Issue #2317: ipa help delegation example has group and membergroup backwards? - freeipa

freeipa

#2317 ipa help delegation example has group and membergroup backwards?

Closed: Fixed None Opened 12 years ago by mkosek.

https://bugzilla.redhat.com/show_bug.cgi?id=784468 (Red Hat Enterprise Linux 6)

Description of problem:

The help for ipa delegation appears to be incorrect.  The EXAMPLES section
says:
<snip>
 Add a delegation rule to allow managers to edit employee's addresses:
   ipa delegation-add --attrs=street --membergroup=managers --group=employees
"managers edit employees' street"
</snip>

This appears to contradict what is described in the Identity Management Guide
(which appears to reflect actual behaviour):

<snip>
--group, the group who is being granted permissions to the entries of users in
the user group.

--membergroup, the group whose entries can be edited by members of the
delegation group.
</snip>

Tests reflect the latter behaviour.

Version-Release number of selected component (if applicable):

389-ds-base-1.2.9.14-1.el6.x86_64
389-ds-base-libs-1.2.9.14-1.el6.x86_64
ipa-admintools-2.2.0-101.20120123T0157zgit64cf8a4.el6.x86_64
ipa-server-2.2.0-101.20120123T0157zgit64cf8a4.el6.x86_64

How reproducible:

always

Steps to Reproduce:
1. <setup ipa server>
2. ipa help delegation

Actual results:

"ipa help delegation" shows incorrect example with group and membergroup
reversed.

<snip>
 Add a delegation rule to allow managers to edit employee's addresses:
   ipa delegation-add --attrs=street --membergroup=managers --group=employees
"managers edit employees' street"
</snip>

Expected results:

I'd expect the EXAMPLE to read:
 Add a delegation rule to allow managers to edit employee's addresses:
   ipa delegation-add --attrs=street --group=managers --membergroup=employees
"managers edit employees' street"


Or similar.

Additional info:

Test to reproduce behaviour:
1. <setup ipa server>
2. kinit admin
3. create users employee and manager
4. ipa group-add --desc=managers managers
5. ipa group-add --desc=employees employees
6. ipa group-add-member managers --users=manager
7. ipa group-add-member employees --users=employee
8. ipa delegation-add test --membergroup=managers --group=employees
--attrs=street
9. ipa user-mod employee --street=Elm
<fails/>
10. kinit employee
11. ipa user-mod manager --street=Pine
<works/>

mkosek commented 12 years ago

master: 0192901[[BR]]
ipa-2-2: 079952f

Metadata Update from @mkosek:
- Issue assigned to pviktori
- Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/03

7 years ago

Metadata

Assignee

pviktori

Tags

None

Blocking

None

Depending on

None

Priority

low

Milestone

FreeIPA 2.2 Core Effort - 2012/03

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=784468

tester

None

changelog

None

design

None

freeipa

Source Code

#2317 ipa help delegation example has group and membergroup backwards? Closed: Fixed None Opened 12 years ago by mkosek.

Metadata

#2317 ipa help delegation example has group and membergroup backwards?

Closed: Fixed None Opened 12 years ago by mkosek.