[Freeipa-devel] [PATCH] 336 Added policies into user details page.
Endi Sukma Dewata
edewata at redhat.com
Tue Jan 10 07:35:53 UTC 2012
On 1/6/2012 7:50 AM, Petr Vobornik wrote:
> 1) you are calling krbtpolicy-show without any user specific information
> so it always get the global policy. It should be call with an user
> argument.
Fixed. Right now it's read only. I think we should provide an interface
to edit the Kerberos ticket policy for each user, but I don't think it's
as simple as making the fields editable because there are 2 operations
that we need to support: Update (krbtpolicy-mod) and Reset
(krbtpolicy-reset). The krbtpolicy-mod probably can be called together
with user-mod when we click Update, but we need a new button for the
Reset operation because it's completely different than the details
facet's Reset button.
> Minor:
> 2) Why not call pwpolicy-show --user=user_login instead of getting the
> policy's name from dn?
Fixed. The password policy is intentionally made read only because the
policy belongs to the group, not the user. If we make it editable it
might confuse the admin into thinking that he's changing the policy for
the user only whereas he's actually changing the policy for the whole
group. We might be able to show the password policy in group details
page too, but I'm not sure if it's necessary.
> Combining 1), 2) and user-show will allow to get all necessary
> information for the facet in a single batch at refresh.
This will be done in the next patch.
--
Endi S. Dewata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-edewata-0336-2-Added-policies-into-user-details-page.patch
Type: text/x-patch
Size: 33649 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120110/f15e5129/attachment.bin>
More information about the Freeipa-devel
mailing list