Fixed the typo in error message.

On 08/23/2016 12:15 PM, Tomas Krizek wrote:
In that case, the first version of the patch solves the issue.

I'm attaching the patch once again, but it's the same as the one in the original message.


On 08/23/2016 11:53 AM, Jan Cholasta wrote:
On 22.8.2016 19:08, Tomas Krizek wrote:
I've attached the updated patch. Hopefully I didn't forget anything else
this time.


On 08/22/2016 05:48 PM, Martin Basti wrote:

On 22.08.2016 10:22, Tomas Krizek wrote:

Seems like a good idea, I'm attaching the updated patch. Autofill
does work when the param is required.


On 08/19/2016 04:19 PM, Martin Basti wrote:



On 16.08.2016 17:35, Tomas Krizek wrote:
Hi,

the attached patch fixes an error message when user provides an
empty key while adding otp token.

https://fedorahosted.org/freeipa/ticket/6200




I'm curious why we don't fix it here:

        OTPTokenKey('ipatokenotpkey?',
            cli_name='key',
            label=_('Key'),
            doc=_('Token secret (Base32; default: random)'),
            default_from=lambda: os.urandom(KEY_LENGTH),
            autofill=True,
            flags=('no_display', 'no_update', 'no_search'),
        ),


If OTPTokenKey is mandratory, it should be required param (autofill
should work in this case too)

Martin^2

--
Tomas Krizek

You changed API, you must regenerate API.txt (./makeapi) and increment
minor version in VERSION file

Option 'ipatokenotpkey?' in command 'otptoken_add/1' in API file not found
Options count in otptoken_add of 22 doesn't match expected: 23
Option ipatokenotpkey of command otptoken_add in ipalib, not in API file:
OTPTokenKey('ipatokenotpkey', autofill=True, cli_name='key')

NACK, this is a backward incompatible change.

AFAICT the option should remain optional, see the doc string:

    Token secret (Base32; default: random)
                          ^^^^^^^^^^^^^^^





--
Tomas Krizek

From 14ecfa5f5730af5f8d1d54f8524d546d42f5ce2e Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Wed, 24 Aug 2016 13:29:37 +0200
Subject: [PATCH] Validate key in otptoken-add

Verify that key is not empty when adding otp token. If it is empty, raise an
appropriate error.

https://fedorahosted.org/freeipa/ticket/6200
---
 ipaserver/plugins/otptoken.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ipaserver/plugins/otptoken.py b/ipaserver/plugins/otptoken.py
index 15b25e07a905257f016de68a3d9e182447699d0e..a7b436aa5690c42b56d7937e608b9d574b22e10b 100644
--- a/ipaserver/plugins/otptoken.py
+++ b/ipaserver/plugins/otptoken.py
@@ -323,6 +323,10 @@ class otptoken_add(LDAPCreate):
             except (NotFound, IndexError):
                 pass
 
+        # Check if key is not empty
+        if entry_attrs['ipatokenotpkey'] is None:
+            raise ValidationError(name='key', error=_(u'cannot be empty'))
+
         # Build the URI parameters
         args = {}
         args['issuer'] = issuer
-- 
2.7.4

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to