Re: [Freeipa-devel] [PATCH] 892 webui: add mangedby tab to otptoken
On 07/03/2015 02:49 PM, Martin Babinsky wrote: On 07/01/2015 06:59 PM, Petr Vobornik wrote: Added managedby_user tab to manage users who can manage the token. https://fedorahosted.org/freeipa/ticket/5003 Nathaniel, I could not reproduce the following part of the ticket: Careful interaction is required here. In the current code, this also creates a bug since all UI created tokens are owned but not managed. When users of these tokens are deleted, their self-created tokens are orphaned rather than deleted. Self-created tokens MUST be both self-owned AND self-managed. The self-created tokens which I created in Web UI as admin or normal user were in both cases managed by the same user who created them. (Once again, this time also reply to the list) The patch itself does what it is supposed to. So ACK from me. However, I have found out that the token's manager is correctly set *only* when it is directly created by the user that should own it. In this case when the manager is not specified, the code works as expected and fill in the logged-in user as manager. However, if e.g. admin creates a token for another user and does not set him as the manager explicitly, the 'managedBy' attribute is not set. Pushed to: master: b258bcee8337063259aa38b4387b9bb5721fb380 ipa-4-1: 5439e7a8fa46a8eab0d23689807a4894f20ecea7 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH] 892 webui: add mangedby tab to otptoken
On 07/01/2015 06:59 PM, Petr Vobornik wrote: Added managedby_user tab to manage users who can manage the token. https://fedorahosted.org/freeipa/ticket/5003 Nathaniel, I could not reproduce the following part of the ticket: Careful interaction is required here. In the current code, this also creates a bug since all UI created tokens are owned but not managed. When users of these tokens are deleted, their self-created tokens are orphaned rather than deleted. Self-created tokens MUST be both self-owned AND self-managed. The self-created tokens which I created in Web UI as admin or normal user were in both cases managed by the same user who created them. (Once again, this time also reply to the list) The patch itself does what it is supposed to. So ACK from me. However, I have found out that the token's manager is correctly set *only* when it is directly created by the user that should own it. In this case when the manager is not specified, the code works as expected and fill in the logged-in user as manager. However, if e.g. admin creates a token for another user and does not set him as the manager explicitly, the 'managedBy' attribute is not set. -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
