On 10/16/2014 11:37 PM, Nathaniel McCallum wrote:
> On Thu, 2014-10-16 at 17:35 +0200, Martin Kosek wrote:
>> On 10/15/2014 06:32 PM, Nathaniel McCallum wrote:
>>> When viewing a token from the CLI or UI, the type of the token
>>> should be displayed.
>>>
>>> https://fedorahosted.org/freeipa/ticket/4563
>>
>> Adding objectclass to default_attributes is unprecedented and something we
>> should not do before release. It would also put objectclass attribute in
>> default otptoken-* operations.
>>
>> What I would do in this case is to
>> - keep default_attributes as is
>> - add 'objectclass' to attrs_list in pre_callback
>> - do whatever you already do with it in post_callback
>> - remove the objectclass if it was not called for explicitly, e.g.:
>>
>> if not options.get('all', False) or options.get('pkey_only',
>> False):
>> entry_attrs.pop('objectclass', None)
>>
>> This approach is used for example in idrange.py so I would stick with it (I
>> am
>> not saying it is pretty, I am just saying our API should give consistent
>> output).
>
> Fixed and tested.
>
Works fine in CLI, though I found couple more issues:
1) In type you return "HOTP" or "TOTP" while on the input you accept lowercased
versions - is that OK?
# ipa otptoken-add --type=TOTP --owner=fbar barbar
ipa: ERROR: invalid 'type': must be one of 'totp', 'hotp'
It just did not seem consistent to me.
2) You are suddenly adding camelcased attribute, compared to other places:
+ attrs_list.append("objectClass")
3) I do not see the OTP token type in Web UI OTP token view - is it just me or
is it really missing?
Martin
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
