:

The vault-find plugin has two additional arguments to list all
service vaults or user vaults. Since the name of a vault is only unique
for a particular user or service, the commands also print the vault user
or vault service. The virtual attributes were added in rev
01dd951ddc0181b559eb3dd5ff0336c81e245628.

Example:

$ ipa vault-find --users

2 vaults matched

   Vault name: myvault
   Type: standard
   Vault user: admin

   Vault name: UserVault
   Type: standard
   Vault user: admin

Number of entries returned 2


$ ipa vault-find --services

2 vaults matched

   Vault name: myvault
   Type: standard
   Vault service: HTTP/ipatest.freeipa.local@FREEIPA.LOCAL

   Vault name: myvault
   Type: standard
   Vault service: ldap/ipatest.freeipa.local@FREEIPA.LOCAL

Number of entries returned 2


https://fedorahosted.org/freeipa/ticket/5150


The new flags should be handled in vault_find's pre_callback instead of 
vault's get_dn, as they are exclusive to vault_find and worse yet, 
conflict with vault_{add,remove}_{owner,member}'s flags, leading to 
unwanted behavior:


$ ipa vault-add-member --service testsvc/example.com testvault 
--services testsvc/example.com
ipa: ERROR: Service(s), shared, and user(s) options cannot be specified 
simultaneously


Honza

--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

2015-08-19 Thread Christian Heimes

On 2015-08-19 14:12, Jan Cholasta wrote:
 The new flags should be handled in vault_find's pre_callback instead of
 vault's get_dn, as they are exclusive to vault_find and worse yet,
 conflict with vault_{add,remove}_{owner,member}'s flags, leading to
 unwanted behavior:
 
 $ ipa vault-add-member --service testsvc/example.com testvault
 --services testsvc/example.com
 ipa: ERROR: Service(s), shared, and user(s) options cannot be specified
 simultaneously

Here is an updated patch. The new flags are now handled by the
pre_callback method. I have regenerated API.txt, too.

Christian

From a6eb87a73c1462a4de516f19b219b51e415852e5 Mon Sep 17 00:00:00 2001
From: Christian Heimes chei...@redhat.com
Date: Wed, 19 Aug 2015 13:32:01 +0200
Subject: [PATCH] Add flag to list all service and user vaults

The vault-find plugin has two additional arguments to list all
service vaults or user vaults. Since the name of a vault is only unique
for a particular user or service, the commands also print the vault user
or vault service. The virtual attributes were added in rev
01dd951ddc0181b559eb3dd5ff0336c81e245628.

Example:

$ ipa vault-find --users

2 vaults matched

  Vault name: myvault
  Type: standard
  Vault user: admin

  Vault name: UserVault
  Type: standard
  Vault user: admin

Number of entries returned 2


$ ipa vault-find --services

2 vaults matched

  Vault name: myvault
  Type: standard
  Vault service: HTTP/ipatest.freeipa.local@FREEIPA.LOCAL

  Vault name: myvault
  Type: standard
  Vault service: ldap/ipatest.freeipa.local@FREEIPA.LOCAL

Number of entries returned 2


https://fedorahosted.org/freeipa/ticket/5150
---
 API.txt |  4 +++-
 ipalib/plugins/vault.py | 48 +---
 2 files changed, 36 insertions(+), 16 deletions(-)

diff --git a/API.txt b/API.txt
index 4d8d9dc3d3c38d4740bda3574396ecd85877b805..dd6bcc3c39895e6af213fcece85505fa0bd6d2f2 100644
--- a/API.txt
+++ b/API.txt
@@ -5508,7 +5508,7 @@ output: Output('result', type 'dict', None)
 output: Output('summary', (type 'unicode', type 'NoneType'), None)
 output: ListOfPrimaryKeys('value', None, None)
 command: vault_find
-args: 1,13,4
+args: 1,15,4
 arg: Str('criteria?', noextrawhitespace=False)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
 option: Str('cn', attribute=True, autofill=False, cli_name='name', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.-]+$', primary_key=True, query=True, required=False)
@@ -5518,10 +5518,12 @@ option: Flag('no_members', autofill=True, default=False, exclude='webui')
 option: Flag('pkey_only?', autofill=True, default=False)
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Str('service?')
+option: Flag('services?', autofill=True, default=False)
 option: Flag('shared?', autofill=True, default=False)
 option: Int('sizelimit?', autofill=False, minvalue=0)
 option: Int('timelimit?', autofill=False, minvalue=0)
 option: Str('username?', cli_name='user')
+option: Flag('users?', autofill=True, default=False)
 option: Str('version?', exclude='webui')
 output: Output('count', type 'int', None)
 output: ListOfEntries('result', (type 'list', type 'tuple'), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py
index 712e2d5ddfa723eb84b80a261289a7cf1c75674f..83dc085b5aadb4e2878e29d17449f0808cc7a9c2 100644
--- a/ipalib/plugins/vault.py
+++ b/ipalib/plugins/vault.py
@@ -343,21 +343,11 @@ class vault(LDAPObject):
 
 Generates vault DN from parameters.
 
-
 service = options.get('service')
 shared = options.get('shared')
 user = options.get('username')
 
-count = 0
-if service:
-count += 1
-
-if shared:
-count += 1
-
-if user:
-count += 1
-
+count = (bool(service) + bool(shared) + bool(user))
 if count  1:
 raise errors.MutuallyExclusiveError(
 reason=_('Service, shared, and user options ' +
@@ -387,8 +377,10 @@ class vault(LDAPObject):
 parent_dn = DN(('cn', service), ('cn', 'services'), container_dn)
 elif shared:
 parent_dn = DN(('cn', 'shared'), container_dn)
-else:
+elif user:
 parent_dn = DN(('cn', user), ('cn', 'users'), container_dn)
+else:
+raise RuntimeError
 
 return DN(rdns, parent_dn)
 
@@ -814,7 +806,16 @@ class vault_del(LDAPDelete):
 class vault_find(LDAPSearch):
 __doc__ = _('Search for vaults.')
 
-takes_options = LDAPSearch.takes_options + vault_options
+takes_options = LDAPSearch.takes_options + vault_options + (
+Flag(
+'services?',
+

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

Re: [Freeipa-devel] [PATCH 023] Add flag to list all service and user vaults

4 matches

Site Navigation

Mail list logo

Footer information