Bug 1851411
Summary: | ipa: typo issue in ipanthomedirectoryrive deffinition | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Alexander Bokovoy <abokovoy> | ||||||||
Component: | ipa | Assignee: | Thomas Woerner <twoerner> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> | ||||||||
Severity: | unspecified | Docs Contact: | |||||||||
Priority: | unspecified | ||||||||||
Version: | --- | CC: | ksiddiqu, rcritten, ssidhaye, tscherf | ||||||||
Target Milestone: | rc | ||||||||||
Target Release: | 8.0 | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | ipa-4.8.7-3 | Doc Type: | If docs needed, set a value | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2020-11-04 02:51:04 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
Alexander Bokovoy
2020-06-26 13:06:18 UTC
Fixed upstream with commit 3912e8e6739058ef8fcb2964fda0edc3ee23fc1e Author: Petr Voborník <pvoborni> Date: Mon Jun 8 19:27:30 2020 +0200 baseuser: fix ipanthomedirectorydrive option name It should be ipanthomedirectorydrive and not ipanthomedirectoryrive. This fixes showing the field in Web UI and also should fix CLI as it probably never worked. Signed-off-by: Petr Vobornik <pvoborni> Reviewed-By: Alexander Bokovoy <abokovoy> ipa-4-8: commit a090b429fda35c5a9c3cfb672ab42a5985d00ff9 Author: Petr Voborník <pvoborni> Date: Mon Jun 8 19:27:30 2020 +0200 baseuser: fix ipanthomedirectorydrive option name It should be ipanthomedirectorydrive and not ipanthomedirectoryrive. This fixes showing the field in Web UI and also should fix CLI as it probably never worked. Signed-off-by: Petr Vobornik <pvoborni> Reviewed-By: Alexander Bokovoy <abokovoy> no automation for this and only manual execution for text change. One more related fix is from the upstream ticket 8336 master: commit f6707a71dcefd4b54d7909ad1ba9ba84f57c430a Author: Petr Voborník <pvoborni> Date: Mon Jun 8 19:11:33 2020 +0200 webui: hide user attributes for SMB services section if empty This section should be hidded if user object hasn't ipantuserattrs object class. I.e. when trusts are not enabled. Web UI framework already supports hidding of sections if the section contains no visible field. So to achieve it we simply needs to hide the fields. Given that attributelevelrights contains rights only for attributes of current object classes, all of these are regarded as not writable. We can leverage feature of input_widget that it gets hidden when the attribute is not writable and has no value and widget's "hidden_if_empty" is set to true. Thus doing it here. For this to work, it is also required to fix an issue with "ipanthomedirectorydrive" which is optional (in API) but Web UI doesn't offer "empty" ("") value. Adding it here. fixes: https://pagure.io/freeipa/issue/8336 Signed-off-by: Petr Vobornik <pvoborni> Reviewed-By: Alexander Bokovoy <abokovoy> Reviewed-By: Serhii Tsymbaliuk <stsymbal> ipa-4-8: commit 691b3cddb275821630f443f22706fa75e7c7a5c8 Author: Petr Voborník <pvoborni> Date: Mon Jun 8 19:11:33 2020 +0200 webui: hide user attributes for SMB services section if empty This section should be hidded if user object hasn't ipantuserattrs object class. I.e. when trusts are not enabled. Web UI framework already supports hidding of sections if the section contains no visible field. So to achieve it we simply needs to hide the fields. Given that attributelevelrights contains rights only for attributes of current object classes, all of these are regarded as not writable. We can leverage feature of input_widget that it gets hidden when the attribute is not writable and has no value and widget's "hidden_if_empty" is set to true. Thus doing it here. For this to work, it is also required to fix an issue with "ipanthomedirectorydrive" which is optional (in API) but Web UI doesn't offer "empty" ("") value. Adding it here. fixes: https://pagure.io/freeipa/issue/8336 Signed-off-by: Petr Vobornik <pvoborni> Reviewed-By: Serhii Tsymbaliuk <stsymbal> Reviewed-By: Alexander Bokovoy <abokovoy> Reproducer: Builds used : [root@ci-vm-10-0-136-213 test]# rpm -q ipa-server ipa-server-dns ipa-server-trust-ad ipa-server-4.8.4-7.module+el8.2.0+6046+aaa49f96.x86_64 ipa-server-dns-4.8.4-7.module+el8.2.0+6046+aaa49f96.noarch package ipa-server-trust-ad is not installed [root@ci-vm-10-0-136-213 test]# [root@ci-vm-10-0-136-213 test]# ipa user-show testuser --all dn: uid=testuser,cn=users,cn=accounts,dc=ci-vm-10-0-136-213,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com User login: testuser First name: test Last name: user Full name: test user Display name: test user Initials: tu Home directory: /home/testuser GECOS: test user Login shell: /bin/sh Principal name: testuser.UPSHIFT.RDU2.REDHAT.COM Principal alias: testuser.UPSHIFT.RDU2.REDHAT.COM Email address: testuser.upshift.rdu2.redhat.com UID: 1164400001 GID: 1164400001 Account disabled: False Preserved user: False Password: False Member of groups: ipausers Kerberos keys available: False ipauniqueid: a1319918-d7cb-11ea-b416-fa163ef2fa38 mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=ci-vm-10-0-136-213,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry "User attributes for SMB services" is shown in UI even though it's not set for the user Screenshot attached Verification: Builds used: [root@ci-vm-10-0-137-134 test]# rpm -q ipa-server ipa-server-dns ipa-server-trust-ad ipa-server-4.8.7-8.module+el8.3.0+7513+a375844a.x86_64 ipa-server-dns-4.8.7-8.module+el8.3.0+7513+a375844a.noarch ipa-server-trust-ad-4.8.7-8.module+el8.3.0+7513+a375844a.x86_64 [root@ci-vm-10-0-137-134 test]# [root@ci-vm-10-0-137-134 test]# ipa user-show testuser --all dn: uid=testuser,cn=users,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com User login: testuser First name: tet Last name: user Full name: tet user Display name: tet user Initials: tu Home directory: /home/testuser GECOS: tet user Login shell: /bin/sh Principal name: testuser.UPSHIFT.RDU2.REDHAT.COM Principal alias: testuser.UPSHIFT.RDU2.REDHAT.COM Email address: testuser.upshift.rdu2.redhat.com UID: 807800001 GID: 807800001 Account disabled: False Preserved user: False Password: False Member of groups: ipausers Kerberos keys available: False ipauniqueid: cf199606-d7e3-11ea-835e-fa163ee246c8 mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry "User attributes for SMB services" is not shown in UI when ipantuserattrs attribute for the user is not set Screenshot attached [root@ci-vm-10-0-137-134 test]# ipa user-show testuser --all dn: uid=testuser,cn=users,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com User login: testuser First name: tet Last name: user Full name: tet user Display name: tet user Initials: tu Home directory: /home/testuser GECOS: tet user Login shell: /bin/sh Principal name: testuser.UPSHIFT.RDU2.REDHAT.COM Principal alias: testuser.UPSHIFT.RDU2.REDHAT.COM Email address: testuser.upshift.rdu2.redhat.com UID: 807800001 GID: 807800001 Account disabled: False Preserved user: False Password: False Member of groups: ipausers Kerberos keys available: False ipantsecurityidentifier: S-1-5-21-4140417676-3365399039-539626829-1001 ipauniqueid: cf199606-d7e3-11ea-835e-fa163ee246c8 mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry, ipantuserattrs "User attributes for SMB services" is shown in UI when ipantuserattrs attribute for the user is set Screenshot attached Created attachment 1710679 [details]
Reproducer
Created attachment 1710680 [details]
Verification : before ipantuserattrs is set
Created attachment 1710681 [details]
Verification : after ipantuserattrs is set
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:4670 |