[Freeipa-devel] [PATCH] 0003-2 User life cycle: new stageuser plugin with add verb

thierry bordaz tbordaz at redhat.com
Wed Sep 17 10:32:38 UTC 2014 

On 09/01/2014 01:08 PM, Petr Viktorin wrote:
> On 08/08/2014 03:54 PM, thierry bordaz wrote:
>> Hi,
>>
>> The attached patch is related to 'User Life Cycle'
>> (https://fedorahosted.org/freeipa/ticket/3813)
>>
>> It creates a stageuser plugin with a first function stageuser-add. Stage
>> user entries are provisioned under 'cn=staged
>> users,cn=accounts,cn=provisioning,SUFFIX'.
>>
>> Thanks
>> thierry
>
> Avoid `from ipalib.plugins.baseldap import *` in new code; instead 
> import the module itself and use e.g. `baseldap.LDAPObject`.
>
> The stageuser help (docstring) is copied from the user plugin, and 
> discusses things like account lockout and disabling users. It should 
> rather explain what stageuser itself does. (And I don't very much like 
> the Note about the interface being badly designed...)
> Also decide if the docs should call it "staged user" or "stage user" 
> or "stageuser".
>
> A lot of the code is copied and pasted over from the users plugin. 
> Don't do that. Either import things (e.g. validate_nsaccountlock) from 
> the users plugin, or move the reused code into a shared module.
>
> For the `user` object, since so much is the same, it might be best to 
> create a common base class for user and stageuser; and similarly for 
> the Command plugins.
>
> The default permissions need different names, and you don't need 
> another copy of the 'non_object' ones. Also, run the makeaci script.
>
Hello,

    This modified patch is mainly moving common base class into a new
    plugin: accounts.py. user/stageuser plugin inherits from accounts.
    It also creates a better description of what are stage user, how to
    add a new stage user, updates ACI.txt and separate active/stage user
    managed permissions.

thanks
thierry




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140917/b90a0dab/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-tbordaz-0003-2-User-life-cycle-new-stageuser-plugin.patch
Type: text/x-patch
Size: 99167 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140917/b90a0dab/attachment.bin>

More information about the Freeipa-devel mailing list