[Freeipa-devel] [PATCH] allow admin user to be edited

[Rob Crittenden]

The admin user doesn't have the inetorgperson objectclass so don't have 
a givenname attribute. The UI is currently hardcoded to require "first 
name" which renders the admin user uneditable via the UI.

This is a hack that will allow admin to be edited, assuming that one 
doesn't try to add a firstname field.

This will hopefully be relatively short-term until we can implement a 
schema parser to determine which fields may be required and/or disabled.

rob

diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py 
b/ipa-server/ipa-g
index 0a79fc7..9232f30 100644
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py
@@ -413,6 +413,16 @@ class UserController(IPAController):
              # later the update will not be processed
              cherrypy.session['uid'] = user_dict.get('uid')

+            # Hack. The admin user doesn't have inetorgperson as an
+            # objectclass so don't require the givenName attribute if
+            # this objectclass doesn't exist in the record.
+            oc = [x.lower() for x in user_dict.get('objectclass')]
+            try:
+                p = oc.index('inetorgperson')
+            except ValueError:
+                # This entry doesn't have inetorgperson so don't require gn
+ 
user_edit_form.validator.fields.get('givenname').not_empty=Fals
+
              return dict(form=user_edit_form, user=user_dict,
                      user_groups=user_groups_dicts)
          except ipaerror.IPAError, e:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080513/d0b3a0a8/attachment.bin>