On 10/16/2014 11:37 PM, Nathaniel McCallum wrote: > On Thu, 2014-10-16 at 17:35 +0200, Martin Kosek wrote: >> On 10/15/2014 06:32 PM, Nathaniel McCallum wrote: >>> When viewing a token from the CLI or UI, the type of the token >>> should be displayed. >>> >>> https://fedorahosted.org/freeipa/ticket/4563 >> >> Adding objectclass to default_attributes is unprecedented and something we >> should not do before release. It would also put objectclass attribute in >> default otptoken-* operations. >> >> What I would do in this case is to >> - keep default_attributes as is >> - add 'objectclass' to attrs_list in pre_callback >> - do whatever you already do with it in post_callback >> - remove the objectclass if it was not called for explicitly, e.g.: >> >> if not options.get('all', False) or options.get('pkey_only', >> False): >> entry_attrs.pop('objectclass', None) >> >> This approach is used for example in idrange.py so I would stick with it (I >> am >> not saying it is pretty, I am just saying our API should give consistent >> output). > > Fixed and tested. >
Works fine in CLI, though I found couple more issues: 1) In type you return "HOTP" or "TOTP" while on the input you accept lowercased versions - is that OK? # ipa otptoken-add --type=TOTP --owner=fbar barbar ipa: ERROR: invalid 'type': must be one of 'totp', 'hotp' It just did not seem consistent to me. 2) You are suddenly adding camelcased attribute, compared to other places: + attrs_list.append("objectClass") 3) I do not see the OTP token type in Web UI OTP token view - is it just me or is it really missing? Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel