[Freeipa-devel] FreeIPA Auto Membership CLI

Rob Crittenden rcritten at redhat.com
Thu Jun 2 19:59:45 UTC 2011 

Dmitri Pal wrote:
> On 06/02/2011 11:39 AM, JR Aquino wrote:
>> I need feed back from the group regarding how we should present the output for Clarity, the 389 Directory Server Auto Membership Plugin...
>>
>> Currently, the output looks like this:
>>
>> ---=== EXAMPLE ===---
>> [root at auth2 ~]# ipa clarityrule-show testrule --all
>>    dn: cn=testrule,cn=automember,cn=etc,dc=expertcity,dc=com
>>    Clarity Rule: testrule
>>    Membership filter: objectclass=ipaHost
>>    Default Group: cn=orphans,cn=hostgroups,cn=accounts,dc=expertcity,dc=com
>>    Inclusive Regex: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com::fqdn=^web[1-9]+.example.com, cn=mailservers,cn=hostgroups,cn=accounts,dc=example,dc=com::fqdn=^mail[1-9]+.example.com,
>>                     cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com::fqdn=^www[1-9]+.example.com
>>    Exclusive Regex: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com:blacklist www5:fqdn=^www5\.example\.com
>>    automembergroupingattr: member:dn
>>    automemberscope: dc=expertcity,dc=com
>>    objectclass: top, automemberdefinition
>> ---=== EXAMPLE ===---
>>
>> Each rule in the definition object is broken down into 3 distinct parts: Group to modify, Description, Attribute + Regular Expression to match.
>>
>> As time progresses it will be likely that these rules could get long and visually unappealing.  I would like to know how we might better represent this info.
>>
>> Perhaps a breakout with indentation for each unique group defined in each rule?
>>
>> ---===SUGGESTION===---
>> [root at auth2 ~]# ipa clarityrule-show testrule --all
>>    dn: cn=testrule,cn=automember,cn=etc,dc=expertcity,dc=com
>>    Clarity Rule: testrule
>>    Membership filter: objectclass=ipaHost
>>    Default Group: cn=orphans,cn=hostgroups,cn=accounts,dc=expertcity,dc=com
>>    Inclusive Regex:
>>          cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>>              FrontEnd: fqdn=^web[1-9]+.example.com,
>>              MainSite: fqdn=^www[1-9]+.example.com
>>          cn=mailservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>>              SMTP: fqdn=^mail[1-9]+.example.com,
>>    Exclusive Regex:
>>          cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>>              blacklist: www5:fqdn=^www5\.example\.com
>>    automembergroupingattr: member:dn
>>    automemberscope: dc=expertcity,dc=com
>>    objectclass: top, automemberdefinition
>> ---===SUGGESTION===---
>>
>
> This presentation assumes that the description is not empty.
> In general case it is not true so I would suggest fixed labels even if
> the values would have duplicates.
>
>    Group: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>    Description:
>    Regex: fqdn=^web[1-9]+.example.com
>    -----
>    Group: cn=mailservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>    Description:
>    Regex: fqdn=^mail[1-9]+.example.com
>    -----
>    Group: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>    Description:
>    Regex: fqdn=^www[1-9]+.example.com
>    -----
>
> Keep the indent that you proposed, it looks OK with the indent.

Just note that the code that does the rendering is extremely simplistic 
so control over indention may require a fair bit of work. I think 
indention is handled via nesting, so returning data as lists of lists 
may do the trick.

That or you are going to have to override output_for_cli() and do all 
the output manually but that should be a last resort.

rob

More information about the Freeipa-devel mailing list