[Freeipa-devel] [PATCH] admiyo-freeipa-0024-user-whoami.patch
Rob Crittenden
rcritten at redhat.com
Wed Sep 15 13:42:20 UTC 2010
Adam Young wrote:
> On 09/14/2010 05:57 PM, Rob Crittenden wrote:
>> Adam Young wrote:
>>> admiyo-freeipa-0024-user-whoami.patch broke the user-find, due to a
>>> missing return statement. It has been reverted. Here is the corrected
>>> one.
>>
>> NACK.
>>
>> I think you want to use false for options.get:
>> if options.get('whoami', False):
>>
>> Otherwise it will always return the whoami version.
>
> Doesn't seem to be working that way.
>
> If I kinit as kfrog:
>
> ipa user-find pdawn
> --------------
> 1 user matched
> --------------
> User login: pdawn
> First name: Prairie
> Last name: Dawn
> Home directory: /home/pdawn
> Login shell: /bin/sh
> Groups: ipausers, muppets
> ----------------------------
> Number of entries returned 1
>
> [ayoung at ipa ~]$ ipa user-find
> ---------------
> 7 users matched
> ---------------
> ...
>
You're relying on the fact that the CLI always includes whoami in the
options list. If whoami isn't sent it will default to True and return
the wrong thing.
>>
>> I'm not sure which is most efficient when building a string but it is
>> easier to read the filter this way IMHO:
>>
>> return "(&(objectclass=posixaccount)(krbprincipalname=%s))"%\
>> util.get_current_principal()
>
> If you still NACK after the previous comment, I'll do the printf style.
>
>
>>
>> rob
>
rob
More information about the Freeipa-devel
mailing list