[Freeipa-devel] [PATCH] 402 Add userClass attribute for hosts

Dmitri Pal dpal at redhat.com
Fri Apr 26 17:02:24 UTC 2013 

On 04/26/2013 06:47 AM, Petr Viktorin wrote:
> On 04/25/2013 06:59 PM, Dmitri Pal wrote:
>> On 04/25/2013 09:54 AM, Martin Kosek wrote:
>>> On 04/25/2013 12:37 PM, Petr Viktorin wrote:
>>>> On 04/23/2013 10:10 AM, Martin Kosek wrote:
>>>>> This new freeform host attribute will allow provisioning systems
>>>>> to add custom tags for host objects which can be later used for
>>>>> in automember rules or for additional local interpretation.
>>>>>
>>>>> Design page:
>>>>> http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems
>>>>>
>>>>> Ticket: https://fedorahosted.org/freeipa/ticket/3583
>>>>>
> [...]
>>
>> Can we use this patch to create a HOWTO on how to add and LDAP attribute
>> to IPA?
>
> Yes, I can annotate the patch and put it on the wiki. I'll do it once
> it's pushed so I can link to it.
>
> I know we're trying to organize the wiki page names. What's the
> correct location for a developer-focused HOWTO?

I do not have a preference. Whatever makes sense.

>
>> Also we have, I suspect a lot of metadata about attributes encoded in
>> the framework, right?
>> Why can't we use some kind of the data file(s) for it? This way one can
>> add attributes dynamically and the framework would pick them up.
>> It is clear that it would have to be done on all replicas
>
> So we should store it in LDAP and have it replicated.


I am not against it. Files might be an interim step before getting there.

>
>> but still it
>> would not require people to change the code - only configuration. Have
>> we ever thought about this?
>
> If you're talking about parameters in the the framework commands, I
> think --setattr is fine.
> Or is this also about the schema? Web UI?
>

There are three parts:
a) Schema
b) Code

option: Str('userclass', attribute=True, cli_name='class', multivalue=True, required=False)
...
option: Str('userclass', attribute=True, autofill=False, cli_name='class', multivalue=True, query=True, required=False)
...
option: Str('userclass', attribute=True, autofill=False, cli_name='class', multivalue=True, required=False)

+        Str('userclass*',
+            cli_name='class',
+            label=_('Class'),
+            doc=_('Host category (semantics placed on this attribute are for '
+                  'local interpretation)'),
+        ),
     ) + ticket_flags_params

+ test

This code can be completely parametarized and values read from the LDAP
or files

c) UI metadata - should be similar to above

Then adding a new field would be equivalent to changing the schema and
adding an entry or two - it is not a a software update per say.

We would need to keep the data version clear rather than in addition to
the hardcoded version in the code





-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

More information about the Freeipa-devel mailing list