[Freeipa-devel] [PATCH 0024] Add OTP support to ipalib CLI

Nathaniel McCallum npmccallum at redhat.com
Mon Dec 16 17:01:36 UTC 2013 

On Mon, 2013-12-16 at 17:31 +0100, Jan Cholasta wrote:
> On 13.12.2013 21:15, Nathaniel McCallum wrote:
> > On Fri, 2013-12-13 at 14:50 -0500, Nathaniel McCallum wrote:
> >> On Wed, 2013-12-11 at 13:24 +0100, Jan Cholasta wrote:
> >>> +        # Resolve the user's dn
> >>> +        owner = entry_attrs.get('ipatokenowner', None)
> >>> +        if owner is not None:
> >>> +            owner = self.api.Object.user.get_dn(owner)
> >>> +            entry_attrs['ipatokenowner'] = owner
> >>>
> >>> You have a _normalize_owner function, I think the code above should go
> >>> into a _convert_owner function (use the function in
> >>> otptoken_{mod,show,find} as well).
> >>
> >> Fixed for mod and find. Show doesn't make sense.
> 
> Please rename _normalize_owner to _convert_owner and vice versa, to 
> match the convention used in other plugins (sorry for noticing this 
> earlier).

Fixed.

> This bit in otptoken_add should be replaced by a call to 
> _normalize_owner (after the rename):
> 
> +        # Resolve the user's dn
> +        owner = entry_attrs.get('ipatokenowner', None)
> +        if owner is not None:
> +            owner = self.api.Object.user.get_dn(owner)
> +            entry_attrs['ipatokenowner'] = owner

Fixed.

> You do the conversion from uid to DN in otptoken_find twice:
> 
> +        _convert_owner(self.api.Object.user, kwargs)
> +        return super(otptoken_find, self).pre_callback(ldap, filters, 
> *args, **kwargs)
> +
> +    def args_options_2_entry(self, *args, **options):
> +        o = 'ipatokenowner'
> +        if o in options:
> +            options[o] = self.api.Object.user.get_dn(options[o])
> 
> I would suggest to do it only in args_options_2_entry like this (again, 
> after the rename):
> 
>      def args_options_2_entry(self, *args, **options):
>          entry = super(otptoken_find, self).args_options_2_entry(*args, 
> **options)
>          _convert_owner(self.api.Object.user, entry)
>          return entry

Fixed.

> The patch needs a rebase (for the sake of ipapermlocation default value).

Fixed.

Nathaniel

-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0024-6-Add-OTP-support-to-ipalib-CLI.patch
Type: text/x-patch
Size: 28442 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131216/98bd6cb5/attachment.bin>

More information about the Freeipa-devel mailing list