[Freeipa-devel] [PATCH] 0078 ipa group-show <external group> does not list its members
Alexander Bokovoy
abokovoy at redhat.com
Mon Sep 24 15:35:50 UTC 2012
On Mon, 24 Sep 2012, Petr Viktorin wrote:
>On 09/24/2012 05:11 PM, Alexander Bokovoy wrote:
>>On Mon, 24 Sep 2012, Alexander Bokovoy wrote:
>>>On Mon, 24 Sep 2012, Petr Viktorin wrote:
>>>>On 09/24/2012 04:01 PM, Alexander Bokovoy wrote:
>>>>>Hi,
>>>>>
>>>>>small patch, to make sure external members are listed when 'ipa
>>>>>group-show' is called.
>>>>>
>>>>>https://fedorahosted.org/freeipa/ticket/2975
>>>>
>>>>This looks good, but it could use some tests.
>>>For external membership being printed?
>>The reason I'm asking is because we have a test for incorrect external
>>member in tests/test_xmlrpc/test_group_plugin.py but we don't have any
>>positive tests for the reason that the code actually verifies SIDs as
>>belonging to configured trusted domains. And without trusted domain you
>>can't pass verification, can't see any external member added.
>
>Yes, I didn't realize external members aren't easy to add from a
>normal testing environment.
>
>>And adding trusted domain is done via complex RPC communication which
>>results in ipasam Samba's passdb module creating specific LDAP entries
>>although we could have faked it with injection of those entries into
>>a database for test purposes,
>
>That would be nice to have, though I'm not sure this is the right
>time to do it. Perhaps file a ticket to remind us later?
Yes, please file something to the backlog. It will help when we'll get
to IPA-IPA trusts.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list