diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2015-07-08 12:11:02 +0200 |
|---|---|---|
| committer | Tomas Babej <tbabej@redhat.com> | 2015-07-08 17:12:29 +0200 |
| commit | 927391125ce0b09652dfc1934fac5a61acf544d4 (patch) | |
| tree | 2447dec6e56bf39869d0b79eaac458e9f504d7d8 | |
| parent | a3727387ee924305c060f8793c0dc1ef7669736d (diff) | |
| download | freeipa-927391125ce0b09652dfc1934fac5a61acf544d4.tar.gz freeipa-927391125ce0b09652dfc1934fac5a61acf544d4.tar.xz freeipa-927391125ce0b09652dfc1934fac5a61acf544d4.zip | |
webui: caacl
Reviewed-By: Martin Basti <mbasti@redhat.com>
| -rw-r--r-- | install/ui/doc/categories.json | 1 | ||||
| -rw-r--r-- | install/ui/src/freeipa/app.js | 1 | ||||
| -rwxr-xr-x | install/ui/src/freeipa/certificate.js | 3 | ||||
| -rw-r--r-- | install/ui/src/freeipa/navigation/menu_spec.js | 5 | ||||
| -rw-r--r-- | install/ui/src/freeipa/plugins/caacl.js | 379 | ||||
| -rw-r--r-- | install/ui/test/data/ipa_init.json | 13 | ||||
| -rw-r--r-- | ipalib/plugins/internal.py | 13 |
7 files changed, 414 insertions, 1 deletions
diff --git a/install/ui/doc/categories.json b/install/ui/doc/categories.json index 34ca7e839..70b5666c0 100644 --- a/install/ui/doc/categories.json +++ b/install/ui/doc/categories.json @@ -256,6 +256,7 @@ "topology", "user", "plugins.api_browser", + "plugins.caacl", "plugins.certprofile", "plugins.load", "plugins.login", diff --git a/install/ui/src/freeipa/app.js b/install/ui/src/freeipa/app.js index 6efb6b0c0..1057120c0 100644 --- a/install/ui/src/freeipa/app.js +++ b/install/ui/src/freeipa/app.js @@ -29,6 +29,7 @@ define([ './aci', './automember', './automount', + './plugins/caacl', './plugins/certprofile', './dns', './group', diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js index b2d740dcb..146c71ef5 100755 --- a/install/ui/src/freeipa/certificate.js +++ b/install/ui/src/freeipa/certificate.js @@ -1024,7 +1024,8 @@ exp.facet_group = { label: '@i18n:tabs.cert', facets: { certificates: 'cert_search', - profiles: 'certprofile_search' + profiles: 'certprofile_search', + acls: 'caacl_search' } }; diff --git a/install/ui/src/freeipa/navigation/menu_spec.js b/install/ui/src/freeipa/navigation/menu_spec.js index 713f205de..32bbd6aaa 100644 --- a/install/ui/src/freeipa/navigation/menu_spec.js +++ b/install/ui/src/freeipa/navigation/menu_spec.js @@ -137,6 +137,11 @@ var nav = {}; entity: 'cert', facet: 'search', hidden: true + }, + { + entity: 'caacl', + facet: 'search', + hidden: true } ] }, diff --git a/install/ui/src/freeipa/plugins/caacl.js b/install/ui/src/freeipa/plugins/caacl.js new file mode 100644 index 000000000..57343d1e4 --- /dev/null +++ b/install/ui/src/freeipa/plugins/caacl.js @@ -0,0 +1,379 @@ +// +// Copyright (C) 2015 FreeIPA Contributors see COPYING for license +// + +define([ + '../ipa', + '../jquery', + '../phases', + '../reg', + '../certificate', + '../rule' +], +function(IPA, $, phases, reg, cert) { +/** + * caacl module + * @class plugins.caacl + * @singleton + */ +var caacl = IPA.caacl = { + remove_method_priority: IPA.config.default_priority - 1 +}; + +var make_caacl_spec = function() { +var spec = { + name: 'caacl', + facets: [ + { + $type: 'search', + disable_facet_tabs: false, + tabs_in_sidebar: true, + tab_label: '@mo:caacl.label', + facet_groups: [cert.facet_group], + facet_group: 'certificates', + row_enabled_attribute: 'ipaenabledflag', + columns: [ + 'cn', + { + name: 'ipaenabledflag', + label: '@i18n:status.label', + formatter: 'boolean_status' + }, + 'description' + ], + actions: [ + 'batch_disable', + 'batch_enable' + ], + control_buttons: [ + { + name: 'disable', + label: '@i18n:buttons.disable', + icon: 'fa-minus' + }, + { + name: 'enable', + label: '@i18n:buttons.enable', + icon: 'fa-check' + } + ] + }, + { + $type: 'details', + $factory: IPA.sudorule_details_facet, + disable_facet_tabs: true, + command_mode: 'info', + actions: [ + 'enable', + 'disable', + 'delete' + ], + header_actions: ['enable', 'disable', 'delete'], + state: { + evaluators: [ + { + $factory: IPA.enable_state_evaluator, + field: 'ipaenabledflag' + } + ], + summary_conditions: [ + IPA.enabled_summary_cond, + IPA.disabled_summary_cond + ] + } + } + ], + adder_dialog: { + fields: [ + 'cn', + { + $type: 'textarea', + name: 'description' + } + ] + } +}; + + add_caacl_details_facet_widgets(spec.facets[1]); + return spec; +}; + +/** + * @ignore + * @param {Object} facet spec + */ +var add_caacl_details_facet_widgets = function (spec) { + + // + // General + // + + spec.fields = [ + { + name: 'cn', + read_only: true, + widget: 'general.cn' + }, + { + $type: 'textarea', + name: 'description', + widget: 'general.description' + } + ]; + + spec.widgets = [ + { + $type: 'details_section', + name: 'general', + label: '@i18n:details.general', + widgets: [ + { + name: 'cn' + }, + { + $type: 'textarea', + name: 'description' + } + ] + } + ]; + + // + // Cert Profiles + // + + spec.fields.push( + { + $type: 'radio', + name: 'ipacertprofilecategory', + widget: 'certprofile.rule.ipacertprofilecategory' + }, + { + $type: 'rule_association_table', + name: 'ipamembercertprofile_certprofile', + widget: 'certprofile.rule.ipamembercertprofile_certprofile', + priority: IPA.caacl.remove_method_priority + } + ); + + spec.widgets.push( + { + $factory: IPA.section, + name: 'certprofile', + label: '@i18n:objects.caacl.profile', + widgets: [ + { + $factory: IPA.rule_details_widget, + name: 'rule', + radio_name: 'ipacertprofilecategory', + options: [ + { value: 'all', + label: '@i18n:objects.caacl.any_profile' }, + { value: '', + label: '@i18n:objects.caacl.specified_profiles' } + ], + tables: [ + { name: 'ipamembercertprofile_certprofile' } + ], + widgets: [ + { + $type: 'rule_association_table', + id: 'caacl-ipamembercertprofile_certprofile', + name: 'ipamembercertprofile_certprofile', + add_method: 'add_profile', + remove_method: 'remove_profile', + add_title: '@i18n:association.add.member', + remove_title: '@i18n:association.remove.member' + } + ] + } + ] + } + ); + + // + // Who + // + + spec.fields.push( + // users + { + $type: 'radio', + name: 'usercategory', + widget: 'who.user.usercategory' + }, + { + $type: 'rule_association_table', + name: 'memberuser_user', + widget: 'who.user.memberuser_user', + priority: IPA.caacl.remove_method_priority + }, + { + $type: 'rule_association_table', + name: 'memberuser_group', + widget: 'who.user.memberuser_group', + priority: IPA.caacl.remove_method_priority + }, + + // hosts + { + $type: 'radio', + name: 'hostcategory', + widget: 'who.host.hostcategory' + }, + { + $type: 'rule_association_table', + name: 'memberhost_host', + widget: 'who.host.memberhost_host', + priority: IPA.caacl.remove_method_priority + }, + { + $type: 'rule_association_table', + name: 'memberhost_hostgroup', + widget: 'who.host.memberhost_hostgroup', + priority: IPA.caacl.remove_method_priority + }, + + // services + { + $type: 'radio', + name: 'servicecategory', + widget: 'who.service.servicecategory' + }, + { + $type: 'rule_association_table', + name: 'memberservice_service', + widget: 'who.service.memberservice_service', + priority: IPA.caacl.remove_method_priority + } + ); + + spec.widgets.push( + { + $factory: IPA.section, + name: 'who', + label: '@i18n:objects.caacl.who', + widgets: [ + { + $factory: IPA.rule_details_widget, + name: 'user', + radio_name: 'usercategory', + options: [ + { value: 'all', + label: '@i18n:objects.caacl.anyone' }, + { value: '', + label: '@i18n:objects.caacl.specified_users' } + ], + tables: [ + { name: 'memberuser_user' }, + { name: 'memberuser_group' } + ], + widgets: [ + { + $type: 'rule_association_table', + id: 'caacl-memberuser_user', + name: 'memberuser_user', + add_method: 'add_user', + remove_method: 'remove_user', + add_title: '@i18n:association.add.member', + remove_title: '@i18n:association.remove.member' + }, + { + $type: 'rule_association_table', + id: 'caacl-memberuser_group', + name: 'memberuser_group', + add_method: 'add_user', + remove_method: 'remove_user', + add_title: '@i18n:association.add.member', + remove_title: '@i18n:association.remove.member' + } + ] + }, + { + $factory: IPA.rule_details_widget, + name: 'host', + radio_name: 'hostcategory', + options: [ + { + 'value': 'all', + 'label': '@i18n:objects.caacl.any_host' + }, + { + 'value': '', + 'label': '@i18n:objects.caacl.specified_hosts' + } + ], + tables: [ + { 'name': 'memberhost_host' }, + { 'name': 'memberhost_hostgroup' } + ], + widgets: [ + { + $type: 'rule_association_table', + id: 'caacl-memberuser_user', + name: 'memberhost_host', + add_method: 'add_host', + remove_method: 'remove_host', + add_title: '@i18n:association.add.member', + remove_title: '@i18n:association.remove.member' + }, + { + $type: 'rule_association_table', + id: 'caacl-memberuser_group', + name: 'memberhost_hostgroup', + add_method: 'add_host', + remove_method: 'remove_host', + add_title: '@i18n:association.add.member', + remove_title: '@i18n:association.remove.member' + } + ] + }, + { + $factory: IPA.rule_details_widget, + name: 'service', + radio_name: 'servicecategory', + options: [ + { 'value': 'all', 'label': '@i18n:objects.caacl.any_service' }, + { 'value': '', 'label': '@i18n:objects.caacl.specified_services' } + ], + tables: [ + { 'name': 'memberservice_service' } + ], + widgets: [ + { + $type: 'rule_association_table', + id: 'caacl-memberservice_service', + name: 'memberservice_service', + add_method: 'add_service', + remove_method: 'remove_service', + add_title: '@i18n:association.add.member', + remove_title: '@i18n:association.remove.member' + } + ] + } + ] + } + ); +}; + + +/** + * CAACL entity specification object + * @member plugins.caacl + */ +caacl.caacl_spec = make_caacl_spec(); + + +/** + * Register entity + * @member plugins.caacl + */ +caacl.register = function() { + var e = reg.entity; + e.register({type: 'caacl', spec: caacl.caacl_spec}); +}; + +phases.on('registration', caacl.register); + +return caacl; +}); diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 1290db2c4..f253c57fe 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -203,6 +203,19 @@ "indirect": "Indirect", "map_type": "Map Type" }, + "caacl": { + "any_host": "Any Host", + "any_service": "Any Service", + "any_profile": "Any Profile", + "anyone": "Anyone", + "ipaenabledflag": "Rule status", + "profile": "Profiles", + "specified_hosts": "Specified Hosts and Groups", + "specified_profiles": "Specified Profiles", + "specified_services": "Specified Services and Groups", + "specified_users": "Specified Users and Groups", + "who": "Permitted to have certificates issued" + }, "cert": { "aa_compromise": "AA Compromise", "affiliation_changed": "Affiliation Changed", diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index 270a228b2..653d866da 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -347,6 +347,19 @@ class i18n_messages(Command): "direct": _("Direct"), "indirect": _("Indirect"), }, + "caacl": { + "any_host": _("Any Host"), + "any_service": _("Any Service"), + "any_profile": _("Any Profile"), + "anyone": _("Anyone"), + "ipaenabledflag": _("Rule status"), + "profile": _("Profiles"), + "specified_hosts": _("Specified Hosts and Groups"), + "specified_profiles": _("Specified Profiles"), + "specified_services": _("Specified Services and Groups"), + "specified_users": _("Specified Users and Groups"), + "who": _("Permitted to have certificates issued"), + }, "cert": { "aa_compromise": _("AA Compromise"), "affiliation_changed": _("Affiliation Changed"), |