[Freeipa-devel] [PATCH] 042 Password policy commands do not include cospriority
Rob Crittenden
rcritten at redhat.com
Fri Apr 1 17:51:05 UTC 2011
Martin Kosek wrote:
> Target branches: master, ipa-2-0
> ---
>
> Most of the pwpolicy_* commands do include cospriority in the result
> and potentially in the attribute rights (--all --rights). Especially
> when --raw output is requested. This patch fixes it for all
> pwpolicy commands.
>
> https://fedorahosted.org/freeipa/ticket/1103
>
nack. I see a couple of problems.
You should test for rights before doing the cosentry_show(). If rights
is False then we won't add the data whatever it is so it is more
efficient to exit earlier.
Same with pwpolicy_name == global_policy_name. I think you should drop
the try/except and make it:
if not rights or pwpolicy_name == global_policy_name:
return
...
It should never be the case that the cosentry is not found so I'd let it
fail if that does occur.
I think that keys[-1] can be None so be aware.
You hardcode rights == False in pwpolicy_find(), a good thing. I think
you should add make it explict rights=False and add a comment explaining
that you can't get accessrights with a find.
rob
More information about the Freeipa-devel
mailing list