[Freeipa-devel] FreeIPA Auto Membership CLI
JR Aquino
JR.Aquino at citrix.com
Thu Jun 2 22:23:59 UTC 2011
On Jun 2, 2011, at 12:59 PM, Rob Crittenden wrote:
> Dmitri Pal wrote:
>> On 06/02/2011 11:39 AM, JR Aquino wrote:
>>> I need feed back from the group regarding how we should present the output for Clarity, the 389 Directory Server Auto Membership Plugin...
>>>
>>> Currently, the output looks like this:
>>>
>>> ---=== EXAMPLE ===---
>>> [root at auth2 ~]# ipa clarityrule-show testrule --all
>>> dn: cn=testrule,cn=automember,cn=etc,dc=expertcity,dc=com
>>> Clarity Rule: testrule
>>> Membership filter: objectclass=ipaHost
>>> Default Group: cn=orphans,cn=hostgroups,cn=accounts,dc=expertcity,dc=com
>>> Inclusive Regex: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com::fqdn=^web[1-9]+.example.com, cn=mailservers,cn=hostgroups,cn=accounts,dc=example,dc=com::fqdn=^mail[1-9]+.example.com,
>>> cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com::fqdn=^www[1-9]+.example.com
>>> Exclusive Regex: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com:blacklist www5:fqdn=^www5\.example\.com
>>> automembergroupingattr: member:dn
>>> automemberscope: dc=expertcity,dc=com
>>> objectclass: top, automemberdefinition
>>> ---=== EXAMPLE ===---
>>>
>>> Each rule in the definition object is broken down into 3 distinct parts: Group to modify, Description, Attribute + Regular Expression to match.
>>>
>>> As time progresses it will be likely that these rules could get long and visually unappealing. I would like to know how we might better represent this info.
>>>
>>> Perhaps a breakout with indentation for each unique group defined in each rule?
>>>
>>> ---===SUGGESTION===---
>>> [root at auth2 ~]# ipa clarityrule-show testrule --all
>>> dn: cn=testrule,cn=automember,cn=etc,dc=expertcity,dc=com
>>> Clarity Rule: testrule
>>> Membership filter: objectclass=ipaHost
>>> Default Group: cn=orphans,cn=hostgroups,cn=accounts,dc=expertcity,dc=com
>>> Inclusive Regex:
>>> cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>>> FrontEnd: fqdn=^web[1-9]+.example.com,
>>> MainSite: fqdn=^www[1-9]+.example.com
>>> cn=mailservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>>> SMTP: fqdn=^mail[1-9]+.example.com,
>>> Exclusive Regex:
>>> cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>>> blacklist: www5:fqdn=^www5\.example\.com
>>> automembergroupingattr: member:dn
>>> automemberscope: dc=expertcity,dc=com
>>> objectclass: top, automemberdefinition
>>> ---===SUGGESTION===---
>>>
>>
>> This presentation assumes that the description is not empty.
>> In general case it is not true so I would suggest fixed labels even if
>> the values would have duplicates.
>>
>> Group: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>> Description:
>> Regex: fqdn=^web[1-9]+.example.com
>> -----
>> Group: cn=mailservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>> Description:
>> Regex: fqdn=^mail[1-9]+.example.com
>> -----
>> Group: cn=webservers,cn=hostgroups,cn=accounts,dc=example,dc=com
>> Description:
>> Regex: fqdn=^www[1-9]+.example.com
>> -----
>>
>> Keep the indent that you proposed, it looks OK with the indent.
>
> Just note that the code that does the rendering is extremely simplistic so control over indention may require a fair bit of work. I think indention is handled via nesting, so returning data as lists of lists may do the trick.
Excellent! That is really good to know! I was worried I'd have to override output_for_cli()
I'll repost once I have the suggested layout implemented.
Thanks guys!
>
> That or you are going to have to override output_for_cli() and do all the output manually but that should be a last resort.
>
> rob
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
More information about the Freeipa-devel
mailing list