On Aug 3, 2011, at 7:32 AM, Rob Crittenden wrote: > JR Aquino wrote: >> On Aug 2, 2011, at 5:55 AM, "Rob Crittenden"<rcrit...@redhat.com> wrote: >>> JR Aquino wrote: >>>> >>>> I am fairly opposed to removing 'default' attrs which the rules are >>>> applied to... I am happy to provide a means to override them. >>>> >>>> While it may be second nature for all of us to know that there is an fqdn >>>> attribute, etc, our consumers are likely not going to intrinsically know >>>> our schema. We also deliberately mask the real attribute names in the >>>> framework. (fqdn = Host name) >>>> >>>> Providing a default feels like a happy medium which allows for ease of use >>>> and somewhat of a safety belt against users defining an incorrect >>>> attribute name. >>>> >>>> It also might get somewhat tiring to constantly provide --key=fqdn every >>>> time you add a hostname regex? >>> >>> Ok, but when you display rules fqdn is displayed. How are users to know >>> they shouldn't include fqdn= when removing existing rules? >> >> I guess my preference would be to heavily document, in the example, the >> plugin, and the docs... >> >> My concern is that without a default, a typo in the attr would produce >> unintended results. Without a schema checker, it's kinda tough to take an >> attr at face value from a user. Does the python ldap implementation have a >> means to check schema in order to verify an attribute? >> >> The design of the automember pluginhHaving the attr in the Regex does make >> for some complexity.... >> > > We do have a schema checker. You can test for existence of an attribute with > something like: > > import ldap as _ldap > obj = ldap.schema.get_obj(_ldap.schema.AttributeType, attr) > if obj is None: > # Error, no such attribute
def check_attr(self, attr): """ Verify that the user supplied key is a valid attribute in the schema """ ldap = self.api.Backend.ldap2 obj = ldap.schema.get_obj(_ldap.schema.AttributeType, attr) return obj [Thu Aug 04 16:58:41 2011] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py", line 209, in check_attr [Thu Aug 04 16:58:41 2011] [error] obj = ldap.schema.get_obj(_ldap.schema.AttributeType, attr) [Thu Aug 04 16:58:41 2011] [error] AttributeError: 'NoneType' object has no attribute 'get_obj' Seems that ldap doesn't have a get_obj inside of schema? _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel