-
Notifications
You must be signed in to change notification settings - Fork 896
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove the FQDN from group names for ext auth. #12752
Conversation
This change represents a team effort with much input from @abellotti and @amavinag. I appreciate the help! JoeV |
@abellotti Please review |
@miq-bot add_label blocker bug darga/yes |
@miq-bot add_label euwe/yes |
@miq-bot remove_label darga/yes |
@jvlcek Cannot apply the following label because they are not recognized: blocker bug darga/yes |
👍 LGTM!! Could you take care of the Rubocop warning above. Thanks. |
d24808a
to
e5fe788
Compare
Checked commit jvlcek@e5fe788 with ruby 2.2.5, rubocop 0.37.2, and haml-lint 0.16.1 |
@@ -124,7 +128,7 @@ def self.get_httpd_groups_by_user(user) | |||
rescue => err | |||
raise _("Unable to get groups for user %{user_name} - %{error}") % {:user_name => username, :error => err} | |||
end | |||
user_groups.first | |||
strip_group_domains(user_groups.first) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jvlcek Will user_groups.first
return an object on which collect
can be called?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chessbyte Yes user_groups.first returns an array with a single element which itself is an array. I have tested this change on a live appliance.
👍 |
Remove the FQDN from group names for ext auth. (cherry picked from commit 2f64834) https://bugzilla.redhat.com/show_bug.cgi?id=1394425
Euwe Backport details: $ git log -1
commit 0323f78f862bda2745bd1d443c99b173a7b90568
Author: Gregg Tanzillo <gtanzill@redhat.com>
Date: Mon Nov 21 10:00:27 2016 -0500
Merge pull request #12752 from jvlcek/bz1394425_domain
Remove the FQDN from group names for ext auth.
(cherry picked from commit 2f648343d0062cc8c2b35c2c56a0451d2670fb82)
https://bugzilla.redhat.com/show_bug.cgi?id=1394425 |
@simaishi Please make Euwe BZ for https://bugzilla.redhat.com/show_bug.cgi?id=1394425 |
@miq-bot add_label darga/yes |
Remove the FQDN from group names for ext auth. (cherry picked from commit 2f64834) https://bugzilla.redhat.com/show_bug.cgi?id=1397516
Darga Backport details: $ git log -1
commit 3b30cbfe58dd4ac2648864561c7b9065144e467e
Author: Gregg Tanzillo <gtanzill@redhat.com>
Date: Mon Nov 21 10:00:27 2016 -0500
Merge pull request #12752 from jvlcek/bz1394425_domain
Remove the FQDN from group names for ext auth.
(cherry picked from commit 2f648343d0062cc8c2b35c2c56a0451d2670fb82)
https://bugzilla.redhat.com/show_bug.cgi?id=1397516 |
A new version of SSSD, 1-14, was introduced in RHEL 7.3. A change in this version of
SSSD is to store fully qualified group names in the SSSD cache.
This PR will remove the domain portion of the fully qualified group names.
Steps for Testing/QA [Optional]
One way to test this is to configure an appliance with External Auth/SSSD/LDAP
and attempt to add a group under:
Configuration/Access Control/Groups/Configuration (pull down)/Add a new Group
check: (Look up External Authentication Groups)
Enter a valid user in: User to Look Up
click the Retrieve button
The dropdown: LDAP Groups for User should be populated with group names that do not include the fully qualified domain.
https://bugzilla.redhat.com/show_bug.cgi?id=1394425