[Freeipa-devel] [PATCH] 940 apply some validation to some classes only
Rob Crittenden
rcritten at redhat.com
Fri Feb 3 21:58:02 UTC 2012
There is some validation that we only need to apply when an entry is
being created, namely the key itself. This is to allow us to manage an
otherwise illegal entry that finds its way into the system (i.e. migration).
Consider this. We migrate a group with a space in it. This isn't allowed
in IPA but we also provide no way to delete it because the cn regex
kicks out the group-del command.
The trick is adding appropriate context so we can know during validation
how we got here. A command object has a bases field which contains the
base classes associated with it, which appears to contain only the leaf
baseclass. So using this we can tell how we got to validation and can
skip based on that baseclass name.
I went back and forth a bit on where the right place to put this was,
I'm open to more fine tuning. I initially skipped just the pattern
validation then expanded it to apply to all validation in the Parameter.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-940-validation.patch
Type: text/x-patch
Size: 12177 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120203/a07f8f21/attachment.bin>
More information about the Freeipa-devel
mailing list