subject:"Re\: \[Freeipa\-devel\] \[PATCH\] 0135 resolve SIDs to names in group\-show for external members"

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-20 Thread Martin Kosek

On 01/17/2014 01:26 PM, Sumit Bose wrote:
 On Fri, Jan 17, 2014 at 01:02:18PM +0100, Petr Vobornik wrote:
 On 17.1.2014 12:27, Sumit Bose wrote:
 On Fri, Jan 17, 2014 at 12:09:03PM +0100, Martin Kosek wrote:
 On 01/17/2014 11:50 AM, Sumit Bose wrote:
 On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
 On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
 Hi,

 when group contains external members, they are specified using SIDs. Use
 trust-resolve command to convert them back on group-show.

 https://bugzilla.redhat.com/show_bug.cgi?id=1054391
 Sumit found omission on name translation. New patch is attached.

 --
 / Alexander Bokovoy

 Patch now works as expected and python code looks good to me, so ACK.
 It would be nice if anyone else can check the python code before
 committing the patch.

 bye,
 Sumit

 Sumit, did you also test Web UI? We should check how it works there, we 
 may no
 longer need to call trust-resolve internally there given it was changed on
 server side.

 If not, Petr1 plans to check that now.

 sorry, no, I didn't check it.

 bye,
 Sumit


 Martin

 On my test system trust-resolve command is somehow broken. It
 doesn't return any names; therefore I was not able to test
 Alexander's patch properly.

 Anyway, attached patch removes the functionality from Web UI.
 
 WebUI still translates the SIDs here, so ACK.
 
 bye,
 Sumit

Thanks. Pushed both Web UI and Alexander's group-show patch to master, ipa-3-3
(I had to rebase Petr's patch there a little).

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-17 Thread Alexander Bokovoy


On Thu, 16 Jan 2014, Alexander Bokovoy wrote:

Hi,

when group contains external members, they are specified using SIDs. Use
trust-resolve command to convert them back on group-show.

https://bugzilla.redhat.com/show_bug.cgi?id=1054391

Sumit found omission on name translation. New patch is attached.

--
/ Alexander Bokovoy
From d7ce2cd8e646b7d07f80d19f4aa945e74b084aa7 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Thu, 16 Jan 2014 20:31:37 +0200
Subject: [PATCH 4/4] group-show: resolve external members of the groups

Perform SID to name conversion for existing external members of the
groups if trust is configured.

https://bugzilla.redhat.com/show_bug.cgi?id=1054391
https://fedorahosted.org/freeipa/ticket/4123
---
 ipalib/plugins/group.py | 15 +++
 1 file changed, 15 insertions(+)

diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 02eeb10..dac5500 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -387,6 +387,21 @@ api.register(group_find)
 class group_show(LDAPRetrieve):
 __doc__ = _('Display information about a named group.')
 has_output_params = LDAPRetrieve.has_output_params + 
(ipaexternalmember_param,)
+def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+assert isinstance(dn, DN)
+if ('ipaexternalmember' in entry_attrs and
+len(entry_attrs['ipaexternalmember'])  0 and
+'trust_resolve' in self.Command and
+not options.get('raw', False)):
+sids = entry_attrs['ipaexternalmember']
+result = self.Command.trust_resolve(sids=sids)
+for entry in result['result']:
+try:
+idx = sids.index(entry['sid'][0])
+sids[idx] = entry['name'][0]
+except ValueError:
+pass
+return dn
 api.register(group_show)
 
 
-- 
1.8.4.2

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-17 Thread Sumit Bose

On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
 On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
 Hi,
 
 when group contains external members, they are specified using SIDs. Use
 trust-resolve command to convert them back on group-show.
 
 https://bugzilla.redhat.com/show_bug.cgi?id=1054391
 Sumit found omission on name translation. New patch is attached.
 
 -- 
 / Alexander Bokovoy

Patch now works as expected and python code looks good to me, so ACK.
It would be nice if anyone else can check the python code before
committing the patch.

bye,
Sumit

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-17 Thread Martin Kosek

On 01/17/2014 11:50 AM, Sumit Bose wrote:
 On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
 On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
 Hi,

 when group contains external members, they are specified using SIDs. Use
 trust-resolve command to convert them back on group-show.

 https://bugzilla.redhat.com/show_bug.cgi?id=1054391
 Sumit found omission on name translation. New patch is attached.

 -- 
 / Alexander Bokovoy
 
 Patch now works as expected and python code looks good to me, so ACK.
 It would be nice if anyone else can check the python code before
 committing the patch.
 
 bye,
 Sumit

Sumit, did you also test Web UI? We should check how it works there, we may no
longer need to call trust-resolve internally there given it was changed on
server side.

If not, Petr1 plans to check that now.

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-17 Thread Sumit Bose

On Fri, Jan 17, 2014 at 12:09:03PM +0100, Martin Kosek wrote:
 On 01/17/2014 11:50 AM, Sumit Bose wrote:
  On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
  On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
  Hi,
 
  when group contains external members, they are specified using SIDs. Use
  trust-resolve command to convert them back on group-show.
 
  https://bugzilla.redhat.com/show_bug.cgi?id=1054391
  Sumit found omission on name translation. New patch is attached.
 
  -- 
  / Alexander Bokovoy
  
  Patch now works as expected and python code looks good to me, so ACK.
  It would be nice if anyone else can check the python code before
  committing the patch.
  
  bye,
  Sumit
 
 Sumit, did you also test Web UI? We should check how it works there, we may no
 longer need to call trust-resolve internally there given it was changed on
 server side.
 
 If not, Petr1 plans to check that now.

sorry, no, I didn't check it.

bye,
Sumit

 
 Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-17 Thread Petr Vobornik


On 17.1.2014 12:27, Sumit Bose wrote:

On Fri, Jan 17, 2014 at 12:09:03PM +0100, Martin Kosek wrote:

On 01/17/2014 11:50 AM, Sumit Bose wrote:

On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:

On Thu, 16 Jan 2014, Alexander Bokovoy wrote:

Hi,

when group contains external members, they are specified using SIDs. Use
trust-resolve command to convert them back on group-show.

https://bugzilla.redhat.com/show_bug.cgi?id=1054391

Sumit found omission on name translation. New patch is attached.

--
/ Alexander Bokovoy


Patch now works as expected and python code looks good to me, so ACK.
It would be nice if anyone else can check the python code before
committing the patch.

bye,
Sumit


Sumit, did you also test Web UI? We should check how it works there, we may no
longer need to call trust-resolve internally there given it was changed on
server side.

If not, Petr1 plans to check that now.


sorry, no, I didn't check it.

bye,
Sumit



Martin


On my test system trust-resolve command is somehow broken. It doesn't 
return any names; therefore I was not able to test Alexander's patch 
properly.


Anyway, attached patch removes the functionality from Web UI.
--
Petr Vobornik
From f55645dc41728e1ac453633babbcfe4b39568551 Mon Sep 17 00:00:00 2001
From: Petr Vobornik pvobo...@redhat.com
Date: Fri, 17 Jan 2014 12:43:11 +0100
Subject: [PATCH] Remove SID resolve call from Web UI

- it's called in group-show

https://bugzilla.redhat.com/show_bug.cgi?id=1054391
---
 install/ui/src/freeipa/association.js | 52 ---
 install/ui/src/freeipa/group.js   |  1 -
 2 files changed, 53 deletions(-)

diff --git a/install/ui/src/freeipa/association.js b/install/ui/src/freeipa/association.js
index 8709b9045bc1baa7f08067fb57f39ce562c050d1..7b4a78d5a678861e60ba3db3c8ed6bf561629b25 100644
--- a/install/ui/src/freeipa/association.js
+++ b/install/ui/src/freeipa/association.js
@@ -1508,58 +1508,6 @@ exp.attribute_facet = IPA.attribute_facet = function(spec, no_init) {
 };
 
 /**
- * SID facet
- * @class association.sid_facet
- * @alternateClassName IPA.sid_facet
- * @extends association.attribute_facet
- */
-exp.sid_facet = IPA.sid_facet = function(spec, no_init) {
-
-spec.name = spec.name || 'sid_facet';
-
-var that = IPA.attribute_facet(spec, no_init);
-
-that.load_records = function(value) {
-var xlate = {};
-var sidxlate_command = IPA.command({
-entity: 'trust',
-method: 'resolve',
-options: {
-sids: ''
-}
-});
-sidxlate_command.on_success = function(data, text_status, xhr) {
-for (var i=0; i data.result.result.length; i++) {
-var entry = data.result.result[i];
-if (entry.sid[0] in xlate) {
-xlate[entry.sid[0]].resolve(entry.name[0]);
-}
-}
-};
-that.table.empty();
-
-if (value.length === 0) return;
-
-var sids = [];
-for (var i=0; i value.length; i++) {
-var sid = value[i][that.attribute];
-var deferred = new Deferred();
-value[i][that.attribute] = {
-promise: deferred.promise,
-temp: sid
-};
-xlate[sid] = deferred;
-sids.push(sid);
-that.add_record(value[i]);
-}
-sidxlate_command.options.sids = sids;
-sidxlate_command.execute();
-};
-
-return that;
-};
-
-/**
  * Attriute read-only evaluator
  * @class IPA.attr_read_only_evaluator
  * @extends IPA.state_evaluator
diff --git a/install/ui/src/freeipa/group.js b/install/ui/src/freeipa/group.js
index 5e8cdf991cdaf4f52e3f49dca431e999a72f2089..bb12d902fcba8228098b667aa6fbd3fa7daee34d 100644
--- a/install/ui/src/freeipa/group.js
+++ b/install/ui/src/freeipa/group.js
@@ -112,7 +112,6 @@ return {
 },
 {
 $type: 'attribute',
-$factory: IPA.sid_facet,
 name: 'member_external',
 attribute: 'ipaexternalmember',
 tab_label: 'External',
-- 
1.8.4.2

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-17 Thread Sumit Bose

On Fri, Jan 17, 2014 at 01:02:18PM +0100, Petr Vobornik wrote:
 On 17.1.2014 12:27, Sumit Bose wrote:
 On Fri, Jan 17, 2014 at 12:09:03PM +0100, Martin Kosek wrote:
 On 01/17/2014 11:50 AM, Sumit Bose wrote:
 On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
 On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
 Hi,
 
 when group contains external members, they are specified using SIDs. Use
 trust-resolve command to convert them back on group-show.
 
 https://bugzilla.redhat.com/show_bug.cgi?id=1054391
 Sumit found omission on name translation. New patch is attached.
 
 --
 / Alexander Bokovoy
 
 Patch now works as expected and python code looks good to me, so ACK.
 It would be nice if anyone else can check the python code before
 committing the patch.
 
 bye,
 Sumit
 
 Sumit, did you also test Web UI? We should check how it works there, we may 
 no
 longer need to call trust-resolve internally there given it was changed on
 server side.
 
 If not, Petr1 plans to check that now.
 
 sorry, no, I didn't check it.
 
 bye,
 Sumit
 
 
 Martin
 
 On my test system trust-resolve command is somehow broken. It
 doesn't return any names; therefore I was not able to test
 Alexander's patch properly.
 
 Anyway, attached patch removes the functionality from Web UI.

WebUI still translates the SIDs here, so ACK.

bye,
Sumit

 -- 
 Petr Vobornik

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

2014-01-16 Thread Dmitri Pal

On 01/16/2014 01:35 PM, Alexander Bokovoy wrote:
 Hi,

 when group contains external members, they are specified using SIDs. Use
 trust-resolve command to convert them back on group-show.

 https://bugzilla.redhat.com/show_bug.cgi?id=1054391


 ___
 Freeipa-devel mailing list
 Freeipa-devel@redhat.com
 https://www.redhat.com/mailman/listinfo/freeipa-devel
https://fedorahosted.org/freeipa/ticket/4123

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

Re: [Freeipa-devel] [PATCH] 0135 resolve SIDs to names in group-show for external members

8 matches

Site Navigation

Mail list logo

Footer information