Only specify the ipatokenuniqueid default in the add operation

Specifying the default in the LDAP Object causes the parameter to be specified
for non-add operations. This is especially problematic when performing the
modify operation as it causes the primary key to change for every
modification.

https://fedorahosted.org/freeipa/ticket/4227

Reviewed-By: Petr Viktorin <pviktori@redhat.com>

1 files changed, 5 insertions, 2 deletions

diff --git a/ipalib/plugins/otptoken.py b/ipalib/plugins/otptoken.py
index f68ea7df5..027c28f85 100644
--- a/ipalib/plugins/otptoken.py
+++ b/ipalib/plugins/otptoken.py
@@ -120,8 +120,6 @@ class otptoken(LDAPObject):
         Str('ipatokenuniqueid',
             cli_name='id',
             label=_('Unique ID'),
-            default_from=lambda: unicode(uuid.uuid4()),
-            autofill=True,
             primary_key=True,
             flags=('optional_create'),
         ),
@@ -233,6 +231,11 @@ class otptoken_add(LDAPCreate):
     )
 
     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
+        # Fill in a default UUID when not specified.
+        if entry_attrs.get('ipatokenuniqueid', None) is None:
+            entry_attrs['ipatokenuniqueid'] = str(uuid.uuid4())
+            dn = DN("ipatokenuniqueid=%s" % entry_attrs['ipatokenuniqueid'], dn)
+
         # Set the object class and defaults for specific token types
         entry_attrs['objectclass'] = otptoken.object_class + ['ipatoken' + options['type']]
         for ttype, tattrs in TOKEN_TYPES.items():