Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
The docstring of interactive_prompt_callback could use some tweaking, but besides that re-ACK. Dne 21.8.2014 v 14:50 Gabe Alford napsal(a): Hello, Just wondering if this needs to be re-ack'd. Thanks, Gabe On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford redhatri...@gmail.com mailto:redhatri...@gmail.com wrote: Okay. Sounds good. Update patch attached. On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com mailto:mko...@redhat.com wrote: Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com mailto:aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Thanks. Pushed to: master: 9415aba87789512e34cb4ed62534cde7822ff70b ipa-4-1: 8bb2af0e0ca375e10a406883ada5769963813763 ipa-4-0: b708001074e1fc1e412bc18b1e5e0b408151847b Martin On 08/25/2014 12:00 PM, Jan Cholasta wrote: The docstring of interactive_prompt_callback could use some tweaking, but besides that re-ACK. Dne 21.8.2014 v 14:50 Gabe Alford napsal(a): Hello, Just wondering if this needs to be re-ack'd. Thanks, Gabe On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford redhatri...@gmail.com mailto:redhatri...@gmail.com wrote: Okay. Sounds good. Update patch attached. On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com mailto:mko...@redhat.com wrote: Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com mailto:aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Hello,
Just wondering if this needs to be re-ack'd.
Thanks,
Gabe
On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford redhatri...@gmail.com wrote:
Okay. Sounds good. Update patch attached.
On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com wrote:
Ah, right. But I still think that's a too-early optimization. We can add
this
callback when this necessity arises. Until then, I would rather prefer to
keep
the code clean.
Martin
On 07/31/2014 03:17 PM, Gabe Alford wrote:
Right. The reason I added it in there is that I could see that in the
future trust_type could be more than just 'ad' (maybe 'ipa', 'krb',
etc?)
which at that point I'm not sure a default makes sense. So, I thought
to go
ahead and add the check for future use cases so that it doesn't have to
be
remembered later. However, maybe that was just a bad idea as right now
it
is a pointless check?
Gabe
On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com
wrote:
On Thu, 31 Jul 2014, Martin Kosek wrote:
Sorry for going late in the game, just a quick question - why do we
want
to add
this part:
+if trust_type is None:
+kw['trust_type'] = self.prompt_param(self.params[
'trust_type'])
? I do not see a reason for adding a special interactive prompt
callback
for
that - trust_type has a default value ad. CCing Alexander to double
check.
I also don't understand why you need to ask interactively for the
trust_type as it defaults to non-empty value and this value is the only
one we currently support.
--
/ Alexander Bokovoy
From 3fc52b8fec42a294f0e95f0bd8bcc2f1e0958ed3 Mon Sep 17 00:00:00 2001
From: Gabe redhatri...@gmail.com
Date: Thu, 31 Jul 2014 07:26:00 -0600
Subject: [PATCH] ipa trust-add command should be interactive
- Make ipa trust-add command interactive for realm_admin and realm_passwd
- Fix 'Active directory' typo to 'Active Directory'
https://fedorahosted.org/freeipa/ticket/3034
---
ipalib/plugins/trust.py | 26 +-
1 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index
fe1a76719b0e35136fb46d917bd998cdfd631695..736cb6f573f9a18eca882db136133205c583b67d
100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -435,7 +435,7 @@ sides.
),
Password('realm_passwd?',
cli_name='password',
-label=_(Active directory domain administrator's password),
+label=_(Active Directory domain administrator's password),
confirm=False,
),
Str('realm_server?',
@@ -511,6 +511,30 @@ sides.
return result
+def interactive_prompt_callback(self, kw):
+
+Also ensure that realm_admin is prompted for if --admin or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+Also ensure that realm_passwd is prompted for if --password or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+
+trust_secret = kw.get('trust_secret')
+realm_admin = kw.get('realm_admin')
+realm_passwd = kw.get('realm_passwd')
+
+if trust_secret is None:
+if realm_admin is None:
+kw['realm_admin'] = self.prompt_param(
+ self.params['realm_admin'])
+
+if realm_passwd is None:
+kw['realm_passwd'] = self.Backend.textui.prompt_password(
+ self.params['realm_passwd'].label, confirm=False)
+
def validate_options(self, *keys, **options):
if not _bindings_installed:
raise errors.NotFound(
--
1.7.1
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Dne 24.7.2014 v 00:15 Gabe Alford napsal(a): Nope. Somehow in my head it felt cleaner. Updated patched attached. On Wed, Jul 23, 2014 at 1:18 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[__X]) directly? -- Jan Cholasta Thanks, ACK. -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params['trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 07/31/2014 10:47 AM, Jan Cholasta wrote: Dne 24.7.2014 v 00:15 Gabe Alford napsal(a): Nope. Somehow in my head it felt cleaner. Updated patched attached. On Wed, Jul 23, 2014 at 1:18 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[__X]) directly? -- Jan Cholasta Thanks, ACK. Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params['trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. Thanks, Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Okay. Sounds good. Update patch attached.
On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com wrote:
Ah, right. But I still think that's a too-early optimization. We can add
this
callback when this necessity arises. Until then, I would rather prefer to
keep
the code clean.
Martin
On 07/31/2014 03:17 PM, Gabe Alford wrote:
Right. The reason I added it in there is that I could see that in the
future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?)
which at that point I'm not sure a default makes sense. So, I thought to
go
ahead and add the check for future use cases so that it doesn't have to
be
remembered later. However, maybe that was just a bad idea as right now it
is a pointless check?
Gabe
On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com
wrote:
On Thu, 31 Jul 2014, Martin Kosek wrote:
Sorry for going late in the game, just a quick question - why do we
want
to add
this part:
+if trust_type is None:
+kw['trust_type'] = self.prompt_param(self.params[
'trust_type'])
? I do not see a reason for adding a special interactive prompt
callback
for
that - trust_type has a default value ad. CCing Alexander to double
check.
I also don't understand why you need to ask interactively for the
trust_type as it defaults to non-empty value and this value is the only
one we currently support.
--
/ Alexander Bokovoy
From 3fc52b8fec42a294f0e95f0bd8bcc2f1e0958ed3 Mon Sep 17 00:00:00 2001
From: Gabe redhatri...@gmail.com
Date: Thu, 31 Jul 2014 07:26:00 -0600
Subject: [PATCH] ipa trust-add command should be interactive
- Make ipa trust-add command interactive for realm_admin and realm_passwd
- Fix 'Active directory' typo to 'Active Directory'
https://fedorahosted.org/freeipa/ticket/3034
---
ipalib/plugins/trust.py | 26 +-
1 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index fe1a76719b0e35136fb46d917bd998cdfd631695..736cb6f573f9a18eca882db136133205c583b67d 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -435,7 +435,7 @@ sides.
),
Password('realm_passwd?',
cli_name='password',
-label=_(Active directory domain administrator's password),
+label=_(Active Directory domain administrator's password),
confirm=False,
),
Str('realm_server?',
@@ -511,6 +511,30 @@ sides.
return result
+def interactive_prompt_callback(self, kw):
+
+Also ensure that realm_admin is prompted for if --admin or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+Also ensure that realm_passwd is prompted for if --password or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+
+trust_secret = kw.get('trust_secret')
+realm_admin = kw.get('realm_admin')
+realm_passwd = kw.get('realm_passwd')
+
+if trust_secret is None:
+if realm_admin is None:
+kw['realm_admin'] = self.prompt_param(
+ self.params['realm_admin'])
+
+if realm_passwd is None:
+kw['realm_passwd'] = self.Backend.textui.prompt_password(
+ self.params['realm_passwd'].label, confirm=False)
+
def validate_options(self, *keys, **options):
if not _bindings_installed:
raise errors.NotFound(
--
1.7.1
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[X]) directly? -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Nope. Somehow in my head it felt cleaner. Updated patched attached.
On Wed, Jul 23, 2014 at 1:18 AM, Jan Cholasta jchol...@redhat.com wrote:
On 23.7.2014 01:01, Gabe Alford wrote:
Forgot about --trust-secret. Here is an updated patch.
On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com
mailto:jchol...@redhat.com wrote:
On 21.7.2014 10:28, Martin Kosek wrote:
On 07/21/2014 09:56 AM, Jan Cholasta wrote:
Hi,
On 16.7.2014 05:48, Gabe Alford wrote:
Hello,
Adds AD admin and password to interactive commands.
https://fedorahosted.org/__freeipa/ticket/3034
https://fedorahosted.org/freeipa/ticket/3034
Thanks,
Gabe
I think that instead of making the parameters mandatory, you
should instead set
alwaysask=True on them.
Honza
Trust can be established either with user+password options OR with
--trust-secret option - i.e. you cannot use mandatory options
nor alwaysask.
Ah, right.
This would rather lead to interactive_prompt_callback checking
if any of
authentication method is passed and asking for them if they
aren't.
+1
Martin
--
Jan Cholasta
I don't think using an extra function to update a value in a dictionary is
very beneficial, is there a reason not to use kw[X] =
self.prompt_param(self.params[X]) directly?
--
Jan Cholasta
From cae886c1d3810d89feb3a2f26afcb6a38319005f Mon Sep 17 00:00:00 2001
From: Gabe redhatri...@gmail.com
Date: Wed, 23 Jul 2014 16:12:25 -0600
Subject: [PATCH] ipa trust-add command should be interactive
- Make ipa trust-add command interactive for realm_admin and realm_passwd
- Fix 'Active directory' typo to 'Active Directory'
https://fedorahosted.org/freeipa/ticket/3034
---
ipalib/plugins/trust.py | 33 -
1 file changed, 32 insertions(+), 1 deletion(-)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index fe1a76719b0e35136fb46d917bd998cdfd631695..7153253167001cca05c87d199c0843112d5333bd 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -435,7 +435,7 @@ sides.
),
Password('realm_passwd?',
cli_name='password',
-label=_(Active directory domain administrator's password),
+label=_(Active Directory domain administrator's password),
confirm=False,
),
Str('realm_server?',
@@ -511,6 +511,37 @@ sides.
return result
+def interactive_prompt_callback(self, kw):
+
+Ensure that trust_type is prompted for if any reason there is no
+default.
+
+Also ensure that realm_admin is prompted for if --admin or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+Also ensure that realm_passwd is prompted for if --password or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+
+trust_secret = kw.get('trust_secret')
+trust_type = kw.get('trust_type')
+realm_admin = kw.get('realm_admin')
+realm_passwd = kw.get('realm_passwd')
+
+if trust_type is None:
+kw['trust_type'] = self.prompt_param(self.params['trust_type'])
+
+if trust_secret is None:
+if realm_admin is None:
+kw['realm_admin'] = self.prompt_param(
+ self.params['realm_admin'])
+
+if realm_passwd is None:
+kw['realm_passwd'] = self.Backend.textui.prompt_password(
+ self.params['realm_passwd'].label, confirm=False)
+
def validate_options(self, *keys, **options):
if not _bindings_installed:
raise errors.NotFound(
--
2.0.0
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Forgot about --trust-secret. Here is an updated patch.
On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com wrote:
On 21.7.2014 10:28, Martin Kosek wrote:
On 07/21/2014 09:56 AM, Jan Cholasta wrote:
Hi,
On 16.7.2014 05:48, Gabe Alford wrote:
Hello,
Adds AD admin and password to interactive commands.
https://fedorahosted.org/freeipa/ticket/3034
Thanks,
Gabe
I think that instead of making the parameters mandatory, you should
instead set
alwaysask=True on them.
Honza
Trust can be established either with user+password options OR with
--trust-secret option - i.e. you cannot use mandatory options nor
alwaysask.
Ah, right.
This would rather lead to interactive_prompt_callback checking if any of
authentication method is passed and asking for them if they aren't.
+1
Martin
--
Jan Cholasta
From 3023813d41b416d3b0676e829a0f0f85a3c7c502 Mon Sep 17 00:00:00 2001
From: Gabe redhatri...@gmail.com
Date: Tue, 22 Jul 2014 16:49:55 -0600
Subject: [PATCH] ipa trust-add command should be interactive
- Make ipa trust-add command interactive for realm_admin and realm_passwd
- Fix 'Active directory' typo to 'Active Directory'
https://fedorahosted.org/freeipa/ticket/3034
---
ipalib/plugins/trust.py | 36 +++-
1 file changed, 35 insertions(+), 1 deletion(-)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index fe1a76719b0e35136fb46d917bd998cdfd631695..94bb4767defc95689593cf2528c9c5b84bf6fefb 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -435,7 +435,7 @@ sides.
),
Password('realm_passwd?',
cli_name='password',
-label=_(Active directory domain administrator's password),
+label=_(Active Directory domain administrator's password),
confirm=False,
),
Str('realm_server?',
@@ -511,6 +511,40 @@ sides.
return result
+def interactive_prompt_callback(self, kw):
+
+Ensure that trust_type is prompted for if any reason there is no
+default.
+
+Also ensure that realm_admin is prompted for if --admin or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+Also ensure that realm_passwd is prompted for if --password or
+--trust-secret is not specified when 'ipa trust-add' is run on the
+system.
+
+
+def set_from_prompt(param):
+value = self.prompt_param(self.params[param])
+update = {param: value}
+kw.update(update)
+
+trust_secret = kw.get('trust_secret')
+trust_type = kw.get('trust_type')
+realm_admin = kw.get('realm_admin')
+realm_passwd = kw.get('realm_passwd')
+
+if trust_type is None:
+set_from_prompt('trust_type')
+
+if trust_secret is None:
+if realm_admin is None:
+set_from_prompt('realm_admin')
+if realm_passwd is None:
+kw['realm_passwd'] = self.Backend.textui.prompt_password(
+ self.params['realm_passwd'].label, confirm=False)
+
def validate_options(self, *keys, **options):
if not _bindings_installed:
raise errors.NotFound(
--
2.0.0
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Hello,
Adds AD admin and password to interactive commands.
https://fedorahosted.org/freeipa/ticket/3034
Thanks,
Gabe
From ddea4f0a8915a10aa8d9ac5dd2b78e2032ee335f Mon Sep 17 00:00:00 2001
From: Gabe redhatri...@gmail.com
Date: Tue, 15 Jul 2014 20:34:12 -0600
Subject: [PATCH] ipa trust-add command should be interactive
- Make ipa trust-add command interactive for realm_admin and realm_passwd
- Fix 'Active directory' typo to 'Active Directory'
https://fedorahosted.org/freeipa/ticket/3034
---
API.txt | 4 ++--
ipalib/plugins/trust.py | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/API.txt b/API.txt
index 69ca2277e68261b8af48bea04997b59e059337de..23b186ff5b925c344455ee350d6ee83604989785 100644
--- a/API.txt
+++ b/API.txt
@@ -3728,8 +3728,8 @@ option: Int('base_id?', cli_name='base_id')
option: Int('range_size?', cli_name='range_size')
option: StrEnum('range_type?', cli_name='range_type', values=(u'ipa-ad-trust-posix', u'ipa-ad-trust'))
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
-option: Str('realm_admin?', cli_name='admin')
-option: Password('realm_passwd?', cli_name='password', confirm=False)
+option: Str('realm_admin', cli_name='admin')
+option: Password('realm_passwd', cli_name='password', confirm=False)
option: Str('realm_server?', cli_name='server')
option: Str('setattr*', cli_name='setattr', exclude='webui')
option: Password('trust_secret?', cli_name='trust_secret', confirm=False)
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index 99acfb8f8ce1532e4406087af3f9c158fc313159..bc9f31fa1002ab6664d8efba44f9ecb77e8a3825 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -429,13 +429,13 @@ sides.
takes_options = LDAPCreate.takes_options + (
_trust_type_option,
-Str('realm_admin?',
+Str('realm_admin',
cli_name='admin',
label=_(Active Directory domain administrator),
),
-Password('realm_passwd?',
+Password('realm_passwd',
cli_name='password',
-label=_(Active directory domain administrator's password),
+label=_(Active Directory domain administrator's password),
confirm=False,
),
Str('realm_server?',
--
2.0.0
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
