iam group error handling (guest accounts)
I've created a guest account ens2ll
shock@RA:~$ iam guest new -f Eugenio -l Ns2lli -m test@delizio.so -d "Authorized Leonhard Med guest" -h eunaselli -a "ID SIS" -n t -c leomed-support@id.ethz.ch
{
"admingroup": null,
"birth_date": null,
"category": "IAM-Gast",
"cre_date": "2024-01-25T13:33:53",
"department": null,
"description": "Authorized Leonhard Med guest",
"displayname": "Ns2lli Eugenio",
"end_date": "2025-01-24",
"firstname": "Eugenio",
"gender": null,
"gidNumber": "504775",
"host_admingroup": "ID SIS",
"host_leitzahl": "06007",
"host_username": "eunaselli",
"lastname": "Ns2lli",
"leitzahl": null,
"mail": "test@delizio.so",
"mod_date": "2024-01-25T13:33:53",
"notification": "To technical contact",
"npid": "4067569",
"nuid": "6133589",
"orcid": null,
"persid": null,
"start_date": "2024-01-25",
"state": "ENABLED",
"technical_contact": "leomed-support@id.ethz.ch",
"title": null,
"type": "IAM-Identit\u00e4t",
"uidNumber": "627403",
"username": "ens2ll"
}Added the service AD
shock@RA:~$ iam user ens2ll -g AD
{
"services": [
{
"Assigned by": "",
"delete_after": "24-JAN-2025",
"enabled": "1",
"login_until": "24-JAN-2025",
"name": "LDAP"
},
{
"Assigned by": "",
"delete_after": "24-JAN-2025",
"enabled": "1",
"login_until": "24-JAN-2025",
"name": "WLAN_VPN"
},
{
"Assigned by": "manual",
"delete_after": "24-JAN-2025",
"enabled": "1",
"login_until": "24-JAN-2025",
"name": "Active Directory"
}
]
}When trying to add it to ID-LEOMED-SISRP I get:
shock@RA:~$ iam group ID-LEOMED-SISRP -a ens2ll
Traceback (most recent call last):
File "/home/shock/.local/bin/iam", line 8, in <module>
sys.exit(cli())
File "/usr/lib/python3/dist-packages/click/core.py", line 1128, in __call__
return self.main(*args, **kwargs)
File "/usr/lib/python3/dist-packages/click/core.py", line 1053, in main
rv = self.invoke(ctx)
File "/usr/lib/python3/dist-packages/click/core.py", line 1659, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/lib/python3/dist-packages/click/core.py", line 1395, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/lib/python3/dist-packages/click/core.py", line 754, in invoke
return __callback(*args, **kwargs)
File "/usr/lib/python3/dist-packages/click/decorators.py", line 84, in new_func
return ctx.invoke(f, obj, *args, **kwargs)
File "/usr/lib/python3/dist-packages/click/core.py", line 754, in invoke
return __callback(*args, **kwargs)
File "/home/shock/.local/lib/python3.10/site-packages/ethz_iam_webservice/main.py", line 468, in manage_group
group.add_members(users=add, subgroups=add_subgroup)
File "/home/shock/.local/lib/python3.10/site-packages/ethz_iam_webservice/group.py", line 267, in add_members
group = self.new_from_data(data)
File "/home/shock/.local/lib/python3.10/site-packages/ethz_iam_webservice/group.py", line 118, in new_from_data
if data.get("certificationDate")
AttributeError: 'NoneType' object has no attribute 'get'It gives the impression that the user hasn't been added because the get failed, when in reality:
shock@RA:~$ iam group ID-LEOMED-SISRP
{
"admingroup": "ID SIS",
"category": "Custom",
"certification_date": "",
"certification_note": "LeoMed",
"certification_period": "No recertification",
"cre_date": "2021-09-17T13:56:25",
"description": "Access group for LeoMed 2.0",
"gidNumber": "459479",
"grid": "6087834",
"group_ad_ou": "ou=Custom,ou=EthLists",
"managers": [],
"members": [
"adm-lbrechbuehl",
"barillac",
"michalo",
"strpeter",
"ttestguestla",
"rkuzyakiv",
"ens2ll",
"lbrechbuehl",
"tguestlastna",
"ID-SIS-RP-LMT"
],
"mod_date": "2024-01-25T12:35:39",
"name": "ID-LEOMED-SISRP",
"state": "PROCESSED",
"targets": [
"AD",
"LDAP"
]
}