On Fri, May 03, 2013 at 09:46:47PM +0300, Alexander Bokovoy wrote:
> Hi!
> 
> Attached are patches to allow resolving SIDs in Web UI in external
> membership panel for groups. Please see more detailed description in the
> main patch.
> 
> I haven't rebased it yet on top of Petr's Web UI rework, hopefully it
> should be simple.
> 
> https://fedorahosted.org/freeipa/ticket/3302
> 
> Since framework doesn't allow to hide commands from CLI, underlying
> command is usable from CLI too:
> # ipa trust-resolve 
> --sids=S-1-5-21-3502988750-125904550-3683905862-{500,512,498}
>  Name: enterprise read-only domain controll...@ad.lan
>  SID: S-1-5-21-3502988750-125904550-3683905862-498
> 
>  Name: administra...@ad.lan
>  SID: S-1-5-21-3502988750-125904550-3683905862-500
> 
>  Name: domain adm...@ad.lan
>  SID: S-1-5-21-3502988750-125904550-3683905862-512
> 
> -- 
> / Alexander Bokovoy
> +        try:
> +            sids = map(lambda x: str(x), options['sids'])
> +            xlate = pysss_nss_idmap.getnamebysid(sids)

The latest version, which is already committed to sssd, return a dict.
The output of ipa trust-resolve now look like:

[root@ipa18-devel ~]# ipa trust-resolve 
--sids=S-1-5-21-3090815309-2627318493-3395719201-{498,500,513}
  Name: {'type': 3, 'name': u'administrator@ad18.ipa18.devel'}
  SID: S-1-5-21-3090815309-2627318493-3395719201-500

  Name: {'type': 2, 'name': u'enterprise read-only domain 
controllers@ad18.ipa18.devel'}
  SID: S-1-5-21-3090815309-2627318493-3395719201-498

  Name: {'type': 2, 'name': u'domain users@ad18.ipa18.devel'}
  SID: S-1-5-21-3090815309-2627318493-3395719201-513

> +            for sid in xlate:
> +            entry = dict()
> +               entry['sid'] = [unicode(sid)]
> +               entry['name'] = [unicode(xlate[sid])]

I think you need  entry['name'] = 
[unicode(xlate[sid][pysss_nss_idmap.NAME_KEY])]
here.

> +               result.append(entry)
> +        except ValueError, e:
> +            pass
> +
> +        return dict(result=result)
> +
> +api.register(trust_resolve)
> -- 
> 1.8.1.4
> 

I tried with firefox, but the SIDs of the external members are not
resolved. Do I have to clean any firefox cache?

bye,
Sumit

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to