Bug 672255 - ipa config-mod --usersearch and --groupsearch should not allow fields to be added that don't exist
Summary: ipa config-mod --usersearch and --groupsearch should not allow fields to be a...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: freeIPA
Classification: Retired
Component: ipa-admintools
Version: 2.0
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
Assignee: Dmitri Pal
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-01-24 15:38 UTC by Jenny Severance
Modified: 2015-01-04 23:46 UTC (History)
5 users (show)

Fixed In Version: freeipa-2.1.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-03-27 07:22:31 UTC
Embargoed:

Attachments (Terms of Use)

Description Jenny Severance 2011-01-24 15:38:32 UTC 
Description of problem:
when modifying the default search fields for users and groups , ipa config-mod --usersearch and --groupsearch should not allow fields to be added that don't exist.

<snip>

# ipa config-mod --usersearch="uid,givenname,sn,telephonenumber,ou,title,bogus"
  Max username length: 32
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
  Default e-mail domain: testrelm
  Search time limit: 2
  Search size limit: 100
  User search fields: uid,givenname,sn,telephonenumber,ou,title,bogus
  Group search fields: cn,description
  Migration mode: FALSE
  Certificate Subject base: O=TESTRELM
# ipa config-mod --groupsearch="cn,description,bogus"
  Max username length: 32
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
  Default e-mail domain: testrelm
  Search time limit: 2
  Search size limit: 100
  User search fields: uid,givenname,sn,telephonenumber,ou,title,bogus
  Group search fields: cn,description,bogus
  Migration mode: FALSE
  Certificate Subject base: O=TESTRELM

</snip

Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. kinit as admin
2. see decription <snip>
3. 
  
Actual results:
successful add a field that doesn't exist to the default search fields

Expected results:
error message stating that the field is invalid/doesn't exist

Additional info:
Comment 1 Jakub Hrozek 2011-01-24 21:57:38 UTC 
https://fedorahosted.org/freeipa/ticket/845
Comment 2 Pavel Zuna 2011-02-07 12:29:06 UTC 
master: 3dae8f18a67185c08dfa52d2e8f7cfcf9b5661b1
Comment 3 Jenny Severance 2011-03-01 19:39:39 UTC 
Verified:

version:
ipa-server-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64
ipa-admintools-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipaconfig_searchfields_userfields_negative
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Add field bogus to user search fields
:: [   PASS   ] :: Attempt failed as expected
:: [   LOG    ] :: Duration: 3s
:: [   LOG    ] :: Assertions: 1 good, 0 bad
:: [   PASS   ] :: RESULT: ipaconfig_searchfields_userfields_negative

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipaconfig_searchfields_groupfields_negative
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Add field bogus to group search fields
:: [   PASS   ] :: Attempt failed as expected
:: [   LOG    ] :: Duration: 3s
:: [   LOG    ] :: Assertions: 1 good, 0 bad
:: [   PASS   ] :: RESULT: ipaconfig_searchfields_groupfields_negative
Note You need to log in before you can comment on or make changes to this bug.