[Freeipa-devel] [PATCH] 892 webui: add mangedby tab to otptoken
Tomas Babej
tbabej at redhat.com
Tue Jul 7 06:32:11 UTC 2015
On 07/03/2015 02:49 PM, Martin Babinsky wrote:
> On 07/01/2015 06:59 PM, Petr Vobornik wrote:
>> Added managedby_user tab to manage users who can manage the token.
>>
>> https://fedorahosted.org/freeipa/ticket/5003
>>
>> Nathaniel, I could not reproduce the following part of the ticket:
>> """
>> Careful interaction is required here. In the current code, this also
>> creates a bug since all UI created tokens are owned but not managed.
>> When users of these tokens are deleted, their self-created tokens are
>> orphaned rather than deleted.
>>
>> Self-created tokens MUST be both self-owned AND self-managed.
>> """
>>
>> The self-created tokens which I created in Web UI as admin or normal
>> user were in both cases managed by the same user who created them.
>>
>>
> (Once again, this time also reply to the list)
>
> The patch itself does what it is supposed to.
>
> So ACK from me.
>
> However, I have found out that the token's manager is correctly set
> *only* when it is directly created by the user that should own it. In
> this case when the manager is not specified, the code works as expected
> and fill in the logged-in user as manager.
>
> However, if e.g. admin creates a token for another user and does not set
> him as the manager explicitly, the 'managedBy' attribute is not set.
>
Pushed to:
master: b258bcee8337063259aa38b4387b9bb5721fb380
ipa-4-1: 5439e7a8fa46a8eab0d23689807a4894f20ecea7
More information about the Freeipa-devel
mailing list