[Freeipa-devel] [PATCHES] Bring back old outputting functionality
Rob Crittenden
rcritten at redhat.com
Tue Feb 9 20:09:19 UTC 2010
Pavel Zuna wrote:
> I compiled 3 patches, that effectively bring back all the functionality
> we had before Jasons big patch (i.e. before introducing output
> validation and the common output interface).
>
> --all and --raw are back, but this time as global options
> replacing DNs with primary keys is back
> clever attribute printing (word-wrapping etc.) is back too
>
> To implement --all and --raw as global options, we had to find a way to
> propagate additional information (apart from command name and
> parameters) from client to server. We extended the XML-RPC signature from:
>
> (arg0, arg1, ..., options)
>
> to:
>
> (args, options, extras)
>
> The extras dict is currently only filled with the 'print_all_attrs' and
> 'print_raw_attrs' settings when forwarding a call. The server saves the
> extras dict into the thread specific context variable.
>
> I also replaced the decoding table in Encoder, because it didn't really
> work as expected in special cases. It now uses a dont-decode function.
> In the case of ldap2, this function checks attribute type OIDs and
> returns False for binary types.
>
> This patch introduces a little problem with the env command, because it
> fixes a bug/feature, that made it work before. Before outputting an
> attribute, we check if it isn't of type str. If it is, we assume it is
> binary and decode it. All values in Env are str. I propose we either
> write a specific output_for_cli for the env command or think about
> switching from str to unicode. I tried the later and it didn't cause any
> problems so far.
>
> How it's supposed to work:
>
> # ./ipa user-show admin
> User login: admin
> Last name: Administrator
> Home directory: /home/admin
> Login shell: /bin/bash
>
> # ./ipa --all user-show admin
> dn: uid=admin,cn=users,cn=accounts,dc=pzuna
> User login: admin
> Last name: Administrator
> Full name: Administrator
> Home directory: /home/admin
> GECOS field: Administrator
> Login shell: /bin/bash
> Kerberos principal: admin at PZUNA
> UID: 1083719807
> GID: 1083719807
> Last password change date: 20100208132706Z
> Password expiration date: 20100509132706Z
> Member of groups: admins
> objectclass: top, person, posixaccount, krbprincipalaux,
> krbticketpolicyaux, inetuser
>
> # ./ipa --raw user-show admin
> uid: admin
> sn: Administrator
> homedirectory: /home/admin
> loginshell: /bin/bash
>
> # ./ipa --all --raw user-show admin
> dn: uid=admin,cn=users,cn=accounts,dc=pzuna
> uid: admin
> sn: Administrator
> cn: Administrator
> homedirectory: /home/admin
> gecos: Administrator
> loginshell: /bin/bash
> krbprincipalname: admin at PZUNA
> uidnumber: 1083719807
> gidnumber: 1083719807
> krblastpwdchange: 20100208132706Z
> krbpasswordexpiration: 20100509132706Z
> memberof: cn=admins,cn=groups,cn=accounts,dc=pzuna
> objectclass: top
> objectclass: person
> objectclass: posixaccount
> objectclass: krbprincipalaux
> objectclass: krbticketpolicyaux
> objectclass: inetuser
>
> Pavel
Generally looks ok, have some questions though:
- We currently rely on the fact that binary objects are encoded as
python str, it's how we determine what to base64-encode. What mechanism
will we have to do that now?
- Is print_* the right prefix for these new global variables? It affects
more than just printing in the case of all because it returns everything
over XML-RPC as well.
- Is there/should there be a way for a plugin to define its own extras?
And not to be too pedantic but is extras the best description for these
values? Not that I have any suggestions for an improvement :-( Perhaps
global_options?
- Why are you removing get_options() from LDAPSearch()?
It doesn't look like this is going to conflict too much with the
parallel work I've done in regard to including member/memberof in return
values, nor in the output work I've done. So you don't need to work on
the individual plugins at all, I've got that ready in my tree though I'm
going to hold onto it until we can get these patches committed.
rob
More information about the Freeipa-devel
mailing list