Bug 672255

Summary: ipa config-mod --usersearch and --groupsearch should not allow fields to be added that don't exist
Product: [Retired] freeIPA Reporter: Jenny Severance <jgalipea>
Component: ipa-admintoolsAssignee: Dmitri Pal <dpal>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: low Docs Contact:
Priority: unspecified    
Version: 2.0CC: benl, dpal, jgalipea, jhrozek, yzhang
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: freeipa-2.1.0-1.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-27 07:22:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jenny Severance 2011-01-24 15:38:32 UTC 
Description of problem:
when modifying the default search fields for users and groups , ipa config-mod --usersearch and --groupsearch should not allow fields to be added that don't exist.

<snip>

# ipa config-mod --usersearch="uid,givenname,sn,telephonenumber,ou,title,bogus"
  Max username length: 32
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
  Default e-mail domain: testrelm
  Search time limit: 2
  Search size limit: 100
  User search fields: uid,givenname,sn,telephonenumber,ou,title,bogus
  Group search fields: cn,description
  Migration mode: FALSE
  Certificate Subject base: O=TESTRELM
# ipa config-mod --groupsearch="cn,description,bogus"
  Max username length: 32
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
  Default e-mail domain: testrelm
  Search time limit: 2
  Search size limit: 100
  User search fields: uid,givenname,sn,telephonenumber,ou,title,bogus
  Group search fields: cn,description,bogus
  Migration mode: FALSE
  Certificate Subject base: O=TESTRELM

</snip

Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. kinit as admin
2. see decription <snip>
3. 
  
Actual results:
successful add a field that doesn't exist to the default search fields

Expected results:
error message stating that the field is invalid/doesn't exist

Additional info:
Comment 1 Jakub Hrozek 2011-01-24 21:57:38 UTC 
https://fedorahosted.org/freeipa/ticket/845
Comment 2 Pavel Zuna 2011-02-07 12:29:06 UTC 
master: 3dae8f18a67185c08dfa52d2e8f7cfcf9b5661b1
Comment 3 Jenny Severance 2011-03-01 19:39:39 UTC 
Verified:

version:
ipa-server-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64
ipa-admintools-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipaconfig_searchfields_userfields_negative
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Add field bogus to user search fields
:: [   PASS   ] :: Attempt failed as expected
:: [   LOG    ] :: Duration: 3s
:: [   LOG    ] :: Assertions: 1 good, 0 bad
:: [   PASS   ] :: RESULT: ipaconfig_searchfields_userfields_negative

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipaconfig_searchfields_groupfields_negative
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Add field bogus to group search fields
:: [   PASS   ] :: Attempt failed as expected
:: [   LOG    ] :: Duration: 3s
:: [   LOG    ] :: Assertions: 1 good, 0 bad
:: [   PASS   ] :: RESULT: ipaconfig_searchfields_groupfields_negative