Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
The docstring of interactive_prompt_callback could use some tweaking, but besides that re-ACK. Dne 21.8.2014 v 14:50 Gabe Alford napsal(a): Hello, Just wondering if this needs to be re-ack'd. Thanks, Gabe On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford redhatri...@gmail.com mailto:redhatri...@gmail.com wrote: Okay. Sounds good. Update patch attached. On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com mailto:mko...@redhat.com wrote: Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com mailto:aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Thanks. Pushed to: master: 9415aba87789512e34cb4ed62534cde7822ff70b ipa-4-1: 8bb2af0e0ca375e10a406883ada5769963813763 ipa-4-0: b708001074e1fc1e412bc18b1e5e0b408151847b Martin On 08/25/2014 12:00 PM, Jan Cholasta wrote: The docstring of interactive_prompt_callback could use some tweaking, but besides that re-ACK. Dne 21.8.2014 v 14:50 Gabe Alford napsal(a): Hello, Just wondering if this needs to be re-ack'd. Thanks, Gabe On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford redhatri...@gmail.com mailto:redhatri...@gmail.com wrote: Okay. Sounds good. Update patch attached. On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com mailto:mko...@redhat.com wrote: Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com mailto:aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Hello, Just wondering if this needs to be re-ack'd. Thanks, Gabe On Thu, Jul 31, 2014 at 7:57 AM, Gabe Alford redhatri...@gmail.com wrote: Okay. Sounds good. Update patch attached. On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com wrote: Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy From 3fc52b8fec42a294f0e95f0bd8bcc2f1e0958ed3 Mon Sep 17 00:00:00 2001 From: Gabe redhatri...@gmail.com Date: Thu, 31 Jul 2014 07:26:00 -0600 Subject: [PATCH] ipa trust-add command should be interactive - Make ipa trust-add command interactive for realm_admin and realm_passwd - Fix 'Active directory' typo to 'Active Directory' https://fedorahosted.org/freeipa/ticket/3034 --- ipalib/plugins/trust.py | 26 +- 1 files changed, 25 insertions(+), 1 deletions(-) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index fe1a76719b0e35136fb46d917bd998cdfd631695..736cb6f573f9a18eca882db136133205c583b67d 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -435,7 +435,7 @@ sides. ), Password('realm_passwd?', cli_name='password', -label=_(Active directory domain administrator's password), +label=_(Active Directory domain administrator's password), confirm=False, ), Str('realm_server?', @@ -511,6 +511,30 @@ sides. return result +def interactive_prompt_callback(self, kw): + +Also ensure that realm_admin is prompted for if --admin or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + +Also ensure that realm_passwd is prompted for if --password or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + + +trust_secret = kw.get('trust_secret') +realm_admin = kw.get('realm_admin') +realm_passwd = kw.get('realm_passwd') + +if trust_secret is None: +if realm_admin is None: +kw['realm_admin'] = self.prompt_param( + self.params['realm_admin']) + +if realm_passwd is None: +kw['realm_passwd'] = self.Backend.textui.prompt_password( + self.params['realm_passwd'].label, confirm=False) + def validate_options(self, *keys, **options): if not _bindings_installed: raise errors.NotFound( -- 1.7.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Dne 24.7.2014 v 00:15 Gabe Alford napsal(a): Nope. Somehow in my head it felt cleaner. Updated patched attached. On Wed, Jul 23, 2014 at 1:18 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[__X]) directly? -- Jan Cholasta Thanks, ACK. -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params['trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 07/31/2014 10:47 AM, Jan Cholasta wrote: Dne 24.7.2014 v 00:15 Gabe Alford napsal(a): Nope. Somehow in my head it felt cleaner. Updated patched attached. On Wed, Jul 23, 2014 at 1:18 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[__X]) directly? -- Jan Cholasta Thanks, ACK. Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params['trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. Thanks, Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Okay. Sounds good. Update patch attached. On Thu, Jul 31, 2014 at 7:18 AM, Martin Kosek mko...@redhat.com wrote: Ah, right. But I still think that's a too-early optimization. We can add this callback when this necessity arises. Until then, I would rather prefer to keep the code clean. Martin On 07/31/2014 03:17 PM, Gabe Alford wrote: Right. The reason I added it in there is that I could see that in the future trust_type could be more than just 'ad' (maybe 'ipa', 'krb', etc?) which at that point I'm not sure a default makes sense. So, I thought to go ahead and add the check for future use cases so that it doesn't have to be remembered later. However, maybe that was just a bad idea as right now it is a pointless check? Gabe On Thu, Jul 31, 2014 at 3:18 AM, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 31 Jul 2014, Martin Kosek wrote: Sorry for going late in the game, just a quick question - why do we want to add this part: +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params[ 'trust_type']) ? I do not see a reason for adding a special interactive prompt callback for that - trust_type has a default value ad. CCing Alexander to double check. I also don't understand why you need to ask interactively for the trust_type as it defaults to non-empty value and this value is the only one we currently support. -- / Alexander Bokovoy From 3fc52b8fec42a294f0e95f0bd8bcc2f1e0958ed3 Mon Sep 17 00:00:00 2001 From: Gabe redhatri...@gmail.com Date: Thu, 31 Jul 2014 07:26:00 -0600 Subject: [PATCH] ipa trust-add command should be interactive - Make ipa trust-add command interactive for realm_admin and realm_passwd - Fix 'Active directory' typo to 'Active Directory' https://fedorahosted.org/freeipa/ticket/3034 --- ipalib/plugins/trust.py | 26 +- 1 files changed, 25 insertions(+), 1 deletions(-) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index fe1a76719b0e35136fb46d917bd998cdfd631695..736cb6f573f9a18eca882db136133205c583b67d 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -435,7 +435,7 @@ sides. ), Password('realm_passwd?', cli_name='password', -label=_(Active directory domain administrator's password), +label=_(Active Directory domain administrator's password), confirm=False, ), Str('realm_server?', @@ -511,6 +511,30 @@ sides. return result +def interactive_prompt_callback(self, kw): + +Also ensure that realm_admin is prompted for if --admin or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + +Also ensure that realm_passwd is prompted for if --password or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + + +trust_secret = kw.get('trust_secret') +realm_admin = kw.get('realm_admin') +realm_passwd = kw.get('realm_passwd') + +if trust_secret is None: +if realm_admin is None: +kw['realm_admin'] = self.prompt_param( + self.params['realm_admin']) + +if realm_passwd is None: +kw['realm_passwd'] = self.Backend.textui.prompt_password( + self.params['realm_passwd'].label, confirm=False) + def validate_options(self, *keys, **options): if not _bindings_installed: raise errors.NotFound( -- 1.7.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[X]) directly? -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Nope. Somehow in my head it felt cleaner. Updated patched attached. On Wed, Jul 23, 2014 at 1:18 AM, Jan Cholasta jchol...@redhat.com wrote: On 23.7.2014 01:01, Gabe Alford wrote: Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com mailto:jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/__freeipa/ticket/3034 https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta I don't think using an extra function to update a value in a dictionary is very beneficial, is there a reason not to use kw[X] = self.prompt_param(self.params[X]) directly? -- Jan Cholasta From cae886c1d3810d89feb3a2f26afcb6a38319005f Mon Sep 17 00:00:00 2001 From: Gabe redhatri...@gmail.com Date: Wed, 23 Jul 2014 16:12:25 -0600 Subject: [PATCH] ipa trust-add command should be interactive - Make ipa trust-add command interactive for realm_admin and realm_passwd - Fix 'Active directory' typo to 'Active Directory' https://fedorahosted.org/freeipa/ticket/3034 --- ipalib/plugins/trust.py | 33 - 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index fe1a76719b0e35136fb46d917bd998cdfd631695..7153253167001cca05c87d199c0843112d5333bd 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -435,7 +435,7 @@ sides. ), Password('realm_passwd?', cli_name='password', -label=_(Active directory domain administrator's password), +label=_(Active Directory domain administrator's password), confirm=False, ), Str('realm_server?', @@ -511,6 +511,37 @@ sides. return result +def interactive_prompt_callback(self, kw): + +Ensure that trust_type is prompted for if any reason there is no +default. + +Also ensure that realm_admin is prompted for if --admin or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + +Also ensure that realm_passwd is prompted for if --password or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + + +trust_secret = kw.get('trust_secret') +trust_type = kw.get('trust_type') +realm_admin = kw.get('realm_admin') +realm_passwd = kw.get('realm_passwd') + +if trust_type is None: +kw['trust_type'] = self.prompt_param(self.params['trust_type']) + +if trust_secret is None: +if realm_admin is None: +kw['realm_admin'] = self.prompt_param( + self.params['realm_admin']) + +if realm_passwd is None: +kw['realm_passwd'] = self.Backend.textui.prompt_password( + self.params['realm_passwd'].label, confirm=False) + def validate_options(self, *keys, **options): if not _bindings_installed: raise errors.NotFound( -- 2.0.0 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Forgot about --trust-secret. Here is an updated patch. On Mon, Jul 21, 2014 at 2:31 AM, Jan Cholasta jchol...@redhat.com wrote: On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta From 3023813d41b416d3b0676e829a0f0f85a3c7c502 Mon Sep 17 00:00:00 2001 From: Gabe redhatri...@gmail.com Date: Tue, 22 Jul 2014 16:49:55 -0600 Subject: [PATCH] ipa trust-add command should be interactive - Make ipa trust-add command interactive for realm_admin and realm_passwd - Fix 'Active directory' typo to 'Active Directory' https://fedorahosted.org/freeipa/ticket/3034 --- ipalib/plugins/trust.py | 36 +++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index fe1a76719b0e35136fb46d917bd998cdfd631695..94bb4767defc95689593cf2528c9c5b84bf6fefb 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -435,7 +435,7 @@ sides. ), Password('realm_passwd?', cli_name='password', -label=_(Active directory domain administrator's password), +label=_(Active Directory domain administrator's password), confirm=False, ), Str('realm_server?', @@ -511,6 +511,40 @@ sides. return result +def interactive_prompt_callback(self, kw): + +Ensure that trust_type is prompted for if any reason there is no +default. + +Also ensure that realm_admin is prompted for if --admin or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + +Also ensure that realm_passwd is prompted for if --password or +--trust-secret is not specified when 'ipa trust-add' is run on the +system. + + +def set_from_prompt(param): +value = self.prompt_param(self.params[param]) +update = {param: value} +kw.update(update) + +trust_secret = kw.get('trust_secret') +trust_type = kw.get('trust_type') +realm_admin = kw.get('realm_admin') +realm_passwd = kw.get('realm_passwd') + +if trust_type is None: +set_from_prompt('trust_type') + +if trust_secret is None: +if realm_admin is None: +set_from_prompt('realm_admin') +if realm_passwd is None: +kw['realm_passwd'] = self.Backend.textui.prompt_password( + self.params['realm_passwd'].label, confirm=False) + def validate_options(self, *keys, **options): if not _bindings_installed: raise errors.NotFound( -- 2.0.0 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] ipa trust-add command should be interactive
On 21.7.2014 10:28, Martin Kosek wrote: On 07/21/2014 09:56 AM, Jan Cholasta wrote: Hi, On 16.7.2014 05:48, Gabe Alford wrote: Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe I think that instead of making the parameters mandatory, you should instead set alwaysask=True on them. Honza Trust can be established either with user+password options OR with --trust-secret option - i.e. you cannot use mandatory options nor alwaysask. Ah, right. This would rather lead to interactive_prompt_callback checking if any of authentication method is passed and asking for them if they aren't. +1 Martin -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] ipa trust-add command should be interactive
Hello, Adds AD admin and password to interactive commands. https://fedorahosted.org/freeipa/ticket/3034 Thanks, Gabe From ddea4f0a8915a10aa8d9ac5dd2b78e2032ee335f Mon Sep 17 00:00:00 2001 From: Gabe redhatri...@gmail.com Date: Tue, 15 Jul 2014 20:34:12 -0600 Subject: [PATCH] ipa trust-add command should be interactive - Make ipa trust-add command interactive for realm_admin and realm_passwd - Fix 'Active directory' typo to 'Active Directory' https://fedorahosted.org/freeipa/ticket/3034 --- API.txt | 4 ++-- ipalib/plugins/trust.py | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/API.txt b/API.txt index 69ca2277e68261b8af48bea04997b59e059337de..23b186ff5b925c344455ee350d6ee83604989785 100644 --- a/API.txt +++ b/API.txt @@ -3728,8 +3728,8 @@ option: Int('base_id?', cli_name='base_id') option: Int('range_size?', cli_name='range_size') option: StrEnum('range_type?', cli_name='range_type', values=(u'ipa-ad-trust-posix', u'ipa-ad-trust')) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') -option: Str('realm_admin?', cli_name='admin') -option: Password('realm_passwd?', cli_name='password', confirm=False) +option: Str('realm_admin', cli_name='admin') +option: Password('realm_passwd', cli_name='password', confirm=False) option: Str('realm_server?', cli_name='server') option: Str('setattr*', cli_name='setattr', exclude='webui') option: Password('trust_secret?', cli_name='trust_secret', confirm=False) diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 99acfb8f8ce1532e4406087af3f9c158fc313159..bc9f31fa1002ab6664d8efba44f9ecb77e8a3825 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -429,13 +429,13 @@ sides. takes_options = LDAPCreate.takes_options + ( _trust_type_option, -Str('realm_admin?', +Str('realm_admin', cli_name='admin', label=_(Active Directory domain administrator), ), -Password('realm_passwd?', +Password('realm_passwd', cli_name='password', -label=_(Active directory domain administrator's password), +label=_(Active Directory domain administrator's password), confirm=False, ), Str('realm_server?', -- 2.0.0 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel