ipatests/test_xmlrpc/test_dns_plugin.py and ipatests/test_cmdline/test_cli.py use --force` /force=True/{'force' : True}for commands likepermission-delordnsrecord-add. The force option hasflags=['no_option']`` meaning that the option is not available outside of server context.
ipatests/test_xmlrpc/test_dns_plugin.py
ipatests/test_cmdline/test_cli.py
--force` /
/
for commands like
or
. The force option has
The server context is accessible for servers. https://pagure.io/freeipa/issue/8312 fixes detection logic for api.env.in_tree setting, which results in tests now using the proper client-side context. This breaks tests that assume that use the force option.
api.env.in_tree
force
exclude=('cli', 'webui')
I'm leaning towards option 3. It's the least work and gives limited exposure to a feature that somebody deemed important in the past.
Metadata Update from @cheimes: - Custom field blocking adjusted to 8312 - Issue marked as blocking: #8312 - Issue priority set to: normal - Issue set to the milestone: FreeIPA 4.8.7
I am not in favor of opening these powerful options to the API.
It's unclear from this report how in_tree factors in. Could you instead set in_server? Seems like that would more closely duplicate a real environment anyway.
The in_tree option changes how remote plugin behave, see https://pagure.io/freeipa/blob/master/f/ipaclient/remote_plugins/__init__.py#_119
in_tree
NOTE Remove kwargs.update(in_tree=True), too.
kwargs.update(in_tree=True)
master:
ipa-4-8:
My opinion after reading through the code: - for DNS record we should make --force available. This should be useful for bootstrapping NS record for zones where you indeed would have unresolved record at that point. So, treat users as adults here. All tests imply this setup, it seems. - for permissions, I believe that we need to rework tests that create and delete 'system' permissions. Simply use direct LDAP operations to delete them if needed or move those tests out of xmlrpc test suite completely.
--force
Login to comment on this ticket.