[Freeipa-devel] [PATCH] 160,161 Trust Web UI

Alexander Bokovoy abokovoy at redhat.com
Mon Jun 25 14:37:31 UTC 2012 

On Mon, 25 Jun 2012, Alexander Bokovoy wrote:
>On Mon, 25 Jun 2012, Simo Sorce wrote:
>>On Mon, 2012-06-25 at 12:43 +0200, Petr Vobornik wrote:
>>>On 06/23/2012 01:44 AM, Endi Sukma Dewata wrote:
>>>> On 6/22/2012 11:48 AM, Alexander Bokovoy wrote:
>>>>> 2. First two chunks of install/ui/test/data/ipa_init_commands.json and
>>>>> install/ui/test/data/ipa_init_objects.json changes look unrelated to
>>>>> this ticket.
>>>>
>>>> These files are snapshots of metadata used for demo/testing. I suppose
>>>> Petr was updating the entire files which automatically includes recent
>>>> changes to the metadata.
>>>>
>>>>> ACK
>>>>
>>>> Ditto. The UI code looks fine so it can be pushed. Btw, nice use of
>>>> layout class.
>>>>
>>>> Some comments:
>>>>
>>>> 1. The CLI command to add trust is trust-add-ad. Should the UI button
>>>> also say "Add AD"? If we later support additional trust types would that
>>>> appear as separate buttons/dialogs or same button/dialog with maybe
>>>> drop-down list to select the type?
>>>"Add AD" label seems weird to me. Now we support only one type of trust.
>>>We should keep the 'Add'.
>>
>>I have to say I also find the trust-add-ad command really weird,
>>difficult to use and to spell vaocally and to remember.
>>
>>Alexander can we change it to trust-add --type=ad
>>where we can omit --type=ad for now as it is the only one, later on we
>>can decide what to default to when --type is omitted.
>Patch attached (not tested).
Attached is tested patch.

-- 
/ Alexander Bokovoy
-------------- next part --------------
>From 498a7542014fdc42e71be252939ffb447bdc2069 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Mon, 25 Jun 2012 16:41:52 +0300
Subject: [PATCH 3/3] Rename 'ipa trust-add-ad' to 'ipa trust-add --type=ad'

---
 API.txt                 |    5 +++--
 ipalib/plugins/trust.py |   26 ++++++++++++++++++++++----
 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/API.txt b/API.txt
index 6e993cc9412a354cb882e8f5cc2bd3caede53100..97aef49a6ff6b6f92d82ff286f49879c7b5504f3 100644
--- a/API.txt
+++ b/API.txt
@@ -3089,9 +3089,10 @@ option: Str('version?', exclude='webui')
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None))
 output: Output('value', <type 'unicode'>, None)
-command: trust_add_ad
-args: 1,7,3
+command: trust_add
+args: 1,8,3
 arg: Str('cn', attribute=True, cli_name='realm', multivalue=False, primary_key=True, required=True)
+option: StrEnum('trust_type', autofill=True, cli_name='type', default=u'ad', values=(u'ad',))
 option: Str('realm_admin?', cli_name='admin')
 option: Password('realm_passwd?', cli_name='password', confirm=False)
 option: Str('realm_server?', cli_name='server')
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index 1f2eae584bd45bb62a1ff4740af98dcafb3489ae..40bd93e654c0365ad202abfd82e84345583459dd 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from ipalib.plugins.baseldap import *
-from ipalib import api, Str, Password, DefaultFrom, _, ngettext, Object
+from ipalib import api, Str, StrEnum, Password, DefaultFrom, _, ngettext, Object
 from ipalib.parameters import Enum
 from ipalib import Command
 from ipalib import errors
@@ -112,10 +112,17 @@ def make_trust_dn(env, trust_type, dn):
         return unicode(DN(DN(dn)[0], container_dn))
     return dn
 
-class trust_add_ad(LDAPCreate):
-    __doc__ = _('Add new trust to use against Active Directory domain.')
+class trust_add(LDAPCreate):
+    __doc__ = _('Add new trust to use')
 
     takes_options = (
+        StrEnum('trust_type',
+            cli_name='type',
+            label=_('Trust type (ad for Active Directory, default)'),
+            values=(u'ad',),
+            default=u'ad',
+            autofill=True,
+        ),
         Str('realm_admin?',
             cli_name='admin',
             label=_("Active Directory domain administrator"),
@@ -140,6 +147,16 @@ class trust_add_ad(LDAPCreate):
     msg_summary = _('Added Active Directory trust for realm "%(value)s"')
 
     def execute(self, *keys, **options):
+        if 'trust_type' in options:
+            if options['trust_type'] == u'ad':
+                result = self.execute_ad(*keys, **options)
+            else:
+                raise errors.ValidationError(name=_('trust type'), error=_('only "ad" is supported'))
+        else:
+            raise errors.RequirementError(name=_('trust type'))
+        return result
+
+    def execute_ad(self, *keys, **options):
         # Join domain using full credentials and with random trustdom
         # secret (will be generated by the join method)
         trustinstance = None
@@ -181,6 +198,7 @@ class trust_add_ad(LDAPCreate):
         if 'trust_secret' in options:
             result = trustinstance.join_ad_ipa_half(keys[-1], realm_server, options['trust_secret'])
             return dict(result=dict(), value=trustinstance.remote_domain.info['dns_domain'])
+        raise errors.ValidationError(name=_('AD Trust setup'), reason=_('Not enough arguments specified to perform trust setup'))
 
 class trust_del(LDAPDelete):
     __doc__ = _('Delete a trust.')
@@ -250,7 +268,7 @@ class trust_show(LDAPRetrieve):
         return dn
 
 api.register(trust)
-api.register(trust_add_ad)
+api.register(trust_add)
 api.register(trust_mod)
 api.register(trust_del)
 api.register(trust_find)
-- 
1.7.10.4

More information about the Freeipa-devel mailing list