Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1341634
Description of problem: Some vault error message can be improved to be more helpful and descriptive. How reproducible: Always. Steps to Reproduce: 1. Try to add a new vault owner as a regular user without vault admin privileges: $ ipa vault-add-owner vault_name --users user_name ... Failed owners: owner user: user_name: Insufficient access: Insufficient 'write' privilege to the 'owner' attribute of entry ... 2. Try to display information about a vault in a container other than your own private container. For example, run ipa vault-show on a shared vault without adding --shared: $ ipa vault-show shared_vault ipa: ERROR: shared_vault: vault not found Actual results: The current error messages don't clearly explain what is wrong and how to fix the problem. Expected results: In case of 1., the error message could clearly say that the user doesn't have sufficient privileges for the command. In case of 2., the error message could say that by default, users can only use the command on vaults in their private container. If they want to target a vault in another container, they must add additional options (--shared, --user, or --service). Additional info:
Targetted for 4.4.x.
also check https://bugzilla.redhat.com/show_bug.cgi?id=1341634#c3
The issue 1. won't fix as there's no way to receive the exception in the vault_add_owner method. However, that seems fine to me as the message clearly states what is happening.
Moving to next major version. Fixing this bug is not critical in stabilization release.
We haven't been able to fulfill this requirement as it requires changes in framework or majority of vault-* commands code which we do not want to modify. Thus WONTFIX.
To be more precise, the improvement is non-trivial task given that how vault-* commands are implemented. We do not think that fixing this bug would bring enough value to justify the amount of time required.
Implementation would require #6552 - refactoring of vault commands
Metadata Update from @pvoborni: - Issue assigned to stlaz - Issue set to the milestone: FreeIPA 4.5
Login to comment on this ticket.