Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NAS-129780 / 24.10 / Simplify API for querying directory services users and groups #13942

Merged
merged 1 commit into from
Jul 2, 2024
Merged

NAS-129780 / 24.10 / Simplify API for querying directory services users and groups #13942

merged 1 commit into from
Jul 2, 2024

Conversation

anodos325
Copy link
Contributor

Cache query responses are fast enough that we should include by default. Directory services users and groups can be reasonably omitted if filters explicitly call for local or builtin users.

@anodos325 anodos325 added the WIP label Jun 27, 2024
@anodos325 anodos325 force-pushed the simplify-account branch 3 times, most recently from 45ce29d to 74a1f9b Compare June 27, 2024 19:26
@anodos325 anodos325 added jira-medium and removed WIP labels Jun 27, 2024
@bugclerk bugclerk changed the title Simplify API for querying directory services users and groups NAS-129780 / 24.10 / Simplify API for querying directory services users and groups Jun 27, 2024
@bugclerk
Copy link
Contributor

Jira URL: https://ixsystems.atlassian.net/browse/NAS-129780

@anodos325 anodos325 requested a review from a team June 27, 2024 20:59
@anodos325 anodos325 force-pushed the simplify-account branch 3 times, most recently from 6ab30af to 5f892e1 Compare June 28, 2024 15:08
bmeagherix
bmeagherix requested changes Jul 1, 2024
View reviewed changes
Copy link
Contributor

@bmeagherix bmeagherix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sshd_config.mako contains:

	users = middleware.call_sync('user.query')
	root_user = filter_list(users, [['username', '=', 'root']], {'get': True})

Presumably this should be updated. (And if not, maybe add a comment saying why not.)

plugins/smb.py share_precheck contains

            local_smb_user_cnt = await self.middleware.call(
                'user.query',
                [['smb', '=', True]],
                {'count': True}
            )

should this also be updated? (And if not, maybe add a comment saying why not.)

@anodos325 anodos325 requested a review from bmeagherix July 1, 2024 20:53
@anodos325 anodos325 force-pushed the simplify-account branch 2 times, most recently from ffc7a35 to 2a7f966 Compare July 2, 2024 16:34
@anodos325
Simplify API for querying directory services users and groups
f00c944 
Cache query responses are fast enough that we should include
by default. Directory services users and groups can be reasonably
omitted if filters explicitly call for local or builtin users.

Remove currently-disabled old LDAP test and validate that DS users
and groups returned via user.query and group.query.

Add useful CallErrors if someone tries to modify DS user.
Sometimes API consumers are over-enthusiastic about what they
can do with users provided by AD / LDAP.
@anodos325 anodos325 merged commit 7714865 into master Jul 2, 2024
2 of 3 checks passed
@anodos325 anodos325 deleted the simplify-account branch July 2, 2024 18:09
@bugclerk
Copy link
Contributor

bugclerk commented Jul 2, 2024

This PR has been merged and conversations have been locked.
If you would like to discuss more about this issue please use our forums or raise a Jira ticket.

@truenas truenas locked as resolved and limited conversation to collaborators Jul 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bmeagherix bmeagherix bmeagherix approved these changes

Assignees
No one assigned
Labels
jira-medium no-time-tracked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@anodos325 @bugclerk @bmeagherix