[Freeipa-devel] [PATCH 0297] ULC: add user-stage command

Martin Basti mbasti at redhat.com
Tue Aug 18 14:04:29 UTC 2015 


On 08/18/2015 03:49 PM, thierry bordaz wrote:
> On 08/18/2015 03:06 PM, Martin Basti wrote:
>>
>>
>> On 08/18/2015 11:32 AM, thierry bordaz wrote:
>>> On 08/18/2015 10:02 AM, Martin Basti wrote:
>>>>
>>>>
>>>> On 08/18/2015 09:59 AM, thierry bordaz wrote:
>>>>> On 08/18/2015 09:55 AM, Martin Basti wrote:
>>>>>>
>>>>>>
>>>>>> On 08/18/2015 09:50 AM, thierry bordaz wrote:
>>>>>>> On 08/17/2015 08:33 PM, Martin Basti wrote:
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> the 'user-stage' command replaces 'stageuser-add --from-delete' 
>>>>>>>> command.
>>>>>>>> https://fedorahosted.org/freeipa/ticket/5041
>>>>>>>>
>>>>>>>> Thierry can you check If I don't break everything, it works for 
>>>>>>>> me, but the one never knows.
>>>>>>>>
>>>>>>>> Honza can you please check the framework side? I use 
>>>>>>>> self.api.Object.stageuser.add.* in user command, I'm not sure 
>>>>>>>> if this is right way, but it works.
>>>>>>>>
>>>>>>>> Patch attached. I created it in hurry, I'm expecting NACK :D
>>>>>>>>
>>>>>>>>
>>>>>>>> Just question at the end: should I implement way Active user -> 
>>>>>>>> stageuser? IMHO it would be implemented internally by calling 
>>>>>>>> 'user-del --preserve' inside 'user-stage'.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> Hi Martin,
>>>>>>>
>>>>>>> There is a small failure with VERSION (edewata pushed his patch 
>>>>>>> first ;-) )
>>>>>>>
>>>>>>>     git apply -v
>>>>>>>     /tmp/freeipa-mbasti-0297-Add-user-stage-command.patch
>>>>>>>     Checking patch API.txt...
>>>>>>>     Checking patch VERSION...
>>>>>>>     error: while searching for:
>>>>>>>     # #
>>>>>>>     ########################################################
>>>>>>>     IPA_API_VERSION_MAJOR=2
>>>>>>>     IPA_API_VERSION_MINOR=148
>>>>>>>     # Last change: ftweedal - add --out option to user-show
>>>>>>>
>>>>>>>     error: patch failed: VERSION:90
>>>>>>>     error: VERSION: patch does not apply
>>>>>>>     Checking patch ipalib/plugins/stageuser.py...
>>>>>>>     Checking patch ipalib/plugins/user.py...
>>>>>>>
>>>>>>>
>>>>>> There is many pending patches that may change VERSION number, I 
>>>>>> will change it to right one before push.
>>>>>>
>>>>>> Does code looks good for you?
>>>>> Hi Martin,
>>>>>
>>>>> Just a question, there is no additional permission. Did you test 
>>>>> being 'admin' ?
>>>>>
>>>>> thanks
>>>>> theirry
>>>> No I didn't,.
>>>>
>>>> I preserver all permission, the original permissions should work.
>>>>
>>>> Martin
>>> Hi Martin,
>>>
>>> Running a test script, I have an issue with
>>>
>>>     ipa stageuser-add --first=t --last=b tb1
>>>     ipa: ERROR: an internal error has occurred
>>>
>>>
>>>     [Tue Aug 18 11:16:56.440658 2015] [wsgi:error] [pid 10486] ipa:
>>>     INFO: [jsonserver_kerb] stageadm at ABC.IDM.LAB.ENG.BRQ.REDHAT.COM:
>>>     stageuser_add(u'tb1', givenname=u't', sn=u'b', cn=u't b',
>>>     displayname=u't b', initials=u'tb', gecos=u't b',
>>>     krbprincipalname=u'tb1 at ABC.IDM.LAB.ENG.BRQ.REDHAT.COM',
>>>     random=False, all=False, raw=False, version=u'2.149',
>>>     no_members=False): AttributeError
>>>     [Tue Aug 18 11:21:25.198021 2015] [wsgi:error] [pid 10485] ipa:
>>>     ERROR: non-public: AttributeError: 'DN' object has no attribute
>>>     'setdefault'
>>>     [Tue Aug 18 11:21:25.198053 2015] [wsgi:error] [pid 10485]
>>>     Traceback (most recent call last):
>>>     [Tue Aug 18 11:21:25.198058 2015] [wsgi:error] [pid 10485]  
>>>     File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py",
>>>     line 347, in wsgi_execute
>>>     [Tue Aug 18 11:21:25.198062 2015] [wsgi:error] [pid 10485]    
>>>     result = self.Command[name](*args, **options)
>>>     [Tue Aug 18 11:21:25.198066 2015] [wsgi:error] [pid 10485]  
>>>     File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line
>>>     443, in __call__
>>>     [Tue Aug 18 11:21:25.198070 2015] [wsgi:error] [pid 10485]    
>>>     ret = self.run(*args, **options)
>>>     [Tue Aug 18 11:21:25.198081 2015] [wsgi:error] [pid 10485]  
>>>     File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line
>>>     760, in run
>>>     [Tue Aug 18 11:21:25.198133 2015] [wsgi:error] [pid 10485]    
>>>     return self.execute(*args, **options)
>>>     [Tue Aug 18 11:21:25.198139 2015] [wsgi:error] [pid 10485]  
>>>     File
>>>     "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py",
>>>     line 1227, in execute
>>>     [Tue Aug 18 11:21:25.198144 2015] [wsgi:error] [pid 10485]    
>>>     *keys, **options)
>>>     [Tue Aug 18 11:21:25.198147 2015] [wsgi:error] [pid 10485]  
>>>     File
>>>     "/usr/lib/python2.7/site-packages/ipalib/plugins/stageuser.py",
>>>     line 373, in pre_callback
>>>     [Tue Aug 18 11:21:25.198151 2015] [wsgi:error] [pid 10485]    
>>>     attrs_list, *keys, **options)
>>>     [Tue Aug 18 11:21:25.198155 2015] [wsgi:error] [pid 10485]  
>>>     File
>>>     "/usr/lib/python2.7/site-packages/ipalib/plugins/stageuser.py",
>>>     line 277, in set_default_values_pre_callback
>>>     [Tue Aug 18 11:21:25.198159 2015] [wsgi:error] [pid 10485]    
>>>     entry_attrs.setdefault('description', [])
>>>     [Tue Aug 18 11:21:25.198163 2015] [wsgi:error] [pid 10485]
>>>     AttributeError: 'DN' object has no attribute 'setdefault'
>>>     [Tue Aug 18 11:21:25.199276 2015] [wsgi:error] [pid 10485] ipa:
>>>     INFO: [jsonserver_session]
>>>     stageadm at ABC.IDM.LAB.ENG.BRQ.REDHAT.COM: stageuser_add(u'tb1',
>>>     givenname=u't', sn=u'b', cn=u't b', displayname=u't b',
>>>     initials=u'tb', gecos=u't b',
>>>     krbprincipalname=u'tb1 at ABC.IDM.LAB.ENG.BRQ.REDHAT.COM',
>>>     random=False, all=False, raw=False, version=u'2.149',
>>>     no_members=False): AttributeError
>>>
>>>
>>> The new set_default_values_pre_callback, can not use the set_default 
>>> function. It is not clear why. entry_attrs is one of pre_callback 
>>> parameter.
>>> Should set_default_values_pre_callback be a subfonction of 
>>> pre_callback ?
>>>
>>>
>>> thanks
>>> thierry
>>
>> Thank you,
>>
>> updated patch attached.
>
> So far, tests are ok.
> Just one comment, the 'user-stage' command description is wrong, as it 
> moves an active user into the staged area
>
> user-stage                             Move deleted user into staged area
No, it's not doing that.

user-stage is replacement of stageuser-add --from-delete, it doesn't 
work for active users.
The support to move active user to staged area is RFE, I did not 
implemented it yet, and I dont know if this will fit IPA 4.2 timeframe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150818/39e49252/attachment.htm>

More information about the Freeipa-devel mailing list