summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEndi S. Dewata <edewata@redhat.com>2011-07-09 03:01:46 -0500
committerEndi S. Dewata <edewata@redhat.com>2011-07-11 22:11:40 +0000
commit3229eee074e6b419f64faa9bb701a60fe96da3a6 (patch)
tree092087c3d74aad8f5afe58af33b6b38c5e427963
parent04753403445dd5b73baa1422206b5ca352281e4a (diff)
downloadfreeipa-3229eee074e6b419f64faa9bb701a60fe96da3a6.zip
freeipa-3229eee074e6b419f64faa9bb701a60fe96da3a6.tar.gz
freeipa-3229eee074e6b419f64faa9bb701a60fe96da3a6.tar.xz
Added sudo options.
A table has been added into sudo rule details page for managing sudo options. Ticket #1447
-rw-r--r--install/ui/association.js121
-rw-r--r--install/ui/dialog.js2
-rw-r--r--install/ui/sudo.js236
-rw-r--r--install/ui/test/data/ipa_init.json1
-rw-r--r--install/ui/test/data/sudorule_show.json4
-rw-r--r--install/ui/widget.js2
-rw-r--r--ipalib/plugins/internal.py1
7 files changed, 287 insertions, 80 deletions
diff --git a/install/ui/association.js b/install/ui/association.js
index 56a2761..b78e1e3 100644
--- a/install/ui/association.js
+++ b/install/ui/association.js
@@ -355,88 +355,77 @@ IPA.association_table_widget = function (spec) {
that.table_create(container);
- var buttons = $('span[name=buttons]', container);
-
- $('<input/>', {
- 'type': 'button',
- 'name': 'remove',
- 'value': IPA.messages.buttons.remove
- }).appendTo(buttons);
-
- $('<input/>', {
- 'type': 'button',
- 'name': 'add',
- 'value': IPA.messages.buttons.add
- }).appendTo(buttons);
- };
+ var button = IPA.action_button({
+ name: 'remove',
+ label: IPA.messages.buttons.remove,
+ icon: 'remove-icon',
+ click: function() {
+ that.remove_handler();
+ return false;
+ }
+ }).appendTo(that.buttons);
- that.setup = function(container) {
+ button = IPA.action_button({
+ name: 'add',
+ label: IPA.messages.buttons.add,
+ icon: 'add-icon',
+ click: function() {
+ that.add_handler();
+ return false;
+ }
+ }).appendTo(that.buttons);
+ };
- that.table_setup(container);
+ that.add_handler = function() {
+ if ($(this).hasClass('action-button-disabled')) {
+ return;
+ }
var entity = IPA.get_entity(that.entity_name);
var facet_name = IPA.current_facet(entity);
var facet = entity.get_facet(facet_name);
- var button = $('input[name=remove]', container);
- button.replaceWith(IPA.action_button({
- name: 'remove',
- 'label': button.val(),
- 'icon': 'remove-icon',
- 'click': function() {
- if ($(this).hasClass('action-button-disabled')) {
- return false;
- }
-
- if (facet.is_dirty()) {
- var dialog = IPA.dirty_dialog({
- facet: facet
- });
-
- dialog.callback = function() {
- that.show_remove_dialog();
- };
+ if (facet.is_dirty()) {
+ var dialog = IPA.dirty_dialog({
+ facet: facet
+ });
- dialog.init();
- dialog.open(that.container);
+ dialog.callback = function() {
+ that.show_add_dialog();
+ };
- } else {
- that.show_remove_dialog();
- }
+ dialog.init();
+ dialog.open(that.container);
- return false;
- }
- }));
+ } else {
+ that.show_add_dialog();
+ }
+ };
- button = $('input[name=add]', container);
- button.replaceWith(IPA.action_button({
- name: 'add',
- 'label': button.val(),
- 'icon': 'add-icon',
- 'click': function() {
- if ($(this).hasClass('action-button-disabled')) {
- return false;
- }
+ that.remove_handler = function() {
+ if ($(this).hasClass('action-button-disabled')) {
+ return;
+ }
- if (facet.is_dirty()) {
- var dialog = IPA.dirty_dialog({
- facet: facet
- });
+ var entity = IPA.get_entity(that.entity_name);
+ var facet_name = IPA.current_facet(entity);
+ var facet = entity.get_facet(facet_name);
- dialog.callback = function() {
- that.show_add_dialog();
- };
+ if (facet.is_dirty()) {
+ var dialog = IPA.dirty_dialog({
+ facet: facet
+ });
- dialog.init();
- dialog.open(that.container);
+ dialog.callback = function() {
+ that.show_remove_dialog();
+ };
- } else {
- that.show_add_dialog();
- }
+ dialog.init();
+ dialog.open(that.container);
- return false;
- }
- }));
+ } else {
+ that.show_remove_dialog();
+ }
};
that.set_enabled = function(enabled) {
diff --git a/install/ui/dialog.js b/install/ui/dialog.js
index 4ca38a9..6076842 100644
--- a/install/ui/dialog.js
+++ b/install/ui/dialog.js
@@ -100,7 +100,7 @@ IPA.dialog = function(spec) {
if (field.conditional){
that.conditional_fields.push(field.name);
}
-
+ return field;
};
that.field = function(field) {
diff --git a/install/ui/sudo.js b/install/ui/sudo.js
index 4b5686b..26e1bdb 100644
--- a/install/ui/sudo.js
+++ b/install/ui/sudo.js
@@ -268,13 +268,13 @@ IPA.sudorule_details_facet = function(spec) {
if (IPA.layout) {
section = that.create_section({
'name': 'general',
- 'label': IPA.messages.dialogs.general,
+ 'label': IPA.messages.details.general,
'template': 'sudorule-details-general.html #contents'
});
} else {
section = IPA.sudo.rule_details_general_section({
'name': 'general',
- 'label': IPA.messages.dialogs.general
+ 'label': IPA.messages.details.general
});
that.add_section(section);
}
@@ -283,9 +283,18 @@ IPA.sudorule_details_facet = function(spec) {
section.textarea({name: 'description'});
section.radio({name: 'ipaenabledflag'});
+ section = that.add_section(IPA.sudo.options_section({
+ name: 'options',
+ label: IPA.messages.objects.sudorule.options,
+ facet: that
+ }));
+
+ var param_info = IPA.get_entity_param('sudorule', 'usercategory');
+
section = IPA.rule_details_section({
'name': 'user',
'label': IPA.messages.objects.sudorule.user,
+ text: param_info.doc+':',
'field_name': 'usercategory',
'options': [
{ 'value': 'all', 'label': IPA.messages.objects.sudorule.anyone },
@@ -313,9 +322,12 @@ IPA.sudorule_details_facet = function(spec) {
'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user'
}));
+ param_info = IPA.get_entity_param('sudorule', 'hostcategory');
+
section = IPA.rule_details_section({
'name': 'host',
'label': IPA.messages.objects.sudorule.host,
+ text: param_info.doc+':',
'field_name': 'hostcategory',
'options': [
{ 'value': 'all', 'label': IPA.messages.objects.sudorule.any_host },
@@ -554,6 +566,199 @@ IPA.sudorule_details_facet = function(spec) {
return that;
};
+IPA.sudo.options_section = function(spec) {
+
+ spec = spec || {};
+
+ var that = IPA.details_section(spec);
+
+ that.facet = spec.facet;
+
+ that.init = function() {
+
+ that.table = that.add_field(IPA.table_widget({
+ name: 'ipasudoopt',
+ show_buttons: true
+ }));
+
+ that.table.create_column({
+ name: 'ipasudoopt',
+ label: IPA.get_method_option('sudorule_add_option', 'ipasudoopt').label,
+ primary_key: true
+ });
+
+ that.table.create = function(container) {
+
+ that.table.table_create(container);
+
+ var button = IPA.action_button({
+ name: 'remove',
+ label: IPA.messages.buttons.remove,
+ icon: 'remove-icon',
+ click: function() {
+ that.remove_handler();
+ return false;
+ }
+ }).appendTo(that.table.buttons);
+
+ button = IPA.action_button({
+ name: 'add',
+ label: IPA.messages.buttons.add,
+ icon: 'add-icon',
+ click: function() {
+ that.add_handler();
+ return false;
+ }
+ }).appendTo(that.table.buttons);
+ };
+
+ that.section_init();
+ };
+
+ that.add_handler = function() {
+ if (that.facet.is_dirty()) {
+ var dialog = IPA.dirty_dialog({
+ facet: that.facet
+ });
+
+ dialog.callback = function() {
+ that.show_add_dialog();
+ };
+
+ dialog.init();
+ dialog.open(that.container);
+
+ } else {
+ that.show_add_dialog();
+ }
+ };
+
+ that.remove_handler = function() {
+ if (that.facet.is_dirty()) {
+ var dialog = IPA.dirty_dialog({
+ facet: that.facet
+ });
+
+ dialog.callback = function() {
+ that.show_remove_dialog();
+ };
+
+ dialog.init();
+ dialog.open(that.container);
+
+ } else {
+ that.show_remove_dialog();
+ }
+ };
+
+ that.show_add_dialog = function() {
+
+ var label = IPA.get_method_option('sudorule_add_option', 'ipasudoopt').label;
+
+ var title = IPA.messages.dialogs.add_title;
+ title = title.replace('${entity}', label);
+
+ var dialog = IPA.dialog({
+ title: title
+ });
+
+ var ipasudoopt = dialog.add_field(IPA.text_widget({
+ name: 'ipasudoopt',
+ label: label,
+ undo: false
+ }));
+
+ dialog.add_button(IPA.messages.buttons.add, function() {
+ var value = ipasudoopt.save()[0];
+
+ var pkey = IPA.nav.get_state(that.entity_name+'-pkey');
+
+ var command = IPA.command({
+ entity: 'sudorule',
+ method: 'add_option',
+ args: [pkey],
+ options: {
+ ipasudoopt: value
+ },
+ on_success: function() {
+ that.facet.refresh();
+ dialog.close();
+ },
+ on_error: function() {
+ that.facet.refresh();
+ dialog.close();
+ }
+ });
+
+ command.execute();
+ });
+
+ dialog.add_button(IPA.messages.buttons.cancel, function() {
+ dialog.close();
+ });
+
+ dialog.init();
+
+ dialog.open(that.container);
+ };
+
+ that.show_remove_dialog = function() {
+
+ var label = IPA.get_method_option('sudorule_add_option', 'ipasudoopt').label;
+ var values = that.table.get_selected_values();
+
+ if (!values.length) {
+ var message = IPA.messages.dialogs.remove_empty;
+ message = message.replace('${entity}', label);
+ alert(message);
+ return;
+ }
+
+ var pkey = IPA.nav.get_state(that.entity_name+'-pkey');
+
+ var title = IPA.messages.dialogs.remove_title;
+ title = title.replace('${entity}', label);
+
+ var dialog = IPA.deleter_dialog({
+ title: title,
+ values: values
+ });
+
+ dialog.execute = function() {
+
+ var batch = IPA.batch_command({
+ on_success: function() {
+ that.facet.refresh();
+ dialog.close();
+ },
+ on_error: function() {
+ that.facet.refresh();
+ dialog.close();
+ }
+ });
+
+ for (var i=0; i<values.length; i++) {
+ var command = IPA.command({
+ entity: 'sudorule',
+ method: 'remove_option',
+ args: [pkey]
+ });
+
+ command.set_option('ipasudoopt', values[i]);
+
+ batch.add_command(command);
+ }
+
+ batch.execute();
+ };
+
+ dialog.init();
+
+ dialog.open(that.container);
+ };
+
+ return that;
+};
IPA.sudo.rule_details_general_section = function(spec) {
@@ -729,7 +934,7 @@ IPA.sudo.rule_details_command_section = function(spec) {
var span = $('<span/>', {
name: 'cmdcategory',
- title: param_info ? param_info.doc : 'cmdcategory'
+ title: param_info.doc
}).appendTo(container);
$('<h3/>', {
@@ -737,6 +942,9 @@ IPA.sudo.rule_details_command_section = function(spec) {
title: IPA.messages.objects.sudorule.allow
}).appendTo(span);
+ span.append(param_info.doc);
+ span.append(': ');
+
$('<input/>', {
type: 'radio',
name: 'cmdcategory',
@@ -854,29 +1062,27 @@ IPA.sudo.rule_details_runas_section = function(spec) {
that.init = function() {
var category = that.add_field(IPA.radio_widget({
- name: 'ipasudorunasusercategory',
- label: 'Run as User category'
+ name: 'ipasudorunasusercategory'
}));
that.add_field(IPA.sudorule_association_table_widget({
'id': that.entity_name+'-runasruser_user',
- 'name': 'ipasudorunas_user', 'label': 'Users', 'category': category,
+ 'name': 'ipasudorunas_user', 'category': category,
'other_entity': 'user', 'add_method': 'add_runasuser', 'remove_method': 'remove_runasuser'
}));
that.add_field(IPA.sudorule_association_table_widget({
'id': that.entity_name+'-runasuser_group',
- 'name': 'ipasudorunas_group', 'label': 'Groups', 'category': category,
+ 'name': 'ipasudorunas_group', 'category': category,
'other_entity': 'group', 'add_method': 'add_runasuser', 'remove_method': 'remove_runasuser'
}));
category = that.add_field(IPA.radio_widget({
- name: 'ipasudorunasgroupcategory',
- label: 'Run as Group category'
+ name: 'ipasudorunasgroupcategory'
}));
that.add_field(IPA.sudorule_association_table_widget({
'id': that.entity_name+'-runasgroup_group',
- 'name': 'ipasudorunasgroup_group', 'label': 'Groups', 'category': category,
+ 'name': 'ipasudorunasgroup_group', 'category': category,
'other_entity': 'group', 'add_method': 'add_runasgroup', 'remove_method': 'remove_runasgroup'
}));
@@ -892,9 +1098,12 @@ IPA.sudo.rule_details_runas_section = function(spec) {
var span = $('<span/>', {
name: 'ipasudorunasusercategory',
- title: param_info ? param_info.doc : 'ipasudorunasusercategory'
+ title: param_info.doc
}).appendTo(container);
+ span.append(param_info.doc);
+ span.append(': ');
+
$('<input/>', {
'type': 'radio',
'name': 'ipasudorunasusercategory',
@@ -948,9 +1157,12 @@ IPA.sudo.rule_details_runas_section = function(spec) {
span = $('<span/>', {
name: 'ipasudorunasgroupcategory',
- title: param_info ? param_info.doc : 'ipasudorunasgroupcategory'
+ title: param_info.doc
}).appendTo(container);
+ span.append(param_info.doc);
+ span.append(': ');
+
$('<input/>', {
'type': 'radio',
'name': 'ipasudorunasgroupcategory',
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index a670021..9a57f8e 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -15804,6 +15804,7 @@
"host": "Access this host",
"inactive": "Inactive",
"ipaenabledflag": "Rule status",
+ "options": "Options",
"runas": "As Whom",
"specified_commands": "Specified Commands and Groups",
"specified_groups": "Specified Groups",
diff --git a/install/ui/test/data/sudorule_show.json b/install/ui/test/data/sudorule_show.json
index 44d3cfd..afb3f3b 100644
--- a/install/ui/test/data/sudorule_show.json
+++ b/install/ui/test/data/sudorule_show.json
@@ -41,6 +41,10 @@
"ipaenabledflag": [
"TRUE"
],
+ "ipasudoopt": [
+ "-H",
+ "-b"
+ ],
"ipasudorunas_user": [
"admin"
],
diff --git a/install/ui/widget.js b/install/ui/widget.js
index 5eb58f6..9a3ae1b 100644
--- a/install/ui/widget.js
+++ b/install/ui/widget.js
@@ -1325,7 +1325,7 @@ IPA.table_widget = function (spec) {
}).appendTo(th);
if (i == columns.length-1) {
- $('<span/>', {
+ that.buttons = $('<span/>', {
'name': 'buttons',
'style': 'float: right;'
}).appendTo(th);
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 854ebac..e580df8 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -292,6 +292,7 @@ class i18n_messages(Command):
"command":_("Run Commands"),
"any_command":_("Any Command"),
"specified_commands":_("Specified Commands and Groups"),
+ "options":_("Options"),
"runas":_("As Whom"),
"any_group":_("Any Group"),
"specified_groups":_("Specified Groups"),