summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--install/ui/details.js4
-rw-r--r--install/ui/dns.js160
-rw-r--r--install/ui/ipa.js7
-rw-r--r--install/ui/test/data/dnszone_details_refresh.json119
-rw-r--r--install/ui/test/data/ipa_init.json4
-rw-r--r--ipalib/plugins/internal.py2
6 files changed, 285 insertions, 11 deletions
diff --git a/install/ui/details.js b/install/ui/details.js
index 618d02f57..176e7883e 100644
--- a/install/ui/details.js
+++ b/install/ui/details.js
@@ -996,7 +996,9 @@ IPA.acl_state_evaluator = function(spec) {
rights = record.attributelevelrights[that.attribute];
}
- rights = rights || '';
+ // Full rights if we don't know the rights. Better to allow action and
+ // then to show error dialog than not be able to do something.
+ rights = rights || 'rscwo';
for (i=0; i<rights.length; i++) {
state = that.attribute + '_' + rights.charAt(i);
diff --git a/install/ui/dns.js b/install/ui/dns.js
index 492d8c4f7..1f4ba8ccd 100644
--- a/install/ui/dns.js
+++ b/install/ui/dns.js
@@ -26,7 +26,9 @@
/* REQUIRES: ipa.js, details.js, search.js, add.js, facet.js, entity.js,
* net.js, widget.js */
-IPA.dns = {};
+IPA.dns = {
+ zone_permission_name: 'Manage DNS zone ${dnszone}'
+};
IPA.dns.config_entity = function(spec) {
@@ -230,15 +232,23 @@ IPA.dns.zone_entity = function(spec) {
IPA.select_action,
IPA.enable_action,
IPA.disable_action,
- IPA.delete_action
+ IPA.delete_action,
+ IPA.dns.add_permission_action,
+ IPA.dns.remove_permission_action
],
- header_actions: ['select_action', 'enable', 'disable', 'delete'],
+ header_actions: ['select_action', 'enable', 'disable', 'delete',
+ 'add_permission', 'remove_permission'],
state: {
evaluators: [
{
factory: IPA.enable_state_evaluator,
field: 'idnszoneactive'
- }
+ },
+ {
+ factory: IPA.acl_state_evaluator,
+ attribute: 'managedby'
+ },
+ IPA.dns.zone_has_permission_evaluator
],
summary_conditions: [
IPA.enabled_summary_cond(),
@@ -319,11 +329,69 @@ IPA.dns.zone_entity = function(spec) {
return that;
};
-IPA.dnszone_details_facet = function(spec) {
+IPA.dnszone_details_facet = function(spec, no_init) {
spec = spec || {};
- var that = IPA.details_facet(spec);
+ var that = IPA.details_facet(spec, true);
+ that.permission_load = IPA.observer();
+ that.permission_status = 'unknown'; // [unknown, set, none]
+
+ that.refresh_on_success = function(data, text_status, xhr) {
+ // do not load data from batch
+
+ that.show_content();
+ };
+
+ that.create_refresh_command = function() {
+
+ var pkey = IPA.nav.get_state(that.entity.name+'-pkey');
+
+ var batch = IPA.batch_command({
+ name: 'dnszone_details_refresh'
+ });
+
+ var dnszone_command = that.details_facet_create_refresh_command();
+
+ dnszone_command.on_success = function(data, text_status, xhr) {
+ // create data that mimics dnszone-show output
+ var dnszone_data = {};
+ dnszone_data.result = data;
+ that.load(dnszone_data);
+ };
+
+ batch.add_command(dnszone_command);
+
+ var permission_name = IPA.dns.zone_permission_name.replace('${dnszone}', pkey);
+
+ var permission_command = IPA.command({
+ entity: 'permission',
+ method: 'show',
+ args: [permission_name],
+ options: {},
+ retry: false
+ });
+
+ permission_command.on_success = function(data, text_status, xhr) {
+ that.permission_status = 'set';
+ that.permission_load.notify([that.permission_status], that);
+ };
+
+ permission_command.on_error = function(xhr, text_status, error_thrown) {
+ if (error_thrown && error_thrown.code === 4001) {
+ //NotFound error
+ that.permission_status = 'none';
+ } else {
+ that.permission_status = 'unknown';
+ }
+
+ that.permission_load.notify([that.permission_status], that);
+ };
+
+ batch.add_command(permission_command);
+
+ return batch;
+ };
that.update_on_success = function(data, text_status, xhr) {
that.refresh();
@@ -334,6 +402,8 @@ IPA.dnszone_details_facet = function(spec) {
that.refresh();
};
+ if (!no_init) that.init_details_facet();
+
return that;
};
@@ -528,6 +598,84 @@ IPA.dnszone_adder_dialog = function(spec) {
return that;
};
+IPA.dns.add_permission_action = function(spec) {
+
+ spec = spec || {};
+ spec.name = spec.name || 'add_permission';
+ spec.label = spec.label || IPA.messages.objects.dnszone.add_permission;
+ spec.enable_cond = spec.enable_cond || ['permission-none', 'managedby_w'];
+
+ var that = IPA.action(spec);
+
+ that.execute_action = function(facet) {
+
+ var pkey = IPA.nav.get_state('dnszone-pkey');
+
+ var command = IPA.command({
+ entity: 'dnszone',
+ method: 'add_permission',
+ args: [pkey],
+ options: {},
+ on_success: function() {
+ facet.refresh();
+ }
+ });
+
+ command.execute();
+ };
+
+ return that;
+};
+
+IPA.dns.remove_permission_action = function(spec) {
+
+ spec = spec || {};
+ spec.name = spec.name || 'remove_permission';
+ spec.label = spec.label || IPA.messages.objects.dnszone.remove_permission;
+ spec.enable_cond = spec.enable_cond || ['permission-set', 'managedby_w'];
+
+ var that = IPA.action(spec);
+
+ that.execute_action = function(facet) {
+
+ var pkey = IPA.nav.get_state('dnszone-pkey');
+
+ var command = IPA.command({
+ entity: 'dnszone',
+ method: 'remove_permission',
+ args: [pkey],
+ options: {},
+ on_success: function() {
+ facet.refresh();
+ }
+ });
+
+ command.execute();
+ };
+
+ return that;
+};
+
+IPA.dns.zone_has_permission_evaluator = function(spec) {
+ spec = spec || {};
+
+ spec.event = spec.event || 'permission_load';
+
+ var that = IPA.state_evaluator(spec);
+
+ that.on_event = function(permission_status) {
+
+ var old_state = that.state;
+ that.state = [
+ 'permission-'+permission_status
+ ];
+
+ that.notify_on_change(old_state);
+ };
+
+ return that;
+};
+
IPA.dns.record_search_facet = function(spec) {
var that = IPA.nested_search_facet(spec);
diff --git a/install/ui/ipa.js b/install/ui/ipa.js
index 2547a24d2..413951ff1 100644
--- a/install/ui/ipa.js
+++ b/install/ui/ipa.js
@@ -929,10 +929,11 @@ IPA.batch_command = function (spec) {
);
} else if (result.error) {
- name = IPA.get_message('errors.ipa_error', 'IPA Error')+(result.error.code ? ' '+result.error.code : '');
+ var code = result.error.code || result.error_code;
+ name = IPA.get_message('errors.ipa_error', 'IPA Error')+(code ? ' '+code : '');
message = result.error.message || result.error;
- that.errors.add(command, name, message, text_status);
+ if (command.retry) that.errors.add(command, name, message, text_status);
if (command.on_error) command.on_error.call(
this,
@@ -940,7 +941,7 @@ IPA.batch_command = function (spec) {
text_status,
{
name: name,
- code: result.error.code,
+ code: code,
message: message,
data: result
}
diff --git a/install/ui/test/data/dnszone_details_refresh.json b/install/ui/test/data/dnszone_details_refresh.json
new file mode 100644
index 000000000..dcc2f8c25
--- /dev/null
+++ b/install/ui/test/data/dnszone_details_refresh.json
@@ -0,0 +1,119 @@
+{
+ "error": null,
+ "id": null,
+ "result": {
+ "count": 2,
+ "results": [
+ {
+ "error": null,
+ "result": {
+ "attributelevelrights": {
+ "a6record": "rscwo",
+ "aaaarecord": "rscwo",
+ "aci": "rscwo",
+ "afsdbrecord": "rscwo",
+ "arecord": "rscwo",
+ "certrecord": "rscwo",
+ "cn": "rscwo",
+ "cnamerecord": "rscwo",
+ "dnamerecord": "rscwo",
+ "dnsclass": "rscwo",
+ "dnsttl": "rscwo",
+ "dsrecord": "rscwo",
+ "hinforecord": "rscwo",
+ "idnsallowdynupdate": "rscwo",
+ "idnsallowquery": "rscwo",
+ "idnsallowsyncptr": "rscwo",
+ "idnsallowtransfer": "rscwo",
+ "idnsforwarders": "rscwo",
+ "idnsforwardpolicy": "rscwo",
+ "idnsname": "rscwo",
+ "idnssoaexpire": "rscwo",
+ "idnssoaminimum": "rscwo",
+ "idnssoamname": "rscwo",
+ "idnssoarefresh": "rscwo",
+ "idnssoaretry": "rscwo",
+ "idnssoarname": "rscwo",
+ "idnssoaserial": "rscwo",
+ "idnsupdatepolicy": "rscwo",
+ "idnszoneactive": "rscwo",
+ "keyrecord": "rscwo",
+ "kxrecord": "rscwo",
+ "locrecord": "rscwo",
+ "managedby": "rscwo",
+ "mdrecord": "rscwo",
+ "minforecord": "rscwo",
+ "mxrecord": "rscwo",
+ "naptrrecord": "rscwo",
+ "nsaccountlock": "rscwo",
+ "nsecrecord": "rscwo",
+ "nsrecord": "rscwo",
+ "nxtrecord": "rscwo",
+ "objectclass": "rscwo",
+ "ptrrecord": "rscwo",
+ "rrsigrecord": "rscwo",
+ "sigrecord": "rscwo",
+ "srvrecord": "rscwo",
+ "sshfprecord": "rscwo",
+ "txtrecord": "rscwo"
+ },
+ "dn": "idnsname=example.com,cn=dns,dc=example,dc=com",
+ "idnsallowdynupdate": [
+ "FALSE"
+ ],
+ "idnsallowquery": [
+ "any;"
+ ],
+ "idnsallowtransfer": [
+ "none;"
+ ],
+ "idnsname": [
+ "example.com"
+ ],
+ "idnssoaexpire": [
+ "1209600"
+ ],
+ "idnssoaminimum": [
+ "3600"
+ ],
+ "idnssoamname": [
+ "test.example.com."
+ ],
+ "idnssoarefresh": [
+ "3600"
+ ],
+ "idnssoaretry": [
+ "900"
+ ],
+ "idnssoarname": [
+ "hostmaster.example.com."
+ ],
+ "idnssoaserial": [
+ "2012070401"
+ ],
+ "idnsupdatepolicy": [
+ "grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant EXAMPLE.COM krb5-self * SSHFP;"
+ ],
+ "idnszoneactive": [
+ "TRUE"
+ ],
+ "nsrecord": [
+ "test.example.com."
+ ],
+ "objectclass": [
+ "top",
+ "idnsrecord",
+ "idnszone"
+ ]
+ },
+ "summary": null,
+ "value": "example.com"
+ },
+ {
+ "error": "Manage DNS zone example.com: permission not found",
+ "error_code": 4001,
+ "error_name": "NotFound"
+ }
+ ]
+ }
+} \ No newline at end of file
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index 527d09163..2cc1130f0 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -240,7 +240,9 @@
"type": "Record Type"
},
"dnszone": {
- "identity": "DNS Zone Settings"
+ "identity": "DNS Zone Settings",
+ "add_permission": "Add Permission",
+ "remove_permission": "Remove Permission"
},
"entitle": {
"account": "Account",
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index eb48b3bfa..fc7f9dddf 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -378,6 +378,8 @@ class i18n_messages(Command):
},
"dnszone": {
"identity": _("DNS Zone Settings"),
+ "add_permission":_("Add Permission"),
+ "remove_permission": _("Remove Permission"),
},
"entitle": {
"account": _("Account"),
generated by cgit (git 2.34.1) at 2024-06-30 11:30:13 +0000