[Freeipa-devel] [PATCH] 808 don't allow leading/trailing whitespace in strings
Martin Kosek
mkosek at redhat.com
Mon Jul 11 16:10:57 UTC 2011
On Fri, 2011-06-24 at 16:37 -0400, Rob Crittenden wrote:
> Rob Crittenden wrote:
> > Rob Crittenden wrote:
> >> This started as a problem in allowing leading/trailing whitespaces on
> >> primary keys. In nearly every command other than add query is True so
> >> all rules were ignored on the primary key. This meant that to enforce
> >> whitespace we would need to define a validator for each one.
> >>
> >> I decided instead to set self.all_rules to just the class rules if query
> >> == True. So the minimum set of validators will be executed against each
> >> type but param-specific validators will only run on add.
> >>
> >> I talked to Martin about this a bit this morning. My original intention
> >> was to make some pretty invasive changes related to query and he talked
> >> me out of them. He felt that in anything other than an add the
> >> validators shouldn't be run. We compromised on letting Paramter-specific
> >> validators be run.
> >>
> >> This has pretty big implications on primary keys so test carefully.
> >>
> >> https://fedorahosted.org/freeipa/ticket/1285
> >> https://fedorahosted.org/freeipa/ticket/1286
> >> https://fedorahosted.org/freeipa/ticket/1287
> >>
> >> rob
> >
> > self-NACK, found a problem.
> >
> > rob
>
> Add only to Str class, fixed pylint error.
>
> rob
Looks good to me, works as advertised. This will enforce entering valid
data types in all parameters in both add and query-like commands.
I tried to think about some corner case here, I actually found one. What
if somebody want to search for a string with heading/trailing
whitespace? E.g. this scenario:
# ipa role-add "Foo Bar Baz" --desc=foo
------------------------
Added role "foo bar baz"
------------------------
Role name: foo bar baz
Description: foo
# ipa role-find " Bar "
ipa: ERROR: invalid 'criteria': Leading and trailing spaces are not
allowed
Do we want to support this case? If yes, we would need to use different
approach there.
Martin
More information about the Freeipa-devel
mailing list