[Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Gabe Alford
redhatrises at gmail.com
Thu Aug 21 12:50:34 UTC 2014
Hello,
Just wondering if this needs to be re-ack'd.
Thanks,
Gabe
On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford <redhatrises at gmail.com> wrote:
> Okay. Sounds good. Update patch attached.
>
>
> On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek <mkosek at redhat.com> wrote:
>
>> Ah, right. But I still think that's a too-early optimization. We can add
>> this
>> callback when this necessity arises. Until then, I would rather prefer to
>> keep
>> the code clean.
>>
>> Martin
>>
>> On 07/31/2014 03:17 PM, Gabe Alford wrote:
>> > Right. The reason I added it in there is that I could see that in the
>> > future trust_type could be more than just 'ad' (maybe 'ipa', 'krb',
>> etc?)
>> > which at that point I'm not sure a default makes sense. So, I thought
>> to go
>> > ahead and add the check for future use cases so that it doesn't have to
>> be
>> > remembered later. However, maybe that was just a bad idea as right now
>> it
>> > is a pointless check?
>> >
>> > Gabe
>> >
>> >
>> > On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy <abokovoy at redhat.com
>> >
>> > wrote:
>> >
>> >> On Thu, 31 Jul 2014, Martin Kosek wrote:
>> >>
>> >>> Sorry for going late in the game, just a quick question - why do we
>> want
>> >>> to add
>> >>> this part:
>> >>>
>> >>> + if trust_type is None:
>> >>> + kw['trust_type'] = self.prompt_param(self.params[
>> >>> 'trust_type'])
>> >>>
>> >>> ? I do not see a reason for adding a special interactive prompt
>> callback
>> >>> for
>> >>> that - trust_type has a default value "ad". CCing Alexander to double
>> >>> check.
>> >>>
>> >> I also don't understand why you need to ask interactively for the
>> >> trust_type as it defaults to non-empty value and this value is the only
>> >> one we currently support.
>> >>
>> >>
>> >> --
>> >> / Alexander Bokovoy
>> >>
>> >
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140821/ff1897ad/attachment.htm>
-------------- next part --------------
From 3fc52b8fec42a294f0e95f0bd8bcc2f1e0958ed3 Mon Sep 17 00:00:00 2001
From: Gabe <redhatrises at gmail.com>
Date: Thu, 31 Jul 2014 07:26:00 -0600
Subject: [PATCH] ipa trust-add command should be interactive
- Make ipa trust-add command interactive for realm_admin and realm_passwd
- Fix 'Active directory' typo to 'Active Directory'
https://fedorahosted.org/freeipa/ticket/3034
---
ipalib/plugins/trust.py | 26 +++++++++++++++++++++++++-
1 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index fe1a76719b0e35136fb46d917bd998cdfd631695..736cb6f573f9a18eca882db136133205c583b67d 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -435,7 +435,7 @@ sides.
),
Password('realm_passwd?',
cli_name='password',
- label=_("Active directory domain administrator's password"),
+ label=_("Active Directory domain administrator's password"),
confirm=False,
),
Str('realm_server?',
@@ -511,6 +511,30 @@ sides.
return result
+ def interactive_prompt_callback(self, kw):
+ """
+ Also ensure that realm_admin is prompted for if --admin or
+ --trust-secret is not specified when 'ipa trust-add' is run on the
+ system.
+
+ Also ensure that realm_passwd is prompted for if --password or
+ --trust-secret is not specified when 'ipa trust-add' is run on the
+ system.
+ """
+
+ trust_secret = kw.get('trust_secret')
+ realm_admin = kw.get('realm_admin')
+ realm_passwd = kw.get('realm_passwd')
+
+ if trust_secret is None:
+ if realm_admin is None:
+ kw['realm_admin'] = self.prompt_param(
+ self.params['realm_admin'])
+
+ if realm_passwd is None:
+ kw['realm_passwd'] = self.Backend.textui.prompt_password(
+ self.params['realm_passwd'].label, confirm=False)
+
def validate_options(self, *keys, **options):
if not _bindings_installed:
raise errors.NotFound(
--
1.7.1
More information about the Freeipa-devel
mailing list