[Freeipa-devel] [PATCH] 765 webui: allow --force in dnszone-mod and dnsrecord-add
Petr Vobornik
pvoborni at redhat.com
Mon Oct 20 10:06:38 UTC 2014
On 17.10.2014 21:03, Endi Sukma Dewata wrote:
> On 10/3/2014 11:48 AM, Petr Vobornik wrote:
>> Allow to use --force when changing authoritative nameserver address in
>> DNS zone.
>>
>> Same for dnsrecord-add for NS record.
>>
>> https://fedorahosted.org/freeipa/ticket/4573
>
> ACK, just some minor issues:
Pushed to:
master: 741c31c2b428cf979db6a9d7cd91f88e5f247fb4
ipa-4-1: 502bf5671306b873c36e12bc88139bb5a42f8657
>
> 1. The 'Check DNS' button might be interpreted as 'check the DNS without
> updating the DNS zone' but in fact it also updates the DNS zone. I'd
> suggest using a regular 'Update' button, but add a 'Force' checkbox.
>
> 2. A 'Force' checkbox would be more consistent with other dialog boxes
> than 'Skip DNS check' checkbox. Also, there might be other checks being
> done, not just DNS check.
The same behavior is in Realm Domains update.
https://fedorahosted.org/freeipa/ticket/4648
>
> 3. When the authoritative nameserver is updated I get this message:
>
> semantic of '--name-server' option was changed: the option is used
> only for setting up the SOA MNAME attribute.
>
> To edit NS record(s) in zone apex, use command 'dnsrecord-mod [zone]
> @ --ns-rec=nameserver'.
>
> I think the message shouldn't be displayed because it's irrelevant to
> the UI, a bit too long to read, and not enough time to read it before it
> disappears.
Overall I agree. But it's not completely irrelevant since the main
message: "behavior has changed" is there. The CLI commands shouldn't be
there.
https://fedorahosted.org/freeipa/ticket/4647
>
> 4. Server issue. I don't see a --force option in the dnsrecord-add help
> message.
I wonder why --force in dnsrecord-add has 'no_option' flag.
>
>> Note: dnsrecord-mod doesn't support --force option to skip dns
>> resolution when changing NS record. Question is whether it should be
>> added, or if 'edit' button should be hidden in web ui to force
>> dnsrecord-add + dnsrecord-del combo instead of dnsrecord-mod, or if it's
>> good as is.
>> Note2: -add + -del combo has better UX than -del + -add if there is only
>> one value in the dns record.
>
> I think if we're keeping the dnsrecord-mod CLI it should have a --force
> option too regardless whether the UI uses -mod or -add/del. Once that's
> added, the Edit dialog should provide a checkbox for that too.
>
> The Edit dialog in DNS records is useful to edit records that consist of
> multiple fields (e.g. MX, SRV), so I think we should keep that, but
> internally it could be implemented either using -add/del or -mod,
> whichever works better.
>
I also think that dnsrecord-mod should have --force option.
--
Petr Vobornik
More information about the Freeipa-devel
mailing list