[Freeipa-devel] [PATCH] 142 Improve default user/group object class validation
Martin Kosek
mkosek at redhat.com
Tue Oct 11 09:47:10 UTC 2011
On Tue, 2011-10-11 at 12:01 +0300, Alexander Bokovoy wrote:
> On Tue, 11 Oct 2011, Martin Kosek wrote:
> > @@ -212,6 +216,24 @@ class config_mod(LDAPUpdate):
> > raise errors.ValidationError(
> > name=k, error='attribute "%s" not allowed' % a
> > )
> Could you please also (in a separate patch) fix the above and others
> by adding translations? Other exception messages in
> plugins/config.py are designed to be used for user interactions but
> this one is not localized.
Patch based on 142 for config plugin i18n fix attached. I created a
ticket to fix all of these issues in 3.0 branch:
https://fedorahosted.org/freeipa/ticket/1953
>
> > +
> > + for (attr, obj) in (('ipauserobjectclasses', 'user'),
> > + ('ipagroupobjectclasses', 'group')):
> > + if attr in entry_attrs:
> > + objectclasses = entry_attrs[attr] + self.api.Object[obj].possible_objectclasses
> would it make sense to do sort(set(objectclasses)) to get unique list
> before using it further? Just a thought. get_allowed_attributes() will
> go to LDAP's schema to consult about the attributes and it seems to me
> we'd better not to do this multiple times for the same.
I added a list(set()) to remove duplicates, I don't think it is
necessary to sort it.
>
> > + new_allowed_attrs = ldap.get_allowed_attributes(objectclasses,
> > + raise_on_unknown=True)
> > + checked_attrs = self.api.Object[obj].default_attributes
> > + if self.api.Object[obj].uuid_attribute:
> > + checked_attrs.append(self.api.Object[obj].uuid_attribute)
> > + for obj_attr in self.api.Object[obj].default_attributes:
> Shouldn't this be checked_attrs?
>
Correct. The previous version worked because .append modified the
original list. Fixed.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-142-2-improve-default-user-group-object-class-validation.patch
Type: text/x-patch
Size: 3803 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111011/3655cf52/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-144-fix-i18n-in-config-plugin.patch
Type: text/x-patch
Size: 1403 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111011/3655cf52/attachment-0001.bin>
More information about the Freeipa-devel
mailing list