summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Vobornik <pvoborni@redhat.com>2012-06-13 17:44:36 +0200
committerMartin Kosek <mkosek@redhat.com>2012-06-25 18:17:06 +0200
commitae19cce7adcb08cc192a9a2b320a09ab10269f52 (patch)
tree3c27c902afa5b8e80c3d4f6cf110bd9dcea643ac
parenta5cb1961fe23335700df51c6aaae1f3d669dd71c (diff)
downloadfreeipa-ae19cce7adcb08cc192a9a2b320a09ab10269f52.zip
freeipa-ae19cce7adcb08cc192a9a2b320a09ab10269f52.tar.gz
freeipa-ae19cce7adcb08cc192a9a2b320a09ab10269f52.tar.xz
Trust Web UI
This patch adds Web UI for trusts. Navigation path is IPA Server/Trust. It allows to add, deleted and show trust. Mod command doesn't have defined input options so update of a trust is not supported yet. Adder dialog supports two ways if adding a trust: 1) adding with domain name, admin name and admin password. 2) adding with domain name, shared secret Search page shows only list of realm names which are trusts' cns. Details page is read only. It contains following attributes: * Realm name (cn) * Domain NetBIOS name (ipantflatname) * Domain Security Identifier (ipanttrusteddomainsid) * Trust direction (trustdirection) * Trust type (trusttype) trust_output_params also defines 'Trust status' param. This param is not return by show command as well so it's commented out in code until it's fixed in plugin code. Fields in details pages are using labels defined in internal.py. It is temporary solution until including of command.has_output_params will be added to metadata. https://fedorahosted.org/freeipa/ticket/2829
-rw-r--r--install/ui/Makefile.am1
-rw-r--r--install/ui/dialog.js6
-rw-r--r--install/ui/index.html1
-rw-r--r--install/ui/ipa.css11
-rw-r--r--install/ui/ipa.js28
-rwxr-xr-xinstall/ui/jquery.ordered-map.js35
-rw-r--r--install/ui/jsl.conf1
-rw-r--r--install/ui/test/data/ipa_init.json14
-rw-r--r--install/ui/test/data/ipa_init_commands.json405
-rw-r--r--install/ui/test/data/ipa_init_objects.json182
-rw-r--r--install/ui/test/data/trust_add.json9
-rw-r--r--install/ui/test/data/trust_find_pkeys.json17
-rw-r--r--install/ui/test/data/trust_show.json67
-rw-r--r--install/ui/trust.js165
-rw-r--r--install/ui/webui.js3
-rw-r--r--install/ui/widget.js214
-rw-r--r--ipalib/plugins/internal.py14
17 files changed, 1145 insertions, 28 deletions
diff --git a/install/ui/Makefile.am b/install/ui/Makefile.am
index ea3a202..7eb9b04 100644
--- a/install/ui/Makefile.am
+++ b/install/ui/Makefile.am
@@ -61,6 +61,7 @@ app_DATA = \
serverconfig.js \
service.js \
sudo.js \
+ trust.js \
user.js \
webui.js \
widget.js \
diff --git a/install/ui/dialog.js b/install/ui/dialog.js
index 9003aa8..2af9ee3 100644
--- a/install/ui/dialog.js
+++ b/install/ui/dialog.js
@@ -232,13 +232,15 @@ IPA.dialog = function(spec) {
var widget_builder = IPA.widget_builder({
widget_options: {
- entity: that.entity
+ entity: that.entity,
+ facet: that
}
});
var field_builder = IPA.field_builder({
field_options: {
undo: false,
- entity: that.entity
+ entity: that.entity,
+ facet: that
}
});
var section_builder = IPA.section_builder({
diff --git a/install/ui/index.html b/install/ui/index.html
index 01335d7..653704b 100644
--- a/install/ui/index.html
+++ b/install/ui/index.html
@@ -43,6 +43,7 @@
<script type="text/javascript" src="policy.js"></script>
<script type="text/javascript" src="aci.js"></script>
<script type="text/javascript" src="entitle.js"></script>
+ <script type="text/javascript" src="trust.js"></script>
<script type="text/javascript" src="ext/extension.js"></script>
<script type="text/javascript" src="webui.js"></script>
diff --git a/install/ui/ipa.css b/install/ui/ipa.css
index 2ce8494..c0cec89 100644
--- a/install/ui/ipa.css
+++ b/install/ui/ipa.css
@@ -1756,4 +1756,15 @@ form#login {
.disabled {
color: gray;
cursor: default;
+}
+
+/* --- Multiple choice widget --- */
+
+.multiple-choice-section-header {
+ font-weight: bold;
+ font-size: 1.1em;
+}
+
+.choice-header {
+ font-weight: bold;
} \ No newline at end of file
diff --git a/install/ui/ipa.js b/install/ui/ipa.js
index 7667c76..f0ad01c 100644
--- a/install/ui/ipa.js
+++ b/install/ui/ipa.js
@@ -1087,6 +1087,34 @@ IPA.build = function(spec, builder_fac) {
return product;
};
+IPA.build_default = function(spec, def_spec) {
+
+ var builder, factory, default_object;
+
+ if (!spec && !def_spec) return null;
+
+ if (typeof def_spec === 'function') { //factory function
+ factory = def_spec;
+ } else if (typeof def_spec === 'object') {
+ default_object = def_spec;
+ }
+
+ builder = IPA.builder({
+ factory: factory
+ });
+
+ var product;
+ spec = spec || default_object || {};
+
+ if ($.isArray(spec)) {
+ product = builder.build_objects(spec);
+ } else {
+ product = builder.build(spec);
+ }
+
+ return product;
+};
+
IPA.default_factory = function(spec) {
spec = spec || {};
diff --git a/install/ui/jquery.ordered-map.js b/install/ui/jquery.ordered-map.js
index 64cad6e..33737b5 100755
--- a/install/ui/jquery.ordered-map.js
+++ b/install/ui/jquery.ordered-map.js
@@ -47,11 +47,13 @@ jQuery.ordered_map = jQuery.fn.ordered_map = function(map) {
}
that.map[key] = value;
+
+ return that;
};
that.put_map = function(map) {
- if (typeof map !== 'object') return;
+ if (typeof map !== 'object') return that;
for (name in map) {
@@ -59,6 +61,35 @@ jQuery.ordered_map = jQuery.fn.ordered_map = function(map) {
that.put(name, map[name]);
}
}
+
+ return that;
+ };
+
+ that.put_array = function(array, key_name, operation) {
+
+ var i, item, type, key;
+
+ array = array || [];
+
+ for (i=0; i<array.length; i++) {
+ item = array[i];
+ type = typeof item;
+ if (type === 'string') {
+ key = item;
+ } if (type === 'object') {
+ key = item[key_name];
+ }
+
+ if (operation) {
+ item = operation(item);
+ }
+
+ if (key) {
+ that.put(key, item);
+ }
+ }
+
+ return that;
};
that.remove = function(key) {
@@ -80,6 +111,7 @@ jQuery.ordered_map = jQuery.fn.ordered_map = function(map) {
that.values = [];
that.map = {};
that.length = that.keys.length;
+ return that;
};
that.get_key_index = function(key) {
@@ -119,6 +151,5 @@ jQuery.ordered_map = jQuery.fn.ordered_map = function(map) {
that.put_map(map);
-
return that;
};
diff --git a/install/ui/jsl.conf b/install/ui/jsl.conf
index 97789b2..bec553f 100644
--- a/install/ui/jsl.conf
+++ b/install/ui/jsl.conf
@@ -157,6 +157,7 @@
+process dns.js
+process automount.js
+process automember.js
++process trust.js
+process webui.js
+process login.js
+process reset_password.js
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index 9bb36bb..6621fe5 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -410,6 +410,19 @@
"specified_users": "Specified Users and Groups",
"user": "Who"
},
+ "trust": {
+ "account": "Account",
+ "admin_account": "Administrative account",
+ "details": "Trust Settings",
+ "domain": "Domain",
+ "establish_using": "Establish using",
+ "ipantflatname": "Domain NetBIOS name",
+ "ipanttrusteddomainsid": "Domain Security Identifier",
+ "preshared_password": "Pre-shared password",
+ "trustdirection": "Trust direction",
+ "truststatus": "Trust status",
+ "trusttype": "Trust type"
+ },
"user": {
"account": "Account Settings",
"account_status": "Account Status",
@@ -429,6 +442,7 @@
"invalid_password": "The password or username you entered is incorrect.",
"new_password": "New Password",
"new_password_required": "New password is required",
+ "password": "Password",
"password_change_complete": "Password change complete",
"password_must_match": "Passwords must match",
"reset_failure": "Password reset was not successful.",
diff --git a/install/ui/test/data/ipa_init_commands.json b/install/ui/test/data/ipa_init_commands.json
index c5fd18a..3a2d261 100644
--- a/install/ui/test/data/ipa_init_commands.json
+++ b/install/ui/test/data/ipa_init_commands.json
@@ -2099,7 +2099,9 @@
"type": "unicode",
"values": [
"AllowLMhash",
- "AllowNThash"
+ "AllowNThash",
+ "KDC:Disable Last Success",
+ "KDC:Disable Lockout"
]
},
{
@@ -8110,6 +8112,219 @@
}
]
},
+ "entitle_consume": {
+ "takes_args": [
+ {
+ "class": "Int",
+ "doc": "Quantity",
+ "flags": [],
+ "label": "Quantity",
+ "maxvalue": 2147483647,
+ "minvalue": 1,
+ "name": "quantity",
+ "required": true,
+ "type": "int"
+ }
+ ],
+ "takes_options": [
+ {
+ "class": "Int",
+ "default": 1,
+ "doc": "Quantity",
+ "flags": [
+ "no_option",
+ "no_output"
+ ],
+ "label": "Quantity",
+ "maxvalue": 2147483647,
+ "minvalue": 1,
+ "name": "hidden",
+ "required": true,
+ "type": "int"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
+ "entitle_find": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "class": "Int",
+ "doc": "Time limit of search in seconds",
+ "flags": [
+ "no_display"
+ ],
+ "label": "Time Limit",
+ "maxvalue": 2147483647,
+ "name": "timelimit",
+ "type": "int"
+ },
+ {
+ "class": "Int",
+ "doc": "Maximum number of entries returned",
+ "flags": [
+ "no_display"
+ ],
+ "label": "Size Limit",
+ "maxvalue": 2147483647,
+ "name": "sizelimit",
+ "type": "int"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
+ "entitle_get": {
+ "name": "entitle_get",
+ "takes_args": [],
+ "takes_options": [
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
+ "entitle_import": {
+ "takes_args": [
+ {
+ "class": "File",
+ "doc": "<usercertificate>",
+ "flags": [],
+ "label": "<usercertificate>",
+ "multivalue": true,
+ "name": "usercertificate",
+ "type": "unicode"
+ }
+ ],
+ "takes_options": [
+ {
+ "name": "setattr"
+ },
+ {
+ "name": "addattr"
+ },
+ {
+ "class": "Str",
+ "default": "IMPORTED",
+ "doc": "Enrollment UUID",
+ "flags": [
+ "no_update",
+ "no_create"
+ ],
+ "label": "UUID",
+ "name": "uuid",
+ "noextrawhitespace": true,
+ "type": "unicode"
+ }
+ ]
+ },
+ "entitle_register": {
+ "takes_args": [
+ {
+ "class": "Str",
+ "doc": "Username",
+ "flags": [],
+ "label": "Username",
+ "name": "username",
+ "noextrawhitespace": true,
+ "required": true,
+ "type": "unicode"
+ }
+ ],
+ "takes_options": [
+ {
+ "name": "setattr"
+ },
+ {
+ "name": "addattr"
+ },
+ {
+ "class": "Str",
+ "doc": "Enrollment UUID (not implemented)",
+ "flags": [
+ "no_update",
+ "no_create"
+ ],
+ "label": "UUID",
+ "name": "ipaentitlementid",
+ "noextrawhitespace": true,
+ "type": "unicode"
+ },
+ {
+ "class": "Password",
+ "doc": "Registration password",
+ "flags": [],
+ "label": "Password",
+ "name": "password",
+ "noextrawhitespace": true,
+ "required": true,
+ "type": "unicode"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
+ "entitle_status": {
+ "name": "entitle_status",
+ "takes_args": [],
+ "takes_options": []
+ },
+ "entitle_sync": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "class": "Int",
+ "default": 1,
+ "doc": "Quantity",
+ "flags": [
+ "no_option",
+ "no_output"
+ ],
+ "label": "Quantity",
+ "maxvalue": 2147483647,
+ "minvalue": 1,
+ "name": "hidden",
+ "required": true,
+ "type": "int"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
"env": {
"name": "env",
"takes_args": [
@@ -15784,6 +15999,194 @@
}
]
},
+ "trust_add": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "class": "StrEnum",
+ "default": "ad",
+ "doc": "Trust type (ad for Active Directory, default)",
+ "flags": [],
+ "label": "Trust type (ad for Active Directory, default)",
+ "name": "trust_type",
+ "required": true,
+ "type": "unicode",
+ "values": [
+ "ad"
+ ]
+ },
+ {
+ "class": "Str",
+ "doc": "Active Directory domain administrator",
+ "flags": [],
+ "label": "Active Directory domain administrator",
+ "name": "realm_admin",
+ "noextrawhitespace": true,
+ "type": "unicode"
+ },
+ {
+ "class": "Password",
+ "doc": "Active directory domain adminstrator's password",
+ "flags": [],
+ "label": "Active directory domain adminstrator's password",
+ "name": "realm_passwd",
+ "noextrawhitespace": true,
+ "type": "unicode"
+ },
+ {
+ "class": "Str",
+ "doc": "Domain controller for the Active Directory domain (optional)",
+ "flags": [],
+ "label": "Domain controller for the Active Directory domain (optional)",
+ "name": "realm_server",
+ "noextrawhitespace": true,
+ "type": "unicode"
+ },
+ {
+ "class": "Password",
+ "doc": "Shared secret for the trust",
+ "flags": [],
+ "label": "Shared secret for the trust",
+ "name": "trust_secret",
+ "noextrawhitespace": true,
+ "type": "unicode"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
+ "trust_del": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "class": "Flag",
+ "doc": "Continuous mode: Don't stop on errors.",
+ "flags": [],
+ "label": "<continue>",
+ "name": "continue",
+ "required": true,
+ "type": "bool"
+ }
+ ]
+ },
+ "trust_find": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "attribute": true,
+ "class": "Str",
+ "doc": "Realm name",
+ "flags": [],
+ "label": "Realm name",
+ "name": "cn",
+ "noextrawhitespace": true,
+ "primary_key": true,
+ "query": true,
+ "type": "unicode"
+ },
+ {
+ "class": "Int",
+ "doc": "Time limit of search in seconds",
+ "flags": [
+ "no_display"
+ ],
+ "label": "Time Limit",
+ "maxvalue": 2147483647,
+ "name": "timelimit",
+ "type": "int"
+ },
+ {
+ "class": "Int",
+ "doc": "Maximum number of entries returned",
+ "flags": [
+ "no_display"
+ ],
+ "label": "Size Limit",
+ "maxvalue": 2147483647,
+ "name": "sizelimit",
+ "type": "int"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ },
+ {
+ "class": "Flag",
+ "doc": "Results should contain primary key attribute only (\"realm\")",
+ "flags": [],
+ "label": "Primary key only",
+ "name": "pkey_only",
+ "type": "bool"
+ }
+ ]
+ },
+ "trust_mod": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "name": "setattr"
+ },
+ {
+ "name": "addattr"
+ },
+ {
+ "name": "delattr"
+ },
+ {
+ "class": "Flag",
+ "doc": "Display the access rights of this entry (requires --all). See ipa man page for details.",
+ "flags": [],
+ "label": "Rights",
+ "name": "rights",
+ "required": true,
+ "type": "bool"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
+ "trust_show": {
+ "takes_args": [],
+ "takes_options": [
+ {
+ "class": "Flag",
+ "doc": "Display the access rights of this entry (requires --all). See ipa man page for details.",
+ "flags": [],
+ "label": "Rights",
+ "name": "rights",
+ "required": true,
+ "type": "bool"
+ },
+ {
+ "name": "all"
+ },
+ {
+ "name": "raw"
+ },
+ {
+ "name": "version"
+ }
+ ]
+ },
"user_add": {
"takes_args": [],
"takes_options": [
diff --git a/install/ui/test/data/ipa_init_objects.json b/install/ui/test/data/ipa_init_objects.json
index c4adfd7..25db686 100644
--- a/install/ui/test/data/ipa_init_objects.json
+++ b/install/ui/test/data/ipa_init_objects.json
@@ -580,7 +580,9 @@
"type": "unicode",
"values": [
"AllowLMhash",
- "AllowNThash"
+ "AllowNThash",
+ "KDC:Disable Last Success",
+ "KDC:Disable Lockout"
]
},
{
@@ -817,8 +819,28 @@
"ipagroupobjectclasses",
"ipagroupsearchfields",
"ipahomesrootdir",
+ "ipakrbprincipalalias",
"ipamaxusernamelength",
"ipamigrationenabled",
+ "ipantdomainguid",
+ "ipantfallbackprimarygroup",
+ "ipantflatname",
+ "ipanthash",
+ "ipanthomedirectory",
+ "ipanthomedirectorydrive",
+ "ipantlogonscript",
+ "ipantprofilepath",
+ "ipantsecurityidentifier",
+ "ipantsupportedencryptiontypes",
+ "ipanttrustattributes",
+ "ipanttrustauthincoming",
+ "ipanttrustauthoutgoing",
+ "ipanttrustdirection",
+ "ipanttrusteddomainsid",
+ "ipanttrustforesttrustinfo",
+ "ipanttrustpartner",
+ "ipanttrustposixoffset",
+ "ipanttrusttype",
"ipapermissiontype",
"ipapwdexpadvnotify",
"ipasearchrecordslimit",
@@ -3915,6 +3937,67 @@
],
"uuid_attribute": ""
},
+ "entitle": {
+ "aciattrs": [
+ "ipaentitlementid",
+ "ipauniqueid",
+ "usercertificate",
+ "userpkcs12"
+ ],
+ "attribute_members": {},
+ "bindable": false,
+ "container_dn": "cn=entitlements,cn=etc",
+ "default_attributes": [
+ "ipaentitlement"
+ ],
+ "hidden_attributes": [
+ "objectclass",
+ "aci"
+ ],
+ "label": "Entitlements",
+ "label_singular": "Entitlement",
+ "methods": [
+ "consume",
+ "find",
+ "import",
+ "register",
+ "sync"
+ ],
+ "name": "entitle",
+ "object_class": [
+ "ipaobject",
+ "ipaentitlement"
+ ],
+ "object_class_config": null,
+ "object_name": "entitlement",
+ "object_name_plural": "entitlements",
+ "parent_object": "",
+ "rdn_attribute": "",
+ "relationships": {
+ "member": [
+ "Member",
+ "",
+ "no_"
+ ],
+ "memberindirect": [
+ "Indirect Member",
+ null,
+ "no_indirect_"
+ ],
+ "memberof": [
+ "Member Of",
+ "in_",
+ "not_in_"
+ ],
+ "memberofindirect": [
+ "Indirect Member Of",
+ null,
+ "not_in_indirect_"
+ ]
+ },
+ "takes_params": [],
+ "uuid_attribute": "ipaentitlementid"
+ },
"group": {
"aciattrs": [
"businesscategory",
@@ -6063,6 +6146,7 @@
},
"service": {
"aciattrs": [
+ "ipakrbprincipalalias",
"ipauniqueid",
"krbcanonicalname",
"krbextradata",
@@ -6125,7 +6209,8 @@
"krbticketpolicyaux",
"ipaobject",
"ipaservice",
- "pkiuser"
+ "pkiuser",
+ "ipakrbprincipal"
],
"object_class_config": null,
"object_name": "service",
@@ -6807,6 +6892,99 @@
],
"uuid_attribute": "ipauniqueid"
},
+ "trust": {
+ "aciattrs": [
+ "cn",
+ "ipantflatname",
+ "ipantsupportedencryptiontypes",
+ "ipanttrustattributes",
+ "ipanttrustauthincoming",
+ "ipanttrustauthoutgoing",
+ "ipanttrustdirection",
+ "ipanttrusteddomainsid",
+ "ipanttrustforesttrustinfo",
+ "ipanttrustpartner",
+ "ipanttrustposixoffset",
+ "ipanttrusttype",
+ "objectclass"
+ ],
+ "attribute_members": {},
+ "bindable": false,
+ "container_dn": "cn=trusts",
+ "default_attributes": [
+ "cn",
+ "ipantflatname",
+ "ipanttrusteddomainsid",
+ "ipanttrusttype",
+ "ipanttrustattributes",
+ "ipanttrustdirection",
+ "ipanttrustpartner",
+ "ipantauthtrustoutgoing",
+ "ipanttrustauthincoming",
+ "ipanttrustforesttrustinfo",
+ "ipanttrustposixoffset",
+ "ipantsupportedencryptiontypes"
+ ],
+ "hidden_attributes": [
+ "objectclass",
+ "aci"
+ ],
+ "label": "Trusts",
+ "label_singular": "Trust",
+ "methods": [
+ "add_ad",
+ "del",
+ "find",
+ "mod",
+ "show"
+ ],
+ "name": "trust",
+ "object_class": [
+ "ipaNTTrustedDomain"
+ ],
+ "object_class_config": null,
+ "object_name": "trust",
+ "object_name_plural": "trusts",
+ "parent_object": "",
+ "primary_key": "cn",
+ "rdn_attribute": "",
+ "relationships": {
+ "member": [
+ "Member",
+ "",
+ "no_"
+ ],
+ "memberindirect": [
+ "Indirect Member",
+ null,
+ "no_indirect_"
+ ],
+ "memberof": [
+ "Member Of",
+ "in_",
+ "not_in_"
+ ],
+ "memberofindirect": [
+ "Indirect Member Of",
+ null,
+ "not_in_indirect_"
+ ]
+ },
+ "takes_params": [
+ {
+ "class": "Str",
+ "doc": "Realm name",
+ "flags": [],
+ "label": "Realm name",
+ "name": "cn",
+ "noextrawhitespace": true,
+ "primary_key": true,
+ "required": true,
+ "type": "unicode"
+ }
+ ],
+ "uuid_attribute": ""
+ },
"user": {
"aciattrs": [
"audio",
diff --git a/install/ui/test/data/trust_add.json b/install/ui/test/data/trust_add.json
new file mode 100644
index 0000000..707eed2
--- /dev/null
+++ b/install/ui/test/data/trust_add.json
@@ -0,0 +1,9 @@
+{
+ "error": null,
+ "id": null,
+ "result": {
+ "result": {},
+ "summary": "Added Active Directory trust for realm \"ad.test\"",
+ "value": "ad.test"
+ }
+} \ No newline at end of file
diff --git a/install/ui/test/data/trust_find_pkeys.json b/install/ui/test/data/trust_find_pkeys.json
new file mode 100644
index 0000000..353170c
--- /dev/null
+++ b/install/ui/test/data/trust_find_pkeys.json
@@ -0,0 +1,17 @@
+{
+ "error": null,
+ "id": null,
+ "result": {
+ "count": 1,
+ "result": [
+ {
+ "cn": [
+ "ad.test"
+ ],
+ "dn": "cn=ad.test,cn=ad,cn=trusts,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com"
+ }
+ ],
+ "summary": "1 trust matched",
+ "truncated": false
+ }
+} \ No newline at end of file
diff --git a/install/ui/test/data/trust_show.json b/install/ui/test/data/trust_show.json
new file mode 100644
index 0000000..fa5ce3a
--- /dev/null
+++ b/install/ui/test/data/trust_show.json
@@ -0,0 +1,67 @@
+{
+ "error": null,
+ "id": null,
+ "result": {
+ "result": {
+ "attributelevelrights": {
+ "aci": "rscwo",
+ "cn": "rscwo",
+ "ipantflatname": "rscwo",
+ "ipantsupportedencryptiontypes": "rscwo",
+ "ipanttrustattributes": "rscwo",
+ "ipanttrustauthincoming": "rscwo",
+ "ipanttrustauthoutgoing": "rscwo",
+ "ipanttrustdirection": "rscwo",
+ "ipanttrusteddomainsid": "rscwo",
+ "ipanttrustforesttrustinfo": "rscwo",
+ "ipanttrustpartner": "rscwo",
+ "ipanttrustposixoffset": "rscwo",
+ "ipanttrusttype": "rscwo",
+ "nsaccountlock": "rscwo"
+ },
+ "cn": [
+ "ad.test"
+ ],
+ "dn": "cn=ad.test,cn=ad,cn=trusts,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com",
+ "ipantflatname": [
+ "AD"
+ ],
+ "ipanttrustattributes": [
+ "136"
+ ],
+ "ipanttrustauthincoming": [
+ {
+ "__base64__": "AQAAAAwAAAAwAAAAgKOs1XFQzQECAAAAEgAAAGEAYQBhAEEAQQBBADEAMQAxAAAA"
+ }
+ ],
+ "ipanttrustauthoutgoing": [
+ {
+ "__base64__": "AQAAAAwAAAAwAAAAgKOs1XFQzQECAAAAEgAAAGEAYQBhAEEAQQBBADEAMQAxAAAA"
+ }
+ ],
+ "ipanttrustdirection": [
+ "3"
+ ],
+ "ipanttrusteddomainsid": [
+ "S-1-5-21-2085708479-1865276630-1146473440"
+ ],
+ "ipanttrustpartner": [
+ "ad.test"
+ ],
+ "ipanttrusttype": [
+ "2"
+ ],
+ "objectclass": [
+ "ipaNTTrustedDomain"
+ ],
+ "trustdirection": [
+ "Two-way trust"
+ ],
+ "trusttype": [
+ "Active Directory domain"
+ ]
+ },
+ "summary": null,
+ "value": "ad.test"
+ }
+} \ No newline at end of file
diff --git a/install/ui/trust.js b/install/ui/trust.js
new file mode 100644
index 0000000..77e7cb3
--- /dev/null
+++ b/install/ui/trust.js
@@ -0,0 +1,165 @@
+/*jsl:import ipa.js */
+
+/* Authors:
+ * Petr Vobornik <pvoborni@redhat.com>
+ *
+ * Copyright (C) 2010 Red Hat
+ * see file 'COPYING' for use and warranty information
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/* REQUIRES: ipa.js, details.js, search.js, add.js, facet.js, entity.js */
+
+IPA.trust = {};
+
+IPA.trust.entity = function(spec) {
+
+ var that = IPA.entity(spec);
+
+ that.init = function() {
+ that.entity_init();
+
+ that.builder.search_facet({
+ columns: [
+ 'cn'
+ ]
+ }).
+ details_facet({
+ sections: [
+ {
+ name: 'details',
+ label: IPA.messages.objects.trust.details,
+ fields: [
+ 'cn',
+ {
+ name: 'ipantflatname',
+ label: IPA.messages.objects.trust.ipantflatname,
+ read_only: true
+ },
+ {
+ name: 'ipanttrusteddomainsid',
+ label: IPA.messages.objects.trust.ipanttrusteddomainsid,
+ read_only: true
+ },
+ {
+ name: 'trustdirection',
+ label: IPA.messages.objects.trust.trustdirection
+ },
+ {
+ name: 'trusttype',
+ label: IPA.messages.objects.trust.trusttype
+ }
+// trust status not supported by show command at the moment
+// {
+// name: 'truststatus',
+// label: IPA.messages.objects.trust.truststatus
+// }
+ ]
+ }
+ ]
+ }).
+ adder_dialog({
+ fields: [
+ {
+ name: 'cn',
+ label: IPA.messages.objects.trust.domain,
+ widget: 'realm.realm_server'
+ },
+ {
+ name: 'realm_admin',
+ label: IPA.messages.objects.trust.account,
+ widget: 'method.realm_admin'
+ },
+ {
+ type: 'password',
+ name: 'realm_passwd',
+ label: IPA.messages.password.password,
+ widget: 'method.realm_passwd'
+ },
+ {
+ type: 'password',
+ name: 'trust_secret',
+ label: IPA.messages.password.password,
+ widget: 'method.trust_secret'
+ },
+ {
+ type: 'password',
+ name: 'trust_secret_verify',
+ label: IPA.messages.password.verify_password,
+ widget: 'method.trust_secret_verify',
+ flags: ['no_command'],
+ validators: [IPA.same_password_validator({
+ other_field: 'trust_secret'
+ })]
+ }
+ ],
+ widgets: [
+ {
+ type: 'details_table_section_nc',
+ name: 'realm',
+ widgets: [
+ 'realm_server'
+ ]
+ },
+ {
+ type: 'multiple_choice_section',
+ name: 'method',
+ label: IPA.messages.objects.trust.establish_using,
+ choices: [
+ {
+ name: 'admin-account',
+ label: IPA.messages.objects.trust.admin_account,
+ fields: ['realm_admin', 'realm_passwd'],
+ required: ['realm_admin', 'realm_passwd'],
+ enabled: true
+ },
+ {
+ name: 'preshared_password',
+ label: IPA.messages.objects.trust.preshared_password,
+ fields: ['trust_secret', 'trust_secret_verify'],
+ required: ['trust_secret', 'trust_secret_verify']
+ }
+ ],
+ widgets: [
+ {
+ name: 'realm_admin'
+ },
+ {
+ type: 'password',
+ name: 'realm_passwd'
+ },
+ {
+ type: 'password',
+ name: 'trust_secret'
+ },
+ {
+ type: 'password',
+ name: 'trust_secret_verify'
+ }
+ ]
+ }
+ ],
+ policies: [
+ IPA.multiple_choice_section_policy({
+ widget: 'method'
+ })
+ ]
+ });
+ };
+
+ return that;
+};
+
+IPA.register('trust', IPA.trust.entity);
diff --git a/install/ui/webui.js b/install/ui/webui.js
index 5d32e79..9b7c31b 100644
--- a/install/ui/webui.js
+++ b/install/ui/webui.js
@@ -84,7 +84,8 @@ IPA.admin_navigation = function(spec) {
]},
{entity: 'selfservice'},
{entity: 'delegation'},
- {entity: 'config'}
+ {entity: 'config'},
+ {entity: 'trust'}
]}];
var that = IPA.navigation(spec);
diff --git a/install/ui/widget.js b/install/ui/widget.js
index ccda2ae..5038975 100644
--- a/install/ui/widget.js
+++ b/install/ui/widget.js
@@ -2669,33 +2669,34 @@ IPA.collapsible_section = function(spec) {
IPA.details_section = IPA.collapsible_section;
-IPA.details_table_section = function(spec) {
-
- spec = spec || {};
-
- var that = IPA.details_section(spec);
+IPA.layout = function(spec) {
+ return {};
+};
- that.action_panel = that.build_child(spec.action_panel);
+// Creates list of widgets into table with two columns: label and widget
+IPA.table_layout = function(spec) {
- that.rows = $.ordered_map();
+ spec = spec || {};
- that.composite_widget_create = function(container) {
+ var that = IPA.layout(spec);
+ that.table_class = spec.table_class || 'section-table';
+ that.label_cell_class = spec.label_cell_class || 'section-cell-label';
+ that.field_cell_class = spec.field_cell_class || 'section-cell-field';
+ that.label_class = spec.label_class || 'field-label';
+ that.field_class = spec.field_class || 'field';
- that.widget_create(container);
+ that.create = function(widgets) {
- if (that.action_panel) {
- that.action_panel.create(container);
- }
+ that.rows = $.ordered_map();
var table = $('<table/>', {
- 'class': 'section-table'
- }).appendTo(container);
+ 'class': that.table_class
+ });
- var widgets = that.widgets.get_widgets();
for (var i=0; i<widgets.length; i++) {
var widget = widgets[i];
var tr = $('<tr/>');
- that.add_row(widget.name, tr);
+ that.rows.put(widget.name, tr);
if (widget.hidden) {
tr.css('display', 'none');
@@ -2704,13 +2705,13 @@ IPA.details_table_section = function(spec) {
tr.appendTo(table);
var td = $('<td/>', {
- 'class': 'section-cell-label',
+ 'class': that.label_cell_class,
title: widget.label
}).appendTo(tr);
$('<label/>', {
name: widget.name,
- 'class': 'field-label',
+ 'class': that.label_class,
text: widget.label+':'
}).appendTo(td);
@@ -2719,17 +2720,44 @@ IPA.details_table_section = function(spec) {
}
td = $('<td/>', {
- 'class': 'section-cell-field',
+ 'class': that.field_cell_class,
title: widget.label
}).appendTo(tr);
var widget_container = $('<div/>', {
name: widget.name,
- 'class': 'field'
+ 'class': that.field_class
}).appendTo(td);
widget.create(widget_container);
}
+ return table;
+ };
+
+ return that;
+};
+
+IPA.details_table_section = function(spec) {
+
+ spec = spec || {};
+
+ var that = IPA.details_section(spec);
+ that.layout = IPA.build_default(spec.layout, IPA.table_layout);
+ that.action_panel = that.build_child(spec.action_panel);
+
+ that.rows = $.ordered_map();
+
+ that.composite_widget_create = function(container) {
+
+ that.widget_create(container);
+
+ if (that.action_panel) {
+ that.action_panel.create(container);
+ }
+ var widgets = that.widgets.get_widgets();
+ var table = that.layout.create(widgets);
+ table.appendTo(container);
+ that.rows = that.layout.rows;
};
@@ -2763,6 +2791,151 @@ IPA.details_table_section_nc = function(spec) {
return that;
};
+IPA.multiple_choice_section = function(spec) {
+
+ spec = spec || {};
+
+ var that = IPA.composite_widget(spec);
+ that.choices = $.ordered_map().put_array(spec.choices, 'name');
+ that.layout = IPA.build_default(spec.layout, IPA.table_layout);
+
+ that.create = function(container) {
+
+ var i, choice, choices;
+
+ that.widget_create(container);
+ that.container.addClass('multiple-choice-section');
+
+ that.header_element = $('<div/>', {
+ 'class': 'multiple-choice-section-header',
+ text: that.label
+ }).appendTo(container);
+
+ that.choice_container = $('<div/>', {
+ 'class': 'choices'
+ }).appendTo(container);
+
+ choices = that.choices.values;
+ for (i=0; i<choices.length; i++) {
+ choice = choices[i];
+ that.create_choice(choice);
+ }
+ };
+
+ that.create_choice = function(choice) {
+
+ var widgets, i, widget, field, section, choice_el, header, radio,
+ enabled, radio_id;
+
+ widgets = [];
+
+ if (choice.widgets) {
+ for (i=0; i<choice.widgets.length; i++) {
+ widget = that.widgets.get_widget(choice.widgets[i]);
+ widgets.push(widget);
+ }
+ } else if (choice.fields) {
+ for (i=0; i<choice.fields.length; i++) {
+ field = that.facet.fields.get_field(choice.fields[i]);
+ widgets.push(field.widget);
+ }
+ }
+
+ choice_el = $('<div/>',{
+ 'class': 'choice',
+ name: choice.name
+ });
+
+ header = $('<div/>',{
+ 'class': 'choice-header'
+ }).appendTo(choice_el);
+
+ enabled = choice.enabled !== undefined ? choice.enabled : false;
+
+ radio_id = that.name + '_' + choice.name;
+
+ $('<input/>',{
+ type: 'radio',
+ name: that.name,
+ id: radio_id,
+ value: choice.name,
+ checked: enabled,
+ change: function() {
+ that.select_choice(this.value);
+ }
+ }).appendTo(header);
+
+ $('<label/>',{
+ text: choice.label,
+ 'for': radio_id
+ }).appendTo(header);
+
+ section = that.layout.create(widgets);
+ section.appendTo(choice_el);
+ choice_el.appendTo(that.choice_container);
+ };
+
+ that.select_choice = function(choice_name) {
+
+ var i, choice, enabled;
+
+ for (i=0; i<that.choices.values.length; i++) {
+ choice = that.choices.values[i];
+ enabled = choice.name === choice_name;
+ that.set_enabled(choice, enabled);
+ }
+ };
+
+ that.set_enabled = function (choice, enabled) {
+
+ var i, field_name, field, fields, required;
+
+ fields = that.facet.fields;
+
+ for (i=0; i<choice.fields.length; i++) {
+ field_name = choice.fields[i];
+ field = fields.get_field(field_name);
+ field.set_enabled(enabled);
+ required = enabled && choice.required.indexOf(field_name) > -1;
+ field.set_required(required);
+ field.validate(); //hide validation errors
+ }
+ };
+
+ that.init_enabled = function() {
+
+ var i, choice;
+
+ for (i=0; i<that.choices.values.length; i++) {
+ choice = that.choices.values[i];
+ if (choice.enabled) {
+ that.select_choice(choice.name);
+ break;
+ }
+ }
+ };
+
+ return that;
+};
+
+IPA.multiple_choice_section_policy = function(spec) {
+
+ spec = spec || {};
+
+ var that = IPA.facet_policy(spec);
+ that.widget_name = spec.widget;
+
+ that.init = function() {
+ that.widget = that.container.widgets.get_widget(that.widget_name);
+ };
+
+ that.post_create = function() {
+ that.widget.init_enabled();
+ };
+
+ return that;
+};
+
IPA.enable_widget = function(spec) {
spec = spec || {};
@@ -3309,6 +3482,7 @@ IPA.widget_factories['combobox'] = IPA.combobox_widget;
IPA.widget_factories['composite_widget'] = IPA.composite_widget;
IPA.widget_factories['details_table_section'] = IPA.details_table_section;
IPA.widget_factories['details_table_section_nc'] = IPA.details_table_section_nc;
+IPA.widget_factories['multiple_choice_section'] = IPA.multiple_choice_section;
IPA.widget_factories['enable'] = IPA.enable_widget;
IPA.widget_factories['entity_select'] = IPA.entity_select_widget;
IPA.widget_factories['header'] = IPA.header_widget;
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 82ef300..0ba2aa8 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -549,6 +549,19 @@ class i18n_messages(Command):
"specified_users": _("Specified Users and Groups"),
"user": _("Who"),
},
+ "trust": {
+ "account": _("Account"),
+ "admin_account": _("Administrative account"),
+ "details": _("Trust Settings"),
+ "domain": _("Domain"),
+ "establish_using": _("Establish using"),
+ "ipantflatname": _("Domain NetBIOS name"),
+ "ipanttrusteddomainsid": _("Domain Security Identifier"),
+ "preshared_password": _("Pre-shared password"),
+ "trustdirection": _("Trust direction"),
+ "truststatus": _("Trust status"),
+ "trusttype": _("Trust type"),
+ },
"user": {
"account": _("Account Settings"),
"account_status": _("Account Status"),
@@ -568,6 +581,7 @@ class i18n_messages(Command):
"invalid_password": _("The password or username you entered is incorrect."),
"new_password": _("New Password"),
"new_password_required": _("New password is required"),
+ "password": _("Password"),
"password_change_complete": _("Password change complete"),
"password_must_match": _("Passwords must match"),
"reset_failure": _("Password reset was not successful."),