diff options
205 files changed, 0 insertions, 25933 deletions
diff --git a/ipa-admintools/Makefile b/ipa-admintools/Makefile deleted file mode 100644 index 43899ef29..000000000 --- a/ipa-admintools/Makefile +++ /dev/null @@ -1,47 +0,0 @@ -SUBDIRS=man -SBINDIR = $(DESTDIR)/usr/sbin - - -all: ; - @for subdir in $(SUBDIRS); do \ - (cd $$subdir && $(MAKE) $@) || exit 1; \ - done - -install: - install -m 755 ipa-adduser $(SBINDIR) - install -m 755 ipa-finduser $(SBINDIR) - install -m 755 ipa-moduser $(SBINDIR) - install -m 755 ipa-deluser $(SBINDIR) - install -m 755 ipa-lockuser $(SBINDIR) - install -m 755 ipa-addgroup $(SBINDIR) - install -m 755 ipa-delgroup $(SBINDIR) - install -m 755 ipa-findgroup $(SBINDIR) - install -m 755 ipa-modgroup $(SBINDIR) - install -m 755 ipa-passwd $(SBINDIR) - install -m 755 ipa-pwpolicy $(SBINDIR) - install -m 755 ipa-addservice $(SBINDIR) - install -m 755 ipa-delservice $(SBINDIR) - install -m 755 ipa-findservice $(SBINDIR) - install -m 755 ipa-adddelegation $(SBINDIR) - install -m 755 ipa-deldelegation $(SBINDIR) - install -m 755 ipa-listdelegation $(SBINDIR) - install -m 755 ipa-moddelegation $(SBINDIR) - install -m 755 ipa-defaultoptions $(SBINDIR) - install -m 755 ipa-change-master-key $(SBINDIR) - - @for subdir in $(SUBDIRS); do \ - (cd $$subdir && $(MAKE) $@) || exit 1; \ - done - -install-man: - install -m 644 - -clean: - rm -f *~ *.pyc - -distclean: clean - rm -f ipa-admintools.spec - -maintainer-clean: distclean - -test: diff --git a/ipa-admintools/README b/ipa-admintools/README deleted file mode 100644 index 6fc9db878..000000000 --- a/ipa-admintools/README +++ /dev/null @@ -1,13 +0,0 @@ -These tools are designed for administrators to work from a command-line, -use in scripts, etc. - -The design goal is to provide 100% of capabilities that the UI has, something -which is often not true. - -Developers ----------- - -These scripts use an XML-RPC interface to communicate with the IPA server. -Please use only this API and avoid the temptation to communicate directly -with the LDAP server. It is our philosophy to have a robust, standard -interface for doing all IPA administrative work. diff --git a/ipa-admintools/ipa-adddelegation b/ipa-admintools/ipa-adddelegation deleted file mode 100644 index 4493390f9..000000000 --- a/ipa-admintools/ipa-adddelegation +++ /dev/null @@ -1,201 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.user - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.aci - import ipa.ipaadminutil as ipaadminutil - import ipa.ipautil as ipautil - - import xmlrpclib - import kerberos - import krbV - import ldap - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog -l|--list\n" - usage += "%prog -a|--attributes attr1,attr2,..,attrn -s|--source STRING -t|--target STRING [-v|--verbose] name" - parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter()) - parser.add_option("-a", "--attributes", dest="attributes", - help="The attributes the source group may change in the target group") - parser.add_option("-s", "--source", dest="source", - help="The source group name") - parser.add_option("-t", "--target", dest="target", - help="The target group name") - parser.add_option("-l", "--list", dest="list", action="store_true", - help="List common attributes (this is not an exhaustive list)") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if options.list: - ipa.config.verify_args(parser, args) - else: - ipa.config.verify_args(parser, args, "name") - if not options.attributes or not options.source or not options.target: - parser.error("need attributes and both source and target groups") - - ipa.config.init_config(options) - - return options, args - -def main(): - - options, args = parse_options() - - if options.list: - client = ipaclient.IPAClient(verbose=options.verbose) - l = client.get_all_attrs() - - for x in l: - print x - return 0 - - client = ipaclient.IPAClient(verbose=options.verbose) - - source_grp = client.find_groups(options.source) - counter = source_grp[0] - source_grp = source_grp[1:] - groupindex = -1 - if counter == 0: - print "No entries found for %s" % options.source - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - return 3 - - if counter > 1: - print "\nMultiple entries for the source group found." - groupindex = ipaadminutil.select_group(counter, source_grp) - if groupindex == "q": - return 0 - - if groupindex >= 0: - source_grp = [source_grp[groupindex]] - - target_grp = client.find_groups(options.target) - counter = target_grp[0] - target_grp = target_grp[1:] - groupindex = -1 - if counter == 0: - print "No entries found for %s" % options.target - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - return 3 - - if counter > 1: - print "\nMultiple entries for the target group found." - groupindex = ipaadminutil.select_group(counter, target_grp) - if groupindex == "q": - return 0 - - if groupindex >= 0: - target_grp = [target_grp[groupindex]] - - attr_list = options.attributes.split(',') - - new_aci = ipa.aci.ACI() - new_aci.name = args[0] - new_aci.source_group = source_grp[0].dn - new_aci.dest_group = target_grp[0].dn - new_aci.attrs = attr_list - - aci_entry = client.get_aci_entry(['*', 'aci']) - - # Look for an existing ACI of the same name - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - for aci_str in aci_str_list: - try: - old_aci = ipa.aci.ACI(aci_str) - if old_aci.name == new_aci.name: - print "A delegation of that name already exists" - return 2 - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - - aci_entry = client.get_aci_entry(['dn']) - aci_entry.setValue('aci', new_aci.export_to_string()) - - client.update_entry(aci_entry) - - # Now add to the editors group so they can make changes in the UI - try: - group = client.get_entry_by_cn("editors") - client.add_group_to_group(new_aci.source_group, group.dn) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - # This is ok, ignore it - pass - - print "Delegation %s successfully added" % args[0] - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-addgroup b/ipa-admintools/ipa-addgroup deleted file mode 100644 index 09ae9a670..000000000 --- a/ipa-admintools/ipa-addgroup +++ /dev/null @@ -1,162 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.group - import ipa.ipaclient as ipaclient - import ipa.ipavalidate as ipavalidate - import ipa.ipautil as ipautil - import ipa.config - import ipa.ipaerror - import ipa.ipaadminutil as ipaadminutil - - import xmlrpclib - import kerberos - import ldap - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def set_add_usage(which): - print "%s option usage: --%s NAME=VALUE" % (which, which) - -def parse_options(): - usage = "%prog [options] [group]" - parser = OptionParser(usage=usage) - parser.add_option("-d", "--description", dest="desc", - help="A description of this group") - parser.add_option("-g", "--gid", dest="gid", - help="The gid to use for this group. If not included one is automatically set.") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - parser.add_option("--addattr", dest="addattr", - help="Adds an attribute or values to that attribute, attr=value", - action="append") - parser.add_option("--setattr", dest="setattr", - help="Set an attribute, dropping any existing values that may exist", - action="append") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if len(args) > 1: - parser.error("too many arguments") - - ipa.config.init_config(options) - - return options, args - -def main(): - cn = "" - desc = "" - - group=ipa.group.Group() - options, args = parse_options() - - if len(args) != 1: - cn = ipautil.user_input_name("Group name") - else: - cn = args[0] - try: - ipaadminutil.check_name(cn) - except ValueError, e: - print "Group name " + str(e) - return 1 - - if not options.desc: - desc = ipautil.user_input("Description", allow_empty = False) - else: - desc = options.desc - if not ipavalidate.String(desc, notEmpty=True): - print "Please enter a value" - return 1 - - if options.gid: - group.setValue('gidnumber', options.gid) - - group.setValue('cn', cn) - group.setValue('description', desc) - - if options.setattr: - for s in options.setattr: - s = s.split('=', 1) - if len(s) != 2: - set_add_usage("set") - sys.exit(1) - (attr,value) = s - group.setValue(attr, value) - - if options.addattr: - for a in options.addattr: - a = a.split('=', 1) - if len(a) != 2: - set_add_usage("add") - sys.exit(1) - (attr,value) = a - cvalue = group.getValue(attr) - if cvalue: - if isinstance(cvalue,str): - cvalue = [cvalue] - value = cvalue + [value] - group.setValue(attr, value) - - client = ipaclient.IPAClient(verbose=options.verbose) - client.add_group(group) - print cn + " successfully added" - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-addservice b/ipa-admintools/ipa-addservice deleted file mode 100644 index 15105bc0f..000000000 --- a/ipa-admintools/ipa-addservice +++ /dev/null @@ -1,104 +0,0 @@ -#! /usr/bin/python -E -# Authors: Karl MacMillan <kmacmill@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.user - import ipa.ipaclient as ipaclient - import ipa.ipautil as ipautil - import ipa.config - - import base64 - - import xmlrpclib - import kerberos - import krbV - import ldap - import getpass - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [options] principal" - parser = OptionParser(usage=usage) - - parser.add_option("--force", action="store_true", default=False, - help="Force a service principal name") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "principal") - ipa.config.init_config(options) - - return options, args - -def main(): - # The following fields are required - princ_name = "" - - options, args = parse_options() - - princ_name = args[0] - - client = ipaclient.IPAClient(verbose=options.verbose) - - client.add_service_principal(princ_name, "%d" % options.force) - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-adduser b/ipa-admintools/ipa-adduser deleted file mode 100644 index cf1f43244..000000000 --- a/ipa-admintools/ipa-adduser +++ /dev/null @@ -1,290 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.user - import ipa.ipaclient as ipaclient - import ipa.ipavalidate as ipavalidate - import ipa.ipautil as ipautil - import ipa.config - import ipa.ipaadminutil as ipaadminutil - - import xmlrpclib - import kerberos - import krbV - import ldap - import getpass - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def set_add_usage(which): - print "%s option usage: --%s NAME=VALUE" % (which, which) - -def parse_options(): - usage = "%prog [options] [user]" - parser = OptionParser(usage=usage) - parser.add_option("-c", "--gecos", dest="gecos", - help="Set the GECOS field") - parser.add_option("-d", "--directory", dest="directory", - help="Set the User's home directory") - parser.add_option("-f", "--firstname", dest="gn", - help="User's first name") - parser.add_option("-l", "--lastname", dest="sn", - help="User's last name") - parser.add_option("-p", "--password", dest="password", - help="Set user's password") - parser.add_option("-P", dest="password_prompt", action="store_true", - help="Prompt on the command-line for the user's password") - parser.add_option("-s", "--shell", dest="shell", - help="Set user's login shell to shell") - parser.add_option("-G", "--groups", dest="groups", - help="Add account to one or more groups (comma-separated)") - parser.add_option("-k", "--krb-principal", dest="principal", - help="Set user's Kerberos Principal Name") - parser.add_option("-M", "--mailAddress", dest="mail", - help="Set user's e-mail address") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - parser.add_option("--addattr", dest="addattr", - help="Adds an attribute or values to that attribute, attr=value", - action="append") - parser.add_option("--setattr", dest="setattr", - help="Set an attribute, dropping any existing values that may exist", - action="append") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if len(args) > 1: - parser.error("too many arguments") - - ipa.config.init_config(options) - - return options, args - -def main(): - # The following fields are required - givenname = "" - lastname = "" - username = "" - principal = "" - password = "" - mail = "" - gecos = "" - directory = "" - shell = "" - groups = "" - - match = False - - all_interactive = False - - user=ipa.user.User() - options, args = parse_options() - - if len(args) != 1: - all_interactive = True - - if not options.gn: - givenname = ipautil.user_input("First name", allow_empty = False) - else: - givenname = options.gn - if not ipavalidate.String(givenname, notEmpty=True): - print "Please enter a value" - return 1 - - if not options.sn: - lastname = ipautil.user_input("Last name", allow_empty = False) - else: - lastname = options.sn - if not ipavalidate.String(lastname, notEmpty=True): - print "Please enter a value" - return 1 - - if len(args) != 1: - username = ipautil.user_input_name("Login name") - else: - username = args[0] - try: - ipaadminutil.check_name(username) - except ValueError, e: - print "Login name " + str(e) - return 1 - - if options.password_prompt: - while match != True: - password = getpass.getpass(" Password: ") - confirm = getpass.getpass(" Password (again): ") - if password != confirm: - print "Passwords do not match" - match = False - else: - match = True - if len(password) < 1: - print "Password cannot be empty" - match = False - else: - password = options.password - - if options.mail: - mail = options.mail - if not ipavalidate.Email(mail): - print "The email provided seem not a valid email." - return 1 - - # Ask the questions we don't normally force. We don't require answers - # for these. - if all_interactive is True: - if not options.gecos: - gecos = ipautil.user_input("gecos") - if not options.directory: - directory = ipautil.user_input_path("Home directory", "/home/" + username, allow_empty = True) - if not options.shell: - shell = ipautil.user_input("Shell", "/bin/sh", allow_empty = False) - - else: - gecos = options.gecos - directory = options.directory - shell = options.shell - groups = options.groups - - if options.principal: - principal = options.principal - else: - ctx = krbV.default_context() - principal = username + "@" + ctx.default_realm - - user.setValue('givenname', givenname) - user.setValue('sn', lastname) - user.setValue('uid', username) - user.setValue('krbprincipalname', principal) - if mail: - user.setValue('mail', mail) - if gecos: - user.setValue('gecos', gecos) - if directory: - user.setValue('homedirectory', directory) - if shell: - user.setValue('loginshell', shell) - - if options.setattr: - for s in options.setattr: - s = s.split('=', 1) - if len(s) != 2: - set_add_usage("set") - sys.exit(1) - (attr,value) = s - user.setValue(attr, value) - - if options.addattr: - for a in options.addattr: - a = a.split('=', 1) - if len(a) != 2: - set_add_usage("add") - sys.exit(1) - (attr,value) = a - cvalue = user.getValue(attr) - if cvalue: - if isinstance(cvalue,str): - cvalue = [cvalue] - value = cvalue + [value] - user.setValue(attr, value) - - client = ipaclient.IPAClient(verbose=options.verbose) - - # get group dns and verify they exist - groups_to_add = [] - if groups: - for group in groups.split(','): - group_dn = get_group_dn(client, group) - if not group_dn: - print "group %s doesn't exist" % group - return 1 - groups_to_add.append(group_dn) - - # add the user - client.add_user(user) - - # add the user to all the groups - for group in groups_to_add: - client.add_user_to_group(username, group) - - # Set the User's password - if password is not None: - try: - client.modifyPassword(principal, '', password) - except ipa.ipaerror.IPAError, e: - print "User added but setting the password failed." - print "%s" % (e.message) - return 1 - - print username + " successfully added" - return 0 - -def get_group_dn(client, group_name): - if not group_name: - return None - - found = client.find_groups(group_name) - if len(found) < 2: - return None - for group in found[1:]: - if group.cn == group_name: - return group.dn - return None - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-admintools.spec.in b/ipa-admintools/ipa-admintools.spec.in deleted file mode 100644 index ea03923ae..000000000 --- a/ipa-admintools/ipa-admintools.spec.in +++ /dev/null @@ -1,87 +0,0 @@ -Name: ipa-admintools -Version: __VERSION__ -Release: __RELEASE__%{?dist} -Summary: IPA admin tools - -Group: System Environment/Base -License: GPLv2 -URL: http://www.freeipa.org -Source0: %{name}-%{version}.tgz -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildArch: noarch - -Requires: python -Requires: python-krbV -Requires: ipa-python -Requires: python-ldap -Requires: python-configobj - -%description -User, group, delegation and policy administration tools for IPA. IPA is a -server for identity, policy, and audit. - -%prep -%setup -q - -%install -rm -rf %{buildroot} -mkdir -p %{buildroot}%{_sbindir} - -make install DESTDIR=%{buildroot} - - -%clean -rm -rf %{buildroot} - - -%files -%defattr(-,root,root,-) -%{_sbindir}/ipa* -%{_mandir}/man1/* - -%changelog -* Fri May 23 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-2 -- Add Requires for python-ldap and python-configobj - -* Thu Apr 3 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-1 -- Version bump for release - -* Thu Feb 21 2008 Rob Crittenden <rcritten@redhat.com> - 0.99.0-1 -- Version bump for release - -* Thu Jan 31 2008 Rob Crittenden <rcritten@redhat.com> - 0.6.0-3 -- Marked with wrong license. IPA is GPLv2. - -* Thu Jan 17 2008 Rob Crittenden <rcritten@redhat.com> - 0.6.0-2 -- Fixed License in specfile - -* Fri Dec 21 2007 Karl MacMillan <kmacmill@redhat.com> - 0.6.0-1 -- Version bump for release. - -* Wed Nov 21 2007 Karl MacMillan <kmacmill@redhat.com> - 0.5.0-1 -- Version bump for release and rpm name change - -* Thu Nov 1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1 -- Version bump for release - -* Thu Oct 11 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-2 -- Package man files - -* Tue Oct 2 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-1 -- Milestone 4 - -* Mon Sep 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1 -- Milestone 3 - -* Fri Aug 17 2007 Karl MacMillan <kmacmill@redhat.com> - 0.2.0-4 -- Package additional utilities. - -* Mon Aug 5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3 -- Abstracted client class to work directly or over RPC - -* Wed Aug 1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2 -- Update tools to do kerberos -- Add User class - -* Fri Jul 27 2007 Karl MacMillan <kmacmill@localhost.localdomain> - 0.1.0-1 -- Initial rpm version diff --git a/ipa-admintools/ipa-change-master-key b/ipa-admintools/ipa-change-master-key deleted file mode 100644 index a4e943992..000000000 --- a/ipa-admintools/ipa-change-master-key +++ /dev/null @@ -1,387 +0,0 @@ -#! /usr/bin/python -E -# Authors: Simo Sorce <ssorce@redhat.com> -# -# Copyright (C) 2007 Simo Sorce <ssorce@redhat.com> -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 or later -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -etckrb5conf = "/etc/krb5.conf" -krb5dir = "/var/kerberos/krb5kdc" -cachedir = "/var/cache/ipa" -libdir = "/var/lib/ipa" -basedir = libdir+"/mkey" -ourkrb5conf = basedir+"/krb5.conf" -ldappwdfile = basedir+"/ldappwd" - -password = "" - -import sys -try: - from optparse import OptionParser - import ipa - import ipa.config - import ipa.ipautil - from ipaclient import ipachangeconf - from ipaserver import ipaldap - - import krbV - - import ldap - from ldap import LDAPError - from ldap import ldapobject - - from pyasn1.type import univ, namedtype - import pyasn1.codec.ber.encoder - import pyasn1.codec.ber.decoder - import struct - import base64 - - import random - import time - import os - import shutil - import getpass -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - parser = OptionParser("%prog [-q|--quiet] [-p DM_PASSWORD]") - parser.add_option("-p", "--dm-password", dest="dm_password", - help="The Directory Manager password") - parser.add_option("-q", "--quiet", action="store_true", dest="quiet", - help="Keep quiet") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - ipa.config.verify_args(parser, args) - ipa.config.init_config(options) - - return options, args - -# We support only des3 encoded stash files for now -def generate_new_stash_file(file): - - odd_parity_bytes_pool = ['\x01', '\x02', '\x04', '\x07', '\x08', '\x0b', - '\r', '\x0e', '\x10', '\x13', '\x15', '\x16', '\x19', '\x1a', '\x1c', - '\x1f', ' ', '#', '%', '&', ')', '*', ',', '/', '1', '2', '4', '7', '8', - ';', '=', '>', '@', 'C', 'E', 'F', 'I', 'J', 'L', 'O', 'Q', 'R', 'T', - 'W', 'X', '[', ']', '^', 'a', 'b', 'd', 'g', 'h', 'k', 'm', 'n', 'p', - 's', 'u', 'v', 'y', 'z', '|', '\x7f', '\x80', '\x83', '\x85', '\x86', - '\x89', '\x8a', '\x8c', '\x8f', '\x91', '\x92', '\x94', '\x97', '\x98', - '\x9b', '\x9d', '\x9e', '\xa1', '\xa2', '\xa4', '\xa7', '\xa8', '\xab', - '\xad', '\xae', '\xb0', '\xb3', '\xb5', '\xb6', '\xb9', '\xba', '\xbc', - '\xbf', '\xc1', '\xc2', '\xc4', '\xc7', '\xc8', '\xcb', '\xcd', '\xce', - '\xd0', '\xd3', '\xd5', '\xd6', '\xd9', '\xda', '\xdc', '\xdf', '\xe0', - '\xe3', '\xe5', '\xe6', '\xe9', '\xea', '\xec', '\xef', '\xf1', '\xf2', - '\xf4', '\xf7', '\xf8', '\xfb', '\xfd', '\xfe'] - - pool_len = len(odd_parity_bytes_pool) - keytype = 16 # des3 - keydata = "" - - r = random.SystemRandom() - for k in range(24): - keydata += r.choice(odd_parity_bytes_pool) - - format = '=hi%ss' % len(keydata) - s = struct.pack(format, keytype, len(keydata), keydata) - try: - fd = open(file, "w") - fd.write(s) - except os.error, e: - logging.critical("failed to write stash file") - raise e - -# clean up procedures -def cleanup(password): - try: - os.stat(basedir) - except: - return None - try: - # always remove ldappwdfile as it contains the Directory Manager password - os.remove(ldappwdfile) - except: - pass - - # tar and encrypt the working dir so that we do not leave sensitive data - # around unproteceted - curtime = time.strftime("%Y%m%d%H%M%S",time.gmtime()) - tarfile = libdir+"/ipa-change-mkey-"+curtime+".tar" - gpgfile = tarfile+".gpg" - args = ['/bin/tar', '-C', libdir, '-cf', tarfile, 'mkey'] - ipa.ipautil.run(args) - ipa.ipautil.encrypt_file(tarfile, gpgfile, password, cachedir) - os.remove(tarfile) - shutil.rmtree(basedir, ignore_errors=True) - - return "The temporary working directory with backup dump files has been securely archived and gpg-encrypted as "+gpgfile+" using the Directory Manager password." - -def main(): - - global password - - options, args = parse_options() - - krbctx = krbV.default_context() - - realm = krbctx.default_realm - suffix = ipa.ipautil.realm_to_suffix(realm) - - backupfile = basedir+"/backup.dump" - convertfile = basedir+"/convert.dump" - oldstashfile = krb5dir+"/.k5."+realm - newstashfile = basedir+"/.new.mkey" - bkpstashfile = basedir+"/.k5."+realm - - if os.getuid() != 0: - print "ERROR: This command must be run as root" - sys.exit(1) - - print "DANGER: This is a dangerous operation, make sure you backup all your IPA data before running the tool" - print "This command will restart your Directory and KDC Servers." - - #TODO: ask for confirmation - if not ipa.ipautil.user_input("Do you want to proceed and change the Kerberos Master key?", False): - print "" - print "Aborting..." - return 1 - - password = options.dm_password - if not password: - password = getpass.getpass("Directory Manager password: ") - - # get a connection to the DS - try: - conn = ipaldap.IPAdmin(ipa.config.config.default_server[0]) - conn.do_simple_bind(bindpw=password) - except Exception, e: - print "ERROR: Could not connect to the Directory Server on "+ipa.config.config.default_server[0]+" ("+str(e)+")" - return 1 - - # Wipe basedir and recreate it - shutil.rmtree(basedir, ignore_errors=True) - os.mkdir(basedir, 0700) - - generate_new_stash_file(newstashfile) - - # Generate conf files - try: - shutil.copyfile(etckrb5conf, ourkrb5conf) - - krbconf = ipachangeconf.IPAChangeConf("IPA Installer") - krbconf.setOptionAssignment(" = ") - krbconf.setSectionNameDelimiters(("[","]")) - krbconf.setSubSectionDelimiters(("{","}")) - krbconf.setIndent((""," "," ")) - - #OPTS - opts = [{'name':'ldap_kadmind_dn', 'type':'option', 'action':'set', 'value':'cn=Directory Manager'}, - {'name':'ldap_service_password_file', 'type':'option', 'action':'set', 'value':ldappwdfile}] - - #REALM - realmopts = [{'name':realm, 'type':'subsection', 'action':'set', 'value':opts}] - - #DBMODULES - dbopts = [{'name':'dbmodules', 'type':'section', 'action':'set', 'value':realmopts}] - - krbconf.changeConf(ourkrb5conf, dbopts); - - hexpwd = "" - for x in password: - hexpwd += (hex(ord(x))[2:]) - pwd_fd = open(ldappwdfile, "w") - pwd_fd.write("cn=Directory Manager#{HEX}"+hexpwd+"\n") - pwd_fd.close() - os.chmod(ldappwdfile, 0600) - - except Exception, e: - print "Failed to create custom configuration files ("+str(e)+") aborting..." - return 1 - - #Set environment vars so that the modified krb5.conf is used - os.environ['KRB5_CONFIG'] = ourkrb5conf - - #Backup the kerberos key material for recovery if needed - args = ["/usr/kerberos/sbin/kdb5_util", "dump", "-verbose", backupfile] - print "Performing safety backup of the key material" - try: - output = ipa.ipautil.run(args) - except ipa.ipautil.CalledProcessError, e: - print "Failed to backup key material ("+str(e)+"), aborting ..." - return 1 - - if not options.quiet: - princlist = output[1].split('\n') - print "Principals stored into the backup file "+backupfile+":" - for p in princlist: - print p - print "" - - #Convert the kerberos keys to the new master key - args = ["/usr/kerberos/sbin/kdb5_util", "dump", "-verbose", "-new_mkey_file", newstashfile, convertfile] - print "Converting key material to new master key" - try: - output = ipa.ipautil.run(args) - except ipa.ipautil.CalledProcessError, e: - print "Failed to convert key material, aborting ..." - return 1 - - savedprinclist = output[1].split('\n') - - if not options.quiet: - princlist = output[1].split('\n') - print "Principals dumped for conversion:" - for p in princlist: - print p - print "" - - #Stop the KDC - args = ["/etc/init.d/krb5kdc", "stop"] - try: - output = ipa.ipautil.run(args) - if output[0]: - print output[0] - if output[1]: - print output[1] - except ipa.ipautil.CalledProcessError, e: - print "WARNING: Failed to restart the KDC ("+str(e)+")" - print "You will have to manually restart the KDC when the operation is completed" - - #Change the mkey into ldap - try: - stash = open(newstashfile, "r") - keytype = struct.unpack('h', stash.read(2))[0] - keylen = struct.unpack('i', stash.read(4))[0] - keydata = stash.read(keylen) - - #encode it in the asn.1 attribute - MasterKey = univ.Sequence() - MasterKey.setComponentByPosition(0, univ.Integer(keytype)) - MasterKey.setComponentByPosition(1, univ.OctetString(keydata)) - krbMKey = univ.Sequence() - krbMKey.setComponentByPosition(0, univ.Integer(0)) #we have no kvno - krbMKey.setComponentByPosition(1, MasterKey) - asn1key = pyasn1.codec.ber.encoder.encode(krbMKey) - - dn = "cn="+realm+",cn=kerberos,"+suffix - mod = [(ldap.MOD_REPLACE, 'krbMKey', str(asn1key))] - conn.modify_s(dn, mod) - except Exception, e: - print "ERROR: Failed to upload the Master Key from the Stash file: "+newstashfile+" ("+str(e)+")" - return 1 - - #Backup old stash file and substitute with new - try: - shutil.move(oldstashfile, bkpstashfile) - shutil.copyfile(newstashfile, oldstashfile) - except Exception, e: - print "ERROR: An error occurred while installing the new stash file("+str(e)+")" - print "The KDC may fail to start if the correct stash file is not in place" - print "Verify that "+newstashfile+" has been correctly installed into "+oldstashfile - print "A backup copy of the old stash file should be saved in "+bkpstashfile - - #Finally upload the converted principals - args = ["/usr/kerberos/sbin/kdb5_util", "load", "-verbose", "-update", convertfile] - print "Uploading converted key material" - try: - output = ipa.ipautil.run(args) - except ipa.ipautil.CalledProcessError, e: - print "Failed to upload key material ("+e+"), aborting ..." - return 1 - - if not options.quiet: - princlist = output[1].split('\n') - print "Principals converted and uploaded:" - for p in princlist: - print p - print "" - - uploadedprinclist = output[1].split('\n') - - #Check for differences and report - d = [] - for p in savedprinclist: - if uploadedprinclist.count(p) == 0: - d.append(p) - if len(d) != 0: - print "WARNING: Not all dumped principals have been updated" - print "Principals not Updated:" - for p in d: - print p - - #Remove custom environ - del os.environ['KRB5_CONFIG'] - - #Restart Directory Server (the pwd plugin need to read the new mkey) - args = ["/etc/init.d/dirsrv", "restart"] - try: - output = ipa.ipautil.run(args) - if output[0]: - print output[0] - if output[1]: - print output[1] - except ipa.ipautil.CalledProcessError, e: - print "WARNING: Failed to restart the Directory Server ("+str(e)+")" - print "Please manually restart the DS with 'service dirsrv restart'" - - #Restart the KDC - args = ["/etc/init.d/krb5kdc", "start"] - try: - output = ipa.ipautil.run(args) - if output[0]: - print output[0] - if output[1]: - print output[1] - except ipa.ipautil.CalledProcessError, e: - print "WARNING: Failed to restart the KDC ("+str(e)+")" - print "Please manually restart the kdc with 'service krb5kdc start'" - - print "Master Password successfully changed" - print "You MUST now copy the stash file "+oldstashfile+" to all the replicas and restart them!" - print "" - - return 0 - -if __name__ == "__main__": - ret = 0 - try: - ret = main() - except SystemExit, e: - ret = e - except KeyboardInterrupt, e: - ret = 1 - except Exception, e: - print "%s" % str(e) - ret = 1 - - try: - msg = cleanup(password) - if msg: - print msg - except Exception, e: - print "Failed to clean up the temporary location for the dump files and generate and encrypted archive with error:" - print e - print "Please securely archive/encrypt "+basedir - - sys.exit(ret) diff --git a/ipa-admintools/ipa-defaultoptions b/ipa-admintools/ipa-defaultoptions deleted file mode 100644 index 3cc94d4c7..000000000 --- a/ipa-admintools/ipa-defaultoptions +++ /dev/null @@ -1,181 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2008 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.entity - import ipa.ipaclient as ipaclient - import ipa.config - - import xmlrpclib - import kerberos - import errno - import validate - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [options]\n" - usage += "%prog --show" - parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter()) - parser.add_option("--maxusername", dest="maxusername", - help="Max. Length of a username") - parser.add_option("--homedir", dest="homedir", - help="Default location of home directories") - parser.add_option("--defaultshell", dest="defaultshell", - help="Default shell for new users") - parser.add_option("--defaultgroup", dest="defaultgroup", - help="Default group for new users") - parser.add_option("--emaildomain", dest="emaildomain", - help="Default e-mail domain") - parser.add_option("--searchtimelimit", dest="searchtimelimit", - help="Max. amount of time (sec.) for a search (-1 is unlimited)") - parser.add_option("--searchrecordslimit", dest="searchrecordslimit", - help="Max. number of records to search (-1 is unlimited)") - parser.add_option("--usersearch", dest="usersearch", - help="A comma-separated list of fields to search when searching for users") - parser.add_option("--groupsearch", dest="groupsearch", - help="A comma-separated list of fields to search when searching for groups") - parser.add_option("--show", dest="show", action="store_true", - help="Show the current configuration") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args) - - if not options.show and not options.maxusername and not options.homedir and not options.defaultshell and not options.defaultgroup and not options.emaildomain and not options.searchtimelimit and not options.searchrecordslimit and not options.usersearch and not options.groupsearch: - parser.error("nothing to do") - - ipa.config.init_config(options) - - return options, args - -def show_config(client): - policy = client.get_ipa_config() - print "Search Configuration" - print " Search Time Limit (sec.): %s" % policy.getValues('ipaSearchTimeLimit') - print " Search Records Limit: %s" % policy.getValues('ipaSearchRecordsLimit') - print " User Search Fields: %s" % policy.getValues('ipaUserSearchFields') - print " Group Search Fields: %s" % policy.getValues('ipaGroupSearchFields') - - print "" - - print "User Settings" - print " Max. Username Length: %s" % policy.getValues('ipaMaxUsernameLength') - print " Root for Home Directories: %s" % policy.getValues('ipaHomesRootDir') - print " Default Shell: %s" % policy.getValues('ipaDefaultLoginShell') - print " Default User Group: %s" % policy.getValues('ipaDefaultPrimaryGroup') - print "Default E-mail Domain: %s" % policy.getValues('ipaDefaultEmailDomain') - -def update_policy(client, options): - current = client.get_ipa_config() - - new = ipa.entity.Entity(current.toDict()) - - try: - if options.maxusername: - validate.is_integer(options.maxusername, min=1) - new.setValue('ipamaxusernamelength', options.maxusername) - if options.homedir: - validate.is_string(options.homedir) - new.setValue('ipahomesrootdir', options.homedir) - if options.defaultshell: - validate.is_string(options.defaultshell) - new.setValue('ipadefaultloginshell', options.history) - if options.defaultgroup: - new.setValue('ipadefaultprimarygroup', options.defaultgroup) - if options.emaildomain: - new.setValue('ipadefaultemaildomain', options.emaildomain) - if options.searchtimelimit: - validate.is_integer(options.searchtimelimit, min=-1) - new.setValue('ipasearchtimelimit', options.searchtimelimit) - if options.searchrecordslimit: - validate.is_integer(options.searchrecordslimit, min=-1) - new.setValue('ipasearchrecordslimit', options.searchrecordslimit) - if options.usersearch: - new.setValue('ipausersearchfields', options.usersearch) - if options.groupsearch: - new.setValue('ipagroupsearchfields', options.groupsearch) - except validate.VdtTypeError, e: - print "%s" % str(e) - return 1 - except validate.VdtValueTooSmallError, e: - print "%s" % str(e) - return 1 - - client.update_ipa_config(new) - - if options.usersearch or options.groupsearch: - print "WARNING: Be sure that the attributes in User and Group search are indexed in the Directory Server or you may suffer a performance loss." - -def main(): - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - - if options.show: - show_config(client) - return 0 - - if update_policy(client, options): - return 1 - - print "Update successful." - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1]) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-deldelegation b/ipa-admintools/ipa-deldelegation deleted file mode 100644 index f11cf4b4e..000000000 --- a/ipa-admintools/ipa-deldelegation +++ /dev/null @@ -1,143 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - - import xmlrpclib - import kerberos - import copy - import errno - import socket - - import ipa.aci - from ipa import ipaerror -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -aci_fields = ['*', 'aci'] - -def parse_options(): - usage = "%prog [-v|--verbose] name" - parser = OptionParser(usage=usage) - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "name") - ipa.config.init_config(options) - - return options, args - -def main(): - - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - aci_entry = client.get_aci_entry(aci_fields) - - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - acistr = None - aci_list = [] - for aci_str in aci_str_list: - try: - aci = ipa.aci.ACI(aci_str) - if aci.name == args[0]: - acistr = aci_str - source_group = aci.source_group - else: - aci_list.append(aci) - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - - if acistr is None: - print "No delegation '%s' found." % args[0] - return 2 - - old_aci_index = aci_str_list.index(acistr) - - new_aci_str_list = copy.deepcopy(aci_str_list) - del new_aci_str_list[old_aci_index] - aci_entry.setValue('aci', new_aci_str_list) - - client.update_entry(aci_entry) - - last = True - # If this is the last delegation for a group, remove it from editors - for a in aci_list: - if source_group == a.source_group: - last = False - break - - if last: - group = client.get_entry_by_cn("editors") - client.remove_member_from_group(source_group, group.dn) - - print "Delegation removed." - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except (SyntaxError, ipaerror.IPAError), e: - print "Delegation deletion failed: " + str(e) - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-delgroup b/ipa-admintools/ipa-delgroup deleted file mode 100644 index 62ae3962b..000000000 --- a/ipa-admintools/ipa-delgroup +++ /dev/null @@ -1,109 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - import errno - import socket - import ldap - - import xmlrpclib - import kerberos -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [-v|--verbose] group" - parser = OptionParser(usage=usage) - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "group") - ipa.config.init_config(options) - - return options, args - -def main(): - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - groups = client.find_groups(args[0], ['cn','description','gidnumber','nsAccountLock']) - - counter = groups[0] - groups = groups[1:] - to_delete = None - - for i in range(counter): - dn_list = ldap.explode_dn(groups[i].dn.lower()) - if "cn=%s" % args[0].lower() in dn_list: - to_delete = groups[i] - - if to_delete is None: - print "Group '%s' not found." % args[0] - return 2 - - ret = client.delete_group(to_delete.dn) - if (ret == "Success"): - print args[0] + " successfully deleted" - else: - print args[0] + " " + ret - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-delservice b/ipa-admintools/ipa-delservice deleted file mode 100644 index c295edc73..000000000 --- a/ipa-admintools/ipa-delservice +++ /dev/null @@ -1,110 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - - import xmlrpclib - import kerberos - import krbV - import ldap - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [-v|--verbose] principal" - parser = OptionParser(usage=usage) - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "principal") - ipa.config.init_config(options) - - return options, args - -def main(): - # The following fields are required - princ_name = "" - - options, args = parse_options() - - princ_name = args[0] - - client = ipaclient.IPAClient(verbose=options.verbose) - - hosts = client.find_service_principal(args[0], sattrs=None) - counter = hosts[0] - hosts = hosts[1:] - - if counter == 0: - print "Service Principal '%s' not found." % args[0] - return 2 - if counter != 1: - print "An exact match was not found. Found %d principals for %s" % (counter, args[0]) - return 2 - - client.delete_service_principal(hosts[0].dn) - - print "Successfully deleted" - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-deluser b/ipa-admintools/ipa-deluser deleted file mode 100644 index 4b0db7e63..000000000 --- a/ipa-admintools/ipa-deluser +++ /dev/null @@ -1,90 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.ipaclient as ipaclient - import ipa.ipautil as ipautil - import ipa.config - import errno - import socket - - import xmlrpclib - import kerberos -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [-v|--verbose] user" - parser = OptionParser(usage=usage) - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "user") - ipa.config.init_config(options) - - return options, args - -def main(): - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - ret = client.delete_user(args[0]) - print args[0] + " successfully deleted" - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-findgroup b/ipa-admintools/ipa-findgroup deleted file mode 100644 index d9a9acc39..000000000 --- a/ipa-admintools/ipa-findgroup +++ /dev/null @@ -1,157 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa.ipaclient as ipaclient - import ipa.ipaadminutil as ipaadminutil - import ipa.ipautil as ipautil - import ipa.config - - import errno - import sys - import xmlrpclib - import kerberos - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [options] group" - parser = OptionParser(usage=usage) - - parser.add_option("-a", "--all", action="store_true", dest="all", - help="Show all group attributes") - parser.add_option("-n", "--notranslate", action="store_true", - dest="notranslate", - help="Don't translate LDAP attributes into readable labels") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "group") - ipa.config.init_config(options) - - return options, args - -def main(): - group={} - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - if options.all is None: - groups = client.find_groups(args[0], ['cn','description','gidnumber','nsAccountLock']) - else: - groups = client.find_groups(args[0], sattrs=['*','nsAccountLock']) - - counter = groups[0] - groups = groups[1:] - groupindex = -1 - if counter == 0: - print "No entries found for", args[0] - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - - if counter > 1: - try: - groupindex = ipaadminutil.select_group(counter, groups) - except KeyboardInterrupt: - return 1 - if groupindex == "q": - return 0 - - if groupindex >= 0: - groups = [groups[groupindex]] - - for ent in groups: - try: - members = client.group_members(ent.dn, ['dn','cn'], 0) - except ipa.ipaerror.IPAError, e: - print "Error getting members for " + ent.dn - print str(e) - continue - attr = ent.attrList() - if options.notranslate: - labels = {} - for a in attr: - labels[a] = a - else: - labels = client.attrs_to_labels(attr) - - print "dn: " + ent.dn - - for a in attr: - value = ent.getValues(a) - if isinstance(value,str): - print labels[a] + ": " + value - else: - print labels[a] + ": " - for l in value: - print "\t" + l - - counter = members[0] - members = members[1:] - - if counter > 0: - print "Members:" - for m in members: - print " " + m.getValue('cn') + ": " + m.dn - # blank line between results - print - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-findservice b/ipa-admintools/ipa-findservice deleted file mode 100644 index c9aa4c058..000000000 --- a/ipa-admintools/ipa-findservice +++ /dev/null @@ -1,105 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - import ipa.ipaadminutil as ipaadminutil - - import errno - import sys - import xmlrpclib - import kerberos - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [-v|--verbose] host" - parser = OptionParser(usage=usage) - - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "host") - ipa.config.init_config(options) - - return options, args - -def main(): - user={} - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - hosts = client.find_service_principal(args[0], sattrs=None) - - counter = hosts[0] - hosts = hosts[1:] - userindex = 0 - if counter == 0: - print "No entries found for", args[0] - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - - for ent in hosts: - print ent.krbprincipalname - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-finduser b/ipa-admintools/ipa-finduser deleted file mode 100644 index 75df9493f..000000000 --- a/ipa-admintools/ipa-finduser +++ /dev/null @@ -1,177 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import sys -try: - from optparse import OptionParser - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - import ipa.ipaadminutil as ipaadminutil - import base64 - - import errno - import sys - import xmlrpclib - import kerberos - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [-a|--all] [-n|--notranslate] [-v|--verbose] user" - parser = OptionParser(usage=usage) - - parser.add_option("-a", "--all", action="store_true", dest="all", - help="Display all attributes") - parser.add_option("-n", "--notranslate", action="store_true", - dest="notranslate", - help="Don't translate LDAP attributes into readable labels") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "user") - ipa.config.init_config(options) - - return options, args - -def wrap_binary_data(data): - """Converts all binary data strings into base64-encoded objects for display - """ - if isinstance(data, str): - if ipautil.needs_base64(data): - return base64.encodestring(data) - else: - return data - elif isinstance(data, list) or isinstance(data,tuple): - retval = [] - for value in data: - retval.append(wrap_binary_data(value)) - return retval - elif isinstance(data, dict): - retval = {} - for (k,v) in data.iteritems(): - retval[k] = wrap_binary_data(v) - return retval - else: - return data - -def main(): - user={} - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - if options.all is None: - users = client.find_users(args[0], sattrs=['uid','givenname','sn','homeDirectory','loginshell']) - else: - users = client.find_users(args[0], sattrs=None) - - counter = users[0] - users = users[1:] - userindex = 0 - if counter == 0: - print "No entries found for", args[0] - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - - if counter > 1: - try: - userindex = ipaadminutil.select_user(counter, users) - except KeyboardInterrupt: - return 1 - if userindex == "q": - return 0 - - if userindex >= 0: - users = [users[userindex]] - - for ent in users: - attr = ent.attrList() - attr.sort() - - # Always have sn following givenname - try: - l = attr.index('givenname') - attr.remove('sn') - attr.insert(l+1, 'sn') - except ValueError: - pass - - if options.notranslate: - labels = {} - for a in attr: - labels[a] = a - else: - labels = client.attrs_to_labels(attr) - - if options.all is True: - print "dn: " + ent.dn - - for a in attr: - value = ent.getValues(a) - if isinstance(value,str): - print labels[a] + ": " + str(wrap_binary_data(value)).rstrip() - else: - print labels[a] + ": " - for l in value: - print "\t" + wrap_binary_data(l) - # blank line between results - print - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-listdelegation b/ipa-admintools/ipa-listdelegation deleted file mode 100644 index 46ddf3a3f..000000000 --- a/ipa-admintools/ipa-listdelegation +++ /dev/null @@ -1,140 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - - import operator - import xmlrpclib - import kerberos - import errno - import socket - - import ipa.aci - from ipa import ipaerror -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -aci_fields = ['*', 'aci'] - -def parse_options(): - parser = OptionParser() - parser.add_option("-s", "--source", dest="source", - help="Source group of delegation") - parser.add_option("-n", "--name", dest="name", - help="Name of delegation") - parser.add_option("-t", "--target", dest="target", - help="Target group of delegation") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args) - ipa.config.init_config(options) - - return options, args - -def main(): - - options, args = parse_options() - - all = True - if options.name or options.source or options.target: - all = False - - client = ipaclient.IPAClient(verbose=options.verbose) - aci_entry = client.get_aci_entry(aci_fields) - - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - aci_list = [] - for aci_str in aci_str_list: - try: - aci = ipa.aci.ACI(aci_str) - aci_list.append(aci) - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - - group_dn_to_cn = ipa.aci.extract_group_cns(aci_list, client) - - found = False - # the operator.itemgetter(0) lets us sort by the name field - for a in sorted(aci_list, key=operator.itemgetter(0)): - labels = client.attrs_to_labels(a.attrs) - if (all or options.name == a.name or - options.source == group_dn_to_cn[a.source_group] or - options.target == group_dn_to_cn[a.dest_group]): - print "Delegation Name: " + a.name - print "Group " + group_dn_to_cn[a.source_group] - print " can modify these attributes: " - for l in labels: - print "\t" + labels[l] - print " for group " + group_dn_to_cn[a.dest_group] - print - found = True - - if found: - return 0 - else: - return 2 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipaerror.IPAError, e: - print("Delegation list failed: " + str(e)) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-lockuser b/ipa-admintools/ipa-lockuser deleted file mode 100644 index 85f2d5bfb..000000000 --- a/ipa-admintools/ipa-lockuser +++ /dev/null @@ -1,109 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipautil as ipautil - import errno - import socket - - import xmlrpclib - import kerberos -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "%prog [-u|--unlock] [-v|--verbose] user" - parser = OptionParser(usage=usage) - parser.add_option("-u", "--unlock", action="store_true", dest="unlock", - help="Unlock a user's account") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - ipa.config.verify_args(parser, args, "user") - ipa.config.init_config(options) - - return options, args - -def main(): - options, args = parse_options() - - msg = "inactivated" - client = ipaclient.IPAClient(verbose=options.verbose) - if options.unlock: - try: - ret = client.mark_user_active(args[0]) - msg = "unlocked" - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - print "User is already marked active" - return 0 - except: - raise - else: - try: - ret = client.mark_user_inactive(args[0]) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - print "User is already marked inactive" - return 0 - except: - raise - print args[0] + " successfully %s" % msg - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-moddelegation b/ipa-admintools/ipa-moddelegation deleted file mode 100644 index 86e12c17b..000000000 --- a/ipa-admintools/ipa-moddelegation +++ /dev/null @@ -1,241 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.ipaclient as ipaclient - import ipa.ipaadminutil as ipaadminutil - import ipa.config - import ipa.aci - import ipa.ipautil as ipautil - - import xmlrpclib - import kerberos - import krbV - import ldap - import copy - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -aci_fields = ['*', 'aci'] - -def parse_options(): - usage = "%prog -l|--list\n" - usage += "%prog [-a|--attributes attr1,attr2,..,attrn] [-s|--source STRING] [-t|--target STRING] [-v|--verbose] name" - parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter()) - parser.add_option("-a", "--attributes", dest="attributes", - help="The attributes the source group may change in the target group") - parser.add_option("-l", "--list", dest="list", action="store_true", - help="List common attributes (this is not an exhaustive list)") - parser.add_option("-s", "--source", dest="source", - help="The source group name") - parser.add_option("-t", "--target", dest="target", - help="The target group name") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if not options.list: - if not options.attributes and not options.source and not options.target: - parser.error("need at least one option of -a, -s, or -t") - ipa.config.verify_args(parser, args, "name") - - ipa.config.init_config(options) - - return options, args - -def main(): - - options, args = parse_options() - - if options.list: - client = ipaclient.IPAClient(verbose=options.verbose) - l = client.get_all_attrs() - - for x in l: - print x - return 0 - - client = ipaclient.IPAClient(verbose=options.verbose) - - # first do some sanity checking - - if options.source: - source_grp = client.find_groups(options.source) - counter = source_grp[0] - source_grp = source_grp[1:] - groupindex = -1 - if counter == 0: - print "No entries found for %s" % options.source - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - return 3 - - if counter > 1: - print "\nMultiple entries for the source group found." - groupindex = ipaadminutil.select_group(counter, source_grp) - if groupindex == "q": - return 0 - - if groupindex >= 0: - source_grp = [source_grp[groupindex]] - - if options.target: - target_grp = client.find_groups(options.target) - counter = target_grp[0] - target_grp = target_grp[1:] - groupindex = -1 - if counter == 0: - print "No entries found for %s" % options.target - return 2 - elif counter == -1: - print "These results are truncated." - print "Please refine your search and try again." - return 3 - - if counter > 1: - print "\nMultiple entries for the target group found." - groupindex = ipaadminutil.select_group(counter, target_grp) - if groupindex == "q": - return 0 - - if groupindex >= 0: - target_grp = [target_grp[groupindex]] - - if options.attributes: - attr_list = options.attributes.split(',') - - # find the old aci - - aci_entry = client.get_aci_entry(aci_fields) - - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - old_aci = None - acistr = None - aci_list = [] - for aci_str in aci_str_list: - try: - old_aci = ipa.aci.ACI(aci_str) - if old_aci.name == args[0]: - acistr = aci_str - orig_group = old_aci.source_group - else: - aci_list.append(old_aci) - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - - if acistr is None: - print "No delegation %s found." % args[0] - return 2 - - old_aci_index = aci_str_list.index(acistr) - - new_aci = ipa.aci.ACI() - new_aci.name = args[0] - if options.source: - new_aci.source_group = source_grp[0].dn - else: - new_aci.source_group = old_aci.source_group - if options.target: - new_aci.dest_group = target_grp[0].dn - else: - new_aci.dest_group = old_aci.dest_group - if options.attributes: - new_aci.attrs = attr_list - else: - new_aci.attrs = old_aci.attrs - new_aci_str = new_aci.export_to_string() - - new_aci_str_list = copy.deepcopy(aci_str_list) - new_aci_str_list[old_aci_index] = new_aci_str - aci_entry.setValue('aci', new_aci_str_list) - - client.update_entry(aci_entry) - - if options.source: - last = True - # If this is the last delegation for a group, remove it from editors - for a in aci_list: - if orig_group == a.source_group: - last = False - break - - if last: - group = client.get_entry_by_cn("editors") - client.remove_member_from_group(orig_group, group.dn) - - # Now add to the editors group so they can make changes in the UI - try: - group = client.get_entry_by_cn("editors") - client.add_group_to_group(new_aci.source_group, group.dn) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - # This is ok, ignore it - pass - - print "Delegation %s successfully updated" % args[0] - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-modgroup b/ipa-admintools/ipa-modgroup deleted file mode 100644 index 6f5d72909..000000000 --- a/ipa-admintools/ipa-modgroup +++ /dev/null @@ -1,234 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.group - import ipa.ipaclient as ipaclient - import ipa.config - import ipa.ipaerror - - import xmlrpclib - import kerberos - import ldap - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def set_add_usage(which): - print "%s option usage: --%s NAME=VALUE" % (which, which) - -def parse_options(): - usage = "%prog [-l|--list]\n" - usage += "%prog [-a|--add] [-r|--remove] [-v|--verbose] user group\n" - usage += "%prog [-g|--groupadd] [-e|--groupdel] [-v|--verbose] group group\n" - usage += "%prog [-d|--desc description STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] [-v|--verbose] group" - parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter()) - parser.add_option("-a", "--add", dest="add", action="store_true", - help="Add a user to the group") - parser.add_option("-r", "--remove", dest="remove", action="store_true", - help="Remove a user from the group") - parser.add_option("-g", "--groupadd", dest="groupadd", action="store_true", - help="Add a group to the group") - parser.add_option("-e", "--groupdel", dest="groupdel", action="store_true", - help="Remove a group from the group") - parser.add_option("-d", "--description", dest="desc", - help="Modify the description of the group") - parser.add_option("--addattr", dest="addattr", - help="Adds an attribute or values to that attribute, attr=value", - action="append") - parser.add_option("--delattr", dest="delattr", - help="Remove an attribute", action="append") - parser.add_option("--setattr", dest="setattr", - help="Set an attribute, dropping any existing values that may exist", - action="append") - parser.add_option("-l", "--list", dest="list", action="store_true", - help="List common attributes (this is not an exhaustive list)") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if ((not options.add and not options.remove) and - (not options.groupadd and not options.groupdel) and - (not options.desc and not options.addattr and - not options.delattr and not options.setattr and not options.list)): - parser.error("need to specify at least one operation") - - if not options.list: - if options.add or options.remove: - ipa.config.verify_args(parser, args, "user group") - elif options.groupadd or options.groupdel: - ipa.config.verify_args(parser, args, "group group") - elif options.desc or options.addattr or options.delattr or options.setattr: - ipa.config.verify_args(parser, args, "group") - - ipa.config.init_config(options) - - return options, args - -def get_group(client, options, group_cn): - try: - attrs = ['*'] - - # in case any attributes being modified are operational such as - # nsaccountlock. Any attribute to be deleted needs to be included - # in the original record so it can be seen as being removed. - if options.delattr: - for d in options.delattr: - attrs.append(d) - group = client.get_entry_by_cn(group_cn, sattrs=attrs) - - except ipa.ipaerror.IPAError, e: - print "%s" % e.message - return None - - return group - -def main(): - group=ipa.group.Group() - options, args = parse_options() - - if options.list: - client = ipaclient.IPAClient(verbose=options.verbose) - list = client.get_all_attrs() - - for x in list: - print x - return 0 - - client = ipaclient.IPAClient(verbose=options.verbose) - if options.add: - group = get_group(client, options, args[1]) - if group is None: - return 1 - users = args[0].split(',') - for user in users: - client.add_user_to_group(user, group.dn) - print user + " successfully added to " + args[1] - elif options.remove: - group = get_group(client, options, args[1]) - if group is None: - return 1 - users = args[0].split(',') - for user in users: - client.remove_user_from_group(user, group.dn) - print user + " successfully removed" - elif options.groupadd: - group = get_group(client, options, args[1]) - if group is None: - return 1 - groups = args[0].split(',') - for g in groups: - tgroup = get_group(client, options, g) - if tgroup is not None: - client.add_group_to_group(tgroup.dn, group.dn) - print g + " successfully added to " + args[1] - else: - print "Group %s not found" % g - elif options.groupdel: - group = get_group(client, options, args[1]) - if group is None: - return 1 - groups = args[0].split(',') - for g in groups: - tgroup = get_group(client, options, g) - if tgroup is not None: - client.remove_member_from_group(tgroup.dn, group.dn) - print g + " successfully removed " + args[1] - else: - print "Group %s not found" % g - else: - group = get_group(client, options, args[0]) - if group is None: - return 1 - - if options.desc: - group.setValue('description', options.desc) - - if options.delattr: - for d in options.delattr: - group.delValue(d) - - if options.setattr: - for s in options.setattr: - s = s.split('=', 1) - if len(s) != 2: - set_add_usage("set") - sys.exit(1) - (attr,value) = s - group.setValue(attr, value) - - if options.addattr: - for a in options.addattr: - a = a.split('=', 1) - if len(a) != 2: - set_add_usage("add") - sys.exit(1) - (attr,value) = a - cvalue = group.getValue(attr) - if cvalue: - if isinstance(cvalue,str): - cvalue = [cvalue] - value = cvalue + [value] - group.setValue(attr, value) - - client.update_group(group) - print args[0] + " successfully updated" - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e)) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-moduser b/ipa-admintools/ipa-moduser deleted file mode 100644 index ec483a5d9..000000000 --- a/ipa-admintools/ipa-moduser +++ /dev/null @@ -1,256 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.user - import ipa.ipaclient as ipaclient - import ipa.ipavalidate as ipavalidate - import ipa.ipautil as ipautil - import ipa.config - - import xmlrpclib - import kerberos - import ldap - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def set_add_usage(which): - print "%s option usage: --%s NAME=VALUE" % (which, which) - -def parse_options(): - usage = "%prog --list\n" - usage = "%prog [options] user" - parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter()) - parser.add_option("-a", "--activate", dest="activate", action="store_true", - help="Activate the user") - parser.add_option("-c", "--gecos", dest="gecos", - help="Set the GECOS field") - parser.add_option("-d", "--directory", dest="directory", - help="Set the User's home directory") - parser.add_option("-f", "--firstname", dest="gn", - help="User's first name") - parser.add_option("-l", "--lastname", dest="sn", - help="User's last name") - parser.add_option("-s", "--shell", dest="shell", - help="Set user's login shell to shell") - parser.add_option("--addattr", dest="addattr", - help="Adds an attribute or values to that attribute, attr=value", - action="append") - parser.add_option("--delattr", dest="delattr", - help="Remove an attribute", action="append") - parser.add_option("--setattr", dest="setattr", - help="Set an attribute, dropping any existing values that may exist", - action="append") - parser.add_option("--list", dest="list", action="store_true", - help="List common attributes (this is not an exhaustive list)") - parser.add_option("-M", "--mailAddress", dest="mail", - help="Set user's e-mail address") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if not options.list: - ipa.config.verify_args(parser, args, "user") - - ipa.config.init_config(options) - - return options, args - -def main(): - # The following fields are required - givenname = "" - lastname = "" - username = "" - mail = "" - gecos = "" - directory = "" - groups = "" - shell = "" - - match = False - - options, args = parse_options() - - if options.list: - client = ipaclient.IPAClient(verbose=options.verbose) - list = client.get_all_attrs() - - for x in list: - print x - return 0 - - username = args[0] - - client = ipaclient.IPAClient(verbose=options.verbose) - try: - attrs = ['*'] - - # in case any attributes being modified are operational such as - # nsaccountlock. Any attribute to be deleted needs to be included - # in the original record so it can be seen as being removed. - if options.delattr: - for d in options.delattr: - attrs.append(d) - user = client.get_user_by_uid(username, sattrs=attrs) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): - print "User %s not found" % username - return 1 - except: - raise - - # If any options are set we use just those. Otherwise ask for all of them. - if options.gn or options.sn or options.directory or options.gecos or options.mail or options.shell or options.addattr or options.delattr or options.setattr or options.activate: - givenname = options.gn - lastname = options.sn - gecos = options.gecos - directory = options.directory - mail = options.mail - shell = options.shell - else: - if not options.gn: - givenname = ipautil.user_input("First name", user.getValue('givenname'), allow_empty = False) - else: - givenname = options.gn - if (not ipavalidate.String(givenname, notEmpty=True)): - print "Please enter a value" - return 1 - - if not options.sn: - lastname = ipautil.user_input("Last name", user.getValue('sn'), allow_empty = False) - else: - lastname = options.sn - if (not ipavalidate.String(lastname, notEmpty=True)): - print "Please enter a value" - return 1 - - if not options.mail: - mail = ipautil.user_input_email("E-mail address", user.getValue('mail'), allow_empty = True) - else: - mail = options.mail - if (not ipavalidate.Email(mail)): - print "E-mail must include a user and domain name" - return 1 - - # Ask the questions we don't normally force. We don't require answers - # for these. - if not options.gecos: - gecos = ipautil.user_input("gecos", user.getValue('gecos')) - - if not options.directory: - directory = ipautil.user_input_path("Home directory", user.getValue('homeDirectory')) - if not options.shell: - shell = ipautil.user_input("Shell", user.getValue('loginshell'), allow_empty = False) - - if givenname: - user.setValue('givenname', givenname) - if lastname: - user.setValue('sn', lastname) - if mail: - user.setValue('mail', mail) - - if gecos: - user.setValue('gecos', gecos) - if directory: - user.setValue('homedirectory', directory) - if shell: - user.setValue('loginshell', shell) - - if options.delattr: - for d in options.delattr: - user.delValue(d) - - if options.setattr: - for s in options.setattr: - s = s.split('=', 1) - if len(s) != 2: - set_add_usage("set") - sys.exit(1) - (attr,value) = s - user.setValue(attr, value) - - if options.addattr: - for a in options.addattr: - a = a.split('=', 1) - if len(a) != 2: - set_add_usage("add") - sys.exit(1) - (attr,value) = a - cvalue = user.getValues(attr) - if cvalue: - if isinstance(cvalue,str): - cvalue = [cvalue] - value = cvalue + [value] - user.setValue(attr, value) - - if options.activate: - try: - client.mark_user_active(user.getValues('uid')) - print "User activated successfully." - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - print "User is already marked active" - return 0 - except: - raise - - client.update_user(user) - - print username + " successfully updated" - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1]) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-passwd b/ipa-admintools/ipa-passwd deleted file mode 100644 index 616e6cac8..000000000 --- a/ipa-admintools/ipa-passwd +++ /dev/null @@ -1,146 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Tempal Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.ipaclient as ipaclient - import ipa.config - - import xmlrpclib - import kerberos - import krbV - import ldap - import getpass - import errno - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "ipa-passwd [-v|--verbose] [user]" - parser = OptionParser(usage=usage) - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - if len(args) > 1: - parser.error("too many arguments") - ipa.config.init_config(options) - - return options, args - -def get_principal(krbctx): - try: - ccache = krbctx.default_ccache() - cprinc = ccache.principal() - except krbV.Krb5Error, e: - #TODO: do a kinit - print "Unable to get kerberos principal: %s" % e[1] - return None - - return cprinc.name - -def main(): - match = False - username = None - principal = None - - options, args = parse_options() - - krbctx = krbV.default_context() - - if len(args) == 1: - username = args[0] - else: - principal = get_principal(krbctx) - if principal is None: - return 1 - - if not principal: - u = username.split('@') - if len(u) > 2 or len(u) == 0: - print "Invalid user name (%s)" % username - if len(u) == 1: - principal = username+"@"+krbctx.default_realm - else: - principal = username - - print "Changing password for %s" % principal - - try: - while (match != True): - # No syntax checking of the password is required because that is - # done on the server side - password = getpass.getpass(" New Password: ") - confirm = getpass.getpass(" Confirm Password: ") - if (password != confirm): - print "Passwords do not match" - match = False - elif (len(password) < 1): - print "Password cannot be empty" - match = False - else: - match = True - except KeyboardInterrupt: - print "" - print "Password change cancelled" - return 1 - - client = ipaclient.IPAClient(verbose=options.verbose) - client.modifyPassword(principal, '', password) - - return 0 - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1]) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/ipa-pwpolicy b/ipa-admintools/ipa-pwpolicy deleted file mode 100644 index 91b0f3ecc..000000000 --- a/ipa-admintools/ipa-pwpolicy +++ /dev/null @@ -1,153 +0,0 @@ -#! /usr/bin/python -E -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -import sys -try: - from optparse import OptionParser - import ipa - import ipa.entity - import ipa.ipaclient as ipaclient - import ipa.config - - import xmlrpclib - import kerberos - import errno - import validate - import socket -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - -def parse_options(): - usage = "ipa-pwpolicy [--maxlife days] [--minlife hours] [--history number] [--minclasses number] [--minlength number] [-v|--verbose]\n" - usage += "ipa-pwpolicy --show" - parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter()) - parser.add_option("--maxlife", dest="maxlife", - help="Max. Password Lifetime (days)") - parser.add_option("--minlife", dest="minlife", - help="Min. Password Lifetime (hours)") - parser.add_option("--history", dest="history", - help="Password History Size") - parser.add_option("--minclasses", dest="minclasses", - help="Min. Number of Character Classes") - parser.add_option("--minlength", dest="minlength", - help="Min. Length of Password") - parser.add_option("--show", dest="show", action="store_true", - help="Show the current password policy") - parser.add_option("--usage", action="store_true", - help="Program usage") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose", - help="Verbose output of the XML-RPC connection") - - ipa.config.add_standard_options(parser) - options, args = parser.parse_args() - - if not options.show: - if not options.maxlife and not options.minlife and not options.history and not options.minclasses and not options.minlength: - parser.error("need at least one option of --maxlife, --minlife, --history, --minclasses or --minlength") - - ipa.config.init_config(options) - - return options, args - -def show_policy(client): - policy = client.get_password_policy() - print "Password Policy" - print "Min. Password Lifetime (hours): %s" % policy.getValues('krbminpwdlife') - print "Max. Password Lifetime (days): %s" % policy.getValues('krbmaxpwdlife') - print "Min. Number of Character Classes: %s" % policy.getValues('krbpwdmindiffchars') - print "Min. Length of Password: %s" % policy.getValues('krbpwdminlength') - print "Password History Size: %s" % policy.getValues('krbpwdhistorylength') - -def update_policy(client, options): - current = client.get_password_policy() - - new = ipa.entity.Entity(current.toDict()) - - try: - if options.maxlife: - validate.is_integer(options.maxlife, min=0) - new.setValue('krbmaxpwdlife', options.maxlife) - if options.minlife: - validate.is_integer(options.minlife, min=0) - new.setValue('krbminpwdlife', options.minlife) - if options.history: - validate.is_integer(options.history, min=0) - new.setValue('krbpwdhistorylength', options.history) - if options.minclasses: - validate.is_integer(options.minclasses, min=0) - new.setValue('krbpwdmindiffchars', options.minclasses) - if options.minlength: - validate.is_integer(options.minlength, min=0) - new.setValue('krbpwdminlength', options.minlength) - except (validate.VdtTypeError, validate.VdtValueTooSmallError), e: - print e - return 1 - - if int(new.getValue('krbminpwdlife')) > int(new.getValue('krbmaxpwdlife')) * 24: - print "Maximum password life must be greater than minimum" - return 1 - - client.update_password_policy(new) - return 0 - -def main(): - options, args = parse_options() - - client = ipaclient.IPAClient(verbose=options.verbose) - - if options.show: - show_policy(client) - return 0 - - return update_policy(client, options) - -try: - if __name__ == "__main__": - sys.exit(main()) -except SystemExit, e: - sys.exit(e) -except KeyboardInterrupt, e: - sys.exit(1) -except xmlrpclib.Fault, fault: - if fault.faultCode == errno.ECONNREFUSED: - print "The IPA XML-RPC service is not responding." - else: - print fault.faultString - sys.exit(1) -except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1]) - sys.exit(1) -except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - sys.exit(1) -except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - sys.exit(1) -except socket.error, e: - print e[1] - print "Re-run with -v flag for more details." -except Exception, e: - print "%s" % str(e) - sys.exit(1) diff --git a/ipa-admintools/man/Makefile b/ipa-admintools/man/Makefile deleted file mode 100644 index 506dbb43b..000000000 --- a/ipa-admintools/man/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -MANDIR = $(DESTDIR)/usr/share/man - -MANFILES=\ - ipa-adddelegation.1 \ - ipa-addgroup.1 \ - ipa-addservice.1 \ - ipa-adduser.1 \ - ipa-deldelegation.1 \ - ipa-delgroup.1 \ - ipa-delservice.1 \ - ipa-deluser.1 \ - ipa-findgroup.1 \ - ipa-findservice.1 \ - ipa-finduser.1 \ - ipa-modgroup.1 \ - ipa-listdelegation.1 \ - ipa-lockuser.1 \ - ipa-moddelegation.1 \ - ipa-passwd.1 \ - ipa-pwpolicy.1 \ - ipa-moduser.1 \ - ipa-defaultoptions.1 - -all: ; - -install: - mkdir -p $(MANDIR)/man1 - @for i in $(MANFILES) ; do install -m 644 $$i $(MANDIR)/man1 ; gzip -f $(MANDIR)/man1/$$i ; done - -clean: - -test: diff --git a/ipa-admintools/man/ipa-adddelegation.1 b/ipa-admintools/man/ipa-adddelegation.1 deleted file mode 100644 index 4db109f66..000000000 --- a/ipa-admintools/man/ipa-adddelegation.1 +++ /dev/null @@ -1,62 +0,0 @@ -.\" A man page for ipa-adddelegation -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-adddelegation" "1" "Oct 24 2007" "freeipa" "" -.SH "NAME" -ipa\-adddelegation \- Add a delegation - -.SH "SYNOPSIS" -ipa\-adddelegation [\fIOPTION\fR]... \fIname\fR - -.SH "DESCRIPTION" -Adds a delegation named \fIname\fR. - -A delegation is used to grant write access to certain attributes from one group to another. - -For example, a secretary group may be granted write access to modify the phone attribute of all users in a manager's group. -.SH "OPTIONS" -.TP -\fB\-a\fR, \fB\-\-attributes\fR=\fIATTRIBUTES\fR -A comma\-separated list of the \f[SM]attributes\fR that may be written by the source group. -.TP -\fB\-l\fR -Provide a list of common attribute names. This is not an exhaustive list. -.TP -\fB\-s\fR, \fB\-\-source\fR=\fISOURCE\fR -The name of the group that is being granted write permission. -.TP -\fB\-t\fR, \fB\-\-target\fR=\fITARGET\fR -The name of the group that will be written to. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output -.PP -All arguments except \-v/\-\-verbose are mandatory. -.SH "EXAMPLES" -.TP -ipa\-adddelegation \-a telephonenumber,facsimiletelephonenumber,mobile \-s secretaries \-t everyone phones - -Create a delegation named \fBphones\fR that will let anyone in the \fIsecretaries\fR group edit the phone numbers of anyone in the group \fIeveryone\fR. -.SH "EXIT STATUS" -0 if the delegation was added successfully - -1 if an error occurred - -2 if no not exactly one matching source group was found (0 or more than one) - -3 if no not exactly one matching target group was found (0 or more than one diff --git a/ipa-admintools/man/ipa-addgroup.1 b/ipa-admintools/man/ipa-addgroup.1 deleted file mode 100644 index 0e61c6192..000000000 --- a/ipa-admintools/man/ipa-addgroup.1 +++ /dev/null @@ -1,51 +0,0 @@ -.\" A man page for ipa-addgroup -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-addgroup" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-addgroup \- Add a group - -.SH "SYNOPSIS" -ipa\-addgroup [\fIOPTION\fR]... \fIgroup\fR - -.SH "DESCRIPTION" -Adds a group with name \fIgroup\fR. -.SH "OPTIONS" -.TP -\fB\-d\fR, \fB\-\-description\fR=\fIdescription\fR -Set the description of the group to \fIdescription\fR. -.TP -\fB\-g\fR, \fB\-\-gid\fR=\fIgid\fR -Set the gid for this group to \fIgid\fR. -If this option is not present, one is created automatically -by \fBfreeIPA\fR. -.TP -\fB\-\-addattr\fR \fIattr=value\fR -Adds \fIvalue\fR to attribute \fIattr\fR. Attributes set this way are done after other options. If an attribute is listed more than once or already exists in the entry, it is considered a multi\-valued attribute and a list of the values is created. -.TP -\fB\-\-setattr\fR \fIattr=value\fR -Set attribute \fIattr\fR to \fIvalue\fR. Any existing value will be replaced with \fIvalue\fR. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.PP -The group name and description are mandatory fields. If either of these are not included on the command line you will be asked interactively. - -If no options are passed then all questions are asked. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-addservice.1 b/ipa-admintools/man/ipa-addservice.1 deleted file mode 100644 index 545505720..000000000 --- a/ipa-admintools/man/ipa-addservice.1 +++ /dev/null @@ -1,59 +0,0 @@ -.\" A man page for ipa-addservice -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-addservice" "1" "Jan 4 2008" "freeipa" "" -.SH "NAME" -ipa\-addservice \- Add a service principal - -.SH "SYNOPSIS" -ipa\-addservice [\fIOPTION\fR]... \fIprincipal\fR -.SH "DESCRIPTION" -Adds a service principal \fIprincipal\fR. - -The principal takes the form of: - -service/fully\-qualified\-hostname - -The list of possible services is too extensive to list here but a short list is: - -cifs -dns -host -HTTP -ldap -nfs - -The IPA server automatically appends the Kerberos realm for which it is configured. You cannot specify a different realm. - -The hostname must resolve to a DNS A record in order to ensure that it will work with Kerberos. Use the \-\-force flag to force the creation of a principal. -.SH "OPTIONS" -.TP -\fB\-\-force\fR -Force the creation of the given principal name. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "EXAMPLES" -.TP -ipa\-addservice HTTP/www.example.com -Add a service principal for a web server -.TP -ipa\-addservice host/ipa.example.com -Add a service principal for the host (for ssh, for example) -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-adduser.1 b/ipa-admintools/man/ipa-adduser.1 deleted file mode 100644 index 0b8ad3e3b..000000000 --- a/ipa-admintools/man/ipa-adduser.1 +++ /dev/null @@ -1,84 +0,0 @@ -.\" A man page for ipa-adduser -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-adduser" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-adduser \- Add a user - -.SH "SYNOPSIS" -ipa\-adduser [\fIOPTION\fR]... \fIuser\fR - -.SH "DESCRIPTION" -Adds a user with username \fIuser\fR. - -.SH "OPTIONS" -.TP -\fB\-c\fR, \fB\-\-gecos\fR=\fIgecos\fR -Set the \f[SM]GECOS\fR field to \fIgecos\fR. -The \f[SM]GECOS\fR field is traditionally used to store user's real name and other information. -.TP -\fB\-d\fR, \fB\-\-directory\fR=\fIdirectory\fR -Set user's home directory to \fIdirectory\fR. -If this option is not present, a default specified by the -.B freeIPA configuration is used. -.TP -\fB\-f\fR, \fB\-\-firstname\fR=\fIgivenName\fR -Set user's first name to \fIgivenName\fR. -.TP -\fB\-l\fR, \fB\-\-lastname\fR=\fIfamilyName\fR -Set user's last name to \fIfamilyName\fR. -.TP -\fB\-p\fR, \fB\-\-password\fR=\fIpassword\fR -Set user's password to \fIpassword\fR. -.TP -\fB\-P\fR -Prompt for the user's password. -.TP -\fB\-s\fR, \fB\-\-shell\fR=\fIshell\fR -Set the user's login shell to \fIshell\fR. -If this option is not present, a default specified by the -.B freeIPA configuration is used. -.TP -\fB\-G\fR, \fB\-\-groups\fR=\fIgroups\fR -Add this user to one or more groups in \fIgroups\fR. -\fIgroups\fR is a comma\-separated list of groups. -Each \fIgroup\fR must already exist. -.TP -\fB\-k\fR, \fB\-\-krb\-principal\fR=\fIprincipal\fR -Set this user's principal to \fIprincipal\fR. -By default the principal is set to \fBuser\fR. -.TP -\fB\-M\fR, \fB\-\-mailAddress\fR=\fImail\fR -Set this user's e\-mail address to \fImail\fR. -.TP -\fB\-\-addattr\fR \fIattr=value\fR -Adds \fIvalue\fR to attribute \fIattr\fR. Attributes set this way are done after other options. If an attribute is listed more than once or already exists in the entry, it is considered a multi\-valued attribute and a list of the values is created. -.TP -\fB\-\-setattr\fR \fIattr=value\fR -Set attribute \fIattr\fR to \fIvalue\fR. Any existing value will be replaced with \fIvalue\fR. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.PP -The mandatory fields are: user, first name and last name. If any of these are not included on the command line you will be asked interactively. - -The password is asked interactively if not passed on the command\-line but it isn't mandatory. Leaving both values blank will leave the password unset on the account. - -If no options are passed then all questions are asked. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-defaultoptions.1 b/ipa-admintools/man/ipa-defaultoptions.1 deleted file mode 100644 index f58588fe1..000000000 --- a/ipa-admintools/man/ipa-defaultoptions.1 +++ /dev/null @@ -1,65 +0,0 @@ -.\" A man page for ipa-defaultoptions -.\" Copyright (C) 2008 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-defaultoptions" "1" "Jul 14 2008" "freeipa" "" -.SH "NAME" -ipa\-defaultoptions \- Display or modify the IPA Search and User Policies -.SH "SYNOPSIS" -ipa\-defaultoptions [\-\-maxusername number] [\-\-homedir directory] [\-\-defaultshell shell] [\-\-defaultgroup group] [\-\-emaildomain domain] [\-\-searchtimelimit number] [\-\-searchrecordslimit number] [\-\-usersearch fields] [\-\-groupsearch fields] [\-v|\-\-verbose] -ipa\-defaultoptions \-\-show -.SH "DESCRIPTION" -Displays or updates the IPA Search and User Policy. - -.SH "OPTIONS" -.TP -\fB\-\-maxusername\fR=\fIMAXUSERNAME\fR -Max. Length of a username -.TP -\fB\-\-homedir\fR=\fIHOMEDIR\fR -Default location of home directories -.TP -\fB\-\-defaultshell\fR=\fIDEFAULTSHELL\fR -Default shell for new users -.TP -\fB\-\-defaultgroup\fR=\fIDEFAULTGROUP\fR -Default group for new users -.TP -\fB\-\-emaildomain\fR=\fIEMAILDOMAIN\fR -Default e\-mail domain -.TP -\fB\-\-searchtimelimit\fR=\fISEARCHTIMELIMIT\fR -Max. amount of time (sec.) for a search (-1 for unlimited) -.TP -\fB\-\-searchrecordslimit\fR=\fISEARCHRECORDSLIMIT\fR -Max. number of records to search (-1 for unlimited) -.TP -\fB\-\-usersearch\fR=\fIUSERSEARCH\fR -A comma\-separated list of fields to search when -searching for users -.TP -\fB\-\-groupsearch\fR=\fIGROUPSEARCH\fR -A comma\-separated list of fields to search when -searching for groups -.TP -\fB\-\-show\fR -Display the current password policy. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-deldelegation.1 b/ipa-admintools/man/ipa-deldelegation.1 deleted file mode 100644 index f3d4a904f..000000000 --- a/ipa-admintools/man/ipa-deldelegation.1 +++ /dev/null @@ -1,39 +0,0 @@ -.\" A man page for ipa-deldelegation -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-deldelegation" "1" "Oct 24 2007" "freeipa" "" -.SH "NAME" -ipa\-deldelegation \- Remove a delegation - -.SH "SYNOPSIS" -ipa\-deldelegation \fIname\fR - -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "DESCRIPTION" -Removes an existing delegation named \fIname\fR. - -A delegation is used to grant write access to certain attributes from one group to another. ipa\-deldelegation removes this access. -.SH "EXIT STATUS" -0 if the delegation was removed successfully - -1 if an error occurred - -2 if no matching delegation was found diff --git a/ipa-admintools/man/ipa-delgroup.1 b/ipa-admintools/man/ipa-delgroup.1 deleted file mode 100644 index 4e87bcf4b..000000000 --- a/ipa-admintools/man/ipa-delgroup.1 +++ /dev/null @@ -1,37 +0,0 @@ -.\" A man page for ipa-delgroup -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-delgroup" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-delgroup \- Delete a group - -.SH "SYNOPSIS" -ipa\-delgroup \fIgroup\fR - -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "DESCRIPTION" -Deletes a group with group name \fIgroup\fR. - -Members of the group are not affected. - -The groups \fIadmins\fR and \fIeditors\fR are required by IPA and may not be removed. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-delservice.1 b/ipa-admintools/man/ipa-delservice.1 deleted file mode 100644 index 779b9ecad..000000000 --- a/ipa-admintools/man/ipa-delservice.1 +++ /dev/null @@ -1,38 +0,0 @@ -.\" A man page for ipa-delservice -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-delservice" "1" "Jan 11 2008" "freeipa" "" -.SH "NAME" -ipa\-delservice \- Delete a service principal - -.SH "SYNOPSIS" -ipa\-delservice \fIprincipal\fR - -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "DESCRIPTION" -Deletes a service principal with name \fIprincipal\fR. - -.SH "EXIT STATUS" -0 on success - -1 if an error occurred - -2 if not exactly one matching entries was found diff --git a/ipa-admintools/man/ipa-deluser.1 b/ipa-admintools/man/ipa-deluser.1 deleted file mode 100644 index 2679302e3..000000000 --- a/ipa-admintools/man/ipa-deluser.1 +++ /dev/null @@ -1,35 +0,0 @@ -.\" A man page for ipa-deluser -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-deluser" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-deluser \- Delete a user - -.SH "SYNOPSIS" -ipa\-deluser \fIuser\fR - -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "DESCRIPTION" -Deletes a user with user name \fIname\fR. - -Users are automatically removed from groups when they are deleted. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-findgroup.1 b/ipa-admintools/man/ipa-findgroup.1 deleted file mode 100644 index 266a60cda..000000000 --- a/ipa-admintools/man/ipa-findgroup.1 +++ /dev/null @@ -1,41 +0,0 @@ -.\" A man page for ipa-findgroup -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-findgroup" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-findgroup \- Find a group - -.SH "SYNOPSIS" -ipa\-findgroup \fIstring\fR - -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "DESCRIPTION" -Searches for a group that contains \fIstring\fR. - -The search is a substring search in the name and description attributes. - -All entries that match are displayed. -.SH "EXIT STATUS" -0 if one or more entries were found - -1 if an error occurred - -2 if no matching entries were found diff --git a/ipa-admintools/man/ipa-findservice.1 b/ipa-admintools/man/ipa-findservice.1 deleted file mode 100644 index 3942391c5..000000000 --- a/ipa-admintools/man/ipa-findservice.1 +++ /dev/null @@ -1,48 +0,0 @@ -.\" A man page for ipa-findservice -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-findservice" "1" "Jan 11 2008" "freeipa" "" -.SH "NAME" -ipa\-findservice \- Find a service principal -.SH "SYNOPSIS" -ipa\-findservice \fIstring\fR - -.SH "DESCRIPTION" -Searches for a service principal that contains \fIstring\fR. - -The search is a substring search in the service principal. You can search for all principals for a given host, by service or a substring. - -All entries that match are displayed. -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "EXAMPLES" -Find all ldap service principals issued by the IPA KDC: - - # ipa\-findservice ldap - -Find all service principals for ipa.example.com: - - # ipa\-findservice ipa.example.com -.SH "EXIT STATUS" -0 if one or more entries were found - -1 if an error occurred - -2 if no matching entries were found diff --git a/ipa-admintools/man/ipa-finduser.1 b/ipa-admintools/man/ipa-finduser.1 deleted file mode 100644 index 1730daba5..000000000 --- a/ipa-admintools/man/ipa-finduser.1 +++ /dev/null @@ -1,48 +0,0 @@ -.\" A man page for ipa-finduser -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-finduser" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-finduser \- Find a user -.SH "SYNOPSIS" -ipa\-finduser [\fIOPTION\fR]... \fIstring\fR - -.SH "DESCRIPTION" -Searches for a user that contains \fIstring\fR. - -The search is a substring search in the username, given name, family name, telephone number, organization and title attributes. - -All entries that match are displayed. -.SH "OPTIONS" -.TP -\fB\-a\fR, \fB\-\-all -Display all attributes -.TP -\fB\-n\fR, \fB\-\-notranslate\fR -Don't translate the LDAP attribute names to labels that match the UI. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.PP -By default, the full name, home directory, login shell, and username fields are displayed. -.SH "EXIT STATUS" -0 if one or more entries were found - -1 if an error occurred - -2 if no matching entries were found diff --git a/ipa-admintools/man/ipa-listdelegation.1 b/ipa-admintools/man/ipa-listdelegation.1 deleted file mode 100644 index 9118bc9a2..000000000 --- a/ipa-admintools/man/ipa-listdelegation.1 +++ /dev/null @@ -1,37 +0,0 @@ -.\" A man page for ipa-listdelegation -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-listdelegation" "1" "Oct 24 2007" "freeipa" "" -.SH "NAME" -ipa\-listdelegation \- Lists all current delegations - -.SH "SYNOPSIS" -ipa\-listdelegation - -.SH "DESCRIPTION" -Lists all current delegations. - -No sorting is done. -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "EXIT STATUS" -0 if the delegations are listed successfully - -1 if an error occurred diff --git a/ipa-admintools/man/ipa-lockuser.1 b/ipa-admintools/man/ipa-lockuser.1 deleted file mode 100644 index 79df5c0e8..000000000 --- a/ipa-admintools/man/ipa-lockuser.1 +++ /dev/null @@ -1,38 +0,0 @@ -.\" A man page for ipa-lockuser -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-lockuser" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-lockuser \- Lock or unlock a user account - -.SH "SYNOPSIS" -ipa\-lockuser [\fIOPTION\fR]... \fIuser\fR - -.SH "DESCRIPTION" -Locks a user account with login name \fIname\fR. - -Users are not removed from groups when their account is locked. -.SH "OPTIONS" -.TP -\fB\-u\fR, \fB\-\-unlock -Unlock a user's account -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-moddelegation.1 b/ipa-admintools/man/ipa-moddelegation.1 deleted file mode 100644 index 28ab2aa97..000000000 --- a/ipa-admintools/man/ipa-moddelegation.1 +++ /dev/null @@ -1,50 +0,0 @@ -.\" A man page for ipa-moddelegation -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-moddelegation" "1" "Oct 24 2007" "freeipa" "" -.SH "NAME" -ipa\-moddelegation \- Modify an existing delegation - -.SH "SYNOPSIS" -ipa\-moddelegation [\fIOPTION\fR]... \fIname\fR - -.SH "DESCRIPTION" -Modifies an existing delegation named \fIname\fR. - -A delegation is used to grant access to certain attributes from one group to another. -.SH "OPTIONS" -.TP -\fB\-a\fR, \fB\-\-attributes\fR=\fIATTRIBUTES\fR -A comma\-separated list of the the \f[SM]attributes\fR that may be written by the source group. This list of attributes replaces the list in the existing delegation. -.TP -\fB\-s\fR, \fB\-\-source\fR=\fISOURCE\fR -The name of the group that is being granted write permission. -.TP -\fB\-t\fR, \fB\-\-target\fR=\fITARGET\fR -The name of the group that will be written to. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.PP -At least one of \-a, \-s or \-t is required. -.SH "EXIT STATUS" -0 if the delegation was updated successfully - -1 if an error occurred - -2 if no matching delegation was found diff --git a/ipa-admintools/man/ipa-modgroup.1 b/ipa-admintools/man/ipa-modgroup.1 deleted file mode 100644 index e52d96369..000000000 --- a/ipa-admintools/man/ipa-modgroup.1 +++ /dev/null @@ -1,56 +0,0 @@ -.\" A man page for ipa-modgroup -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-modgroup" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-modgroup \- Modify a group -.SH "SYNOPSIS" -ipa\-modgroup [\fIOPTION\fR]... \fIgroup\fR - -.SH "DESCRIPTION" -Updates the members or description of \fIgroup\fR. -.SH "OPTIONS" -.TP -\fB\-a\fR, \fB\-\-add\fR=\fIuser1,user2,...usern\fR -Add one or more users to the group -.TP -\fB\-d\fR, \fB\-\-description\fR=\fIdescription\fR -Modify the description of the group -.TP -\fB\-e\fR, \fB\-\-groupdel\fR=\fIgroup1,group2,...groupn\fR -Remove one or more groups from the group -.TP -\fB\-g\fR, \fB\-\-groupadd\fR=\fIgroup1,group2,...groupn\fR -Add one or more groups to the group -.TP -\fB\-r\fR, \fB\-\-remove\fR=\fIuser1,user2,...usern\fR -Remove one or more users from the group -.TP -\fB\-\-addattr\fR \fIattr=value\fR -Add a new attribute, or value to an existing attribute -.TP -\fB\-\-delattr\fR \fIattr=value\fR -Remove an attribute and all values -.TP -\fB\-\-setattr\fR \fIattr=value\fR -Set an attribute to a new value, removing all old ones -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-moduser.1 b/ipa-admintools/man/ipa-moduser.1 deleted file mode 100644 index fff038b71..000000000 --- a/ipa-admintools/man/ipa-moduser.1 +++ /dev/null @@ -1,56 +0,0 @@ -.\" A man page for ipa-moduser -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-moduser" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-moduser \- Modify a user -.SH "SYNOPSIS" -ipa\-moduser [\fIOPTION\fR]... \fIname\fR - -.SH "DESCRIPTION" -Updates the user \fIname\fR. -.SH "OPTIONS" -.TP -\fB\-a\fR, \fB\-\-activate\fR -Activate a user that was previously inactivated -.TP -\fB\-c\fR, \fB\-\-gecos\fR=\fIGECOS\fR -Set the gecos field of the user. This is traditionally the user's full name. -.TP -\fB\-d\fR, \fB\-\-directory\fR=\fIdirectory\fR -Set user's home directory -.TP -\fB\-f\fR, \fB\-\-firstname\fR=\fINAME\fR -Set user's first name -.TP -\fB\-l\fR, \fB\-\-lastname\fR=\fINAME\fR -Set user's last name -.TP -\fB\-s\fR, \fB\-\-shell\fR=\fIshell\fR -Set user's login shell -.TP -\fB\-\-addattr\fR \fIattr=value\fR -Add a new attribute, or value to an existing attribute -.TP -\fB\-\-delattr\fR \fIattr=value\fR -Remove an attribute and all values -.TP -\fB\-\-setattr\fR \fIattr=value\fR -Set an attribute to a new value, removing all old ones -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-passwd.1 b/ipa-admintools/man/ipa-passwd.1 deleted file mode 100644 index 4554d5d25..000000000 --- a/ipa-admintools/man/ipa-passwd.1 +++ /dev/null @@ -1,34 +0,0 @@ -.\" A man page for ipa-passwd -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-passwd" "1" "Oct 10 2007" "freeipa" "" -.SH "NAME" -ipa\-passwd \- Change a user's password -.SH "SYNOPSIS" -ipa\-password [\fIuser\fR] - -.SH "DESCRIPTION" -Changes the current user's password. If a \fIuser\fR is included on the command\-line then that user's password is modified. - -The user is the name in the kerberos principal, so it may not match username. -.SH "OPTIONS" -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output. -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-admintools/man/ipa-pwpolicy.1 b/ipa-admintools/man/ipa-pwpolicy.1 deleted file mode 100644 index 4c7de4c38..000000000 --- a/ipa-admintools/man/ipa-pwpolicy.1 +++ /dev/null @@ -1,54 +0,0 @@ -.\" A man page for ipa-pwpolicy -.\" Copyright (C) 2007 Red Hat, Inc. -.\" -.\" This is free software; you can redistribute it and/or modify it under -.\" the terms of the GNU Library General Public License as published by -.\" the Free Software Foundation; version 2 only -.\" -.\" This program is distributed in the hope that it will be useful, but -.\" WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -.\" General Public License for more details. -.\" -.\" You should have received a copy of the GNU Library General Public -.\" License along with this program; if not, write to the Free Software -.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -.\" -.\" Author: Rob Crittenden <rcritten@redhat.com> -.\" -.TH "ipa-pwpolicy" "1" "Feb 25 2008" "freeipa" "" -.SH "NAME" -ipa\-pwpolicy \- Display or modify the IPA password policy - -.SH "SYNOPSIS" -ipa\-pwpolicy -[\-\-maxlife days] [\-\-minlife hours] [\-\-history number] [\-\-minclasses number] [\-\-minlength number] -.TP -ipa\-pwpolicy \-\-show -.SH "DESCRIPTION" -Displays or updates the IPA password policy. - -.SH "OPTIONS" -.TP -\fB\-\-maxlife\fR=\fIdays\fR -Set the maximum Password Lifetime in days -.TP -\fB\-\-minlife\fR=\fIhours\fR -Set the minimum Password Lifetime in hours -.TP -\fB\-\-history\fR=\fIinteger\fR -The number of passwords stored in the password history. A value of 0 means do not store a password history. -.TP -\fB\-\-minclasses\fR=\fIinteger\fR -Set the minimum number of character classes required in a password. The classes are alpha, numeric, mixed\-case and special characters. -.TP -\fB\-\-minlength\fR=\fIinteger\fR -Set the minimum password length. -.TP -\fB\-\-show\fR -Display the current password policy. -.TP -\fB\-v\fR, \fB\-\-verbose\fR -Display the XML\-RPC request and response for more verbose debugging output -.SH "EXIT STATUS" -The exit status is 0 on success, nonzero on error. diff --git a/ipa-server/AUTHORS b/ipa-server/AUTHORS deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/AUTHORS +++ /dev/null diff --git a/ipa-server/Makefile.am b/ipa-server/Makefile.am deleted file mode 100644 index 5c85ebae3..000000000 --- a/ipa-server/Makefile.am +++ /dev/null @@ -1,91 +0,0 @@ -# This file will be processed with automake-1.7 to create Makefile.in - -AUTOMAKE_OPTIONS = 1.7 - -NULL = - -SUBDIRS = \ - ipa-gui \ - ipa-install \ - ipa-kpasswd \ - ipaserver \ - ipa-slapi-plugins \ - xmlrpc-server \ - man \ - $(NULL) - -sbin_SCRIPTS = \ - ipa-upgradeconfig \ - ipa-fix-CVE-2008-3274 \ - ipa-ldap-updater \ - ipa-compat-manage \ - $(NULL) - -install-exec-local: - mkdir -p $(DESTDIR)$(localstatedir)/lib/ipa/sysrestore - chmod 700 $(DESTDIR)$(localstatedir)/lib/ipa/sysrestore - mkdir -p $(DESTDIR)$(localstatedir)/cache/ipa/sessions - chmod 700 $(DESTDIR)$(localstatedir)/cache/ipa/sessions - -uninstall-local: - -rmdir $(DESTDIR)$(localstatedir)/lib/ipa/sysrestore - -rmdir $(DESTDIR)$(localstatedir)/lib/ipa - -rmdir $(DESTDIR)$(localstatedir)/cache/ipa/sessions - -rmdir $(DESTDIR)$(localstatedir)/cache/ipa - -EXTRA_DIST = \ - ipa-server.spec \ - COPYING \ - AUTHORS \ - INSTALL \ - README \ - HACKING \ - NEWS \ - ChangeLog \ - $(sbin_SCRIPTS) \ - $(NULL) - -DISTCLEANFILES = \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - intltool-*.in \ - compile \ - configure \ - COPYING \ - INSTALL \ - install-sh \ - missing \ - mkinstalldirs \ - config.guess \ - ltmain.sh \ - config.sub \ - depcomp \ - Makefile.in \ - config.h.* \ - aclocal.m4 \ - version.m4 \ - ipa-server.spec \ - py-compile \ - $(NULL) - -# Creating ChangeLog from hg log (taken from cairo/Makefile.am): - -ChangeLog: $(srcdir)/ChangeLog - -$(srcdir)/ChangeLog: - @if test -d "$(srcdir)/../.hg"; then \ - (cd "$(srcdir)" && \ - ./missing --run hg log --verbose) | fmt --split-only > $@.tmp \ - && mv -f $@.tmp $@ \ - || ($(RM) $@.tmp; \ - echo Failed to generate ChangeLog, your ChangeLog may be outdated >&2; \ - (test -f $@ || echo hg log is required to generate this file >> $@)); \ - else \ - test -f $@ || \ - (echo A hg checkout and hg -log is required to generate ChangeLog >&2 && \ - echo A hg checkout and hg log is required to generate this file >> $@); \ - fi - -.PHONY: ChangeLog $(srcdir)/ChangeLog diff --git a/ipa-server/NEWS b/ipa-server/NEWS deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/NEWS +++ /dev/null diff --git a/ipa-server/README b/ipa-server/README deleted file mode 100644 index 15e5a816e..000000000 --- a/ipa-server/README +++ /dev/null @@ -1,20 +0,0 @@ -IPA uses Kerberos with an LDAP storage backend and some custom plugins -to help manage users and passwords. - -A UI interface is provided to make user administration and self-service -possible. A set of command-line utilities that should provide the same -capabilities is in ipa-admintools. - -Firefox -------- - -The Gecko engine provides an interface for managing a user's configuration -in Javascript. Naturally this is highly protected and the user gets an -appropriately dire warning when you try to do this. It also requires -signed javascript. - -During installation a signing certificate is created that creates -and signs /usr/share/ipa/html/configure.jar which contains the javascript -to update the browser configuration. User's are directed to go to -/errors/preferencs.html to load this javascript and apply the changes. - diff --git a/ipa-server/configure.ac b/ipa-server/configure.ac deleted file mode 100644 index 2bc96332b..000000000 --- a/ipa-server/configure.ac +++ /dev/null @@ -1,323 +0,0 @@ -AC_PREREQ(2.59) -m4_include(version.m4) -AC_INIT([ipa-server], - IPA_VERSION, - [https://hosted.fedoraproject.org/projects/freeipa/newticket]) - -AC_CONFIG_SRCDIR([ipaserver/ipaldap.py]) -AC_CONFIG_HEADERS([config.h]) - -AM_INIT_AUTOMAKE - -AM_MAINTAINER_MODE -AC_PROG_CC -AC_STDC_HEADERS -AC_DISABLE_STATIC -AC_PROG_LIBTOOL - -AC_HEADER_STDC - -AC_SUBST(VERSION) - -dnl --------------------------------------------------------------------------- -dnl - Check for NSPR -dnl --------------------------------------------------------------------------- -AC_CHECK_HEADER(nspr4/nspr.h) -if test "x$ac_cv_header_nspr4_nspr_h" = "xno" ; then - AC_MSG_ERROR([Required NSPR header not available (nspr-devel)]) -fi - -dnl --------------------------------------------------------------------------- -dnl - Check for NSS -dnl --------------------------------------------------------------------------- -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS="-I/usr/include/nspr4" -AC_CHECK_HEADER(nss3/nss.h) -CPPFLAGS=$SAVE_CPPFLAGS -if test "x$ac_cv_header_nss3_nss_h" = "xno" ; then - AC_MSG_ERROR([Required NSS header not available (nss-devel)]) -fi - -dnl --------------------------------------------------------------------------- -dnl - Check for DS slapi plugin -dnl --------------------------------------------------------------------------- - -# Need to hack CPPFLAGS to be able to correctly detetct slapi-plugin.h -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS="-I/usr/include/nspr4" -AC_CHECK_HEADER(dirsrv/slapi-plugin.h) -CPPFLAGS=$SAVE_CPPFLAGS - -if test "x$ac_cv_header_dirsrv_slapi_plugin_h" = "xno" ; then - AC_MSG_ERROR([Required DS slapi plugin header not available (fedora-ds-base-devel)]) -fi - -dnl --------------------------------------------------------------------------- -dnl - Check for KRB5 -dnl --------------------------------------------------------------------------- - -KRB5_LIBS= -AC_CHECK_HEADER(krb5.h) - -krb5_impl=mit - -if test "x$ac_cv_header_krb5_h" = "xyes" ; then - dnl lazy check for Heimdal Kerberos - AC_CHECK_HEADERS(heim_err.h) - if test $ac_cv_header_heim_err_h = yes ; then - krb5_impl=heimdal - else - krb5_impl=mit - fi - - if test "x$krb5_impl" = "xmit"; then - AC_CHECK_LIB(k5crypto, main, - [krb5crypto=k5crypto], - [krb5crypto=crypto]) - - AC_CHECK_LIB(krb5, main, - [have_krb5=yes - KRB5_LIBS="-lkrb5 -l$krb5crypto -lcom_err"], - [have_krb5=no], - [-l$krb5crypto -lcom_err]) - - elif test "x$krb5_impl" = "xheimdal"; then - AC_CHECK_LIB(des, main, - [krb5crypto=des], - [krb5crypto=crypto]) - - AC_CHECK_LIB(krb5, main, - [have_krb5=yes - KRB5_LIBS="-lkrb5 -l$krb5crypto -lasn1 -lroken -lcom_err"], - [have_krb5=no], - [-l$krb5crypto -lasn1 -lroken -lcom_err]) - - AC_DEFINE(HAVE_HEIMDAL_KERBEROS, 1, - [define if you have HEIMDAL Kerberos]) - - else - have_krb5=no - AC_MSG_WARN([Unrecognized Kerberos5 Implementation]) - fi - - if test "x$have_krb5" = "xyes" ; then - ol_link_krb5=yes - - AC_DEFINE(HAVE_KRB5, 1, - [define if you have Kerberos V]) - - else - AC_MSG_ERROR([Required Kerberos 5 support not available]) - fi - -fi - -AC_SUBST(KRB5_LIBS) - -dnl --------------------------------------------------------------------------- -dnl - Check for Mozilla LDAP or OpenLDAP SDK -dnl --------------------------------------------------------------------------- - -AC_ARG_WITH(openldap, [ --with-openldap Use OpenLDAP]) - -dnl The mozldap libraries are always needed because ipa-slapi-plugins/dna/ -dnl will not build against OpenLDAP. -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS="-I/usr/include/nspr4 -I/usr/include/nss3" -AC_CHECK_HEADER(svrcore.h) -if test "x$ac_cv_header_svrcore_h" = "xno" ; then - AC_MSG_ERROR([Required svrcore header not available (svrcore-devel)]) -fi -CPPFLAGS=$SAVE_CPPFLAGS -AC_CHECK_HEADER(mozldap/ldap.h) -if test "x$ac_cv_header_mozldap_ldap_h" = "xno" ; then - AC_MSG_ERROR([Required MOZLDAP header not available (mozldap-devel)]) -fi -PKG_CHECK_MODULES(MOZLDAP, mozldap > 6) - -if test x$with_openldap = xyes; then - AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes) - dnl Check for other libraries we need to link with to get the main routines. - test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) } - test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) } - test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) } - dnl Recently, we need -lber even though the main routines are elsewhere, - dnl because otherwise be get link errors w.r.t. ber_pvt_opt_on. So just - dnl check for that (it's a variable not a fun but that doesn't seem to - dnl matter in these checks) and stick in -lber if so. Can't hurt (even to - dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who - dnl #### understands LDAP needs to fix this properly. - test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) } - - if test "$with_ldap" = "yes"; then - if test "$with_ldap_des" = "yes" ; then - LDAP_LIBS="${LDAP_LIBS} -ldes" - fi - if test "$with_ldap_krb" = "yes" ; then - LDAP_LIBS="${LDAP_LIBS} -lkrb" - fi - if test "$with_ldap_lber" = "yes" ; then - LDAP_LIBS="${LDAP_LIBS} -llber" - fi - LDAP_LIBS="${LDAP_LIBS} -lldap" - else - AC_MSG_ERROR([OpenLDAP not found]) - fi - - AC_SUBST(LDAP_LIBS) - - LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_OPENLDAP" - AC_SUBST(LDAP_CFLAGS) -else - LDAP_LIBS="${MOZLDAP_LIBS}" - AC_SUBST(LDAP_LIBS) - - LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_MOZLDAP" - AC_SUBST(LDAP_CFLAGS) -fi - -dnl --------------------------------------------------------------------------- -dnl - Check for OpenSSL Crypto library -dnl --------------------------------------------------------------------------- -dnl This is a very simple check, we should probably check also for MD4_Init and -dnl probably also the version we are using is recent enough -SSL_LIBS= -AC_CHECK_LIB(crypto, DES_set_key_unchecked, [SSL_LIBS="-lcrypto"]) -AC_SUBST(SSL_LIBS) - -dnl --------------------------------------------------------------------------- -dnl - Check for Python -dnl --------------------------------------------------------------------------- - -AC_MSG_NOTICE([Checking for Python]) -have_python=no -AM_PATH_PYTHON(2.3) - -if test "x$PYTHON" = "x" ; then - AC_MSG_ERROR([Python not found]) -fi - -dnl --------------------------------------------------------------------------- -dnl - Check for TurboGears -dnl --------------------------------------------------------------------------- -AC_MSG_NOTICE([Checking for TurboGears]) -AC_CHECK_PROG(tg_found,tg-admin,true,false) -if test x"${tg_found}" = xfalse ; then - AC_MSG_ERROR(tg-admin not found in PATH. Install TurboGears) -fi - -dnl --------------------------------------------------------------------------- -dnl - Set the data install directory since we don't use pkgdatadir -dnl --------------------------------------------------------------------------- - -IPA_DATA_DIR="$datadir/ipa" -AC_SUBST(IPA_DATA_DIR) - -dnl --------------------------------------------------------------------------- -dnl Finish -dnl --------------------------------------------------------------------------- - -# Turn on the additional warnings last, so -Werror doesn't affect other tests. - -AC_ARG_ENABLE(more-warnings, - [AC_HELP_STRING([--enable-more-warnings], - [Maximum compiler warnings])], - set_more_warnings="$enableval",[ - if test -d $srcdir/../.hg; then - set_more_warnings=yes - else - set_more_warnings=no - fi - ]) -AC_MSG_CHECKING(for more warnings) -if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then - AC_MSG_RESULT(yes) - CFLAGS="\ - -Wall \ - -Wchar-subscripts -Wmissing-declarations -Wmissing-prototypes \ - -Wnested-externs -Wpointer-arith \ - -Wcast-align -Wsign-compare \ - $CFLAGS" - - for option in -Wno-strict-aliasing -Wno-sign-compare; do - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $option" - AC_MSG_CHECKING([whether gcc understands $option]) - AC_TRY_COMPILE([], [], - has_option=yes, - has_option=no,) - if test $has_option = no; then - CFLAGS="$SAVE_CFLAGS" - fi - AC_MSG_RESULT($has_option) - unset has_option - unset SAVE_CFLAGS - done - unset option -else - AC_MSG_RESULT(no) -fi - -# Flags - -AC_SUBST(CFLAGS) -AC_SUBST(CPPFLAGS) -AC_SUBST(LDFLAGS) - -# Files - -AC_CONFIG_FILES([ - Makefile - ipa-gui/Makefile - ipa-gui/ipagui/Makefile - ipa-gui/ipagui/config/Makefile - ipa-gui/ipagui/forms/Makefile - ipa-gui/ipagui/helpers/Makefile - ipa-gui/ipagui/static/Makefile - ipa-gui/ipagui/static/css/Makefile - ipa-gui/ipagui/static/images/Makefile - ipa-gui/ipagui/static/images/template/Makefile - ipa-gui/ipagui/static/images/branding/Makefile - ipa-gui/ipagui/static/images/objects/Makefile - ipa-gui/ipagui/static/javascript/Makefile - ipa-gui/ipagui/subcontrollers/Makefile - ipa-gui/ipagui/templates/Makefile - ipa-gui/ipagui/tests/Makefile - ipa-gui/ipa_gui.egg-info/Makefile - ipa-install/Makefile - ipa-install/share/Makefile - ipa-install/updates/Makefile - ipa-kpasswd/Makefile - ipaserver/Makefile - ipa-slapi-plugins/Makefile - ipa-slapi-plugins/dna/Makefile - ipa-slapi-plugins/ipa-memberof/Makefile - ipa-slapi-plugins/ipa-pwd-extop/Makefile - ipa-slapi-plugins/ipa-winsync/Makefile - xmlrpc-server/Makefile - xmlrpc-server/test/Makefile - man/Makefile -]) - -AC_OUTPUT - -echo " - IPA Server $VERSION - ======================== - - prefix: ${prefix} - exec_prefix: ${exec_prefix} - libdir: ${libdir} - bindir: ${bindir} - sbindir: ${sbindir} - sysconfdir: ${sysconfdir} - localstatedir: ${localstatedir} - datadir: ${datadir} - source code location: ${srcdir} - compiler: ${CC} - cflags: ${CFLAGS} - LDAP libs: ${LDAP_LIBS} - KRB5 libs: ${KRB5_LIBS} - OpenSSL libs: ${SSL_LIBS} - Maintainer mode: ${USE_MAINTAINER_MODE} -" diff --git a/ipa-server/ipa-gui/Makefile.am b/ipa-server/ipa-gui/Makefile.am deleted file mode 100644 index 636a5d1fa..000000000 --- a/ipa-server/ipa-gui/Makefile.am +++ /dev/null @@ -1,66 +0,0 @@ -NULL = - -SUBDIRS = \ - ipagui \ - ipa_gui.egg-info \ - $(NULL) - -sbin_SCRIPTS = \ - ipa_webgui \ - $(NULL) - -appdir = $(IPA_DATA_DIR) -app_DATA = \ - ipa_webgui.cfg \ - $(NULL) - -LINGUAS = ja - -mo = $(foreach lang,$(LINGUAS),locales/$(lang)/LC_MESSAGES/messages.mo) -po = $(foreach lang,$(LINGUAS),locales/$(lang)/LC_MESSAGES/messages.po) -$(mo): $(po) - tg-admin i18n compile - -noinst_DATA = $(mo) - -EXTRA_DIST = \ - README.txt \ - $(sbin_SCRIPTS) \ - $(app_DATA) \ - ipa_webgui.init \ - dev.cfg \ - sample-prod.cfg \ - setup.py \ - start-ipagui.py \ - test.cfg \ - $(po) \ - locales/messages.pot \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - Makefile.in - -CLEANFILES = \ - $(mo) - -initdir=$(sysconfdir)/rc.d/init.d - -install-data-hook: ipa_webgui.init - if test '!' -d $(DESTDIR)$(initdir); then \ - $(mkinstalldirs) $(DESTDIR)$(initdir); \ - chmod 755 $(DESTDIR)$(initdir); \ - fi - - $(INSTALL_SCRIPT) $(srcdir)/ipa_webgui.init $(DESTDIR)$(initdir)/ipa_webgui - - for mo in $(mo); do \ - $(mkinstalldirs) $(DESTDIR)$(appdir)/`dirname $$mo`; \ - $(INSTALL_DATA) $$mo $(DESTDIR)$(appdir)/`dirname $$mo`; \ - done - -uninstall-hook: - rm -f $(DESTDIR)$(initdir)/ipa_webgui - for mo in $(mo); do \ - rm -f $(DESTDIR)$(appdir)/$$mo; \ - done diff --git a/ipa-server/ipa-gui/README.i18n b/ipa-server/ipa-gui/README.i18n deleted file mode 100644 index e98dc902c..000000000 --- a/ipa-server/ipa-gui/README.i18n +++ /dev/null @@ -1,10 +0,0 @@ -You can collect the template pot file by running the following command: - -~/ipa-server/ipa-gui$ tg-admin i18n collect - -which creates locales/messages.pot. However, unfortunately, the above -command doesn't work correctly for .kid files unless you apply the -patch i18n.patch. - -If you add a new language translation remember to add the name to -LINGUAS in Makefile.am. diff --git a/ipa-server/ipa-gui/README.multivalue b/ipa-server/ipa-gui/README.multivalue deleted file mode 100644 index ba315181d..000000000 --- a/ipa-server/ipa-gui/README.multivalue +++ /dev/null @@ -1,27 +0,0 @@ -The way multi-valued fields work is this: - - A new widget is added to the form. I name it as the attribute + s. - For example, I use cns for the cn attribute. - - If you need a new validator use a ForEach() so that each value is - checked. - - This attribute is populated from the incoming attribute from the - user or group record. The widget can support multiple fields at once - but I'm using it for just one field. In fact, I don't know if it - will work with more the way I'm using it. - - In the GUI an operator can add/remove values to each multi-valued field. - - Naming is very important in the widget. TurboGears automatically - re-assembles the data into a list of dict entries if you name things - properly. For example, the cns (multiple CN entries) looks like: - cns-0.cn=Rob+Crittenden&cns-1.cn=Robert+Crittenden&cns-2.cn=rcrit - - This gets converted to: - [{'cn': u'Rob Crittenden'}, {'cn': u'Robert Crittenden'}, {'cn': u'rcrit'}] - - I take this list of dicts and pull out each value and append it to a new - list that represents the original multi-valued field - - Then the list/dict version is removed (in this case, kw['cns']). - -When adding a new field you have to update: - -1. The form to add the new ExpandingForm() field and perhaps a validator -2. The edit template to add the boilerplate to display the field -3. The show template to be able to display all the fields separately -4. The new template if you want to be able to enter these on new entries -5. The subcontroller so you can do the input and output conversions diff --git a/ipa-server/ipa-gui/README.txt b/ipa-server/ipa-gui/README.txt deleted file mode 100644 index 876b880b1..000000000 --- a/ipa-server/ipa-gui/README.txt +++ /dev/null @@ -1,4 +0,0 @@ -ipa-gui - -This is a TurboGears (http://www.turbogears.org) project. It can be -started by running the start-ipagui.py script.
\ No newline at end of file diff --git a/ipa-server/ipa-gui/dev.cfg b/ipa-server/ipa-gui/dev.cfg deleted file mode 100644 index cb8e0f751..000000000 --- a/ipa-server/ipa-gui/dev.cfg +++ /dev/null @@ -1,73 +0,0 @@ -[global] -# This is where all of your settings go for your development environment -# Settings that are the same for both development and production -# (such as template engine, encodings, etc.) all go in -# ipagui/config/app.cfg - -# DATABASE - -# pick the form for your database -# sqlobject.dburi="postgres://username@hostname/databasename" -# sqlobject.dburi="mysql://username:password@hostname:port/databasename" -# sqlobject.dburi="sqlite:///file_name_and_path" - -# If you have sqlite, here's a simple default to get you started -# in development -# sqlobject.dburi="sqlite://%(current_dir_uri)s/devdata.sqlite" - -# if you are using a database or table type without transactions -# (MySQL default, for example), you should turn off transactions -# by prepending notrans_ on the uri -# sqlobject.dburi="notrans_mysql://username:password@hostname:port/databasename" - -# for Windows users, sqlite URIs look like: -# sqlobject.dburi="sqlite:///drive_letter:/path/to/file" - -# TurboGears sessions. Storing in /tmp for a production system would be -# insane but should be fine for developers. -session_filter.storage_type='File' -session_filter.storage_path='/tmp' - -# SERVER - -# Some server parameters that you may want to tweak -# server.socket_port=8080 - -# Enable the debug output at the end on pages. -# log_debug_info_filter.on = False - -server.environment="development" -autoreload.package="ipagui" - -# Auto-Reload after code modification -# autoreload.on = True - -# Set to True if you'd like to abort execution if a controller gets an -# unexpected parameter. False by default -tg.strict_parameters = True - -# Set to True if you want to use internationalization support. -i18n.run_template_filter = True - -# LOGGING -# Logging configuration generally follows the style of the standard -# Python logging module configuration. Note that when specifying -# log format messages, you need to use *() for formatting variables. -# Deployment independent log configuration is in ipagui/config/log.cfg -[logging] - -[[loggers]] -[[[ipagui]]] -level='DEBUG' -qualname='ipagui' -handlers=['debug_out'] - -[[[allinfo]]] -level='INFO' -handlers=['debug_out'] - -[[[access]]] -level='INFO' -qualname='turbogears.access' -handlers=['access_out'] -propagate=0 diff --git a/ipa-server/ipa-gui/i18n.patch b/ipa-server/ipa-gui/i18n.patch deleted file mode 100644 index cc46a5558..000000000 --- a/ipa-server/ipa-gui/i18n.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- turbogears/command/i18n.py.orig 2008-02-07 16:40:14.000000000 -0500 -+++ turbogears/command/i18n.py 2008-02-07 16:40:43.000000000 -0500 -@@ -251,7 +251,12 @@ - if self.options.loose_kid_support or el.get('lang', None): - tag = re.sub('({[^}]+})?(\w+)', '\\2', el.tag) - ents = [] -- if el.text: ents = [el.text.strip()] -+ if el.text and not ( el.text.strip() in keys): -+ if el.tag == "script": -+ ents = [el.text.strip()] -+ else: -+ messages.append((tag, fname, el.text.strip())) -+ keys.append(el.text.strip()) - if el.attrib: ents.extend(el.attrib.values()) - for k in ents: - key = None diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/Makefile.am b/ipa-server/ipa-gui/ipa_gui.egg-info/Makefile.am deleted file mode 100644 index dfd814f23..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/Makefile.am +++ /dev/null @@ -1,22 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipa_gui.egg-info -app_DATA = \ - dependency_links.txt \ - entry_points.txt \ - not-zip-safe \ - paster_plugins.txt \ - PKG-INFO \ - requires.txt \ - SOURCES.txt \ - sqlobject.txt \ - top_level.txt \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/PKG-INFO b/ipa-server/ipa-gui/ipa_gui.egg-info/PKG-INFO deleted file mode 100644 index 544ba9f98..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/PKG-INFO +++ /dev/null @@ -1,15 +0,0 @@ -Metadata-Version: 1.0 -Name: ipa-gui -Version: 1.0 -Summary: UNKNOWN -Home-page: UNKNOWN -Author: UNKNOWN -Author-email: UNKNOWN -License: UNKNOWN -Description: UNKNOWN -Platform: UNKNOWN -Classifier: Development Status :: 3 - Alpha -Classifier: Operating System :: OS Independent -Classifier: Programming Language :: Python -Classifier: Topic :: Software Development :: Libraries :: Python Modules -Classifier: Framework :: TurboGears diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt deleted file mode 100644 index be2f02063..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt +++ /dev/null @@ -1,30 +0,0 @@ -README.txt -ipa-webgui -setup.py -start-ipagui.py -ipa_gui.egg-info/PKG-INFO -ipa_gui.egg-info/SOURCES.txt -ipa_gui.egg-info/dependency_links.txt -ipa_gui.egg-info/entry_points.txt -ipa_gui.egg-info/not-zip-safe -ipa_gui.egg-info/paster_plugins.txt -ipa_gui.egg-info/requires.txt -ipa_gui.egg-info/sqlobject.txt -ipa_gui.egg-info/top_level.txt -ipagui/__init__.py -ipagui/controllers.py -ipagui/json.py -ipagui/model.py -ipagui/proxyprovider.py -ipagui/proxyvisit.py -ipagui/release.py -ipagui/config/__init__.py -ipagui/forms/__init__.py -ipagui/forms/group.py -ipagui/forms/user.py -ipagui/helpers/__init__.py -ipagui/helpers/userhelper.py -ipagui/templates/__init__.py -ipagui/tests/__init__.py -ipagui/tests/test_controllers.py -ipagui/tests/test_model.py diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/dependency_links.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/dependency_links.txt deleted file mode 100644 index 8b1378917..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/dependency_links.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt deleted file mode 100644 index baecc2cef..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt +++ /dev/null @@ -1,6 +0,0 @@ - - [turbogears.identity.provider] - proxyprovider = ipagui.proxyprovider:ProxyIdentityProvider - [turbogears.visit.manager] - proxyvisit = ipagui.proxyvisit:ProxyVisitManager -
\ No newline at end of file diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/not-zip-safe b/ipa-server/ipa-gui/ipa_gui.egg-info/not-zip-safe deleted file mode 100644 index 8b1378917..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/not-zip-safe +++ /dev/null @@ -1 +0,0 @@ - diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/paster_plugins.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/paster_plugins.txt deleted file mode 100644 index 14fec70ae..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/paster_plugins.txt +++ /dev/null @@ -1,2 +0,0 @@ -TurboGears -PasteScript diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/requires.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/requires.txt deleted file mode 100644 index aecc30960..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/requires.txt +++ /dev/null @@ -1 +0,0 @@ -TurboGears >= 1.0.2.2
\ No newline at end of file diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/sqlobject.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/sqlobject.txt deleted file mode 100644 index cc84b8d00..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/sqlobject.txt +++ /dev/null @@ -1,2 +0,0 @@ -db_module=ipagui.model -history_dir=$base/ipagui/sqlobject-history diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/top_level.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/top_level.txt deleted file mode 100644 index 2ba21519d..000000000 --- a/ipa-server/ipa-gui/ipa_gui.egg-info/top_level.txt +++ /dev/null @@ -1 +0,0 @@ -ipagui diff --git a/ipa-server/ipa-gui/ipa_webgui b/ipa-server/ipa-gui/ipa_webgui deleted file mode 100644 index 677fc9a5b..000000000 --- a/ipa-server/ipa-gui/ipa_webgui +++ /dev/null @@ -1,207 +0,0 @@ -#! /usr/bin/python -E -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import os, sys, pwd, grp -from optparse import OptionParser -import traceback -import logging -import signal - -def usage(): - print "ipa_webgui [-f|--foreground] [-d|--debug]" - sys.exit(1) - -def parse_options(): - parser = OptionParser() - parser.add_option("-f", "--foreground", dest="foreground", - action="store_true", default=False, - help="Remain in the foreground") - parser.add_option("-d", "--debug", dest="debug", action="store_true", - default=False, - help="Increase the amount of logging information") - parser.add_option("--usage", action="store_true", - help="Program usage") - - options, args = parser.parse_args(sys.argv) - - return options, args - -def daemonize(): - # fork once so the parent can exit - try: - pid = os.fork() - except OSError, e: - raise Exception, "%s [%d]" % (e.strerror, e.errno) - - if pid != 0: - os._exit(0) - - # become session leader - os.setsid() - - # fork again to reparent to init - try: - pid = os.fork() - except OSError, e: - raise Exception, "%s [%d]" % (e.strerror, e.errno) - - if pid != 0: - os._exit(0) - - os.chdir("/") - os.umask(0) - - import resource - maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1] - if (maxfd == resource.RLIM_INFINITY): - maxfd = 1024 - - # close all file descriptors - for fd in range(0, maxfd): - try: - os.close(fd) - except OSError: - pass - - # stdin - os.open("/dev/null", os.O_RDWR) - # stdout - os.open("/dev/null", os.O_RDWR) - # stderr - os.open("/dev/null", os.O_RDWR) - -def main(): - options, args = parse_options() - - foreground = options.foreground - - if options.debug: - loglevel = logging.DEBUG - else: - loglevel = logging.WARN - - # To make development easier, we detect if we are in the development - # environment to load a different configuration and avoid becoming - # a daemon - devel = False - if os.path.exists(os.path.join(os.path.dirname(__file__), "Makefile.am")): - devel = True - foreground = True - - if not foreground: - try: - daemonize() - except Exception, e: - sys.stderr.write("error becoming daemon: " + str(e)) - sys.exit(1) - - if not foreground: - try: - daemonize() - except Exception, e: - sys.stderr.write("error becoming daemon: " + str(e)) - sys.exit(1) - - # Drop privileges and write our pid file only if we're running as root - if os.getuid() == 0: - # Write out our pid file - pidfile = open("/var/run/ipa_webgui.pid", "w") - pidfile.write(str(os.getpid())) - pidfile.close() - - # Drop privs - apache_uid = pwd.getpwnam("apache")[2] - apache_gid = grp.getgrnam("apache")[2] - - try: - os.setgid(apache_gid) - except OSError, e: - log.error("Could not set effective group id: %s" % e) - - try: - os.setuid(apache_uid) - except OSError, e: - log.error("Could not set effective user id: %s" % e) - - if foreground: - logging.basicConfig(level=loglevel, - format='%(asctime)s %(name)s %(levelname)s %(message)s', - stream=sys.stderr) - else: - # This log file name needs to be kept in sync with the one in - # ipa_webgui.cfg - logging.basicConfig(level=loglevel, - format='%(asctime)s %(name)s %(levelname)s %(message)s', - filename='/var/log/ipa_error.log') - - sys.path.append("/usr/share/ipa") - - # this must be after sys.path is changed to work correctly - import pkg_resources - pkg_resources.require("TurboGears") - pkg_resources.require("ipa_gui") - - from turbogears import update_config, start_server - from turbogears.config import update - import cherrypy - cherrypy.lowercase_api = True - - try: - if hasattr(signal, "SIGTERM"): - def SIGTERM(signum=None, frame=None): - cherrypy.server.stop() - signal.signal(signal.SIGTERM, SIGTERM) - except ValueError, _signal_exc: - if _signal_exc.args[0] != "signal only works in main thread": - raise - - - # Shut down the logging set up here so that CherryPy logging can take - # over. TurboGears configuration errors will not be caught. - if not foreground: - logging.shutdown() - - # Load the config - look for a local file first for development - # and then the system config file - if devel: - update_config(configfile="dev.cfg", - modulename="ipagui.config") - update( { "i18n.locale_dir": "locales"} ) - else: - update_config(configfile="/usr/share/ipa/ipa_webgui.cfg", - modulename="ipagui.config.app") - update( { "i18n.locale_dir": "/usr/share/ipa/locales"} ) - - from ipagui.controllers import Root - - start_server(Root()) - -try: - main() - sys.exit(0) -except SystemExit, e: - sys.exit(e) -except Exception, e: - message = "failed to start web gui: %s" % str(e) - print message - for str in traceback.format_tb(sys.exc_info()[2]): - message = message + "\n" + str - logging.error(message) - - sys.exit(1) diff --git a/ipa-server/ipa-gui/ipa_webgui.cfg b/ipa-server/ipa-gui/ipa_webgui.cfg deleted file mode 100644 index 5d0f6f8a6..000000000 --- a/ipa-server/ipa-gui/ipa_webgui.cfg +++ /dev/null @@ -1,109 +0,0 @@ -[global] -# This is where all of your settings go for your production environment. -# Settings that are the same for both development and production -# (such as template engine, encodings, etc.) all go in -# ipagui/config/app.cfg - -# DATABASE - -# no database for ipa_webgui since everything is stored in LDAP - -# SERVER - -server.environment="production" -autoreload.package="ipagui" -autoreload.on = False - -# Sets the number of threads the server uses -server.thread_pool = 10 - -# if this is part of a larger site, you can set the path -# to the TurboGears instance here -server.webpath="/ipa/ui" - -# Set to True if you are deploying your App behind a proxy -# e.g. Apache using mod_proxy -base_url_filter.on = True - -# Set to True if your proxy adds the x_forwarded_host header -# base_url_filter.use_x_forwarded_host = True - -# If your proxy does not add the x_forwarded_host header, set -# the following to the *public* host url. -# (Note: This will be overridden by the use_x_forwarded_host option -# if it is set to True and the proxy adds the header correctly. -# base_url_filter.base_url = "http://www.example.com" - -# Set to True if you'd like to abort execution if a controller gets an -# unexpected parameter. False by default -# tg.strict_parameters = False - -# Set to True if you want to use internationalization support. -i18n.run_template_filter = True - -# TurboGears sessions. -session_filter.storage_type='File' -session_filter.storage_path='/var/cache/ipa/sessions' - -# Listen only on the local interface so all requests go through -# Apache/mod_auth_kerb/mod_proxy. -server.socket_port = 8080 -server.socket_host="127.0.0.1" - -# LOGGING -# Logging configuration generally follows the style of the standard -# Python logging module configuration. Note that when specifying -# log format messages, you need to use *() for formatting variables. -# Deployment independent log configuration is in ipagui/config/log.cfg -[logging] - -[[formatters]] -[[[message_only]]] -format='*(message)s' - -[[[full_content]]] -format='*(asctime)s *(name)s *(levelname)s *(message)s' - -[[handlers]] -[[[debug_out]]] -# Rotate weekly on Sunday. Keep 4 backups of the log -class='TimedRotatingFileHandler' -level='DEBUG' -args="('/var/log/ipa_error.log', 'w6', 1, 4)" -formatter='full_content' - -[[[access_out]]] -# For example only if one wants to duplicate the access log in TurboGears -# Rotate weekly on Sunday. Keep 4 backups of the log -#class='TimedRotatingFileHandler' -#level='INFO' -#args="('/var/log/ipa_error.log', 'w6', 1, 4)" -#formatter='message_only' -# By default log access to stdout which will go to /dev/null in production -class='StreamHandler' -level='INFO' -args='(sys.stdout,)' -formatter='message_only' - -[[[error_out]]] -class='StreamHandler' -level='ERROR' -args='(sys.stdout,)' - -[[loggers]] -[[[ipagui]]] -level='DEBUG' -qualname='ipagui' -handlers=['debug_out'] -propagate=0 - -[[[allinfo]]] -level='INFO' -handlers=['debug_out'] -propagate=0 - -[[[access]]] -level='INFO' -qualname='turbogears.access' -handlers=['access_out'] -propagate=0 diff --git a/ipa-server/ipa-gui/ipa_webgui.init b/ipa-server/ipa-gui/ipa_webgui.init deleted file mode 100644 index 42478588f..000000000 --- a/ipa-server/ipa-gui/ipa_webgui.init +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# ipa_webgui This starts and stops ipa_webgui -# -# chkconfig: - 36 64 -# description: ipa_webgui IPA Web User Interface -# processname: /usr/sbin/ipa_webgui -# configdir: /etc/sysconfig/ipa_webgui -# - -# Source function library. -if [ -f /etc/rc.d/init.d/functions ] ; then -. /etc/rc.d/init.d/functions -fi -# Source networking configuration. -if [ -f /etc/sysconfig/network ] ; then -. /etc/sysconfig/network -fi - -# Check that networking is up. -if [ "${NETWORKING}" = "no" ] -then - echo "Networking is down" - exit 0 -fi - -NAME="ipa_webgui" -PROG="/usr/sbin/ipa_webgui" -RUNAS="apache" - -start() { - echo -n $"Starting $NAME: " - daemon $PROG - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/ipa_webgui || \ - RETVAL=1 - return $RETVAL -} - -stop() { - echo -n $"Shutting down $NAME: " - killproc $NAME - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ipa_webgui - return $RETVAL -} - -restart() { - stop - start -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status $PROG - ;; - restart) - restart - ;; - condrestart) - [ -f /var/lock/subsys/ipa_webgui ] && restart || : - ;; - reload) - exit 3 - ;; - *) - echo $"Usage: $0 {start|stop|status|restart|condrestart}" - exit 2 -esac - -exit $? diff --git a/ipa-server/ipa-gui/ipagui/Makefile.am b/ipa-server/ipa-gui/ipagui/Makefile.am deleted file mode 100644 index 83636323d..000000000 --- a/ipa-server/ipa-gui/ipagui/Makefile.am +++ /dev/null @@ -1,30 +0,0 @@ -NULL = - -SUBDIRS = \ - config \ - forms \ - helpers \ - static \ - subcontrollers \ - templates \ - tests \ - $(NULL) - -appdir = $(IPA_DATA_DIR)/ipagui -app_PYTHON = \ - __init__.py \ - controllers.py \ - json.py \ - model.py \ - proxyprovider.py \ - proxyvisit.py \ - release.py \ - $(NULL) - -EXTRA_DIST = \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/__init__.py b/ipa-server/ipa-gui/ipagui/__init__.py deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/ipa-gui/ipagui/__init__.py +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/config/Makefile.am b/ipa-server/ipa-gui/ipagui/config/Makefile.am deleted file mode 100644 index db96758f3..000000000 --- a/ipa-server/ipa-gui/ipagui/config/Makefile.am +++ /dev/null @@ -1,20 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/config -app_PYTHON = \ - __init__.py \ - $(NULL) - -app_DATA = \ - app.cfg \ - log.cfg \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/config/__init__.py b/ipa-server/ipa-gui/ipagui/config/__init__.py deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/ipa-gui/ipagui/config/__init__.py +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/config/app.cfg b/ipa-server/ipa-gui/ipagui/config/app.cfg deleted file mode 100644 index 01bb5ad2c..000000000 --- a/ipa-server/ipa-gui/ipagui/config/app.cfg +++ /dev/null @@ -1,104 +0,0 @@ -[global] -# The settings in this file should not vary depending on the deployment -# environment. dev.cfg and prod.cfg are the locations for -# the different deployment settings. Settings in this file will -# be overridden by settings in those other files. - -# The commented out values below are the defaults - -# VIEW - -# which view (template engine) to use if one is not specified in the -# template name -# tg.defaultview = "kid" - -# The following kid settings determine the settings used by the kid serializer. - -# One of (html|html-strict|xhtml|xhtml-strict|xml|json) -# kid.outputformat="html" - -# kid.encoding="utf-8" - -# The sitetemplate is used for overall styling of a site that -# includes multiple TurboGears applications -# tg.sitetemplate="<packagename.templates.templatename>" - -# Allow every exposed function to be called as json, -# tg.allow_json = False - -# List of Widgets to include on every page. -# for exemple ['turbogears.mochikit'] -# tg.include_widgets = [] - -# Set to True if the scheduler should be started -# tg.scheduler = False - -# Set session or cookie -session_filter.on = True - -# VISIT TRACKING -# Each visit to your application will be assigned a unique visit ID tracked via -# a cookie sent to the visitor's browser. -# -------------- - -# Enable Visit tracking -visit.on=True - -# Number of minutes a visit may be idle before it expires. -# visit.timeout=20 - -# The name of the cookie to transmit to the visitor's browser. -# visit.cookie.name="tg-visit" - -# Domain name to specify when setting the cookie (must begin with . according to -# RFC 2109). The default (None) should work for most cases and will default to -# the machine to which the request was made. NOTE: localhost is NEVER a valid -# value and will NOT WORK. -# visit.cookie.domain=None - -# Specific path for the cookie -# visit.cookie.path="/" - -# The name of the VisitManager plugin to use for visitor tracking. -visit.manager="proxyvisit" - -# IDENTITY -# General configuration of the TurboGears Identity management module -# -------- - -# Switch to turn on or off the Identity management module -identity.on=True - -# [REQUIRED] URL to which CherryPy will internally redirect when an access -# control check fails. If Identity management is turned on, a value for this -# option must be specified. -identity.failure_url="/loginfailed" - -identity.provider='proxyprovider' - -# The names of the fields on the login form containing the visitor's user ID -# and password. In addition, the submit button is specified simply so its -# existence may be stripped out prior to passing the form data to the target -# controller. -# identity.form.user_name="user_name" -# identity.form.password="password" -# identity.form.submit="login" - -# What sources should the identity provider consider when determining the -# identity associated with a request? Comma separated list of identity sources. -# Valid sources: form, visit, http_auth -# identity.source="form,http_auth,visit" -identity.source="visit" - -# compress the data sends to the web browser -# [/] -# gzip_filter.on = True -# gzip_filter.mime_types = ["application/x-javascript", "text/javascript", "text/html", "text/css", "text/plain"] - -[/static] -static_filter.on = True -static_filter.dir = "%(top_level_dir)s/static" - -[/favicon.ico] -static_filter.on = True -static_filter.file = "%(top_level_dir)s/static/images/favicon.ico" diff --git a/ipa-server/ipa-gui/ipagui/config/log.cfg b/ipa-server/ipa-gui/ipagui/config/log.cfg deleted file mode 100644 index 483069cd7..000000000 --- a/ipa-server/ipa-gui/ipagui/config/log.cfg +++ /dev/null @@ -1,32 +0,0 @@ -# LOGGING -# Logging is often deployment specific, but some handlers and -# formatters can be defined here. - -[logging] -[[formatters]] -[[[message_only]]] -format='*(message)s' - -[[[full_content]]] -format='*(asctime)s *(name)s *(levelname)s *(message)s' - -[[[datestamped]]] -format='*(asctime)s *(message)s' - -[[handlers]] -[[[debug_out]]] -class='StreamHandler' -level='DEBUG' -args='(sys.stdout,)' -formatter='full_content' - -[[[access_out]]] -class='StreamHandler' -level='INFO' -args='(sys.stdout,)' -formatter='datestamped' - -[[[error_out]]] -class='StreamHandler' -level='ERROR' -args='(sys.stdout,)' diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py deleted file mode 100644 index 024a804dd..000000000 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import logging -import StringIO -import traceback - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import config -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -import ipa.config -import ipa.ipaclient - -from subcontrollers.user import UserController -from subcontrollers.group import GroupController -from subcontrollers.delegation import DelegationController -from subcontrollers.policy import PolicyController -from subcontrollers.ipapolicy import IPAPolicyController -from subcontrollers.principal import PrincipalController - -ipa.config.init_config() - -log = logging.getLogger(__name__) - -class Root(controllers.RootController): - - user = UserController() - group = GroupController() - delegate = DelegationController() - policy = PolicyController() - ipapolicy = IPAPolicyController() - principal = PrincipalController() - - @expose(template="ipagui.templates.welcome") - @identity.require(identity.not_anonymous()) - def index(self): - return dict() - - @expose() - @identity.require(identity.not_anonymous()) - def topsearch(self, **kw): - if kw.get('searchtype') == "Users": - return Root.user.list(uid=kw.get('searchvalue')) - else: - return Root.group.list(criteria=kw.get('searchvalue')) - - @expose("ipagui.templates.loginfailed") - def loginfailed(self, **kw): - return dict() - - - _error_codes = { - None: u'General Error', - 400: u'400 - Bad Request', - 401: u'401 - Unauthorized', - 403: u'403 - Forbidden', - 404: u'404 - Not Found', - 500: u'500 - Internal Server Error', - 501: u'501 - Not Implemented', - 502: u'502 - Bad Gateway', - } - - def handle_error(self, status, message): - """This method is derived from the sample error catcher on - http://docs.turbogears.org/1.0/ErrorReporting.""" - try: - error_msg = self._error_codes.get(status, self._error_codes[None]) - url = "%s %s" % (cherrypy.request.method, cherrypy.request.path) - if (status == 500): - log.exception("%s error (%s) for request '%s'", status, - error_msg, url) - else: - log.error("%s error (%s) for request '%s'", status, - error_msg, url) - - if config.get('server.environment') == 'production': - details = '' - else: - buf = StringIO.StringIO() - traceback.print_exc(file=buf) - details = buf.getvalue() - buf.close() - - data = dict( - status = status, - message = message, - error_msg = error_msg, - url = url, - details = details, - ) - - if status == 404: - page_template = 'ipagui.templates.not_found' - else: - page_template = 'ipagui.templates.unhandled_exception' - - body = controllers._process_output( - data, - page_template, - 'html', - 'text/html', - None - ) - cherrypy.response.headers['Content-Length'] = len(body) - cherrypy.response.body = body - - # don't catch SystemExit - except StandardError, exc: - log.exception('Error handler failed: %s', exc) - - # To hook in error handler for production only: - # if config.get('server.environment') == 'production': - # _cp_on_http_error = handle_error - - _cp_on_http_error = handle_error diff --git a/ipa-server/ipa-gui/ipagui/forms/Makefile.am b/ipa-server/ipa-gui/ipagui/forms/Makefile.am deleted file mode 100644 index a7f3c7623..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/Makefile.am +++ /dev/null @@ -1,19 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/forms -app_PYTHON = \ - __init__.py \ - group.py \ - ipapolicy.py \ - user.py \ - delegate.py \ - principal.py \ - $(NULL) - -EXTRA_DIST = \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/forms/__init__.py b/ipa-server/ipa-gui/ipagui/forms/__init__.py deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/__init__.py +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/forms/delegate.py b/ipa-server/ipa-gui/ipagui/forms/delegate.py deleted file mode 100644 index e7ba03f98..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/delegate.py +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import turbogears -from turbogears import validators, widgets -from ipagui.helpers import ipahelper - -from ipagui.forms.user import UserFields - -# TODO - get from config or somewhere -aci_attrs = [ - UserFields.givenname, - UserFields.sn, - UserFields.cn, - UserFields.title, - UserFields.displayname, - UserFields.initials, - UserFields.uid, - UserFields.krbprincipalkey, - UserFields.uidnumber, - UserFields.gidnumber, - UserFields.homedirectory, - UserFields.loginshell, - UserFields.gecos, - UserFields.mail, - UserFields.telephonenumber, - UserFields.facsimiletelephonenumber, - UserFields.mobile, - UserFields.pager, - UserFields.homephone, - UserFields.street, - UserFields.l, - UserFields.st, - UserFields.postalcode, - UserFields.ou, - UserFields.businesscategory, - UserFields.description, - UserFields.employeetype, - UserFields.manager, - UserFields.roomnumber, - UserFields.secretary, - UserFields.carlicense, - UserFields.labeleduri, -] - -aci_checkbox_attrs = [(field.name, field.label) for field in aci_attrs] - -aci_name_to_label = dict(aci_checkbox_attrs) - -class DelegateFields(object): - name = widgets.TextField(name="name", label="Delegation Name") - - source_group_dn = widgets.HiddenField(name="source_group_dn") - dest_group_dn = widgets.HiddenField(name="dest_group_dn") - - source_group_cn = widgets.HiddenField(name="source_group_cn", - label="People in Group") - dest_group_cn = widgets.HiddenField(name="dest_group_cn", - label="For People in Group") - - orig_acistr = widgets.HiddenField(name="orig_acistr") - - attrs = widgets.CheckBoxList(name="attrs", label="Can Modify", - options=aci_checkbox_attrs, validator=validators.NotEmpty) - -class DelegateValidator(validators.Schema): - name = validators.String(not_empty=True) - source_group_dn = validators.String(not_empty=True, - messages = { 'empty': _("Please choose a group"), }) - dest_group_dn = validators.String(not_empty=True, - messages = { 'empty': _("Please choose a group"), }) - # There is no attrs validator here because then it shows as one - # huge block of color in the form. The validation is done in - # the subcontroller. - -class DelegateForm(widgets.Form): - params = ['delegate_fields', 'attr_list'] - - hidden_fields = [ - DelegateFields.source_group_dn, - DelegateFields.dest_group_dn, - DelegateFields.source_group_cn, - DelegateFields.dest_group_cn, - DelegateFields.orig_acistr, - ] - - validator = DelegateValidator() - - def __init__(self, *args, **kw): - super(DelegateForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template( - "ipagui.templates.delegateform") - self.delegate_fields = DelegateFields - - def update_params(self, params): - super(DelegateForm,self).update_params(params) diff --git a/ipa-server/ipa-gui/ipagui/forms/group.py b/ipa-server/ipa-gui/ipagui/forms/group.py deleted file mode 100644 index 564e577a2..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/group.py +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import turbogears -from turbogears import validators, widgets -from tg_expanding_form_widget.tg_expanding_form_widget import ExpandingForm -from ipagui.helpers import ipahelper,validators - -class GroupFields(object): - cn = widgets.TextField(name="cn", label="Name") - gidnumber = widgets.TextField(name="gidnumber", label="GID") - description = widgets.TextField(name="description", label="Description") - - editprotected_hidden = widgets.HiddenField(name="editprotected") - - nsAccountLock = widgets.SingleSelectField(name="nsAccountLock", - label="Group Status", - options = [("", "active"), ("true", "inactive")]) - - group_orig = widgets.HiddenField(name="group_orig") - member_data = widgets.HiddenField(name="member_data") - dn_to_info_json = widgets.HiddenField(name="dn_to_info_json") - -class GroupNewValidator(validators.Schema): - filter_extra_fields = True - allow_extra_fields = True - cn = validators.GoodName(not_empty=True) - description = validators.String(not_empty=False) - - -class GroupNewForm(widgets.Form): - params = ['group_fields'] - - hidden_fields = [ - GroupFields.dn_to_info_json - ] - - validator = GroupNewValidator() - - def __init__(self, *args, **kw): - super(GroupNewForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template("ipagui.templates.groupnewform") - self.group_fields = GroupFields - - def update_params(self, params): - super(GroupNewForm,self).update_params(params) - - -class GroupEditValidator(validators.Schema): - filter_extra_fields = True - allow_extra_fields = True - cn = validators.GoodName(not_empty=False) - gidnumber = validators.Int(not_empty=False) - description = validators.String(not_empty=False) - - pre_validators = [ - validators.RequireIfPresent(required='cn', present='editprotected'), - validators.RequireIfPresent(required='gidnumber', present='editprotected'), - ] - -class GroupEditForm(widgets.Form): - params = ['members', 'group_fields'] - - hidden_fields = [ - GroupFields.editprotected_hidden, - GroupFields.group_orig, GroupFields.member_data, - GroupFields.dn_to_info_json - ] - - validator = GroupEditValidator() - - def __init__(self, *args, **kw): - super(GroupEditForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template("ipagui.templates.groupeditform") - self.group_fields = GroupFields diff --git a/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py b/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py deleted file mode 100644 index 7ad9fe083..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import turbogears -from turbogears import validators, widgets -from tg_expanding_form_widget.tg_expanding_form_widget import ExpandingForm -from ipagui.helpers import ipahelper - -class IPAPolicyFields(object): - # From cn=ipaConfig - ipausersearchfields = widgets.TextField(name="ipausersearchfields", label="User Search Fields", attrs=dict(size=50)) - ipagroupsearchfields = widgets.TextField(name="ipagroupsearchfields", label="Group Search Fields") - ipasearchtimelimit = widgets.TextField(name="ipasearchtimelimit", label="Search Time Limit (sec.)", attrs=dict(size=6,maxlength=6)) - ipasearchrecordslimit = widgets.TextField(name="ipasearchrecordslimit", label="Search Records Limit", attrs=dict(size=6,maxlength=6)) - ipahomesrootdir = widgets.TextField(name="ipahomesrootdir", label="Root for Home Directories") - ipadefaultloginshell = widgets.TextField(name="ipadefaultloginshell", label="Default Shell") - ipadefaultprimarygroup = widgets.TextField(name="ipadefaultprimarygroup", label="Default User Group") - ipamaxusernamelength = widgets.TextField(name="ipamaxusernamelength", label="Max. Username Length", attrs=dict(size=3,maxlength=3)) - ipapwdexpadvnotify = widgets.TextField(name="ipapwdexpadvnotify", label="Password Expiration Notification (days)", attrs=dict(size=3,maxlength=3)) - ipauserobjectclasses = widgets.TextField(name="ipauserobjectclasses", label="Default User Object Classes", attrs=dict(size=50)) - userobjectclasses = ExpandingForm(name="userobjectclasses", label="Default User Object Classes", fields=[ipauserobjectclasses]) - ipagroupobjectclasses = widgets.TextField(name="ipagroupobjectclasses", label="Default Group Object Classes", attrs=dict(size=50)) - groupobjectclasses = ExpandingForm(name="groupobjectclasses", label="Default Group Object Classes", fields=[ipagroupobjectclasses]) - ipadefaultemaildomain = widgets.TextField(name="ipadefaultemaildomain", label="Default E-mail Domain", attrs=dict(size=20)) - - ipapolicy_orig = widgets.HiddenField(name="ipapolicy_orig") - - # From cn=accounts - krbmaxpwdlife = widgets.TextField(name="krbmaxpwdlife", label="Max. Password Lifetime (days)", attrs=dict(size=3,maxlength=3)) - krbminpwdlife = widgets.TextField(name="krbminpwdlife", label="Min. Password Lifetime (hours)", attrs=dict(size=3,maxlength=3)) - krbpwdmindiffchars = widgets.TextField(name="krbpwdmindiffchars", label="Min. Number of Character Classes", attrs=dict(size=3,maxlength=3)) - krbpwdminlength = widgets.TextField(name="krbpwdminlength", label="Min. Length of Password", attrs=dict(size=3,maxlength=3)) - krbpwdhistorylength = widgets.TextField(name="krbpwdhistorylength", label="Password History Size", attrs=dict(size=3,maxlength=3)) - - password_orig = widgets.HiddenField(name="password_orig") - -class IPAPolicyValidator(validators.Schema): - ipausersearchfields = validators.String(not_empty=True) - ipagroupsearchfields = validators.String(not_empty=True) - ipasearchtimelimit = validators.Number(not_empty=True) - ipasearchrecordslimit = validators.Number(not_empty=True) - ipamaxusernamelength = validators.Number(not_empty=True) - ipapwdexpadvnotify = validators.Number(not_empty=True) - ipahomesrootdir = validators.String(not_empty=True) - ipadefaultloginshell = validators.String(not_empty=True) - ipadefaultprimarygroup = validators.String(not_empty=True) - ipauserobjectclasses = validators.ForEach(validators.String(not_empty=True)) - ipagroupobjectclasses = validators.ForEach(validators.String(not_empty=True)) - ipadefaultemaildomain = validators.String(not_empty=True) - - krbmaxpwdlife = validators.Number(not_empty=True) - krbminpwdlife = validators.Number(not_empty=True) - krbpwdmindiffchars = validators.Number(not_empty=True) - krbpwdminlength = validators.Number(not_empty=True) - krbpwdhistorylength = validators.Number(not_empty=True) - -class IPAPolicyForm(widgets.Form): - params = ['ipapolicy_fields'] - - hidden_fields = [ - IPAPolicyFields.ipapolicy_orig, IPAPolicyFields.password_orig - ] - - validator = IPAPolicyValidator() - - def __init__(self, *args, **kw): - super(IPAPolicyForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template( - "ipagui.templates.ipapolicyeditform") - self.ipapolicy_fields = IPAPolicyFields - - def update_params(self, params): - super(IPAPolicyForm,self).update_params(params) diff --git a/ipa-server/ipa-gui/ipagui/forms/principal.py b/ipa-server/ipa-gui/ipagui/forms/principal.py deleted file mode 100644 index 8ff5eed03..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/principal.py +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import turbogears -from turbogears import validators, widgets -from tg_expanding_form_widget.tg_expanding_form_widget import ExpandingForm -from ipagui.helpers import ipahelper - -class PrincipalFields(object): - hostname = widgets.TextField(name="hostname", label="Host Name") - service = widgets.SingleSelectField(name="service", - label="Service Type", - options = [ - ("cifs", "cifs"), - ("dns", "dns"), - ("host", "host"), - ("HTTP", "HTTP"), - ("ldap", "ldap"), - ("nfs", "nfs"), - ("other", "other") - ], - attrs=dict(onchange="toggleOther(this.id)")) - other = widgets.TextField(name="other", label="Other Service", attrs=dict(size=10)) - -class PrincipalNewValidator(validators.Schema): - hostname = validators.String(not_empty=True) - service = validators.String(not_empty=True) - other = validators.String(not_empty=False) - -class PrincipalNewForm(widgets.Form): - params = ['principal_fields'] - - validator = PrincipalNewValidator() - - def __init__(self, *args, **kw): - super(PrincipalNewForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template("ipagui.templates.principalnewform") - self.principal_fields = PrincipalFields - - def update_params(self, params): - super(PrincipalNewForm,self).update_params(params) diff --git a/ipa-server/ipa-gui/ipagui/forms/user.py b/ipa-server/ipa-gui/ipagui/forms/user.py deleted file mode 100644 index 62fc0dfdc..000000000 --- a/ipa-server/ipa-gui/ipagui/forms/user.py +++ /dev/null @@ -1,207 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import turbogears -from turbogears import validators, widgets -from tg_expanding_form_widget.tg_expanding_form_widget import ExpandingForm -from ipagui.helpers.validators import * -from ipagui.helpers import ipahelper - -class UserFields(object): - givenname = widgets.TextField(name="givenname", label="First Name") - sn = widgets.TextField(name="sn", label="Last Name") - cn = widgets.TextField(name="cn", label="Full Name") - cns = ExpandingForm(name="cns", label="Full Name", fields=[cn]) - title = widgets.TextField(name="title", label="Job Title") - displayname = widgets.TextField(name="displayname", label="Display Name") - initials = widgets.TextField(name="initials", label="Initials") - - uid = widgets.TextField(name="uid", label="Login", attrs=dict(onchange="warnRDN(this.id)")) - krbprincipalkey = widgets.PasswordField(name="krbprincipalkey", label="Password") - krbprincipalkey_confirm = widgets.PasswordField(name="krbprincipalkey_confirm", - label="Confirm Password") - uidnumber = widgets.TextField(name="uidnumber", label="UID") - gidnumber = widgets.TextField(name="gidnumber", label="GID") - homedirectory = widgets.TextField(name="homedirectory", label="Home Directory") - loginshell = widgets.TextField(name="loginshell", label="Login Shell") - gecos = widgets.TextField(name="gecos", label="GECOS") - - mail = widgets.TextField(name="mail", label="E-mail Address") - telephonenumber = widgets.TextField(name="telephonenumber", label="Work Number") - telephonenumbers = ExpandingForm(name="telephonenumbers", label="Work Numbers", fields=[telephonenumber]) - facsimiletelephonenumber = widgets.TextField(name="facsimiletelephonenumber", - label="Fax Number") - facsimiletelephonenumbers = ExpandingForm(name="facsimiletelephonenumbers", label="Fax Numbers", fields=[facsimiletelephonenumber]) - mobile = widgets.TextField(name="mobile", label="Cell Number") - mobiles = ExpandingForm(name="mobiles", label="Cell Numbers", fields=[mobile]) - pager = widgets.TextField(name="pager", label="Pager Number") - pagers = ExpandingForm(name="pagers", label="Pager Numbers", fields=[pager]) - homephone = widgets.TextField(name="homephone", label="Home Number") - homephones = ExpandingForm(name="homephones", label="Home Numbers", fields=[homephone]) - - street = widgets.TextField(name="street", label="Street Address") - l = widgets.TextField(name="l", label="City") - st = widgets.TextField(name="st", label="State") - postalcode = widgets.TextField(name="postalcode", label="ZIP") - - ou = widgets.TextField(name="ou", label="Org Unit") - businesscategory = widgets.TextField(name="businesscategory", label="Tags") - description = widgets.TextField(name="description", label="Description") - employeetype = widgets.TextField(name="employeetype", label="Employee Type") - manager = widgets.HiddenField(name="manager", label="Manager") - manager_cn = widgets.HiddenField(name="manager_cn", label="Manager") - roomnumber = widgets.TextField(name="roomnumber", label="Room Number") - secretary = widgets.HiddenField(name="secretary", label="Secretary") - secretary_cn = widgets.HiddenField(name="secretary_cn", label="Manager") - - carlicense = widgets.TextField(name="carlicense", label="Car License") - labeleduri = widgets.TextField(name="labeleduri", label="Home Page") - - nsAccountLock = widgets.SingleSelectField(name="nsAccountLock", - label="Account Status", - options = [("", "active"), ("true", "inactive")]) - - uid_hidden = widgets.HiddenField(name="uid_hidden") - krbPasswordExpiration_hidden = widgets.HiddenField(name="krbPasswordExpiration") - editprotected_hidden = widgets.HiddenField(name="editprotected") - - user_orig = widgets.HiddenField(name="user_orig") - user_groups_data = widgets.HiddenField(name="user_groups_data") - dn_to_info_json = widgets.HiddenField(name="dn_to_info_json") - - custom_fields = [] - -class UserNewValidator(validators.Schema): - uid = GoodName(not_empty=True) - krbprincipalkey = validators.String(not_empty=False) - krbprincipalkey_confirm = validators.String(not_empty=False) - givenname = validators.String(not_empty=True) - sn = validators.String(not_empty=True) - cn = UniqueList(not_empty=True) - mail = validators.Email(not_empty=False) - telephonenumber = UniqueList(not_empty=False) - facsimiletelephonenumber = UniqueList(not_empty=False) - mobile = UniqueList(not_empty=False) - pager = UniqueList(not_empty=False) - homephone = UniqueList(not_empty=False) - - chained_validators = [ - validators.FieldsMatch('krbprincipalkey', 'krbprincipalkey_confirm') - ] - - -class UserNewForm(widgets.Form): - params = ['user_fields', 'custom_fields'] - - hidden_fields = [ - UserFields.dn_to_info_json, - UserFields.manager, - UserFields.manager_cn, - UserFields.secretary, - UserFields.secretary_cn, - ] - - custom_fields = [] - - validator = UserNewValidator() - - def __init__(self, *args, **kw): - super(UserNewForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template("ipagui.templates.usernewform") - - self.user_fields = UserFields - - def update_params(self, params): - super(UserNewForm,self).update_params(params) - -class UserEditValidator(validators.Schema): - uid = GoodName(not_empty=False) - krbprincipalkey = validators.String(not_empty=False) - krbprincipalkey_confirm = validators.String(not_empty=False) - givenname = validators.String(not_empty=True) - sn = validators.String(not_empty=True) - cn = UniqueList(not_empty=True) - mail = validators.Email(not_empty=False) - uidnumber = validators.Int(not_empty=False) - gidnumber = validators.Int(not_empty=False) - telephonenumber = UniqueList(not_empty=False) - facsimiletelephonenumber = UniqueList(not_empty=False) - mobile = UniqueList(not_empty=False) - pager = UniqueList(not_empty=False) - homephone = UniqueList(not_empty=False) - - pre_validators = [ - validators.RequireIfPresent(required='uid', present='editprotected'), - validators.RequireIfPresent(required='uidnumber', present='editprotected'), - validators.RequireIfPresent(required='gidnumber', present='editprotected'), - ] - - chained_validators = [ - validators.FieldsMatch('krbprincipalkey', 'krbprincipalkey_confirm') - ] - -class UserEditForm(widgets.Form): - params = ['user_fields', 'custom_fields'] - - hidden_fields = [ - UserFields.uid_hidden, UserFields.user_orig, - UserFields.krbPasswordExpiration_hidden, - UserFields.editprotected_hidden, - UserFields.user_groups_data, - UserFields.dn_to_info_json, - UserFields.manager, - UserFields.manager_cn, - UserFields.secretary, - UserFields.secretary_cn, - ] - - custom_fields = [] - - validator = UserEditValidator() - - def __init__(self, *args, **kw): - super(UserEditForm,self).__init__(*args, **kw) - (self.template_c, self.template) = ipahelper.load_template("ipagui.templates.usereditform") - - self.user_fields = UserFields - - -# TODO - add dynamic field retrieval: -# myfields=[] -# schema = ipa.rpcclient.get_add_schema () -# -# # FIXME: What if schema is None or an error is thrown? -# -# for s in schema: -# required=False -# -# if (s['type'] == "text"): -# field = widgets.TextField(name=s['name'],label=s['label']) -# elif (s['type'] == "password"): -# field = widgets.PasswordField(name=s['name'],label=s['label']) -# -# if (s['required'] == "true"): -# required=True -# -# if (s['validator'] == "text"): -# field.validator=validators.PlainText(not_empty=required) -# elif (s['validator'] == "email"): -# field.validator=validators.Email(not_empty=required) -# elif (s['validator'] == "string"): -# field.validator=validators.String(not_empty=required) -# -# myfields.append(field) diff --git a/ipa-server/ipa-gui/ipagui/helpers/Makefile.am b/ipa-server/ipa-gui/ipagui/helpers/Makefile.am deleted file mode 100644 index 46185b093..000000000 --- a/ipa-server/ipa-gui/ipagui/helpers/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/helpers -app_PYTHON = \ - __init__.py \ - ipahelper.py \ - userhelper.py \ - validators.py \ - $(NULL) - -EXTRA_DIST = \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/helpers/__init__.py b/ipa-server/ipa-gui/ipagui/helpers/__init__.py deleted file mode 100644 index 143f486c0..000000000 --- a/ipa-server/ipa-gui/ipagui/helpers/__init__.py +++ /dev/null @@ -1 +0,0 @@ -# __init__.py diff --git a/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py b/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py deleted file mode 100644 index 9b3404837..000000000 --- a/ipa-server/ipa-gui/ipagui/helpers/ipahelper.py +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import re -import logging -import turbogears -import kid -from turbokid import kidsupport -from pkg_resources import resource_filename - -def javascript_string_escape(input): - """Escapes the ' " and \ characters in a string so - it can be embedded inside a dynamically generated string.""" - - return re.sub(r'[\'\"\\]', - lambda match: "\\%s" % match.group(), - input) - -def setup_mv_fields(field, fieldname): - """Given a field (must be a list) and field name, convert that - field into a list of dictionaries of the form: - [ { fieldname : v1}, { fieldname : v2 }, .. ] - - This is how we pre-fill values for multi-valued fields. - """ - mvlist = [] - if field: - for v in field: - if v: - mvlist.append({ fieldname : v } ) - if len(mvlist) == 0: - # We need to return an empty value so something can be - # displayed on the edit page. Otherwise only an Add link - # will show, not an empty field. - mvlist.append({ fieldname : '' } ) - return mvlist - -def fix_incoming_fields(fields, fieldname, multifieldname): - """This is called by the update() function. It takes the incoming - list of dictionaries and converts it into back into the original - field, then removes the multiple field. - """ - fields[fieldname] = [] - try: - for i in range(len(fields[multifieldname])): - if fields[multifieldname][i][fieldname] is not None and len(fields[multifieldname][i][fieldname]) > 0: - fields[fieldname].append(fields[multifieldname][i][fieldname]) - del(fields[multifieldname]) - except Exception, e: - logging.warn("fix_incoming_fields error: " + str(e)) - - return fields - -def load_template(classname, encoding=None): - """ - Loads the given template. This only handles .kid files. - Returns a tuple (compiled_tmpl, None) to emulate - turbogears.meta.load_kid_template() which ends up not properly handling - encoding. - """ - if not encoding: - encoding = turbogears.config.get('kid.encoding', kidsupport.KidSupport.assume_encoding) - divider = classname.rfind(".") - package, basename = classname[:divider], classname[divider+1:] - file_path = resource_filename(package, basename + ".kid") - - tclass = kid.load_template( - file_path, - name = classname, - ).Template - tclass.serializer = kid.HTMLSerializer(encoding=encoding) - tclass.assume_encoding=encoding - - return (tclass, None) diff --git a/ipa-server/ipa-gui/ipagui/helpers/userhelper.py b/ipa-server/ipa-gui/ipagui/helpers/userhelper.py deleted file mode 100644 index d80c4d3ac..000000000 --- a/ipa-server/ipa-gui/ipagui/helpers/userhelper.py +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import sys -import datetime - -from ipa import ipautil - -def password_expires_in(datestr): - """Returns the number of days that password expires in. Returns a negative number - if the password is already expired.""" - if (datestr == None) or (datestr == ""): - return sys.maxint - - expdate = ipautil.parse_generalized_time(datestr) - if not expdate: - return sys.maxint - - delta = expdate - datetime.datetime.now(ipautil.GeneralizedTimeZone()) - return delta.days - -def password_is_expired(days): - return days < 0 - -def password_expires_soon(days): - return (not password_is_expired(days)) and (days < 7) - -def account_status_display(status): - if status == "true": - return "inactive" - else: - return "active" diff --git a/ipa-server/ipa-gui/ipagui/helpers/validators.py b/ipa-server/ipa-gui/ipagui/helpers/validators.py deleted file mode 100644 index 8ed73b87c..000000000 --- a/ipa-server/ipa-gui/ipagui/helpers/validators.py +++ /dev/null @@ -1,92 +0,0 @@ -# Copyright (C) 2007-2008 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -from formencode.validators import * -from formencode.compound import * -from formencode.api import Invalid, NoDefault -from formencode.schema import Schema -from formencode import ForEach - -def _(s): return s # dummy - -class UniqueList(FancyValidator): - """ - Given a list, ensure that all of the values in it are unique. - - >>> x = UniqueList() - >>> x.validate_python(['1','1'],'') - Traceback (most recent call last): - ... - formencode.api.Invalid: Duplicate values are not allowed - >>> x.validate_python(['1','2'],'') - >>> - """ - - not_empty = None - - messages = { - 'notunique': _('Duplicate values are not allowed'), - 'empty': _('Empty values not allowed'), - } - - def __initargs__(self, new_attrs): - if self.not_empty is None: - self.not_empty = True - - def validate_python(self, value, state): - if not isinstance(value, list): - return # just punt for now - - if self.not_empty: - for v in value: - if v is None or len(v) == 0: - raise Invalid(self.message('empty', state), - value, state) - - orig = len(value) - check = len(set(value)) - - if orig > check: - raise Invalid(self.message('notunique', state), - value, state) - -class GoodName(Regex): - """ - Test that the field contains only letters, numbers, underscore, - dash, hyphen and $. - - Examples:: - - >>> GoodName.to_python('_this9_') - '_this9_' - >>> GoodName.from_python(' this ') - ' this ' - >>> GoodName(accept_python=False).from_python(' this ') - Traceback (most recent call last): - ... - Invalid: Enter only letters, numbers, _ (underscore), - (dash) or $') - >>> GoodName(strip=True).to_python(' this ') - 'this' - >>> GoodName(strip=True).from_python(' this ') - 'this' - """ - - regex = r"^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?$" - - messages = { - 'invalid': _('Enter only letters, numbers, _ (underscore), - (dash) or $'), - } diff --git a/ipa-server/ipa-gui/ipagui/json.py b/ipa-server/ipa-gui/ipagui/json.py deleted file mode 100644 index 6d9121788..000000000 --- a/ipa-server/ipa-gui/ipagui/json.py +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -# A JSON-based API(view) for your app. -# Most rules would look like: -# @jsonify.when("isinstance(obj, YourClass)") -# def jsonify_yourclass(obj): -# return [obj.val1, obj.val2] -# @jsonify can convert your objects to following types: -# lists, dicts, numbers and strings - -from turbojson.jsonify import jsonify - diff --git a/ipa-server/ipa-gui/ipagui/model.py b/ipa-server/ipa-gui/ipagui/model.py deleted file mode 100644 index 49820c393..000000000 --- a/ipa-server/ipa-gui/ipagui/model.py +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -from turbogears.database import PackageHub -from sqlobject import * - -hub = PackageHub('ipagui') -__connection__ = hub - -# class YourDataClass(SQLObject): -# pass - diff --git a/ipa-server/ipa-gui/ipagui/proxyprovider.py b/ipa-server/ipa-gui/ipagui/proxyprovider.py deleted file mode 100644 index 90257d391..000000000 --- a/ipa-server/ipa-gui/ipagui/proxyprovider.py +++ /dev/null @@ -1,176 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -from turbogears.identity.soprovider import * -from turbogears.identity.visitor import * -import logging -import os -import ipa.ipaclient -from ipaserver import funcs -import ipa.config -import ipa.group -import ipa.user -import ldap -import krbV - -log = logging.getLogger("turbogears.identity") - -class IPA_User(object): - ''' - Shell of a User definition. We don't really need much here. - ''' - - def __init__(self, user_name): - self.user_name = user_name - (principal, realm) = user_name.split('@') - self.permissions = None - transport = funcs.IPAServer() - client = ipa.ipaclient.IPAClient(transport) - client.set_krbccache(os.environ["KRB5CCNAME"]) - try: - # Use memberof so we can see recursive group memberships as well. - user = client.get_user_by_principal(user_name, ['dn', 'uid', 'memberof']) - self.display_name = user.getValue('uid') - self.groups = [] - memberof = user.getValues('memberof') - if memberof is None: - # the user isn't in any groups - return - if isinstance(memberof, str): - memberof = [memberof] - for mo in memberof: - rdn_list = ldap.explode_dn(mo, 0) - first_rdn = rdn_list[0] - (type,value) = first_rdn.split('=') - if type == "cn": - self.groups.append(value) - except: - raise - - return - -class ProxyIdentity(object): - def __init__(self, visit_key, user=None): - self._user= user - self.visit_key= visit_key - - def _get_user(self): - try: - return self._user - except AttributeError: - # User hasn't already been set - return None - user= property(_get_user) - - def _get_user_name(self): - if not self._user: - return None - return self._user.user_name - user_name= property(_get_user_name) - - def _get_display_name(self): - if not self._user: - return None - return self._user.display_name - display_name= property(_get_display_name) - - def _get_anonymous(self): - return not self._user - anonymous= property(_get_anonymous) - - def _get_permissions(self): - try: - return self._permissions - except AttributeError: - # Permissions haven't been computed yet - return None - permissions= property(_get_permissions) - - def _get_groups(self): - try: - return self._user.groups - except AttributeError: - # Groups haven't been computed yet - return [] - groups= property(_get_groups) - - def logout(self): - ''' - Remove the link between this identity and the visit. - ''' - # Clear the current identity - anon= ProxyObjectIdentity(None,None) - #XXX if user is None anonymous will be true, no need to set attr. - #anon.anonymous= True - identity.set_current_identity( anon ) - -class ProxyIdentityProvider(SqlObjectIdentityProvider): - ''' - IdentityProvider that uses REMOTE_USER from Apache - ''' - def __init__(self): - super(ProxyIdentityProvider, self).__init__() - get = turbogears.config.get - # We can get any config variables here - log.info( "Proxy Identity starting" ) - - def create_provider_model(self): - pass - - def validate_identity(self, user_name, password, visit_key): - try: - user = IPA_User(user_name) - log.debug( "validate_identity %s" % user_name) - return ProxyIdentity(visit_key, user) - except Exception, e: - # Something went wrong in fetching the user. Set to - # anonymous which will deny access. - return ProxyIdentity( None ) - - def validate_password(self, user, user_name, password): - '''Validation has already occurred in the proxy''' - return True - - def load_identity(self, visit_key): - try: - os.environ["KRB5CCNAME"] = cherrypy.request.headers['X-FORWARDED-KEYTAB'] - ccache = krbV.CCache(cherrypy.request.headers['X-FORWARDED-KEYTAB']) - user_name = ccache.principal().name -# user_name = "test@FREEIPA.ORG" -# os.environ["KRB5CCNAME"] = "FILE:/tmp/krb5cc_500" - except KeyError: - return None - except AttributeError: - return None - except krbV.Krb5Error: - return None - - set_login_attempted( True ) - return self.validate_identity( user_name, None, visit_key ) - - def anonymous_identity( self ): - ''' - This shouldn't ever happen in IPA but including it to include the - entire identity API. - ''' - return ProxyIdentity( None ) - - def authenticated_identity(self, user): - ''' - Constructs Identity object for user that has no associated visit_key. - ''' - return ProxyIdentity(None, user) diff --git a/ipa-server/ipa-gui/ipagui/proxyvisit.py b/ipa-server/ipa-gui/ipagui/proxyvisit.py deleted file mode 100644 index 91b20d27a..000000000 --- a/ipa-server/ipa-gui/ipagui/proxyvisit.py +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -from turbogears.visit.api import BaseVisitManager, Visit -from turbogears import config - -import logging - -log = logging.getLogger("turbogears.visit.proxyvisit") - -class ProxyVisitManager(BaseVisitManager): - """Virtually empty class just so can avoid saving this stuff in a - database.""" - def __init__(self, timeout): - super(ProxyVisitManager,self).__init__(timeout) - return - - def create_model(self): - return - - def new_visit_with_key(self, visit_key): - return Visit(visit_key, True) - - def visit_for_key(self, visit_key): - return Visit(visit_key, False) - - def update_queued_visits(self, queue): - return None diff --git a/ipa-server/ipa-gui/ipagui/release.py b/ipa-server/ipa-gui/ipagui/release.py deleted file mode 100644 index f5bc211ce..000000000 --- a/ipa-server/ipa-gui/ipagui/release.py +++ /dev/null @@ -1,16 +0,0 @@ -# Release information about ipa-gui - -version = "1.0" - -# NOTE: We aren't really using this because we aren't shipping the UI as -# a separate .egg but it might look something like this: - -# description = "The Identity, Policy and Audit system" -# long_description = "IPA is an integrated solution to provide centrally managed Identity (machine, user, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis thereof)." -# author = "Your Name Here" -# email = "YourEmail@YourDomain" -# copyright = "2007 Red Hat, Inc." - -# url = "http://www.freeipa.org/" -# download_url = "http://www.freeipa.org/page/Downloads" -# license = "GPLv2" diff --git a/ipa-server/ipa-gui/ipagui/static/Makefile.am b/ipa-server/ipa-gui/ipagui/static/Makefile.am deleted file mode 100644 index d4ca45572..000000000 --- a/ipa-server/ipa-gui/ipagui/static/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -NULL = - -SUBDIRS = \ - css \ - images \ - javascript \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/css/Makefile.am b/ipa-server/ipa-gui/ipagui/static/css/Makefile.am deleted file mode 100644 index eb5502ab0..000000000 --- a/ipa-server/ipa-gui/ipagui/static/css/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/static/css -app_DATA = \ - style_freeipa.css \ - style_platform.css \ - style_platform-objects.css \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/css/style_freeipa.css b/ipa-server/ipa-gui/ipagui/static/css/style_freeipa.css deleted file mode 100644 index f56971bd3..000000000 --- a/ipa-server/ipa-gui/ipagui/static/css/style_freeipa.css +++ /dev/null @@ -1,62 +0,0 @@ -/* freeipa-specific styles */ - -#login { - float: right; - padding-top: 15px; - padding-right: 10px; -} - -#details { - border-top: 1px solid #bbdc5f; -} - -#details h1 { - background-repeat: no-repeat; - margin-bottom: 18px; -} - - -#alertbox { - background-color: #6995d5; -} - -#footer { - padding-top: 0px; - border-top: none; - text-align: center; - margin-left: auto; - margin-right: auto; - width: 30%; - padding: 20px 20px; -} - -/*** TableKit CSS - see http://www.millstream.com.au/view/code/tablekit/ **/ - -.sortcol { - cursor: pointer; - padding-left: 10px !important; - background-repeat: no-repeat !important; - background-position: left center !important; - text-decoration: underline; -} -.sortasc { - background-image: url(/ipa/ui/static/images/up.gif) !important; -} -.sortdesc { - background-image: url(/ipa/ui/static/images/down.gif) !important; -} - -.warning_message { - font-size: 120%; - font-weight: bolder; -} - -.fielderror { - color: red !important; - font-weight: bold; -} - -.requiredfield { - background-color: #eebbbb !important; -} - diff --git a/ipa-server/ipa-gui/ipagui/static/css/style_platform-objects.css b/ipa-server/ipa-gui/ipagui/static/css/style_platform-objects.css deleted file mode 100644 index 51d570896..000000000 --- a/ipa-server/ipa-gui/ipagui/static/css/style_platform-objects.css +++ /dev/null @@ -1,19 +0,0 @@ -/* object h1 styles */ - -#details h1.overview { background-image: url('/ipa/ui/static/images/objects/object-overview.png'); } - -#details h1.accesscontrol { background-image: url('/ipa/ui/static/images/objects/object-accesscontrol.png'); } - -#details h1.user { background-image: url('/ipa/ui/static/images/objects/object-user.png'); } -#details h1.usergroup { background-image: url('/ipa/ui/static/images/objects/object-usergroup.png'); } - -#details h1.content-overview { background-image: url('/ipa/ui/static/images/objects/object-content.png'); } -#details h1.channel { background-image: url('/ipa/ui/static/images/objects/object-channel.png'); } -#details h1.channel-new { background-image: url('/ipa/ui/static/images/objects/object-channel.png'); } -#details h1.channels { background-image: url('/ipa/ui/static/images/objects/object-channels.png'); } -#details h1.media { background-image: url('/ipa/ui/static/images/objects/object-media.png'); } - -#details h1.system { background-image: url('/ipa/ui/static/images/objects/object-system.png'); } -#details h1.virtualsystem { background-image: url('/ipa/ui/static/images/objects/object-virtualsystem.png'); } - -#details h1.policy { background-image: url('/ipa/ui/static/images/objects/object-policy.png'); } diff --git a/ipa-server/ipa-gui/ipagui/static/css/style_platform.css b/ipa-server/ipa-gui/ipagui/static/css/style_platform.css deleted file mode 100644 index 03ac52d3c..000000000 --- a/ipa-server/ipa-gui/ipagui/static/css/style_platform.css +++ /dev/null @@ -1,517 +0,0 @@ -/** BASIC PAGE STYLES */ - -* -{ - margin: 0; - padding: 0; - font-size: small; -} - -html, body { - height: 100%; -} - -body { - background-image: url('/ipa/ui/static/images/template/background.png'); - background-repeat: repeat-x; - background-color: #f9f9f9; - margin: 0px; - padding: 0px; - padding-top: 16px; - min-width: 750px; -} - -body, h1, h2, h3, h4, h5, p, ul, li, div, span, td { - font-family: "Luxi Sans", "Gill Sans", "Verdana", "Helvetica", sans-serif; - font-size: small; - color: #444; -} - -td, th { - text-align: left; -} - -#head { - margin: 0px; - padding: 0px 1.5ex; -} - -#head h1 a { - display: block; - text-indent: -9999px; - height: 60px; - width: 350px; - overflow: hidden; - float: left; - margin-top: -10px; - - background: url('/ipa/ui/static/images/branding/logo.png') no-repeat; -} - -#content { - width: 100%; - min-height: 100%; - - background-color: #f9f9f9; - background-image: url('/ipa/ui/static/images/template/background-content.png'); - background-repeat: repeat-x; -} - -#main_content table { - clear: left; -} - -#main_content { - height: auto; - margin-bottom: 4ex; -} - -#footer { - font-size: x-small; - color: #ccc; - clear: both; - text-align: center; - padding-top: 4ex; - border-top: 1px solid #efefef; - width: 100%; -} - -/* freeipa only? */ -div#search { - padding-top: 16px; - padding-bottom: 24px; -} - -#searchbar { - float: right; - margin-top: 18px; -} - -/** MAIN NAVBAR SECTION **/ - -#navbar { - width: 100%; - height: 70px; - margin: 0px; - clear: both; - - background-image: url('/ipa/ui/static/images/template/background-navbar.png'); - background-repeat: repeat-x; - -} - -#navbar ul { - margin: 0px; - padding: 0px; - padding-left: 10px; - list-style: none; -} - -#navbar li { - float: left; - margin: 0px; - padding: 0px; - - font-size: small; -} - -#navbar a { - display: block; - margin: 22px 15px; -} - -#navbar .active { - background-image: url('/ipa/ui/static/images/template/background-navbar-active.png'); - height: 70px; - width: 116px; - - text-align: center; -} - -#navbar-secondary li { - font-size: medium; -} - -#navbar-secondary .active a:link, -#navbar-secondary .active a:visited, -#navbar-secondary .active a:active, -#navbar-secondary .active a, -#navbar-secondary li -{ - color: #555 !important; - text-decoration: none; - font-weight: bold; -} - -/** SIDEBAR SECTION **/ - -#sidebar { - width: 250px; - text-align: left; - - padding: 18px 12px; - margin-right: 24px; - float: right; - height: 100%; - - border: 1px solid #aaa; - background-color: #ccc; - background-image: url('/ipa/ui/static/images/template/background-sidebar.png'); - background-repeat: repeat-y; -} - -#sidebar h1, h2, h3 { - padding: 0px; - margin: 0px; -} - -#sidebar h2 { font-size: medium; } -#sidebar h3 { font-size: small; } - -#sidebar ul { - padding: 0px; - margin: 0px; - list-style: none; - padding-bottom: 10px; -} - -#sidebar ul, #sidebar li { - margin-bottom: 6px; - font-size: small; -} - -#sidebar hr { - border-top: 1px solid #aaa; - border-bottom: 1px solid #ddd; - color: #ddd; - margin-top: 20px !important; - margin-bottom: 20px !important; -} - -.context-tools { - float: right; - margin-top: -1.2em; - font-size: small; -} - -.context-tools a:link, .context-tools a:active, .context-tools a:visited { - text-decoration: none; -} - -/** DETAILS SECTION **/ - -#details { - height: 100%; - margin: 0px 24px; - margin-right: 298px; - - padding: 18px 18px; - padding-bottom: 12%; - border-top: 1px solid #aaa; - background-color: white; - text-align: left; - color: #444; -} - -#details p { - margin-top: 1ex; - margin-bottom: 1ex; -} - -#details h3 { - font-size: medium; - text-transform: uppercase; - margin-bottom: 1ex; - margin-top: 1.5ex; -} - -#details h4 { - font-size: medium; - color: #8aa445; -} - - -#details p, -#details td, -#details li { - font-size: small; - color: #555; -} - -#details h1 { - color: #7d7d5b; - font-size: x-large; - margin-bottom: 18px; - height: 40px; - padding-left: 48px; - padding-top: 6px; - vertical-align: middle; - background-repeat: no-repeat; -} - - -#details h2, #details table caption { - color: #999; - font-size: large; - font-weight: normal; - - border-bottom: 1px solid #999; - margin-bottom: 10px; - - text-align: left; - width: 100%; -} - -#details h2 img { - margin-right: 1.4ex; -} - -table.details { - margin-bottom: 18px; - width: 100%; -} - -#details h3, table.formtable th { - font-size: small; - color: black; -} - -#details table.details th { - font-size: small; - width: 150px; - padding: 4px 0px; - padding-right: 8px; - border-bottom: 1px dotted #ddd; -} - -#details table.details th.even { background-color: white; } -#details table.details th.odd { background-color: #eee; } - -#details table.details td { - padding-left: 8px; - padding-bottom: 3px; - border-bottom: 1px dotted #ddd; -} - -#details hr { - margin-top: 48px; - margin-bottom: 12px; - height: 1px; - border-color: #bbb; - border-width: 0pt 0pt 1px; - padding: 0.5em; - border-style: none none dashed; -} - -.details-block { - border-top: 1px solid #eeeeee; -} - -#details ul.context-nav { - float: left; - width: 100%; - padding: 0; - margin: 0; - list-style-type: none; - border-bottom: 6px solid #eee; - margin-bottom: 2ex; -} - -#details ul.context-nav li a { - float: left; - text-decoration: none; - background-color: #d6d6d6; - padding: 1ex 2ex; - text-align: center; - margin-right: 3px; - - -moz-border-radius-topleft: 12px; - -moz-border-radius-topright: 12px; -} - -#details ul.context-nav li#active a { - color: #444; - background-color: #eee; - font-weight: bold; -} - -/** FORMS SECTION **/ - -input.text { - border: 1px solid #8e8e8e; - background-color: #e5f1f4; - color: #444444; -} - -input.submitbutton { - float: right; -} - -form.tableform table th { - padding-right: 2ex; - text-align: right; -} - -h2.formsection { - color: #999; - font-size: large; - font-weight: normal; - - border-bottom: 1px solid #999; - margin-bottom: 10px; - margin-top: 12px; - - text-align: left; - width: 100%; -} - -table.formtable { - width: 100%; -} - -/**** freeipa only below? ****/ -ul.checkboxlist li { - list-style: none; - margin: 8px 0px; -} - -ul.checkboxlist li input { - background-color: yellow; - height: 1.1em; - width: 1.2em; - border: 1px solid red; -} - -table.formtable th, table.formtable td { - vertical-align: top; - padding-bottom: 10px; -} - -table.formtable th { - width: 28%; -} - -input.submitbutton, input.searchbutton, #source_searcharea input.searchbutton { - border: 1px outset #aaa; - padding: 2px 1px; - margin-bottom: 2px; -} - -table.formtable td input[type="text"], input#criteria { - border: 1px inset #dcdcdc; - font-size: medium; - padding: 2px 1px; -} - -table.formtable td select { - border: 1px inset #dcdcdc; - font-size: small; - padding: 2px 1px; -} - -#inactive { - background-color: silver; -} - -/** ALERTS / MESSAGING SECTION **/ - -#alertbox { - width: 100%; - padding: 10px 0px; - margin-top: 12px; - margin-bottom: 18px; - vertical-align: middle; - - -moz-border-radius: 6px; - background-color: #7d7d5b; - color: white; -} - -#alertbox h2 { - width: auto; - padding: 0px 16px; - float: left; - font-size: medium; - text-transform: uppercase; - color: white; - font-weight: bold; - border: none; -} - -#alertbox p { - padding: 0px 16px; - text-align: center; - color: white; - width: auto; -} - -/**** freeipa only alerts/messaging below ****/ - -p.empty-message { - font-size: large; - font-style: italic; - color: #888 !important; -} - -div.instructions { - padding: 2px 6px; - margin-top: 16px; - border-top: 1px solid #c0d5f1; - border-bottom: 1px solid #c0d5f1; - background-color: #eef4fd; -} - - -/** OVERVIEW PAGE STYLES **/ - -.summary { - width: 40%; - float: left; - clear: none; - padding-top: 2ex; -} - -.tasks, .search { - padding: 3ex; - padding-top: 2ex; - width: 40%; - float: right; - background-image: url('/ipa/ui/static/images/template/background-search.png'); - background-repeat: repeat-y; - background-color: white; -} - -.summary ul, .tasks ul, ul { margin-top: 1ex; padding-top: 1ex; list-style: square; margin-left: 2ex; } -.summary ul + ul, .tasks ul + ul { border-top: 1px solid #eee; } -.search ul { list-style: none; margin-left: 2ex; } - -.additional-link { - font-size: x-small; -} - -#perspectives h3 a { - font-size: x-small; - text-transform: none; - margin-left: 1ex; - font-weight: normal; -} - -/** TURBOGEARS GRID-TABLE-SPECIFIC STYLES **/ - -.grid td, .grid th {padding:3px;border:none;} -.grid .action_cell {text-align:right;} -.grid THEAD tr th {text-align:left;background-color:#f0f0f0;color:#333;} -.grid .heading img {float:right;margin-left:2px;margin-right:3px;} -.grid .heading a {text-decoration:none;color:#333;} -.grid td a {text-decoration:none;color:#333;} -.grid tr.odd td {background-color:#edf3fe;} -.grid tr.even td {background-color:#fff;} -.grid .pointer {cursor:pointer;} -.grid .column_chooser_link {position:relative;background-color:#e3e3e3;} -.grid .column_chooser_link ul {position:absolute;display:none;top:0px;right:-20px;} -.grid .column_chooser_list a {width:200px;display:block;padding:3px;background-color:#e3e3e3;} -.grid .column_chooser_list a:hover {background-color:#cdcdcd;} -.grid .column_chooser_list {padding:0;margin:0;list-style:none;background-color:#e3e3e3;} - - - diff --git a/ipa-server/ipa-gui/ipagui/static/images/Makefile.am b/ipa-server/ipa-gui/ipagui/static/images/Makefile.am deleted file mode 100644 index bb0f3aab6..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/Makefile.am +++ /dev/null @@ -1,29 +0,0 @@ -NULL = - -SUBDIRS = \ - branding \ - objects \ - template \ - $(NULL) - -appdir = $(IPA_DATA_DIR)/ipagui/static/images -app_DATA = \ - down.gif \ - favicon.ico \ - header_inner.png \ - info.png \ - logo.png \ - ok.png \ - tg_under_the_hood.png \ - under_the_hood_blue.png \ - up.gif - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/images/branding/Makefile.am b/ipa-server/ipa-gui/ipagui/static/images/branding/Makefile.am deleted file mode 100644 index cb0a81424..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/branding/Makefile.am +++ /dev/null @@ -1,15 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/static/images/branding -app_DATA = \ - logo.png \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/images/branding/logo.png b/ipa-server/ipa-gui/ipagui/static/images/branding/logo.png Binary files differdeleted file mode 100644 index ebabed790..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/branding/logo.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/down.gif b/ipa-server/ipa-gui/ipagui/static/images/down.gif Binary files differdeleted file mode 100644 index c527b4e61..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/down.gif +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/favicon.ico b/ipa-server/ipa-gui/ipagui/static/images/favicon.ico Binary files differdeleted file mode 100644 index bafbff928..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/favicon.ico +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/header_inner.png b/ipa-server/ipa-gui/ipagui/static/images/header_inner.png Binary files differdeleted file mode 100644 index 2b2d87d5e..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/header_inner.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/info.png b/ipa-server/ipa-gui/ipagui/static/images/info.png Binary files differdeleted file mode 100644 index 329c523fd..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/info.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/logo.png b/ipa-server/ipa-gui/ipagui/static/images/logo.png Binary files differdeleted file mode 100644 index ebabed790..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/logo.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/Makefile.am b/ipa-server/ipa-gui/ipagui/static/images/objects/Makefile.am deleted file mode 100644 index 02e89883a..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/Makefile.am +++ /dev/null @@ -1,25 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/static/images/objects -app_DATA = \ - object-accesscontrol.png \ - object-channel.png \ - object-channels.png \ - object-content.png \ - object-media.png \ - object-overview.png \ - object-system.png \ - object-usergroup.png \ - object-user.png \ - object-virtualsystem.png \ - object-policy.png \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-accesscontrol.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-accesscontrol.png Binary files differdeleted file mode 100644 index bddec41b9..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-accesscontrol.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-channel.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-channel.png Binary files differdeleted file mode 100644 index 7fd37c4eb..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-channel.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-channels.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-channels.png Binary files differdeleted file mode 100644 index 7fd37c4eb..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-channels.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-content.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-content.png Binary files differdeleted file mode 100644 index 608a19e52..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-content.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-media.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-media.png Binary files differdeleted file mode 100644 index 0220fc05c..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-media.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-overview.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-overview.png Binary files differdeleted file mode 100644 index a320b9c8a..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-overview.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-policy.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-policy.png Binary files differdeleted file mode 100644 index eb55f453e..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-policy.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-system.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-system.png Binary files differdeleted file mode 100644 index 82b09a5d9..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-system.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-user.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-user.png Binary files differdeleted file mode 100644 index bf294efd7..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-user.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-usergroup.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-usergroup.png Binary files differdeleted file mode 100644 index 7338ad2ec..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-usergroup.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/objects/object-virtualsystem.png b/ipa-server/ipa-gui/ipagui/static/images/objects/object-virtualsystem.png Binary files differdeleted file mode 100644 index 8f2befca7..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/objects/object-virtualsystem.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/ok.png b/ipa-server/ipa-gui/ipagui/static/images/ok.png Binary files differdeleted file mode 100644 index fee6751c3..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/ok.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/Makefile.am b/ipa-server/ipa-gui/ipagui/static/images/template/Makefile.am deleted file mode 100644 index a446ce637..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/static/images/template -app_DATA = \ - background-content.png \ - background-navbar-active_fullsize.png \ - background-navbar-active.png \ - background-navbar_fullsize.png \ - background-navbar.png \ - background.png \ - background-sidebar.png \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background-content.png b/ipa-server/ipa-gui/ipagui/static/images/template/background-content.png Binary files differdeleted file mode 100644 index 082f10ae1..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background-content.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar-active.png b/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar-active.png Binary files differdeleted file mode 100644 index 1b088501b..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar-active.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar-active_fullsize.png b/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar-active_fullsize.png Binary files differdeleted file mode 100644 index 756a1e61d..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar-active_fullsize.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar.png b/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar.png Binary files differdeleted file mode 100644 index 2c6a2de40..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar_fullsize.png b/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar_fullsize.png Binary files differdeleted file mode 100644 index 72a710634..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background-navbar_fullsize.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background-sidebar.png b/ipa-server/ipa-gui/ipagui/static/images/template/background-sidebar.png Binary files differdeleted file mode 100644 index 4eaadbbce..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background-sidebar.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/template/background.png b/ipa-server/ipa-gui/ipagui/static/images/template/background.png Binary files differdeleted file mode 100644 index 96ead97f3..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/template/background.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/tg_under_the_hood.png b/ipa-server/ipa-gui/ipagui/static/images/tg_under_the_hood.png Binary files differdeleted file mode 100644 index bc9c79cc6..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/tg_under_the_hood.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/under_the_hood_blue.png b/ipa-server/ipa-gui/ipagui/static/images/under_the_hood_blue.png Binary files differdeleted file mode 100644 index 90e84b72a..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/under_the_hood_blue.png +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/images/up.gif b/ipa-server/ipa-gui/ipagui/static/images/up.gif Binary files differdeleted file mode 100644 index c5ef548a1..000000000 --- a/ipa-server/ipa-gui/ipagui/static/images/up.gif +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/Makefile.am b/ipa-server/ipa-gui/ipagui/static/javascript/Makefile.am deleted file mode 100644 index a2ca2289b..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/static/javascript -app_DATA = \ - dynamicedit.js \ - dynamicselect.js \ - effects.js \ - ipautil.js \ - prototype.js \ - scriptaculous.js \ - tablekit.js \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js b/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js deleted file mode 100644 index b670c457f..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js +++ /dev/null @@ -1,217 +0,0 @@ -/** - * Copyright (C) 2007 Red Hat - * see file 'COPYING' for use and warranty information - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; version 2 only - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/** - * dynamicedit.js - * - * Shared code, data, and functions for the dynamic add/remove lists on the - * edit group/user pages. - * - * These functions have specific expectations of the page they are used on: - * - * - If you want to preserve the dn_to_info_hash on round trip: - * - The form must have a 'form_dn_to_info_json' hidden field. - * - The form must have onsubmit="preSubmit()" set in its tag. - * - Restoring the contents of add/remove lists on round trip unfortunately - * can't be shared because it is a mixture of python and javascript. See - * the bottom part editgroup.kid for example code on this. - * - * - The page must have a div: 'newmembers' - * that new members are dynamically added to. - * - * - The page must have a div: 'delmembers' - * that removed members are dynamically added to. - * - * - Hidden fields called 'dnadd' and 'dndel' will be dynamically created, - * holding the values of the 'dn' passed to addmember() and removemember() - * - * Other Notes: - * - * - Many of the fields refer to 'dn'. There is no intrinsic reason this has - * to be a dn (it can hold any "unique id" for the objects to add/remove) - * - * - Similarly, the word 'member' is used because the code was originally - * written for editgroup. A 'member' is just a 'thing' to add/remove. - * On the useredit pages, for example, a 'member' is actually a group. - */ - -// Stored as the values in the dn_to_info_hash -MemberDisplayInfo = Class.create(); -MemberDisplayInfo.prototype = { - initialize: function(name, descr, type) { - this.name = name; - this.descr = descr; - this.type = type; - } -}; - - -// this is used for round-trip recontruction of the names. -// the hidden fields only contain dns. -var dn_to_info_hash = new Hash(); - -// used to filter search results. -// records dns already in the group -var member_hash = new Hash(); - -// used to prevent double adding -// records dns to be added -var added_hash = new Hash(); - -// Tracks the div ids that each member belongs to. -// Since dn's will contain illegal characters for div ids, this is used -// to map them to the correct div -var dn_to_member_div_id = new Hash(); - - - -/* - * Renders the information about the member into the passed in - * element. This is used by addmember and removemember to - * consistently create the dom for the member information - * (name, descr) and add icons/font changes correct for each type. - */ -function renderMemberInfo(newdiv, info) { - if (info.type == "user") { - bold = document.createElement('b'); - bold.appendChild(document.createTextNode( - info.name + " " + info.descr + " ")); - newdiv.appendChild(bold); - } else if (info.type == "iuser") { - newdiv.appendChild(document.createTextNode( - info.name + " " + info.descr + " ")); - } else if (info.type == "group") { - ital = document.createElement('i'); - bold = document.createElement('b'); - ital.appendChild(bold); - bold.appendChild(document.createTextNode( - info.name + " " + - info.descr + " ")); - newdiv.appendChild(ital); - } else if (info.type == "igroup") { - ital = document.createElement('i'); - ital.appendChild(document.createTextNode( - info.name + " " + - info.descr + " ")); - newdiv.appendChild(ital); - } -} - -/* - * Callback used for afterFinish in scriptaculous effect - */ -function removeElement(effect) { - Element.remove(effect.element); -} - -function addmember(dn, info) { - dn_to_info_hash[dn] = info; - - if ((added_hash[dn] == 1) || (member_hash[dn] == 1)) { - return null; - } - added_hash[dn] = 1; - - var newdiv = document.createElement('div'); - renderMemberInfo(newdiv, info); - - var undolink = document.createElement('a'); - undolink.setAttribute('href', ''); - undolink.setAttribute('onclick', - 'new Effect.Fade(Element.up(this), {afterFinish: removeElement, duration: 0.75});' + - 'added_hash.remove("' + jsStringEscape(dn) + '");' + - 'return false;'); - undolink.appendChild(document.createTextNode("undo")); - newdiv.appendChild(undolink); - - var dnInfo = document.createElement('input'); - dnInfo.setAttribute('type', 'hidden'); - dnInfo.setAttribute('name', 'dnadd'); - dnInfo.setAttribute('value', dn); - newdiv.appendChild(dnInfo); - - newdiv.style.display = 'none'; - $('newmembers').appendChild(newdiv); - - return newdiv; -} - -function addmemberHandler(element, dn, info) { - var newdiv = addmember(dn, info); - if (newdiv != null) { - new Effect.Fade(Element.up(element), {duration: 0.75}); - new Effect.Appear(newdiv, {duration: 0.75}); - /* Element.up(element).remove(); */ - } -} - -function removemember(dn, info) { - dn_to_info_hash[dn] = info; - - var newdiv = document.createElement('div'); - renderMemberInfo(newdiv, info); - - orig_div_id = dn_to_member_div_id[dn]; - var undolink = document.createElement('a'); - undolink.setAttribute('href', ''); - undolink.setAttribute('onclick', - 'new Effect.Fade(Element.up(this), {afterFinish: removeElement, duration: 0.75});' + - "new Effect.Appear($('" + orig_div_id + "'), {duration: 0.75});" + - 'return false;'); - undolink.appendChild(document.createTextNode("undo")); - newdiv.appendChild(undolink); - - var dnInfo = document.createElement('input'); - dnInfo.setAttribute('type', 'hidden'); - dnInfo.setAttribute('name', 'dndel'); - dnInfo.setAttribute('value', dn); - newdiv.appendChild(dnInfo); - - newdiv.style.display = 'none'; - $('delmembers').appendChild(newdiv); - - return newdiv; -} - -function removememberHandler(element, dn, info) { - var newdiv = removemember(dn, info); - new Effect.Fade(Element.up(element), {duration: 0.75}); - new Effect.Appear(newdiv, {duration: 0.75}); - /* Element.up(element).remove(); */ -} - -function preSubmit() { - var json = dn_to_info_hash.toJSON(); - $('form_dn_to_info_json').value = json; - return true; -} - -function enterDoSearch(e) { - var keyPressed; - if (window.event) { - keyPressed = window.event.keyCode; - } else { - keyPressed = e.which; - } - - if (keyPressed == 13) { - return doSearch(); - } else { - return true; - } -} diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/dynamicselect.js b/ipa-server/ipa-gui/ipagui/static/javascript/dynamicselect.js deleted file mode 100644 index 17fdf8fe8..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/dynamicselect.js +++ /dev/null @@ -1,70 +0,0 @@ -/* Copyright (C) 2007 Red Hat - * see file 'COPYING' for use and warranty information - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; version 2 only - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/** - * dynamicselect.js - * - * Shared code, data, and functions for the dynamic select lists on the - * edit user pages. - * - */ - -function enterDoSelectSearch(e, which_select) { - var keyPressed; - if (window.event) { - keyPressed = window.event.keyCode; - } else { - keyPressed = e.which; - } - - if (keyPressed == 13) { - return doSelectSearch(which_select); - } else { - return true; - } -} - -function startSelect(which_select) { - new Effect.Appear($(which_select + '_searcharea'), {duration: 0.25}); - new Effect.Fade($(which_select + '_links'), {duration: 0.25}); - return false; -} - -function doSelect(which_select, select_dn, select_cn) { - select_dn_field = $('form_' + which_select); - select_cn_field = $('form_' + which_select + '_cn'); - select_cn_span = $(which_select + '_select_cn'); - - select_dn_field.value = select_dn; - select_cn_field.value = select_cn; - select_cn_span.update(select_cn); - - new Effect.Fade($(which_select + '_searcharea'), {duration: 0.25}); - new Effect.Appear($(which_select + '_links'), {duration: 0.25}); -} - -function clearSelect(which_select) { - select_dn_field = $('form_' + which_select); - select_cn_field = $('form_' + which_select + '_cn'); - select_cn_span = $(which_select + '_select_cn'); - - select_dn_field.value = ''; - select_cn_field.value = ''; - select_cn_span.update(''); - - return false; -} diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/effects.js b/ipa-server/ipa-gui/ipagui/static/javascript/effects.js deleted file mode 100644 index 70d07526c..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/effects.js +++ /dev/null @@ -1,1094 +0,0 @@ -// script.aculo.us effects.js v1.7.1_beta3, Fri May 25 17:19:41 +0200 2007 - -// Copyright (c) 2005-2007 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) -// Contributors: -// Justin Palmer (http://encytemedia.com/) -// Mark Pilgrim (http://diveintomark.org/) -// Martin Bialasinki -// -// script.aculo.us is freely distributable under the terms of an MIT-style license. -// For details, see the script.aculo.us web site: http://script.aculo.us/ - -// converts rgb() and #xxx to #xxxxxx format, -// returns self (or first argument) if not convertable -String.prototype.parseColor = function() { - var color = '#'; - if(this.slice(0,4) == 'rgb(') { - var cols = this.slice(4,this.length-1).split(','); - var i=0; do { color += parseInt(cols[i]).toColorPart() } while (++i<3); - } else { - if(this.slice(0,1) == '#') { - if(this.length==4) for(var i=1;i<4;i++) color += (this.charAt(i) + this.charAt(i)).toLowerCase(); - if(this.length==7) color = this.toLowerCase(); - } - } - return(color.length==7 ? color : (arguments[0] || this)); -} - -/*--------------------------------------------------------------------------*/ - -Element.collectTextNodes = function(element) { - return $A($(element).childNodes).collect( function(node) { - return (node.nodeType==3 ? node.nodeValue : - (node.hasChildNodes() ? Element.collectTextNodes(node) : '')); - }).flatten().join(''); -} - -Element.collectTextNodesIgnoreClass = function(element, className) { - return $A($(element).childNodes).collect( function(node) { - return (node.nodeType==3 ? node.nodeValue : - ((node.hasChildNodes() && !Element.hasClassName(node,className)) ? - Element.collectTextNodesIgnoreClass(node, className) : '')); - }).flatten().join(''); -} - -Element.setContentZoom = function(element, percent) { - element = $(element); - element.setStyle({fontSize: (percent/100) + 'em'}); - if(Prototype.Browser.WebKit) window.scrollBy(0,0); - return element; -} - -Element.getInlineOpacity = function(element){ - return $(element).style.opacity || ''; -} - -Element.forceRerendering = function(element) { - try { - element = $(element); - var n = document.createTextNode(' '); - element.appendChild(n); - element.removeChild(n); - } catch(e) { } -}; - -/*--------------------------------------------------------------------------*/ - -Array.prototype.call = function() { - var args = arguments; - this.each(function(f){ f.apply(this, args) }); -} - -/*--------------------------------------------------------------------------*/ - -var Effect = { - _elementDoesNotExistError: { - name: 'ElementDoesNotExistError', - message: 'The specified DOM element does not exist, but is required for this effect to operate' - }, - tagifyText: function(element) { - if(typeof Builder == 'undefined') - throw("Effect.tagifyText requires including script.aculo.us' builder.js library"); - - var tagifyStyle = 'position:relative'; - if(Prototype.Browser.IE) tagifyStyle += ';zoom:1'; - - element = $(element); - $A(element.childNodes).each( function(child) { - if(child.nodeType==3) { - child.nodeValue.toArray().each( function(character) { - element.insertBefore( - Builder.node('span',{style: tagifyStyle}, - character == ' ' ? String.fromCharCode(160) : character), - child); - }); - Element.remove(child); - } - }); - }, - multiple: function(element, effect) { - var elements; - if(((typeof element == 'object') || - (typeof element == 'function')) && - (element.length)) - elements = element; - else - elements = $(element).childNodes; - - var options = Object.extend({ - speed: 0.1, - delay: 0.0 - }, arguments[2] || {}); - var masterDelay = options.delay; - - $A(elements).each( function(element, index) { - new effect(element, Object.extend(options, { delay: index * options.speed + masterDelay })); - }); - }, - PAIRS: { - 'slide': ['SlideDown','SlideUp'], - 'blind': ['BlindDown','BlindUp'], - 'appear': ['Appear','Fade'] - }, - toggle: function(element, effect) { - element = $(element); - effect = (effect || 'appear').toLowerCase(); - var options = Object.extend({ - queue: { position:'end', scope:(element.id || 'global'), limit: 1 } - }, arguments[2] || {}); - Effect[element.visible() ? - Effect.PAIRS[effect][1] : Effect.PAIRS[effect][0]](element, options); - } -}; - -var Effect2 = Effect; // deprecated - -/* ------------- transitions ------------- */ - -Effect.Transitions = { - linear: Prototype.K, - sinoidal: function(pos) { - return (-Math.cos(pos*Math.PI)/2) + 0.5; - }, - reverse: function(pos) { - return 1-pos; - }, - flicker: function(pos) { - var pos = ((-Math.cos(pos*Math.PI)/4) + 0.75) + Math.random()/4; - return (pos > 1 ? 1 : pos); - }, - wobble: function(pos) { - return (-Math.cos(pos*Math.PI*(9*pos))/2) + 0.5; - }, - pulse: function(pos, pulses) { - pulses = pulses || 5; - return ( - Math.round((pos % (1/pulses)) * pulses) == 0 ? - ((pos * pulses * 2) - Math.floor(pos * pulses * 2)) : - 1 - ((pos * pulses * 2) - Math.floor(pos * pulses * 2)) - ); - }, - none: function(pos) { - return 0; - }, - full: function(pos) { - return 1; - } -}; - -/* ------------- core effects ------------- */ - -Effect.ScopedQueue = Class.create(); -Object.extend(Object.extend(Effect.ScopedQueue.prototype, Enumerable), { - initialize: function() { - this.effects = []; - this.interval = null; - }, - _each: function(iterator) { - this.effects._each(iterator); - }, - add: function(effect) { - var timestamp = new Date().getTime(); - - var position = (typeof effect.options.queue == 'string') ? - effect.options.queue : effect.options.queue.position; - - switch(position) { - case 'front': - // move unstarted effects after this effect - this.effects.findAll(function(e){ return e.state=='idle' }).each( function(e) { - e.startOn += effect.finishOn; - e.finishOn += effect.finishOn; - }); - break; - case 'with-last': - timestamp = this.effects.pluck('startOn').max() || timestamp; - break; - case 'end': - // start effect after last queued effect has finished - timestamp = this.effects.pluck('finishOn').max() || timestamp; - break; - } - - effect.startOn += timestamp; - effect.finishOn += timestamp; - - if(!effect.options.queue.limit || (this.effects.length < effect.options.queue.limit)) - this.effects.push(effect); - - if(!this.interval) - this.interval = setInterval(this.loop.bind(this), 15); - }, - remove: function(effect) { - this.effects = this.effects.reject(function(e) { return e==effect }); - if(this.effects.length == 0) { - clearInterval(this.interval); - this.interval = null; - } - }, - loop: function() { - var timePos = new Date().getTime(); - for(var i=0, len=this.effects.length;i<len;i++) - this.effects[i] && this.effects[i].loop(timePos); - } -}); - -Effect.Queues = { - instances: $H(), - get: function(queueName) { - if(typeof queueName != 'string') return queueName; - - if(!this.instances[queueName]) - this.instances[queueName] = new Effect.ScopedQueue(); - - return this.instances[queueName]; - } -} -Effect.Queue = Effect.Queues.get('global'); - -Effect.DefaultOptions = { - transition: Effect.Transitions.sinoidal, - duration: 1.0, // seconds - fps: 100, // 100= assume 66fps max. - sync: false, // true for combining - from: 0.0, - to: 1.0, - delay: 0.0, - queue: 'parallel' -} - -Effect.Base = function() {}; -Effect.Base.prototype = { - position: null, - start: function(options) { - function codeForEvent(options,eventName){ - return ( - (options[eventName+'Internal'] ? 'this.options.'+eventName+'Internal(this);' : '') + - (options[eventName] ? 'this.options.'+eventName+'(this);' : '') - ); - } - if(options.transition === false) options.transition = Effect.Transitions.linear; - this.options = Object.extend(Object.extend({},Effect.DefaultOptions), options || {}); - this.currentFrame = 0; - this.state = 'idle'; - this.startOn = this.options.delay*1000; - this.finishOn = this.startOn+(this.options.duration*1000); - this.fromToDelta = this.options.to-this.options.from; - this.totalTime = this.finishOn-this.startOn; - this.totalFrames = this.options.fps*this.options.duration; - - eval('this.render = function(pos){ '+ - 'if(this.state=="idle"){this.state="running";'+ - codeForEvent(options,'beforeSetup')+ - (this.setup ? 'this.setup();':'')+ - codeForEvent(options,'afterSetup')+ - '};if(this.state=="running"){'+ - 'pos=this.options.transition(pos)*'+this.fromToDelta+'+'+this.options.from+';'+ - 'this.position=pos;'+ - codeForEvent(options,'beforeUpdate')+ - (this.update ? 'this.update(pos);':'')+ - codeForEvent(options,'afterUpdate')+ - '}}'); - - this.event('beforeStart'); - if(!this.options.sync) - Effect.Queues.get(typeof this.options.queue == 'string' ? - 'global' : this.options.queue.scope).add(this); - }, - loop: function(timePos) { - if(timePos >= this.startOn) { - if(timePos >= this.finishOn) { - this.render(1.0); - this.cancel(); - this.event('beforeFinish'); - if(this.finish) this.finish(); - this.event('afterFinish'); - return; - } - var pos = (timePos - this.startOn) / this.totalTime, - frame = Math.round(pos * this.totalFrames); - if(frame > this.currentFrame) { - this.render(pos); - this.currentFrame = frame; - } - } - }, - cancel: function() { - if(!this.options.sync) - Effect.Queues.get(typeof this.options.queue == 'string' ? - 'global' : this.options.queue.scope).remove(this); - this.state = 'finished'; - }, - event: function(eventName) { - if(this.options[eventName + 'Internal']) this.options[eventName + 'Internal'](this); - if(this.options[eventName]) this.options[eventName](this); - }, - inspect: function() { - var data = $H(); - for(property in this) - if(typeof this[property] != 'function') data[property] = this[property]; - return '#<Effect:' + data.inspect() + ',options:' + $H(this.options).inspect() + '>'; - } -} - -Effect.Parallel = Class.create(); -Object.extend(Object.extend(Effect.Parallel.prototype, Effect.Base.prototype), { - initialize: function(effects) { - this.effects = effects || []; - this.start(arguments[1]); - }, - update: function(position) { - this.effects.invoke('render', position); - }, - finish: function(position) { - this.effects.each( function(effect) { - effect.render(1.0); - effect.cancel(); - effect.event('beforeFinish'); - if(effect.finish) effect.finish(position); - effect.event('afterFinish'); - }); - } -}); - -Effect.Event = Class.create(); -Object.extend(Object.extend(Effect.Event.prototype, Effect.Base.prototype), { - initialize: function() { - var options = Object.extend({ - duration: 0 - }, arguments[0] || {}); - this.start(options); - }, - update: Prototype.emptyFunction -}); - -Effect.Opacity = Class.create(); -Object.extend(Object.extend(Effect.Opacity.prototype, Effect.Base.prototype), { - initialize: function(element) { - this.element = $(element); - if(!this.element) throw(Effect._elementDoesNotExistError); - // make this work on IE on elements without 'layout' - if(Prototype.Browser.IE && (!this.element.currentStyle.hasLayout)) - this.element.setStyle({zoom: 1}); - var options = Object.extend({ - from: this.element.getOpacity() || 0.0, - to: 1.0 - }, arguments[1] || {}); - this.start(options); - }, - update: function(position) { - this.element.setOpacity(position); - } -}); - -Effect.Move = Class.create(); -Object.extend(Object.extend(Effect.Move.prototype, Effect.Base.prototype), { - initialize: function(element) { - this.element = $(element); - if(!this.element) throw(Effect._elementDoesNotExistError); - var options = Object.extend({ - x: 0, - y: 0, - mode: 'relative' - }, arguments[1] || {}); - this.start(options); - }, - setup: function() { - // Bug in Opera: Opera returns the "real" position of a static element or - // relative element that does not have top/left explicitly set. - // ==> Always set top and left for position relative elements in your stylesheets - // (to 0 if you do not need them) - this.element.makePositioned(); - this.originalLeft = parseFloat(this.element.getStyle('left') || '0'); - this.originalTop = parseFloat(this.element.getStyle('top') || '0'); - if(this.options.mode == 'absolute') { - // absolute movement, so we need to calc deltaX and deltaY - this.options.x = this.options.x - this.originalLeft; - this.options.y = this.options.y - this.originalTop; - } - }, - update: function(position) { - this.element.setStyle({ - left: Math.round(this.options.x * position + this.originalLeft) + 'px', - top: Math.round(this.options.y * position + this.originalTop) + 'px' - }); - } -}); - -// for backwards compatibility -Effect.MoveBy = function(element, toTop, toLeft) { - return new Effect.Move(element, - Object.extend({ x: toLeft, y: toTop }, arguments[3] || {})); -}; - -Effect.Scale = Class.create(); -Object.extend(Object.extend(Effect.Scale.prototype, Effect.Base.prototype), { - initialize: function(element, percent) { - this.element = $(element); - if(!this.element) throw(Effect._elementDoesNotExistError); - var options = Object.extend({ - scaleX: true, - scaleY: true, - scaleContent: true, - scaleFromCenter: false, - scaleMode: 'box', // 'box' or 'contents' or {} with provided values - scaleFrom: 100.0, - scaleTo: percent - }, arguments[2] || {}); - this.start(options); - }, - setup: function() { - this.restoreAfterFinish = this.options.restoreAfterFinish || false; - this.elementPositioning = this.element.getStyle('position'); - - this.originalStyle = {}; - ['top','left','width','height','fontSize'].each( function(k) { - this.originalStyle[k] = this.element.style[k]; - }.bind(this)); - - this.originalTop = this.element.offsetTop; - this.originalLeft = this.element.offsetLeft; - - var fontSize = this.element.getStyle('font-size') || '100%'; - ['em','px','%','pt'].each( function(fontSizeType) { - if(fontSize.indexOf(fontSizeType)>0) { - this.fontSize = parseFloat(fontSize); - this.fontSizeType = fontSizeType; - } - }.bind(this)); - - this.factor = (this.options.scaleTo - this.options.scaleFrom)/100; - - this.dims = null; - if(this.options.scaleMode=='box') - this.dims = [this.element.offsetHeight, this.element.offsetWidth]; - if(/^content/.test(this.options.scaleMode)) - this.dims = [this.element.scrollHeight, this.element.scrollWidth]; - if(!this.dims) - this.dims = [this.options.scaleMode.originalHeight, - this.options.scaleMode.originalWidth]; - }, - update: function(position) { - var currentScale = (this.options.scaleFrom/100.0) + (this.factor * position); - if(this.options.scaleContent && this.fontSize) - this.element.setStyle({fontSize: this.fontSize * currentScale + this.fontSizeType }); - this.setDimensions(this.dims[0] * currentScale, this.dims[1] * currentScale); - }, - finish: function(position) { - if(this.restoreAfterFinish) this.element.setStyle(this.originalStyle); - }, - setDimensions: function(height, width) { - var d = {}; - if(this.options.scaleX) d.width = Math.round(width) + 'px'; - if(this.options.scaleY) d.height = Math.round(height) + 'px'; - if(this.options.scaleFromCenter) { - var topd = (height - this.dims[0])/2; - var leftd = (width - this.dims[1])/2; - if(this.elementPositioning == 'absolute') { - if(this.options.scaleY) d.top = this.originalTop-topd + 'px'; - if(this.options.scaleX) d.left = this.originalLeft-leftd + 'px'; - } else { - if(this.options.scaleY) d.top = -topd + 'px'; - if(this.options.scaleX) d.left = -leftd + 'px'; - } - } - this.element.setStyle(d); - } -}); - -Effect.Highlight = Class.create(); -Object.extend(Object.extend(Effect.Highlight.prototype, Effect.Base.prototype), { - initialize: function(element) { - this.element = $(element); - if(!this.element) throw(Effect._elementDoesNotExistError); - var options = Object.extend({ startcolor: '#ffff99' }, arguments[1] || {}); - this.start(options); - }, - setup: function() { - // Prevent executing on elements not in the layout flow - if(this.element.getStyle('display')=='none') { this.cancel(); return; } - // Disable background image during the effect - this.oldStyle = {}; - if (!this.options.keepBackgroundImage) { - this.oldStyle.backgroundImage = this.element.getStyle('background-image'); - this.element.setStyle({backgroundImage: 'none'}); - } - if(!this.options.endcolor) - this.options.endcolor = this.element.getStyle('background-color').parseColor('#ffffff'); - if(!this.options.restorecolor) - this.options.restorecolor = this.element.getStyle('background-color'); - // init color calculations - this._base = $R(0,2).map(function(i){ return parseInt(this.options.startcolor.slice(i*2+1,i*2+3),16) }.bind(this)); - this._delta = $R(0,2).map(function(i){ return parseInt(this.options.endcolor.slice(i*2+1,i*2+3),16)-this._base[i] }.bind(this)); - }, - update: function(position) { - this.element.setStyle({backgroundColor: $R(0,2).inject('#',function(m,v,i){ - return m+(Math.round(this._base[i]+(this._delta[i]*position)).toColorPart()); }.bind(this)) }); - }, - finish: function() { - this.element.setStyle(Object.extend(this.oldStyle, { - backgroundColor: this.options.restorecolor - })); - } -}); - -Effect.ScrollTo = Class.create(); -Object.extend(Object.extend(Effect.ScrollTo.prototype, Effect.Base.prototype), { - initialize: function(element) { - this.element = $(element); - this.start(arguments[1] || {}); - }, - setup: function() { - Position.prepare(); - var offsets = Position.cumulativeOffset(this.element); - if(this.options.offset) offsets[1] += this.options.offset; - var max = window.innerHeight ? - window.height - window.innerHeight : - document.body.scrollHeight - - (document.documentElement.clientHeight ? - document.documentElement.clientHeight : document.body.clientHeight); - this.scrollStart = Position.deltaY; - this.delta = (offsets[1] > max ? max : offsets[1]) - this.scrollStart; - }, - update: function(position) { - Position.prepare(); - window.scrollTo(Position.deltaX, - this.scrollStart + (position*this.delta)); - } -}); - -/* ------------- combination effects ------------- */ - -Effect.Fade = function(element) { - element = $(element); - var oldOpacity = element.getInlineOpacity(); - var options = Object.extend({ - from: element.getOpacity() || 1.0, - to: 0.0, - afterFinishInternal: function(effect) { - if(effect.options.to!=0) return; - effect.element.hide().setStyle({opacity: oldOpacity}); - }}, arguments[1] || {}); - return new Effect.Opacity(element,options); -} - -Effect.Appear = function(element) { - element = $(element); - var options = Object.extend({ - from: (element.getStyle('display') == 'none' ? 0.0 : element.getOpacity() || 0.0), - to: 1.0, - // force Safari to render floated elements properly - afterFinishInternal: function(effect) { - effect.element.forceRerendering(); - }, - beforeSetup: function(effect) { - effect.element.setOpacity(effect.options.from).show(); - }}, arguments[1] || {}); - return new Effect.Opacity(element,options); -} - -Effect.Puff = function(element) { - element = $(element); - var oldStyle = { - opacity: element.getInlineOpacity(), - position: element.getStyle('position'), - top: element.style.top, - left: element.style.left, - width: element.style.width, - height: element.style.height - }; - return new Effect.Parallel( - [ new Effect.Scale(element, 200, - { sync: true, scaleFromCenter: true, scaleContent: true, restoreAfterFinish: true }), - new Effect.Opacity(element, { sync: true, to: 0.0 } ) ], - Object.extend({ duration: 1.0, - beforeSetupInternal: function(effect) { - Position.absolutize(effect.effects[0].element) - }, - afterFinishInternal: function(effect) { - effect.effects[0].element.hide().setStyle(oldStyle); } - }, arguments[1] || {}) - ); -} - -Effect.BlindUp = function(element) { - element = $(element); - element.makeClipping(); - return new Effect.Scale(element, 0, - Object.extend({ scaleContent: false, - scaleX: false, - restoreAfterFinish: true, - afterFinishInternal: function(effect) { - effect.element.hide().undoClipping(); - } - }, arguments[1] || {}) - ); -} - -Effect.BlindDown = function(element) { - element = $(element); - var elementDimensions = element.getDimensions(); - return new Effect.Scale(element, 100, Object.extend({ - scaleContent: false, - scaleX: false, - scaleFrom: 0, - scaleMode: {originalHeight: elementDimensions.height, originalWidth: elementDimensions.width}, - restoreAfterFinish: true, - afterSetup: function(effect) { - effect.element.makeClipping().setStyle({height: '0px'}).show(); - }, - afterFinishInternal: function(effect) { - effect.element.undoClipping(); - } - }, arguments[1] || {})); -} - -Effect.SwitchOff = function(element) { - element = $(element); - var oldOpacity = element.getInlineOpacity(); - return new Effect.Appear(element, Object.extend({ - duration: 0.4, - from: 0, - transition: Effect.Transitions.flicker, - afterFinishInternal: function(effect) { - new Effect.Scale(effect.element, 1, { - duration: 0.3, scaleFromCenter: true, - scaleX: false, scaleContent: false, restoreAfterFinish: true, - beforeSetup: function(effect) { - effect.element.makePositioned().makeClipping(); - }, - afterFinishInternal: function(effect) { - effect.element.hide().undoClipping().undoPositioned().setStyle({opacity: oldOpacity}); - } - }) - } - }, arguments[1] || {})); -} - -Effect.DropOut = function(element) { - element = $(element); - var oldStyle = { - top: element.getStyle('top'), - left: element.getStyle('left'), - opacity: element.getInlineOpacity() }; - return new Effect.Parallel( - [ new Effect.Move(element, {x: 0, y: 100, sync: true }), - new Effect.Opacity(element, { sync: true, to: 0.0 }) ], - Object.extend( - { duration: 0.5, - beforeSetup: function(effect) { - effect.effects[0].element.makePositioned(); - }, - afterFinishInternal: function(effect) { - effect.effects[0].element.hide().undoPositioned().setStyle(oldStyle); - } - }, arguments[1] || {})); -} - -Effect.Shake = function(element) { - element = $(element); - var oldStyle = { - top: element.getStyle('top'), - left: element.getStyle('left') }; - return new Effect.Move(element, - { x: 20, y: 0, duration: 0.05, afterFinishInternal: function(effect) { - new Effect.Move(effect.element, - { x: -40, y: 0, duration: 0.1, afterFinishInternal: function(effect) { - new Effect.Move(effect.element, - { x: 40, y: 0, duration: 0.1, afterFinishInternal: function(effect) { - new Effect.Move(effect.element, - { x: -40, y: 0, duration: 0.1, afterFinishInternal: function(effect) { - new Effect.Move(effect.element, - { x: 40, y: 0, duration: 0.1, afterFinishInternal: function(effect) { - new Effect.Move(effect.element, - { x: -20, y: 0, duration: 0.05, afterFinishInternal: function(effect) { - effect.element.undoPositioned().setStyle(oldStyle); - }}) }}) }}) }}) }}) }}); -} - -Effect.SlideDown = function(element) { - element = $(element).cleanWhitespace(); - // SlideDown need to have the content of the element wrapped in a container element with fixed height! - var oldInnerBottom = element.down().getStyle('bottom'); - var elementDimensions = element.getDimensions(); - return new Effect.Scale(element, 100, Object.extend({ - scaleContent: false, - scaleX: false, - scaleFrom: window.opera ? 0 : 1, - scaleMode: {originalHeight: elementDimensions.height, originalWidth: elementDimensions.width}, - restoreAfterFinish: true, - afterSetup: function(effect) { - effect.element.makePositioned(); - effect.element.down().makePositioned(); - if(window.opera) effect.element.setStyle({top: ''}); - effect.element.makeClipping().setStyle({height: '0px'}).show(); - }, - afterUpdateInternal: function(effect) { - effect.element.down().setStyle({bottom: - (effect.dims[0] - effect.element.clientHeight) + 'px' }); - }, - afterFinishInternal: function(effect) { - effect.element.undoClipping().undoPositioned(); - effect.element.down().undoPositioned().setStyle({bottom: oldInnerBottom}); } - }, arguments[1] || {}) - ); -} - -Effect.SlideUp = function(element) { - element = $(element).cleanWhitespace(); - var oldInnerBottom = element.down().getStyle('bottom'); - return new Effect.Scale(element, window.opera ? 0 : 1, - Object.extend({ scaleContent: false, - scaleX: false, - scaleMode: 'box', - scaleFrom: 100, - restoreAfterFinish: true, - beforeStartInternal: function(effect) { - effect.element.makePositioned(); - effect.element.down().makePositioned(); - if(window.opera) effect.element.setStyle({top: ''}); - effect.element.makeClipping().show(); - }, - afterUpdateInternal: function(effect) { - effect.element.down().setStyle({bottom: - (effect.dims[0] - effect.element.clientHeight) + 'px' }); - }, - afterFinishInternal: function(effect) { - effect.element.hide().undoClipping().undoPositioned().setStyle({bottom: oldInnerBottom}); - effect.element.down().undoPositioned(); - } - }, arguments[1] || {}) - ); -} - -// Bug in opera makes the TD containing this element expand for a instance after finish -Effect.Squish = function(element) { - return new Effect.Scale(element, window.opera ? 1 : 0, { - restoreAfterFinish: true, - beforeSetup: function(effect) { - effect.element.makeClipping(); - }, - afterFinishInternal: function(effect) { - effect.element.hide().undoClipping(); - } - }); -} - -Effect.Grow = function(element) { - element = $(element); - var options = Object.extend({ - direction: 'center', - moveTransition: Effect.Transitions.sinoidal, - scaleTransition: Effect.Transitions.sinoidal, - opacityTransition: Effect.Transitions.full - }, arguments[1] || {}); - var oldStyle = { - top: element.style.top, - left: element.style.left, - height: element.style.height, - width: element.style.width, - opacity: element.getInlineOpacity() }; - - var dims = element.getDimensions(); - var initialMoveX, initialMoveY; - var moveX, moveY; - - switch (options.direction) { - case 'top-left': - initialMoveX = initialMoveY = moveX = moveY = 0; - break; - case 'top-right': - initialMoveX = dims.width; - initialMoveY = moveY = 0; - moveX = -dims.width; - break; - case 'bottom-left': - initialMoveX = moveX = 0; - initialMoveY = dims.height; - moveY = -dims.height; - break; - case 'bottom-right': - initialMoveX = dims.width; - initialMoveY = dims.height; - moveX = -dims.width; - moveY = -dims.height; - break; - case 'center': - initialMoveX = dims.width / 2; - initialMoveY = dims.height / 2; - moveX = -dims.width / 2; - moveY = -dims.height / 2; - break; - } - - return new Effect.Move(element, { - x: initialMoveX, - y: initialMoveY, - duration: 0.01, - beforeSetup: function(effect) { - effect.element.hide().makeClipping().makePositioned(); - }, - afterFinishInternal: function(effect) { - new Effect.Parallel( - [ new Effect.Opacity(effect.element, { sync: true, to: 1.0, from: 0.0, transition: options.opacityTransition }), - new Effect.Move(effect.element, { x: moveX, y: moveY, sync: true, transition: options.moveTransition }), - new Effect.Scale(effect.element, 100, { - scaleMode: { originalHeight: dims.height, originalWidth: dims.width }, - sync: true, scaleFrom: window.opera ? 1 : 0, transition: options.scaleTransition, restoreAfterFinish: true}) - ], Object.extend({ - beforeSetup: function(effect) { - effect.effects[0].element.setStyle({height: '0px'}).show(); - }, - afterFinishInternal: function(effect) { - effect.effects[0].element.undoClipping().undoPositioned().setStyle(oldStyle); - } - }, options) - ) - } - }); -} - -Effect.Shrink = function(element) { - element = $(element); - var options = Object.extend({ - direction: 'center', - moveTransition: Effect.Transitions.sinoidal, - scaleTransition: Effect.Transitions.sinoidal, - opacityTransition: Effect.Transitions.none - }, arguments[1] || {}); - var oldStyle = { - top: element.style.top, - left: element.style.left, - height: element.style.height, - width: element.style.width, - opacity: element.getInlineOpacity() }; - - var dims = element.getDimensions(); - var moveX, moveY; - - switch (options.direction) { - case 'top-left': - moveX = moveY = 0; - break; - case 'top-right': - moveX = dims.width; - moveY = 0; - break; - case 'bottom-left': - moveX = 0; - moveY = dims.height; - break; - case 'bottom-right': - moveX = dims.width; - moveY = dims.height; - break; - case 'center': - moveX = dims.width / 2; - moveY = dims.height / 2; - break; - } - - return new Effect.Parallel( - [ new Effect.Opacity(element, { sync: true, to: 0.0, from: 1.0, transition: options.opacityTransition }), - new Effect.Scale(element, window.opera ? 1 : 0, { sync: true, transition: options.scaleTransition, restoreAfterFinish: true}), - new Effect.Move(element, { x: moveX, y: moveY, sync: true, transition: options.moveTransition }) - ], Object.extend({ - beforeStartInternal: function(effect) { - effect.effects[0].element.makePositioned().makeClipping(); - }, - afterFinishInternal: function(effect) { - effect.effects[0].element.hide().undoClipping().undoPositioned().setStyle(oldStyle); } - }, options) - ); -} - -Effect.Pulsate = function(element) { - element = $(element); - var options = arguments[1] || {}; - var oldOpacity = element.getInlineOpacity(); - var transition = options.transition || Effect.Transitions.sinoidal; - var reverser = function(pos){ return transition(1-Effect.Transitions.pulse(pos, options.pulses)) }; - reverser.bind(transition); - return new Effect.Opacity(element, - Object.extend(Object.extend({ duration: 2.0, from: 0, - afterFinishInternal: function(effect) { effect.element.setStyle({opacity: oldOpacity}); } - }, options), {transition: reverser})); -} - -Effect.Fold = function(element) { - element = $(element); - var oldStyle = { - top: element.style.top, - left: element.style.left, - width: element.style.width, - height: element.style.height }; - element.makeClipping(); - return new Effect.Scale(element, 5, Object.extend({ - scaleContent: false, - scaleX: false, - afterFinishInternal: function(effect) { - new Effect.Scale(element, 1, { - scaleContent: false, - scaleY: false, - afterFinishInternal: function(effect) { - effect.element.hide().undoClipping().setStyle(oldStyle); - } }); - }}, arguments[1] || {})); -}; - -Effect.Morph = Class.create(); -Object.extend(Object.extend(Effect.Morph.prototype, Effect.Base.prototype), { - initialize: function(element) { - this.element = $(element); - if(!this.element) throw(Effect._elementDoesNotExistError); - var options = Object.extend({ - style: {} - }, arguments[1] || {}); - if (typeof options.style == 'string') { - if(options.style.indexOf(':') == -1) { - var cssText = '', selector = '.' + options.style; - $A(document.styleSheets).reverse().each(function(styleSheet) { - if (styleSheet.cssRules) cssRules = styleSheet.cssRules; - else if (styleSheet.rules) cssRules = styleSheet.rules; - $A(cssRules).reverse().each(function(rule) { - if (selector == rule.selectorText) { - cssText = rule.style.cssText; - throw $break; - } - }); - if (cssText) throw $break; - }); - this.style = cssText.parseStyle(); - options.afterFinishInternal = function(effect){ - effect.element.addClassName(effect.options.style); - effect.transforms.each(function(transform) { - if(transform.style != 'opacity') - effect.element.style[transform.style] = ''; - }); - } - } else this.style = options.style.parseStyle(); - } else this.style = $H(options.style) - this.start(options); - }, - setup: function(){ - function parseColor(color){ - if(!color || ['rgba(0, 0, 0, 0)','transparent'].include(color)) color = '#ffffff'; - color = color.parseColor(); - return $R(0,2).map(function(i){ - return parseInt( color.slice(i*2+1,i*2+3), 16 ) - }); - } - this.transforms = this.style.map(function(pair){ - var property = pair[0], value = pair[1], unit = null; - - if(value.parseColor('#zzzzzz') != '#zzzzzz') { - value = value.parseColor(); - unit = 'color'; - } else if(property == 'opacity') { - value = parseFloat(value); - if(Prototype.Browser.IE && (!this.element.currentStyle.hasLayout)) - this.element.setStyle({zoom: 1}); - } else if(Element.CSS_LENGTH.test(value)) { - var components = value.match(/^([\+\-]?[0-9\.]+)(.*)$/); - value = parseFloat(components[1]); - unit = (components.length == 3) ? components[2] : null; - } - - var originalValue = this.element.getStyle(property); - return { - style: property.camelize(), - originalValue: unit=='color' ? parseColor(originalValue) : parseFloat(originalValue || 0), - targetValue: unit=='color' ? parseColor(value) : value, - unit: unit - }; - }.bind(this)).reject(function(transform){ - return ( - (transform.originalValue == transform.targetValue) || - ( - transform.unit != 'color' && - (isNaN(transform.originalValue) || isNaN(transform.targetValue)) - ) - ) - }); - }, - update: function(position) { - var style = {}, transform, i = this.transforms.length; - while(i--) - style[(transform = this.transforms[i]).style] = - transform.unit=='color' ? '#'+ - (Math.round(transform.originalValue[0]+ - (transform.targetValue[0]-transform.originalValue[0])*position)).toColorPart() + - (Math.round(transform.originalValue[1]+ - (transform.targetValue[1]-transform.originalValue[1])*position)).toColorPart() + - (Math.round(transform.originalValue[2]+ - (transform.targetValue[2]-transform.originalValue[2])*position)).toColorPart() : - transform.originalValue + Math.round( - ((transform.targetValue - transform.originalValue) * position) * 1000)/1000 + transform.unit; - this.element.setStyle(style, true); - } -}); - -Effect.Transform = Class.create(); -Object.extend(Effect.Transform.prototype, { - initialize: function(tracks){ - this.tracks = []; - this.options = arguments[1] || {}; - this.addTracks(tracks); - }, - addTracks: function(tracks){ - tracks.each(function(track){ - var data = $H(track).values().first(); - this.tracks.push($H({ - ids: $H(track).keys().first(), - effect: Effect.Morph, - options: { style: data } - })); - }.bind(this)); - return this; - }, - play: function(){ - return new Effect.Parallel( - this.tracks.map(function(track){ - var elements = [$(track.ids) || $$(track.ids)].flatten(); - return elements.map(function(e){ return new track.effect(e, Object.extend({ sync:true }, track.options)) }); - }).flatten(), - this.options - ); - } -}); - -Element.CSS_PROPERTIES = $w( - 'backgroundColor backgroundPosition borderBottomColor borderBottomStyle ' + - 'borderBottomWidth borderLeftColor borderLeftStyle borderLeftWidth ' + - 'borderRightColor borderRightStyle borderRightWidth borderSpacing ' + - 'borderTopColor borderTopStyle borderTopWidth bottom clip color ' + - 'fontSize fontWeight height left letterSpacing lineHeight ' + - 'marginBottom marginLeft marginRight marginTop markerOffset maxHeight '+ - 'maxWidth minHeight minWidth opacity outlineColor outlineOffset ' + - 'outlineWidth paddingBottom paddingLeft paddingRight paddingTop ' + - 'right textIndent top width wordSpacing zIndex'); - -Element.CSS_LENGTH = /^(([\+\-]?[0-9\.]+)(em|ex|px|in|cm|mm|pt|pc|\%))|0$/; - -String.prototype.parseStyle = function(){ - var element = document.createElement('div'); - element.innerHTML = '<div style="' + this + '"></div>'; - var style = element.childNodes[0].style, styleRules = $H(); - - Element.CSS_PROPERTIES.each(function(property){ - if(style[property]) styleRules[property] = style[property]; - }); - if(Prototype.Browser.IE && this.indexOf('opacity') > -1) { - styleRules.opacity = this.match(/opacity:\s*((?:0|1)?(?:\.\d*)?)/)[1]; - } - return styleRules; -}; - -Element.morph = function(element, style) { - new Effect.Morph(element, Object.extend({ style: style }, arguments[2] || {})); - return element; -}; - -['getInlineOpacity','forceRerendering','setContentZoom', - 'collectTextNodes','collectTextNodesIgnoreClass','morph'].each( - function(f) { Element.Methods[f] = Element[f]; } -); - -Element.Methods.visualEffect = function(element, effect, options) { - s = effect.dasherize().camelize(); - effect_class = s.charAt(0).toUpperCase() + s.substring(1); - new Effect[effect_class](element, options); - return $(element); -}; - -Element.addMethods();
\ No newline at end of file diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/ipautil.js b/ipa-server/ipa-gui/ipagui/static/javascript/ipautil.js deleted file mode 100644 index de747c5cb..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/ipautil.js +++ /dev/null @@ -1,24 +0,0 @@ -/* Copyright (C) 2007 Red Hat - * see file 'COPYING' for use and warranty information - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; version 2 only - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* - * Escapes the ' " and \ characters in a string, so - * it can be embedded inside a dynamically generated string. - */ -function jsStringEscape(input) { - return input.gsub(/(['"\\])/, function(match){ return "\\" + match[0];} ); -} diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/prototype.js b/ipa-server/ipa-gui/ipagui/static/javascript/prototype.js deleted file mode 100644 index a3f21ac79..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/prototype.js +++ /dev/null @@ -1,3277 +0,0 @@ -/* Prototype JavaScript framework, version 1.5.1.1 - * (c) 2005-2007 Sam Stephenson - * - * Prototype is freely distributable under the terms of an MIT-style license. - * For details, see the Prototype web site: http://www.prototypejs.org/ - * -/*--------------------------------------------------------------------------*/ - -var Prototype = { - Version: '1.5.1.1', - - Browser: { - IE: !!(window.attachEvent && !window.opera), - Opera: !!window.opera, - WebKit: navigator.userAgent.indexOf('AppleWebKit/') > -1, - Gecko: navigator.userAgent.indexOf('Gecko') > -1 && navigator.userAgent.indexOf('KHTML') == -1 - }, - - BrowserFeatures: { - XPath: !!document.evaluate, - ElementExtensions: !!window.HTMLElement, - SpecificElementExtensions: - (document.createElement('div').__proto__ !== - document.createElement('form').__proto__) - }, - - ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script>', - JSONFilter: /^\/\*-secure-([\s\S]*)\*\/\s*$/, - - emptyFunction: function() { }, - K: function(x) { return x } -} - -var Class = { - create: function() { - return function() { - this.initialize.apply(this, arguments); - } - } -} - -var Abstract = new Object(); - -Object.extend = function(destination, source) { - for (var property in source) { - destination[property] = source[property]; - } - return destination; -} - -Object.extend(Object, { - inspect: function(object) { - try { - if (object === undefined) return 'undefined'; - if (object === null) return 'null'; - return object.inspect ? object.inspect() : object.toString(); - } catch (e) { - if (e instanceof RangeError) return '...'; - throw e; - } - }, - - toJSON: function(object) { - var type = typeof object; - switch(type) { - case 'undefined': - case 'function': - case 'unknown': return; - case 'boolean': return object.toString(); - } - if (object === null) return 'null'; - if (object.toJSON) return object.toJSON(); - if (object.ownerDocument === document) return; - var results = []; - for (var property in object) { - var value = Object.toJSON(object[property]); - if (value !== undefined) - results.push(property.toJSON() + ': ' + value); - } - return '{' + results.join(', ') + '}'; - }, - - keys: function(object) { - var keys = []; - for (var property in object) - keys.push(property); - return keys; - }, - - values: function(object) { - var values = []; - for (var property in object) - values.push(object[property]); - return values; - }, - - clone: function(object) { - return Object.extend({}, object); - } -}); - -Function.prototype.bind = function() { - var __method = this, args = $A(arguments), object = args.shift(); - return function() { - return __method.apply(object, args.concat($A(arguments))); - } -} - -Function.prototype.bindAsEventListener = function(object) { - var __method = this, args = $A(arguments), object = args.shift(); - return function(event) { - return __method.apply(object, [event || window.event].concat(args)); - } -} - -Object.extend(Number.prototype, { - toColorPart: function() { - return this.toPaddedString(2, 16); - }, - - succ: function() { - return this + 1; - }, - - times: function(iterator) { - $R(0, this, true).each(iterator); - return this; - }, - - toPaddedString: function(length, radix) { - var string = this.toString(radix || 10); - return '0'.times(length - string.length) + string; - }, - - toJSON: function() { - return isFinite(this) ? this.toString() : 'null'; - } -}); - -Date.prototype.toJSON = function() { - return '"' + this.getFullYear() + '-' + - (this.getMonth() + 1).toPaddedString(2) + '-' + - this.getDate().toPaddedString(2) + 'T' + - this.getHours().toPaddedString(2) + ':' + - this.getMinutes().toPaddedString(2) + ':' + - this.getSeconds().toPaddedString(2) + '"'; -}; - -var Try = { - these: function() { - var returnValue; - - for (var i = 0, length = arguments.length; i < length; i++) { - var lambda = arguments[i]; - try { - returnValue = lambda(); - break; - } catch (e) {} - } - - return returnValue; - } -} - -/*--------------------------------------------------------------------------*/ - -var PeriodicalExecuter = Class.create(); -PeriodicalExecuter.prototype = { - initialize: function(callback, frequency) { - this.callback = callback; - this.frequency = frequency; - this.currentlyExecuting = false; - - this.registerCallback(); - }, - - registerCallback: function() { - this.timer = setInterval(this.onTimerEvent.bind(this), this.frequency * 1000); - }, - - stop: function() { - if (!this.timer) return; - clearInterval(this.timer); - this.timer = null; - }, - - onTimerEvent: function() { - if (!this.currentlyExecuting) { - try { - this.currentlyExecuting = true; - this.callback(this); - } finally { - this.currentlyExecuting = false; - } - } - } -} -Object.extend(String, { - interpret: function(value) { - return value == null ? '' : String(value); - }, - specialChar: { - '\b': '\\b', - '\t': '\\t', - '\n': '\\n', - '\f': '\\f', - '\r': '\\r', - '\\': '\\\\' - } -}); - -Object.extend(String.prototype, { - gsub: function(pattern, replacement) { - var result = '', source = this, match; - replacement = arguments.callee.prepareReplacement(replacement); - - while (source.length > 0) { - if (match = source.match(pattern)) { - result += source.slice(0, match.index); - result += String.interpret(replacement(match)); - source = source.slice(match.index + match[0].length); - } else { - result += source, source = ''; - } - } - return result; - }, - - sub: function(pattern, replacement, count) { - replacement = this.gsub.prepareReplacement(replacement); - count = count === undefined ? 1 : count; - - return this.gsub(pattern, function(match) { - if (--count < 0) return match[0]; - return replacement(match); - }); - }, - - scan: function(pattern, iterator) { - this.gsub(pattern, iterator); - return this; - }, - - truncate: function(length, truncation) { - length = length || 30; - truncation = truncation === undefined ? '...' : truncation; - return this.length > length ? - this.slice(0, length - truncation.length) + truncation : this; - }, - - strip: function() { - return this.replace(/^\s+/, '').replace(/\s+$/, ''); - }, - - stripTags: function() { - return this.replace(/<\/?[^>]+>/gi, ''); - }, - - stripScripts: function() { - return this.replace(new RegExp(Prototype.ScriptFragment, 'img'), ''); - }, - - extractScripts: function() { - var matchAll = new RegExp(Prototype.ScriptFragment, 'img'); - var matchOne = new RegExp(Prototype.ScriptFragment, 'im'); - return (this.match(matchAll) || []).map(function(scriptTag) { - return (scriptTag.match(matchOne) || ['', ''])[1]; - }); - }, - - evalScripts: function() { - return this.extractScripts().map(function(script) { return eval(script) }); - }, - - escapeHTML: function() { - var self = arguments.callee; - self.text.data = this; - return self.div.innerHTML; - }, - - unescapeHTML: function() { - var div = document.createElement('div'); - div.innerHTML = this.stripTags(); - return div.childNodes[0] ? (div.childNodes.length > 1 ? - $A(div.childNodes).inject('', function(memo, node) { return memo+node.nodeValue }) : - div.childNodes[0].nodeValue) : ''; - }, - - toQueryParams: function(separator) { - var match = this.strip().match(/([^?#]*)(#.*)?$/); - if (!match) return {}; - - return match[1].split(separator || '&').inject({}, function(hash, pair) { - if ((pair = pair.split('='))[0]) { - var key = decodeURIComponent(pair.shift()); - var value = pair.length > 1 ? pair.join('=') : pair[0]; - if (value != undefined) value = decodeURIComponent(value); - - if (key in hash) { - if (hash[key].constructor != Array) hash[key] = [hash[key]]; - hash[key].push(value); - } - else hash[key] = value; - } - return hash; - }); - }, - - toArray: function() { - return this.split(''); - }, - - succ: function() { - return this.slice(0, this.length - 1) + - String.fromCharCode(this.charCodeAt(this.length - 1) + 1); - }, - - times: function(count) { - var result = ''; - for (var i = 0; i < count; i++) result += this; - return result; - }, - - camelize: function() { - var parts = this.split('-'), len = parts.length; - if (len == 1) return parts[0]; - - var camelized = this.charAt(0) == '-' - ? parts[0].charAt(0).toUpperCase() + parts[0].substring(1) - : parts[0]; - - for (var i = 1; i < len; i++) - camelized += parts[i].charAt(0).toUpperCase() + parts[i].substring(1); - - return camelized; - }, - - capitalize: function() { - return this.charAt(0).toUpperCase() + this.substring(1).toLowerCase(); - }, - - underscore: function() { - return this.gsub(/::/, '/').gsub(/([A-Z]+)([A-Z][a-z])/,'#{1}_#{2}').gsub(/([a-z\d])([A-Z])/,'#{1}_#{2}').gsub(/-/,'_').toLowerCase(); - }, - - dasherize: function() { - return this.gsub(/_/,'-'); - }, - - inspect: function(useDoubleQuotes) { - var escapedString = this.gsub(/[\x00-\x1f\\]/, function(match) { - var character = String.specialChar[match[0]]; - return character ? character : '\\u00' + match[0].charCodeAt().toPaddedString(2, 16); - }); - if (useDoubleQuotes) return '"' + escapedString.replace(/"/g, '\\"') + '"'; - return "'" + escapedString.replace(/'/g, '\\\'') + "'"; - }, - - toJSON: function() { - return this.inspect(true); - }, - - unfilterJSON: function(filter) { - return this.sub(filter || Prototype.JSONFilter, '#{1}'); - }, - - isJSON: function() { - var str = this.replace(/\\./g, '@').replace(/"[^"\\\n\r]*"/g, ''); - return (/^[,:{}\[\]0-9.\-+Eaeflnr-u \n\r\t]*$/).test(str); - }, - - evalJSON: function(sanitize) { - var json = this.unfilterJSON(); - try { - if (!sanitize || json.isJSON()) return eval('(' + json + ')'); - } catch (e) { } - throw new SyntaxError('Badly formed JSON string: ' + this.inspect()); - }, - - include: function(pattern) { - return this.indexOf(pattern) > -1; - }, - - startsWith: function(pattern) { - return this.indexOf(pattern) === 0; - }, - - endsWith: function(pattern) { - var d = this.length - pattern.length; - return d >= 0 && this.lastIndexOf(pattern) === d; - }, - - empty: function() { - return this == ''; - }, - - blank: function() { - return /^\s*$/.test(this); - } -}); - -if (Prototype.Browser.WebKit || Prototype.Browser.IE) Object.extend(String.prototype, { - escapeHTML: function() { - return this.replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>'); - }, - unescapeHTML: function() { - return this.replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>'); - } -}); - -String.prototype.gsub.prepareReplacement = function(replacement) { - if (typeof replacement == 'function') return replacement; - var template = new Template(replacement); - return function(match) { return template.evaluate(match) }; -} - -String.prototype.parseQuery = String.prototype.toQueryParams; - -Object.extend(String.prototype.escapeHTML, { - div: document.createElement('div'), - text: document.createTextNode('') -}); - -with (String.prototype.escapeHTML) div.appendChild(text); - -var Template = Class.create(); -Template.Pattern = /(^|.|\r|\n)(#\{(.*?)\})/; -Template.prototype = { - initialize: function(template, pattern) { - this.template = template.toString(); - this.pattern = pattern || Template.Pattern; - }, - - evaluate: function(object) { - return this.template.gsub(this.pattern, function(match) { - var before = match[1]; - if (before == '\\') return match[2]; - return before + String.interpret(object[match[3]]); - }); - } -} - -var $break = {}, $continue = new Error('"throw $continue" is deprecated, use "return" instead'); - -var Enumerable = { - each: function(iterator) { - var index = 0; - try { - this._each(function(value) { - iterator(value, index++); - }); - } catch (e) { - if (e != $break) throw e; - } - return this; - }, - - eachSlice: function(number, iterator) { - var index = -number, slices = [], array = this.toArray(); - while ((index += number) < array.length) - slices.push(array.slice(index, index+number)); - return slices.map(iterator); - }, - - all: function(iterator) { - var result = true; - this.each(function(value, index) { - result = result && !!(iterator || Prototype.K)(value, index); - if (!result) throw $break; - }); - return result; - }, - - any: function(iterator) { - var result = false; - this.each(function(value, index) { - if (result = !!(iterator || Prototype.K)(value, index)) - throw $break; - }); - return result; - }, - - collect: function(iterator) { - var results = []; - this.each(function(value, index) { - results.push((iterator || Prototype.K)(value, index)); - }); - return results; - }, - - detect: function(iterator) { - var result; - this.each(function(value, index) { - if (iterator(value, index)) { - result = value; - throw $break; - } - }); - return result; - }, - - findAll: function(iterator) { - var results = []; - this.each(function(value, index) { - if (iterator(value, index)) - results.push(value); - }); - return results; - }, - - grep: function(pattern, iterator) { - var results = []; - this.each(function(value, index) { - var stringValue = value.toString(); - if (stringValue.match(pattern)) - results.push((iterator || Prototype.K)(value, index)); - }) - return results; - }, - - include: function(object) { - var found = false; - this.each(function(value) { - if (value == object) { - found = true; - throw $break; - } - }); - return found; - }, - - inGroupsOf: function(number, fillWith) { - fillWith = fillWith === undefined ? null : fillWith; - return this.eachSlice(number, function(slice) { - while(slice.length < number) slice.push(fillWith); - return slice; - }); - }, - - inject: function(memo, iterator) { - this.each(function(value, index) { - memo = iterator(memo, value, index); - }); - return memo; - }, - - invoke: function(method) { - var args = $A(arguments).slice(1); - return this.map(function(value) { - return value[method].apply(value, args); - }); - }, - - max: function(iterator) { - var result; - this.each(function(value, index) { - value = (iterator || Prototype.K)(value, index); - if (result == undefined || value >= result) - result = value; - }); - return result; - }, - - min: function(iterator) { - var result; - this.each(function(value, index) { - value = (iterator || Prototype.K)(value, index); - if (result == undefined || value < result) - result = value; - }); - return result; - }, - - partition: function(iterator) { - var trues = [], falses = []; - this.each(function(value, index) { - ((iterator || Prototype.K)(value, index) ? - trues : falses).push(value); - }); - return [trues, falses]; - }, - - pluck: function(property) { - var results = []; - this.each(function(value, index) { - results.push(value[property]); - }); - return results; - }, - - reject: function(iterator) { - var results = []; - this.each(function(value, index) { - if (!iterator(value, index)) - results.push(value); - }); - return results; - }, - - sortBy: function(iterator) { - return this.map(function(value, index) { - return {value: value, criteria: iterator(value, index)}; - }).sort(function(left, right) { - var a = left.criteria, b = right.criteria; - return a < b ? -1 : a > b ? 1 : 0; - }).pluck('value'); - }, - - toArray: function() { - return this.map(); - }, - - zip: function() { - var iterator = Prototype.K, args = $A(arguments); - if (typeof args.last() == 'function') - iterator = args.pop(); - - var collections = [this].concat(args).map($A); - return this.map(function(value, index) { - return iterator(collections.pluck(index)); - }); - }, - - size: function() { - return this.toArray().length; - }, - - inspect: function() { - return '#<Enumerable:' + this.toArray().inspect() + '>'; - } -} - -Object.extend(Enumerable, { - map: Enumerable.collect, - find: Enumerable.detect, - select: Enumerable.findAll, - member: Enumerable.include, - entries: Enumerable.toArray -}); -var $A = Array.from = function(iterable) { - if (!iterable) return []; - if (iterable.toArray) { - return iterable.toArray(); - } else { - var results = []; - for (var i = 0, length = iterable.length; i < length; i++) - results.push(iterable[i]); - return results; - } -} - -if (Prototype.Browser.WebKit) { - $A = Array.from = function(iterable) { - if (!iterable) return []; - if (!(typeof iterable == 'function' && iterable == '[object NodeList]') && - iterable.toArray) { - return iterable.toArray(); - } else { - var results = []; - for (var i = 0, length = iterable.length; i < length; i++) - results.push(iterable[i]); - return results; - } - } -} - -Object.extend(Array.prototype, Enumerable); - -if (!Array.prototype._reverse) - Array.prototype._reverse = Array.prototype.reverse; - -Object.extend(Array.prototype, { - _each: function(iterator) { - for (var i = 0, length = this.length; i < length; i++) - iterator(this[i]); - }, - - clear: function() { - this.length = 0; - return this; - }, - - first: function() { - return this[0]; - }, - - last: function() { - return this[this.length - 1]; - }, - - compact: function() { - return this.select(function(value) { - return value != null; - }); - }, - - flatten: function() { - return this.inject([], function(array, value) { - return array.concat(value && value.constructor == Array ? - value.flatten() : [value]); - }); - }, - - without: function() { - var values = $A(arguments); - return this.select(function(value) { - return !values.include(value); - }); - }, - - indexOf: function(object) { - for (var i = 0, length = this.length; i < length; i++) - if (this[i] == object) return i; - return -1; - }, - - reverse: function(inline) { - return (inline !== false ? this : this.toArray())._reverse(); - }, - - reduce: function() { - return this.length > 1 ? this : this[0]; - }, - - uniq: function(sorted) { - return this.inject([], function(array, value, index) { - if (0 == index || (sorted ? array.last() != value : !array.include(value))) - array.push(value); - return array; - }); - }, - - clone: function() { - return [].concat(this); - }, - - size: function() { - return this.length; - }, - - inspect: function() { - return '[' + this.map(Object.inspect).join(', ') + ']'; - }, - - toJSON: function() { - var results = []; - this.each(function(object) { - var value = Object.toJSON(object); - if (value !== undefined) results.push(value); - }); - return '[' + results.join(', ') + ']'; - } -}); - -Array.prototype.toArray = Array.prototype.clone; - -function $w(string) { - string = string.strip(); - return string ? string.split(/\s+/) : []; -} - -if (Prototype.Browser.Opera){ - Array.prototype.concat = function() { - var array = []; - for (var i = 0, length = this.length; i < length; i++) array.push(this[i]); - for (var i = 0, length = arguments.length; i < length; i++) { - if (arguments[i].constructor == Array) { - for (var j = 0, arrayLength = arguments[i].length; j < arrayLength; j++) - array.push(arguments[i][j]); - } else { - array.push(arguments[i]); - } - } - return array; - } -} -var Hash = function(object) { - if (object instanceof Hash) this.merge(object); - else Object.extend(this, object || {}); -}; - -Object.extend(Hash, { - toQueryString: function(obj) { - var parts = []; - parts.add = arguments.callee.addPair; - - this.prototype._each.call(obj, function(pair) { - if (!pair.key) return; - var value = pair.value; - - if (value && typeof value == 'object') { - if (value.constructor == Array) value.each(function(value) { - parts.add(pair.key, value); - }); - return; - } - parts.add(pair.key, value); - }); - - return parts.join('&'); - }, - - toJSON: function(object) { - var results = []; - this.prototype._each.call(object, function(pair) { - var value = Object.toJSON(pair.value); - if (value !== undefined) results.push(pair.key.toJSON() + ': ' + value); - }); - return '{' + results.join(', ') + '}'; - } -}); - -Hash.toQueryString.addPair = function(key, value, prefix) { - key = encodeURIComponent(key); - if (value === undefined) this.push(key); - else this.push(key + '=' + (value == null ? '' : encodeURIComponent(value))); -} - -Object.extend(Hash.prototype, Enumerable); -Object.extend(Hash.prototype, { - _each: function(iterator) { - for (var key in this) { - var value = this[key]; - if (value && value == Hash.prototype[key]) continue; - - var pair = [key, value]; - pair.key = key; - pair.value = value; - iterator(pair); - } - }, - - keys: function() { - return this.pluck('key'); - }, - - values: function() { - return this.pluck('value'); - }, - - merge: function(hash) { - return $H(hash).inject(this, function(mergedHash, pair) { - mergedHash[pair.key] = pair.value; - return mergedHash; - }); - }, - - remove: function() { - var result; - for(var i = 0, length = arguments.length; i < length; i++) { - var value = this[arguments[i]]; - if (value !== undefined){ - if (result === undefined) result = value; - else { - if (result.constructor != Array) result = [result]; - result.push(value) - } - } - delete this[arguments[i]]; - } - return result; - }, - - toQueryString: function() { - return Hash.toQueryString(this); - }, - - inspect: function() { - return '#<Hash:{' + this.map(function(pair) { - return pair.map(Object.inspect).join(': '); - }).join(', ') + '}>'; - }, - - toJSON: function() { - return Hash.toJSON(this); - } -}); - -function $H(object) { - if (object instanceof Hash) return object; - return new Hash(object); -}; - -// Safari iterates over shadowed properties -if (function() { - var i = 0, Test = function(value) { this.key = value }; - Test.prototype.key = 'foo'; - for (var property in new Test('bar')) i++; - return i > 1; -}()) Hash.prototype._each = function(iterator) { - var cache = []; - for (var key in this) { - var value = this[key]; - if ((value && value == Hash.prototype[key]) || cache.include(key)) continue; - cache.push(key); - var pair = [key, value]; - pair.key = key; - pair.value = value; - iterator(pair); - } -}; -ObjectRange = Class.create(); -Object.extend(ObjectRange.prototype, Enumerable); -Object.extend(ObjectRange.prototype, { - initialize: function(start, end, exclusive) { - this.start = start; - this.end = end; - this.exclusive = exclusive; - }, - - _each: function(iterator) { - var value = this.start; - while (this.include(value)) { - iterator(value); - value = value.succ(); - } - }, - - include: function(value) { - if (value < this.start) - return false; - if (this.exclusive) - return value < this.end; - return value <= this.end; - } -}); - -var $R = function(start, end, exclusive) { - return new ObjectRange(start, end, exclusive); -} - -var Ajax = { - getTransport: function() { - return Try.these( - function() {return new XMLHttpRequest()}, - function() {return new ActiveXObject('Msxml2.XMLHTTP')}, - function() {return new ActiveXObject('Microsoft.XMLHTTP')} - ) || false; - }, - - activeRequestCount: 0 -} - -Ajax.Responders = { - responders: [], - - _each: function(iterator) { - this.responders._each(iterator); - }, - - register: function(responder) { - if (!this.include(responder)) - this.responders.push(responder); - }, - - unregister: function(responder) { - this.responders = this.responders.without(responder); - }, - - dispatch: function(callback, request, transport, json) { - this.each(function(responder) { - if (typeof responder[callback] == 'function') { - try { - responder[callback].apply(responder, [request, transport, json]); - } catch (e) {} - } - }); - } -}; - -Object.extend(Ajax.Responders, Enumerable); - -Ajax.Responders.register({ - onCreate: function() { - Ajax.activeRequestCount++; - }, - onComplete: function() { - Ajax.activeRequestCount--; - } -}); - -Ajax.Base = function() {}; -Ajax.Base.prototype = { - setOptions: function(options) { - this.options = { - method: 'post', - asynchronous: true, - contentType: 'application/x-www-form-urlencoded', - encoding: 'UTF-8', - parameters: '' - } - Object.extend(this.options, options || {}); - - this.options.method = this.options.method.toLowerCase(); - if (typeof this.options.parameters == 'string') - this.options.parameters = this.options.parameters.toQueryParams(); - } -} - -Ajax.Request = Class.create(); -Ajax.Request.Events = - ['Uninitialized', 'Loading', 'Loaded', 'Interactive', 'Complete']; - -Ajax.Request.prototype = Object.extend(new Ajax.Base(), { - _complete: false, - - initialize: function(url, options) { - this.transport = Ajax.getTransport(); - this.setOptions(options); - this.request(url); - }, - - request: function(url) { - this.url = url; - this.method = this.options.method; - var params = Object.clone(this.options.parameters); - - if (!['get', 'post'].include(this.method)) { - // simulate other verbs over post - params['_method'] = this.method; - this.method = 'post'; - } - - this.parameters = params; - - if (params = Hash.toQueryString(params)) { - // when GET, append parameters to URL - if (this.method == 'get') - this.url += (this.url.include('?') ? '&' : '?') + params; - else if (/Konqueror|Safari|KHTML/.test(navigator.userAgent)) - params += '&_='; - } - - try { - if (this.options.onCreate) this.options.onCreate(this.transport); - Ajax.Responders.dispatch('onCreate', this, this.transport); - - this.transport.open(this.method.toUpperCase(), this.url, - this.options.asynchronous); - - if (this.options.asynchronous) - setTimeout(function() { this.respondToReadyState(1) }.bind(this), 10); - - this.transport.onreadystatechange = this.onStateChange.bind(this); - this.setRequestHeaders(); - - this.body = this.method == 'post' ? (this.options.postBody || params) : null; - this.transport.send(this.body); - - /* Force Firefox to handle ready state 4 for synchronous requests */ - if (!this.options.asynchronous && this.transport.overrideMimeType) - this.onStateChange(); - - } - catch (e) { - this.dispatchException(e); - } - }, - - onStateChange: function() { - var readyState = this.transport.readyState; - if (readyState > 1 && !((readyState == 4) && this._complete)) - this.respondToReadyState(this.transport.readyState); - }, - - setRequestHeaders: function() { - var headers = { - 'X-Requested-With': 'XMLHttpRequest', - 'X-Prototype-Version': Prototype.Version, - 'Accept': 'text/javascript, text/html, application/xml, text/xml, */*' - }; - - if (this.method == 'post') { - headers['Content-type'] = this.options.contentType + - (this.options.encoding ? '; charset=' + this.options.encoding : ''); - - /* Force "Connection: close" for older Mozilla browsers to work - * around a bug where XMLHttpRequest sends an incorrect - * Content-length header. See Mozilla Bugzilla #246651. - */ - if (this.transport.overrideMimeType && - (navigator.userAgent.match(/Gecko\/(\d{4})/) || [0,2005])[1] < 2005) - headers['Connection'] = 'close'; - } - - // user-defined headers - if (typeof this.options.requestHeaders == 'object') { - var extras = this.options.requestHeaders; - - if (typeof extras.push == 'function') - for (var i = 0, length = extras.length; i < length; i += 2) - headers[extras[i]] = extras[i+1]; - else - $H(extras).each(function(pair) { headers[pair.key] = pair.value }); - } - - for (var name in headers) - this.transport.setRequestHeader(name, headers[name]); - }, - - success: function() { - return !this.transport.status - || (this.transport.status >= 200 && this.transport.status < 300); - }, - - respondToReadyState: function(readyState) { - var state = Ajax.Request.Events[readyState]; - var transport = this.transport, json = this.evalJSON(); - - if (state == 'Complete') { - try { - this._complete = true; - (this.options['on' + this.transport.status] - || this.options['on' + (this.success() ? 'Success' : 'Failure')] - || Prototype.emptyFunction)(transport, json); - } catch (e) { - this.dispatchException(e); - } - - var contentType = this.getHeader('Content-type'); - if (contentType && contentType.strip(). - match(/^(text|application)\/(x-)?(java|ecma)script(;.*)?$/i)) - this.evalResponse(); - } - - try { - (this.options['on' + state] || Prototype.emptyFunction)(transport, json); - Ajax.Responders.dispatch('on' + state, this, transport, json); - } catch (e) { - this.dispatchException(e); - } - - if (state == 'Complete') { - // avoid memory leak in MSIE: clean up - this.transport.onreadystatechange = Prototype.emptyFunction; - } - }, - - getHeader: function(name) { - try { - return this.transport.getResponseHeader(name); - } catch (e) { return null } - }, - - evalJSON: function() { - try { - var json = this.getHeader('X-JSON'); - return json ? json.evalJSON() : null; - } catch (e) { return null } - }, - - evalResponse: function() { - try { - return eval((this.transport.responseText || '').unfilterJSON()); - } catch (e) { - this.dispatchException(e); - } - }, - - dispatchException: function(exception) { - (this.options.onException || Prototype.emptyFunction)(this, exception); - Ajax.Responders.dispatch('onException', this, exception); - } -}); - -Ajax.Updater = Class.create(); - -Object.extend(Object.extend(Ajax.Updater.prototype, Ajax.Request.prototype), { - initialize: function(container, url, options) { - this.container = { - success: (container.success || container), - failure: (container.failure || (container.success ? null : container)) - } - - this.transport = Ajax.getTransport(); - this.setOptions(options); - - var onComplete = this.options.onComplete || Prototype.emptyFunction; - this.options.onComplete = (function(transport, param) { - this.updateContent(); - onComplete(transport, param); - }).bind(this); - - this.request(url); - }, - - updateContent: function() { - var receiver = this.container[this.success() ? 'success' : 'failure']; - var response = this.transport.responseText; - - if (!this.options.evalScripts) response = response.stripScripts(); - - if (receiver = $(receiver)) { - if (this.options.insertion) - new this.options.insertion(receiver, response); - else - receiver.update(response); - } - - if (this.success()) { - if (this.onComplete) - setTimeout(this.onComplete.bind(this), 10); - } - } -}); - -Ajax.PeriodicalUpdater = Class.create(); -Ajax.PeriodicalUpdater.prototype = Object.extend(new Ajax.Base(), { - initialize: function(container, url, options) { - this.setOptions(options); - this.onComplete = this.options.onComplete; - - this.frequency = (this.options.frequency || 2); - this.decay = (this.options.decay || 1); - - this.updater = {}; - this.container = container; - this.url = url; - - this.start(); - }, - - start: function() { - this.options.onComplete = this.updateComplete.bind(this); - this.onTimerEvent(); - }, - - stop: function() { - this.updater.options.onComplete = undefined; - clearTimeout(this.timer); - (this.onComplete || Prototype.emptyFunction).apply(this, arguments); - }, - - updateComplete: function(request) { - if (this.options.decay) { - this.decay = (request.responseText == this.lastText ? - this.decay * this.options.decay : 1); - - this.lastText = request.responseText; - } - this.timer = setTimeout(this.onTimerEvent.bind(this), - this.decay * this.frequency * 1000); - }, - - onTimerEvent: function() { - this.updater = new Ajax.Updater(this.container, this.url, this.options); - } -}); -function $(element) { - if (arguments.length > 1) { - for (var i = 0, elements = [], length = arguments.length; i < length; i++) - elements.push($(arguments[i])); - return elements; - } - if (typeof element == 'string') - element = document.getElementById(element); - return Element.extend(element); -} - -if (Prototype.BrowserFeatures.XPath) { - document._getElementsByXPath = function(expression, parentElement) { - var results = []; - var query = document.evaluate(expression, $(parentElement) || document, - null, XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, null); - for (var i = 0, length = query.snapshotLength; i < length; i++) - results.push(query.snapshotItem(i)); - return results; - }; - - document.getElementsByClassName = function(className, parentElement) { - var q = ".//*[contains(concat(' ', @class, ' '), ' " + className + " ')]"; - return document._getElementsByXPath(q, parentElement); - } - -} else document.getElementsByClassName = function(className, parentElement) { - var children = ($(parentElement) || document.body).getElementsByTagName('*'); - var elements = [], child, pattern = new RegExp("(^|\\s)" + className + "(\\s|$)"); - for (var i = 0, length = children.length; i < length; i++) { - child = children[i]; - var elementClassName = child.className; - if (elementClassName.length == 0) continue; - if (elementClassName == className || elementClassName.match(pattern)) - elements.push(Element.extend(child)); - } - return elements; -}; - -/*--------------------------------------------------------------------------*/ - -if (!window.Element) var Element = {}; - -Element.extend = function(element) { - var F = Prototype.BrowserFeatures; - if (!element || !element.tagName || element.nodeType == 3 || - element._extended || F.SpecificElementExtensions || element == window) - return element; - - var methods = {}, tagName = element.tagName, cache = Element.extend.cache, - T = Element.Methods.ByTag; - - // extend methods for all tags (Safari doesn't need this) - if (!F.ElementExtensions) { - Object.extend(methods, Element.Methods), - Object.extend(methods, Element.Methods.Simulated); - } - - // extend methods for specific tags - if (T[tagName]) Object.extend(methods, T[tagName]); - - for (var property in methods) { - var value = methods[property]; - if (typeof value == 'function' && !(property in element)) - element[property] = cache.findOrStore(value); - } - - element._extended = Prototype.emptyFunction; - return element; -}; - -Element.extend.cache = { - findOrStore: function(value) { - return this[value] = this[value] || function() { - return value.apply(null, [this].concat($A(arguments))); - } - } -}; - -Element.Methods = { - visible: function(element) { - return $(element).style.display != 'none'; - }, - - toggle: function(element) { - element = $(element); - Element[Element.visible(element) ? 'hide' : 'show'](element); - return element; - }, - - hide: function(element) { - $(element).style.display = 'none'; - return element; - }, - - show: function(element) { - $(element).style.display = ''; - return element; - }, - - remove: function(element) { - element = $(element); - element.parentNode.removeChild(element); - return element; - }, - - update: function(element, html) { - html = typeof html == 'undefined' ? '' : html.toString(); - $(element).innerHTML = html.stripScripts(); - setTimeout(function() {html.evalScripts()}, 10); - return element; - }, - - replace: function(element, html) { - element = $(element); - html = typeof html == 'undefined' ? '' : html.toString(); - if (element.outerHTML) { - element.outerHTML = html.stripScripts(); - } else { - var range = element.ownerDocument.createRange(); - range.selectNodeContents(element); - element.parentNode.replaceChild( - range.createContextualFragment(html.stripScripts()), element); - } - setTimeout(function() {html.evalScripts()}, 10); - return element; - }, - - inspect: function(element) { - element = $(element); - var result = '<' + element.tagName.toLowerCase(); - $H({'id': 'id', 'className': 'class'}).each(function(pair) { - var property = pair.first(), attribute = pair.last(); - var value = (element[property] || '').toString(); - if (value) result += ' ' + attribute + '=' + value.inspect(true); - }); - return result + '>'; - }, - - recursivelyCollect: function(element, property) { - element = $(element); - var elements = []; - while (element = element[property]) - if (element.nodeType == 1) - elements.push(Element.extend(element)); - return elements; - }, - - ancestors: function(element) { - return $(element).recursivelyCollect('parentNode'); - }, - - descendants: function(element) { - return $A($(element).getElementsByTagName('*')).each(Element.extend); - }, - - firstDescendant: function(element) { - element = $(element).firstChild; - while (element && element.nodeType != 1) element = element.nextSibling; - return $(element); - }, - - immediateDescendants: function(element) { - if (!(element = $(element).firstChild)) return []; - while (element && element.nodeType != 1) element = element.nextSibling; - if (element) return [element].concat($(element).nextSiblings()); - return []; - }, - - previousSiblings: function(element) { - return $(element).recursivelyCollect('previousSibling'); - }, - - nextSiblings: function(element) { - return $(element).recursivelyCollect('nextSibling'); - }, - - siblings: function(element) { - element = $(element); - return element.previousSiblings().reverse().concat(element.nextSiblings()); - }, - - match: function(element, selector) { - if (typeof selector == 'string') - selector = new Selector(selector); - return selector.match($(element)); - }, - - up: function(element, expression, index) { - element = $(element); - if (arguments.length == 1) return $(element.parentNode); - var ancestors = element.ancestors(); - return expression ? Selector.findElement(ancestors, expression, index) : - ancestors[index || 0]; - }, - - down: function(element, expression, index) { - element = $(element); - if (arguments.length == 1) return element.firstDescendant(); - var descendants = element.descendants(); - return expression ? Selector.findElement(descendants, expression, index) : - descendants[index || 0]; - }, - - previous: function(element, expression, index) { - element = $(element); - if (arguments.length == 1) return $(Selector.handlers.previousElementSibling(element)); - var previousSiblings = element.previousSiblings(); - return expression ? Selector.findElement(previousSiblings, expression, index) : - previousSiblings[index || 0]; - }, - - next: function(element, expression, index) { - element = $(element); - if (arguments.length == 1) return $(Selector.handlers.nextElementSibling(element)); - var nextSiblings = element.nextSiblings(); - return expression ? Selector.findElement(nextSiblings, expression, index) : - nextSiblings[index || 0]; - }, - - getElementsBySelector: function() { - var args = $A(arguments), element = $(args.shift()); - return Selector.findChildElements(element, args); - }, - - getElementsByClassName: function(element, className) { - return document.getElementsByClassName(className, element); - }, - - readAttribute: function(element, name) { - element = $(element); - if (Prototype.Browser.IE) { - if (!element.attributes) return null; - var t = Element._attributeTranslations; - if (t.values[name]) return t.values[name](element, name); - if (t.names[name]) name = t.names[name]; - var attribute = element.attributes[name]; - return attribute ? attribute.nodeValue : null; - } - return element.getAttribute(name); - }, - - getHeight: function(element) { - return $(element).getDimensions().height; - }, - - getWidth: function(element) { - return $(element).getDimensions().width; - }, - - classNames: function(element) { - return new Element.ClassNames(element); - }, - - hasClassName: function(element, className) { - if (!(element = $(element))) return; - var elementClassName = element.className; - if (elementClassName.length == 0) return false; - if (elementClassName == className || - elementClassName.match(new RegExp("(^|\\s)" + className + "(\\s|$)"))) - return true; - return false; - }, - - addClassName: function(element, className) { - if (!(element = $(element))) return; - Element.classNames(element).add(className); - return element; - }, - - removeClassName: function(element, className) { - if (!(element = $(element))) return; - Element.classNames(element).remove(className); - return element; - }, - - toggleClassName: function(element, className) { - if (!(element = $(element))) return; - Element.classNames(element)[element.hasClassName(className) ? 'remove' : 'add'](className); - return element; - }, - - observe: function() { - Event.observe.apply(Event, arguments); - return $A(arguments).first(); - }, - - stopObserving: function() { - Event.stopObserving.apply(Event, arguments); - return $A(arguments).first(); - }, - - // removes whitespace-only text node children - cleanWhitespace: function(element) { - element = $(element); - var node = element.firstChild; - while (node) { - var nextNode = node.nextSibling; - if (node.nodeType == 3 && !/\S/.test(node.nodeValue)) - element.removeChild(node); - node = nextNode; - } - return element; - }, - - empty: function(element) { - return $(element).innerHTML.blank(); - }, - - descendantOf: function(element, ancestor) { - element = $(element), ancestor = $(ancestor); - while (element = element.parentNode) - if (element == ancestor) return true; - return false; - }, - - scrollTo: function(element) { - element = $(element); - var pos = Position.cumulativeOffset(element); - window.scrollTo(pos[0], pos[1]); - return element; - }, - - getStyle: function(element, style) { - element = $(element); - style = style == 'float' ? 'cssFloat' : style.camelize(); - var value = element.style[style]; - if (!value) { - var css = document.defaultView.getComputedStyle(element, null); - value = css ? css[style] : null; - } - if (style == 'opacity') return value ? parseFloat(value) : 1.0; - return value == 'auto' ? null : value; - }, - - getOpacity: function(element) { - return $(element).getStyle('opacity'); - }, - - setStyle: function(element, styles, camelized) { - element = $(element); - var elementStyle = element.style; - - for (var property in styles) - if (property == 'opacity') element.setOpacity(styles[property]) - else - elementStyle[(property == 'float' || property == 'cssFloat') ? - (elementStyle.styleFloat === undefined ? 'cssFloat' : 'styleFloat') : - (camelized ? property : property.camelize())] = styles[property]; - - return element; - }, - - setOpacity: function(element, value) { - element = $(element); - element.style.opacity = (value == 1 || value === '') ? '' : - (value < 0.00001) ? 0 : value; - return element; - }, - - getDimensions: function(element) { - element = $(element); - var display = $(element).getStyle('display'); - if (display != 'none' && display != null) // Safari bug - return {width: element.offsetWidth, height: element.offsetHeight}; - - // All *Width and *Height properties give 0 on elements with display none, - // so enable the element temporarily - var els = element.style; - var originalVisibility = els.visibility; - var originalPosition = els.position; - var originalDisplay = els.display; - els.visibility = 'hidden'; - els.position = 'absolute'; - els.display = 'block'; - var originalWidth = element.clientWidth; - var originalHeight = element.clientHeight; - els.display = originalDisplay; - els.position = originalPosition; - els.visibility = originalVisibility; - return {width: originalWidth, height: originalHeight}; - }, - - makePositioned: function(element) { - element = $(element); - var pos = Element.getStyle(element, 'position'); - if (pos == 'static' || !pos) { - element._madePositioned = true; - element.style.position = 'relative'; - // Opera returns the offset relative to the positioning context, when an - // element is position relative but top and left have not been defined - if (window.opera) { - element.style.top = 0; - element.style.left = 0; - } - } - return element; - }, - - undoPositioned: function(element) { - element = $(element); - if (element._madePositioned) { - element._madePositioned = undefined; - element.style.position = - element.style.top = - element.style.left = - element.style.bottom = - element.style.right = ''; - } - return element; - }, - - makeClipping: function(element) { - element = $(element); - if (element._overflow) return element; - element._overflow = element.style.overflow || 'auto'; - if ((Element.getStyle(element, 'overflow') || 'visible') != 'hidden') - element.style.overflow = 'hidden'; - return element; - }, - - undoClipping: function(element) { - element = $(element); - if (!element._overflow) return element; - element.style.overflow = element._overflow == 'auto' ? '' : element._overflow; - element._overflow = null; - return element; - } -}; - -Object.extend(Element.Methods, { - childOf: Element.Methods.descendantOf, - childElements: Element.Methods.immediateDescendants -}); - -if (Prototype.Browser.Opera) { - Element.Methods._getStyle = Element.Methods.getStyle; - Element.Methods.getStyle = function(element, style) { - switch(style) { - case 'left': - case 'top': - case 'right': - case 'bottom': - if (Element._getStyle(element, 'position') == 'static') return null; - default: return Element._getStyle(element, style); - } - }; -} -else if (Prototype.Browser.IE) { - Element.Methods.getStyle = function(element, style) { - element = $(element); - style = (style == 'float' || style == 'cssFloat') ? 'styleFloat' : style.camelize(); - var value = element.style[style]; - if (!value && element.currentStyle) value = element.currentStyle[style]; - - if (style == 'opacity') { - if (value = (element.getStyle('filter') || '').match(/alpha\(opacity=(.*)\)/)) - if (value[1]) return parseFloat(value[1]) / 100; - return 1.0; - } - - if (value == 'auto') { - if ((style == 'width' || style == 'height') && (element.getStyle('display') != 'none')) - return element['offset'+style.capitalize()] + 'px'; - return null; - } - return value; - }; - - Element.Methods.setOpacity = function(element, value) { - element = $(element); - var filter = element.getStyle('filter'), style = element.style; - if (value == 1 || value === '') { - style.filter = filter.replace(/alpha\([^\)]*\)/gi,''); - return element; - } else if (value < 0.00001) value = 0; - style.filter = filter.replace(/alpha\([^\)]*\)/gi, '') + - 'alpha(opacity=' + (value * 100) + ')'; - return element; - }; - - // IE is missing .innerHTML support for TABLE-related elements - Element.Methods.update = function(element, html) { - element = $(element); - html = typeof html == 'undefined' ? '' : html.toString(); - var tagName = element.tagName.toUpperCase(); - if (['THEAD','TBODY','TR','TD'].include(tagName)) { - var div = document.createElement('div'); - switch (tagName) { - case 'THEAD': - case 'TBODY': - div.innerHTML = '<table><tbody>' + html.stripScripts() + '</tbody></table>'; - depth = 2; - break; - case 'TR': - div.innerHTML = '<table><tbody><tr>' + html.stripScripts() + '</tr></tbody></table>'; - depth = 3; - break; - case 'TD': - div.innerHTML = '<table><tbody><tr><td>' + html.stripScripts() + '</td></tr></tbody></table>'; - depth = 4; - } - $A(element.childNodes).each(function(node) { element.removeChild(node) }); - depth.times(function() { div = div.firstChild }); - $A(div.childNodes).each(function(node) { element.appendChild(node) }); - } else { - element.innerHTML = html.stripScripts(); - } - setTimeout(function() { html.evalScripts() }, 10); - return element; - } -} -else if (Prototype.Browser.Gecko) { - Element.Methods.setOpacity = function(element, value) { - element = $(element); - element.style.opacity = (value == 1) ? 0.999999 : - (value === '') ? '' : (value < 0.00001) ? 0 : value; - return element; - }; -} - -Element._attributeTranslations = { - names: { - colspan: "colSpan", - rowspan: "rowSpan", - valign: "vAlign", - datetime: "dateTime", - accesskey: "accessKey", - tabindex: "tabIndex", - enctype: "encType", - maxlength: "maxLength", - readonly: "readOnly", - longdesc: "longDesc" - }, - values: { - _getAttr: function(element, attribute) { - return element.getAttribute(attribute, 2); - }, - _flag: function(element, attribute) { - return $(element).hasAttribute(attribute) ? attribute : null; - }, - style: function(element) { - return element.style.cssText.toLowerCase(); - }, - title: function(element) { - var node = element.getAttributeNode('title'); - return node.specified ? node.nodeValue : null; - } - } -}; - -(function() { - Object.extend(this, { - href: this._getAttr, - src: this._getAttr, - type: this._getAttr, - disabled: this._flag, - checked: this._flag, - readonly: this._flag, - multiple: this._flag - }); -}).call(Element._attributeTranslations.values); - -Element.Methods.Simulated = { - hasAttribute: function(element, attribute) { - var t = Element._attributeTranslations, node; - attribute = t.names[attribute] || attribute; - node = $(element).getAttributeNode(attribute); - return node && node.specified; - } -}; - -Element.Methods.ByTag = {}; - -Object.extend(Element, Element.Methods); - -if (!Prototype.BrowserFeatures.ElementExtensions && - document.createElement('div').__proto__) { - window.HTMLElement = {}; - window.HTMLElement.prototype = document.createElement('div').__proto__; - Prototype.BrowserFeatures.ElementExtensions = true; -} - -Element.hasAttribute = function(element, attribute) { - if (element.hasAttribute) return element.hasAttribute(attribute); - return Element.Methods.Simulated.hasAttribute(element, attribute); -}; - -Element.addMethods = function(methods) { - var F = Prototype.BrowserFeatures, T = Element.Methods.ByTag; - - if (!methods) { - Object.extend(Form, Form.Methods); - Object.extend(Form.Element, Form.Element.Methods); - Object.extend(Element.Methods.ByTag, { - "FORM": Object.clone(Form.Methods), - "INPUT": Object.clone(Form.Element.Methods), - "SELECT": Object.clone(Form.Element.Methods), - "TEXTAREA": Object.clone(Form.Element.Methods) - }); - } - - if (arguments.length == 2) { - var tagName = methods; - methods = arguments[1]; - } - - if (!tagName) Object.extend(Element.Methods, methods || {}); - else { - if (tagName.constructor == Array) tagName.each(extend); - else extend(tagName); - } - - function extend(tagName) { - tagName = tagName.toUpperCase(); - if (!Element.Methods.ByTag[tagName]) - Element.Methods.ByTag[tagName] = {}; - Object.extend(Element.Methods.ByTag[tagName], methods); - } - - function copy(methods, destination, onlyIfAbsent) { - onlyIfAbsent = onlyIfAbsent || false; - var cache = Element.extend.cache; - for (var property in methods) { - var value = methods[property]; - if (!onlyIfAbsent || !(property in destination)) - destination[property] = cache.findOrStore(value); - } - } - - function findDOMClass(tagName) { - var klass; - var trans = { - "OPTGROUP": "OptGroup", "TEXTAREA": "TextArea", "P": "Paragraph", - "FIELDSET": "FieldSet", "UL": "UList", "OL": "OList", "DL": "DList", - "DIR": "Directory", "H1": "Heading", "H2": "Heading", "H3": "Heading", - "H4": "Heading", "H5": "Heading", "H6": "Heading", "Q": "Quote", - "INS": "Mod", "DEL": "Mod", "A": "Anchor", "IMG": "Image", "CAPTION": - "TableCaption", "COL": "TableCol", "COLGROUP": "TableCol", "THEAD": - "TableSection", "TFOOT": "TableSection", "TBODY": "TableSection", "TR": - "TableRow", "TH": "TableCell", "TD": "TableCell", "FRAMESET": - "FrameSet", "IFRAME": "IFrame" - }; - if (trans[tagName]) klass = 'HTML' + trans[tagName] + 'Element'; - if (window[klass]) return window[klass]; - klass = 'HTML' + tagName + 'Element'; - if (window[klass]) return window[klass]; - klass = 'HTML' + tagName.capitalize() + 'Element'; - if (window[klass]) return window[klass]; - - window[klass] = {}; - window[klass].prototype = document.createElement(tagName).__proto__; - return window[klass]; - } - - if (F.ElementExtensions) { - copy(Element.Methods, HTMLElement.prototype); - copy(Element.Methods.Simulated, HTMLElement.prototype, true); - } - - if (F.SpecificElementExtensions) { - for (var tag in Element.Methods.ByTag) { - var klass = findDOMClass(tag); - if (typeof klass == "undefined") continue; - copy(T[tag], klass.prototype); - } - } - - Object.extend(Element, Element.Methods); - delete Element.ByTag; -}; - -var Toggle = { display: Element.toggle }; - -/*--------------------------------------------------------------------------*/ - -Abstract.Insertion = function(adjacency) { - this.adjacency = adjacency; -} - -Abstract.Insertion.prototype = { - initialize: function(element, content) { - this.element = $(element); - this.content = content.stripScripts(); - - if (this.adjacency && this.element.insertAdjacentHTML) { - try { - this.element.insertAdjacentHTML(this.adjacency, this.content); - } catch (e) { - var tagName = this.element.tagName.toUpperCase(); - if (['TBODY', 'TR'].include(tagName)) { - this.insertContent(this.contentFromAnonymousTable()); - } else { - throw e; - } - } - } else { - this.range = this.element.ownerDocument.createRange(); - if (this.initializeRange) this.initializeRange(); - this.insertContent([this.range.createContextualFragment(this.content)]); - } - - setTimeout(function() {content.evalScripts()}, 10); - }, - - contentFromAnonymousTable: function() { - var div = document.createElement('div'); - div.innerHTML = '<table><tbody>' + this.content + '</tbody></table>'; - return $A(div.childNodes[0].childNodes[0].childNodes); - } -} - -var Insertion = new Object(); - -Insertion.Before = Class.create(); -Insertion.Before.prototype = Object.extend(new Abstract.Insertion('beforeBegin'), { - initializeRange: function() { - this.range.setStartBefore(this.element); - }, - - insertContent: function(fragments) { - fragments.each((function(fragment) { - this.element.parentNode.insertBefore(fragment, this.element); - }).bind(this)); - } -}); - -Insertion.Top = Class.create(); -Insertion.Top.prototype = Object.extend(new Abstract.Insertion('afterBegin'), { - initializeRange: function() { - this.range.selectNodeContents(this.element); - this.range.collapse(true); - }, - - insertContent: function(fragments) { - fragments.reverse(false).each((function(fragment) { - this.element.insertBefore(fragment, this.element.firstChild); - }).bind(this)); - } -}); - -Insertion.Bottom = Class.create(); -Insertion.Bottom.prototype = Object.extend(new Abstract.Insertion('beforeEnd'), { - initializeRange: function() { - this.range.selectNodeContents(this.element); - this.range.collapse(this.element); - }, - - insertContent: function(fragments) { - fragments.each((function(fragment) { - this.element.appendChild(fragment); - }).bind(this)); - } -}); - -Insertion.After = Class.create(); -Insertion.After.prototype = Object.extend(new Abstract.Insertion('afterEnd'), { - initializeRange: function() { - this.range.setStartAfter(this.element); - }, - - insertContent: function(fragments) { - fragments.each((function(fragment) { - this.element.parentNode.insertBefore(fragment, - this.element.nextSibling); - }).bind(this)); - } -}); - -/*--------------------------------------------------------------------------*/ - -Element.ClassNames = Class.create(); -Element.ClassNames.prototype = { - initialize: function(element) { - this.element = $(element); - }, - - _each: function(iterator) { - this.element.className.split(/\s+/).select(function(name) { - return name.length > 0; - })._each(iterator); - }, - - set: function(className) { - this.element.className = className; - }, - - add: function(classNameToAdd) { - if (this.include(classNameToAdd)) return; - this.set($A(this).concat(classNameToAdd).join(' ')); - }, - - remove: function(classNameToRemove) { - if (!this.include(classNameToRemove)) return; - this.set($A(this).without(classNameToRemove).join(' ')); - }, - - toString: function() { - return $A(this).join(' '); - } -}; - -Object.extend(Element.ClassNames.prototype, Enumerable); -/* Portions of the Selector class are derived from Jack Slocum’s DomQuery, - * part of YUI-Ext version 0.40, distributed under the terms of an MIT-style - * license. Please see http://www.yui-ext.com/ for more information. */ - -var Selector = Class.create(); - -Selector.prototype = { - initialize: function(expression) { - this.expression = expression.strip(); - this.compileMatcher(); - }, - - compileMatcher: function() { - // Selectors with namespaced attributes can't use the XPath version - if (Prototype.BrowserFeatures.XPath && !(/\[[\w-]*?:/).test(this.expression)) - return this.compileXPathMatcher(); - - var e = this.expression, ps = Selector.patterns, h = Selector.handlers, - c = Selector.criteria, le, p, m; - - if (Selector._cache[e]) { - this.matcher = Selector._cache[e]; return; - } - this.matcher = ["this.matcher = function(root) {", - "var r = root, h = Selector.handlers, c = false, n;"]; - - while (e && le != e && (/\S/).test(e)) { - le = e; - for (var i in ps) { - p = ps[i]; - if (m = e.match(p)) { - this.matcher.push(typeof c[i] == 'function' ? c[i](m) : - new Template(c[i]).evaluate(m)); - e = e.replace(m[0], ''); - break; - } - } - } - - this.matcher.push("return h.unique(n);\n}"); - eval(this.matcher.join('\n')); - Selector._cache[this.expression] = this.matcher; - }, - - compileXPathMatcher: function() { - var e = this.expression, ps = Selector.patterns, - x = Selector.xpath, le, m; - - if (Selector._cache[e]) { - this.xpath = Selector._cache[e]; return; - } - - this.matcher = ['.//*']; - while (e && le != e && (/\S/).test(e)) { - le = e; - for (var i in ps) { - if (m = e.match(ps[i])) { - this.matcher.push(typeof x[i] == 'function' ? x[i](m) : - new Template(x[i]).evaluate(m)); - e = e.replace(m[0], ''); - break; - } - } - } - - this.xpath = this.matcher.join(''); - Selector._cache[this.expression] = this.xpath; - }, - - findElements: function(root) { - root = root || document; - if (this.xpath) return document._getElementsByXPath(this.xpath, root); - return this.matcher(root); - }, - - match: function(element) { - return this.findElements(document).include(element); - }, - - toString: function() { - return this.expression; - }, - - inspect: function() { - return "#<Selector:" + this.expression.inspect() + ">"; - } -}; - -Object.extend(Selector, { - _cache: {}, - - xpath: { - descendant: "//*", - child: "/*", - adjacent: "/following-sibling::*[1]", - laterSibling: '/following-sibling::*', - tagName: function(m) { - if (m[1] == '*') return ''; - return "[local-name()='" + m[1].toLowerCase() + - "' or local-name()='" + m[1].toUpperCase() + "']"; - }, - className: "[contains(concat(' ', @class, ' '), ' #{1} ')]", - id: "[@id='#{1}']", - attrPresence: "[@#{1}]", - attr: function(m) { - m[3] = m[5] || m[6]; - return new Template(Selector.xpath.operators[m[2]]).evaluate(m); - }, - pseudo: function(m) { - var h = Selector.xpath.pseudos[m[1]]; - if (!h) return ''; - if (typeof h === 'function') return h(m); - return new Template(Selector.xpath.pseudos[m[1]]).evaluate(m); - }, - operators: { - '=': "[@#{1}='#{3}']", - '!=': "[@#{1}!='#{3}']", - '^=': "[starts-with(@#{1}, '#{3}')]", - '$=': "[substring(@#{1}, (string-length(@#{1}) - string-length('#{3}') + 1))='#{3}']", - '*=': "[contains(@#{1}, '#{3}')]", - '~=': "[contains(concat(' ', @#{1}, ' '), ' #{3} ')]", - '|=': "[contains(concat('-', @#{1}, '-'), '-#{3}-')]" - }, - pseudos: { - 'first-child': '[not(preceding-sibling::*)]', - 'last-child': '[not(following-sibling::*)]', - 'only-child': '[not(preceding-sibling::* or following-sibling::*)]', - 'empty': "[count(*) = 0 and (count(text()) = 0 or translate(text(), ' \t\r\n', '') = '')]", - 'checked': "[@checked]", - 'disabled': "[@disabled]", - 'enabled': "[not(@disabled)]", - 'not': function(m) { - var e = m[6], p = Selector.patterns, - x = Selector.xpath, le, m, v; - - var exclusion = []; - while (e && le != e && (/\S/).test(e)) { - le = e; - for (var i in p) { - if (m = e.match(p[i])) { - v = typeof x[i] == 'function' ? x[i](m) : new Template(x[i]).evaluate(m); - exclusion.push("(" + v.substring(1, v.length - 1) + ")"); - e = e.replace(m[0], ''); - break; - } - } - } - return "[not(" + exclusion.join(" and ") + ")]"; - }, - 'nth-child': function(m) { - return Selector.xpath.pseudos.nth("(count(./preceding-sibling::*) + 1) ", m); - }, - 'nth-last-child': function(m) { - return Selector.xpath.pseudos.nth("(count(./following-sibling::*) + 1) ", m); - }, - 'nth-of-type': function(m) { - return Selector.xpath.pseudos.nth("position() ", m); - }, - 'nth-last-of-type': function(m) { - return Selector.xpath.pseudos.nth("(last() + 1 - position()) ", m); - }, - 'first-of-type': function(m) { - m[6] = "1"; return Selector.xpath.pseudos['nth-of-type'](m); - }, - 'last-of-type': function(m) { - m[6] = "1"; return Selector.xpath.pseudos['nth-last-of-type'](m); - }, - 'only-of-type': function(m) { - var p = Selector.xpath.pseudos; return p['first-of-type'](m) + p['last-of-type'](m); - }, - nth: function(fragment, m) { - var mm, formula = m[6], predicate; - if (formula == 'even') formula = '2n+0'; - if (formula == 'odd') formula = '2n+1'; - if (mm = formula.match(/^(\d+)$/)) // digit only - return '[' + fragment + "= " + mm[1] + ']'; - if (mm = formula.match(/^(-?\d*)?n(([+-])(\d+))?/)) { // an+b - if (mm[1] == "-") mm[1] = -1; - var a = mm[1] ? Number(mm[1]) : 1; - var b = mm[2] ? Number(mm[2]) : 0; - predicate = "[((#{fragment} - #{b}) mod #{a} = 0) and " + - "((#{fragment} - #{b}) div #{a} >= 0)]"; - return new Template(predicate).evaluate({ - fragment: fragment, a: a, b: b }); - } - } - } - }, - - criteria: { - tagName: 'n = h.tagName(n, r, "#{1}", c); c = false;', - className: 'n = h.className(n, r, "#{1}", c); c = false;', - id: 'n = h.id(n, r, "#{1}", c); c = false;', - attrPresence: 'n = h.attrPresence(n, r, "#{1}"); c = false;', - attr: function(m) { - m[3] = (m[5] || m[6]); - return new Template('n = h.attr(n, r, "#{1}", "#{3}", "#{2}"); c = false;').evaluate(m); - }, - pseudo: function(m) { - if (m[6]) m[6] = m[6].replace(/"/g, '\\"'); - return new Template('n = h.pseudo(n, "#{1}", "#{6}", r, c); c = false;').evaluate(m); - }, - descendant: 'c = "descendant";', - child: 'c = "child";', - adjacent: 'c = "adjacent";', - laterSibling: 'c = "laterSibling";' - }, - - patterns: { - // combinators must be listed first - // (and descendant needs to be last combinator) - laterSibling: /^\s*~\s*/, - child: /^\s*>\s*/, - adjacent: /^\s*\+\s*/, - descendant: /^\s/, - - // selectors follow - tagName: /^\s*(\*|[\w\-]+)(\b|$)?/, - id: /^#([\w\-\*]+)(\b|$)/, - className: /^\.([\w\-\*]+)(\b|$)/, - pseudo: /^:((first|last|nth|nth-last|only)(-child|-of-type)|empty|checked|(en|dis)abled|not)(\((.*?)\))?(\b|$|\s|(?=:))/, - attrPresence: /^\[([\w]+)\]/, - attr: /\[((?:[\w-]*:)?[\w-]+)\s*(?:([!^$*~|]?=)\s*((['"])([^\]]*?)\4|([^'"][^\]]*?)))?\]/ - }, - - handlers: { - // UTILITY FUNCTIONS - // joins two collections - concat: function(a, b) { - for (var i = 0, node; node = b[i]; i++) - a.push(node); - return a; - }, - - // marks an array of nodes for counting - mark: function(nodes) { - for (var i = 0, node; node = nodes[i]; i++) - node._counted = true; - return nodes; - }, - - unmark: function(nodes) { - for (var i = 0, node; node = nodes[i]; i++) - node._counted = undefined; - return nodes; - }, - - // mark each child node with its position (for nth calls) - // "ofType" flag indicates whether we're indexing for nth-of-type - // rather than nth-child - index: function(parentNode, reverse, ofType) { - parentNode._counted = true; - if (reverse) { - for (var nodes = parentNode.childNodes, i = nodes.length - 1, j = 1; i >= 0; i--) { - node = nodes[i]; - if (node.nodeType == 1 && (!ofType || node._counted)) node.nodeIndex = j++; - } - } else { - for (var i = 0, j = 1, nodes = parentNode.childNodes; node = nodes[i]; i++) - if (node.nodeType == 1 && (!ofType || node._counted)) node.nodeIndex = j++; - } - }, - - // filters out duplicates and extends all nodes - unique: function(nodes) { - if (nodes.length == 0) return nodes; - var results = [], n; - for (var i = 0, l = nodes.length; i < l; i++) - if (!(n = nodes[i])._counted) { - n._counted = true; - results.push(Element.extend(n)); - } - return Selector.handlers.unmark(results); - }, - - // COMBINATOR FUNCTIONS - descendant: function(nodes) { - var h = Selector.handlers; - for (var i = 0, results = [], node; node = nodes[i]; i++) - h.concat(results, node.getElementsByTagName('*')); - return results; - }, - - child: function(nodes) { - var h = Selector.handlers; - for (var i = 0, results = [], node; node = nodes[i]; i++) { - for (var j = 0, children = [], child; child = node.childNodes[j]; j++) - if (child.nodeType == 1 && child.tagName != '!') results.push(child); - } - return results; - }, - - adjacent: function(nodes) { - for (var i = 0, results = [], node; node = nodes[i]; i++) { - var next = this.nextElementSibling(node); - if (next) results.push(next); - } - return results; - }, - - laterSibling: function(nodes) { - var h = Selector.handlers; - for (var i = 0, results = [], node; node = nodes[i]; i++) - h.concat(results, Element.nextSiblings(node)); - return results; - }, - - nextElementSibling: function(node) { - while (node = node.nextSibling) - if (node.nodeType == 1) return node; - return null; - }, - - previousElementSibling: function(node) { - while (node = node.previousSibling) - if (node.nodeType == 1) return node; - return null; - }, - - // TOKEN FUNCTIONS - tagName: function(nodes, root, tagName, combinator) { - tagName = tagName.toUpperCase(); - var results = [], h = Selector.handlers; - if (nodes) { - if (combinator) { - // fastlane for ordinary descendant combinators - if (combinator == "descendant") { - for (var i = 0, node; node = nodes[i]; i++) - h.concat(results, node.getElementsByTagName(tagName)); - return results; - } else nodes = this[combinator](nodes); - if (tagName == "*") return nodes; - } - for (var i = 0, node; node = nodes[i]; i++) - if (node.tagName.toUpperCase() == tagName) results.push(node); - return results; - } else return root.getElementsByTagName(tagName); - }, - - id: function(nodes, root, id, combinator) { - var targetNode = $(id), h = Selector.handlers; - if (!nodes && root == document) return targetNode ? [targetNode] : []; - if (nodes) { - if (combinator) { - if (combinator == 'child') { - for (var i = 0, node; node = nodes[i]; i++) - if (targetNode.parentNode == node) return [targetNode]; - } else if (combinator == 'descendant') { - for (var i = 0, node; node = nodes[i]; i++) - if (Element.descendantOf(targetNode, node)) return [targetNode]; - } else if (combinator == 'adjacent') { - for (var i = 0, node; node = nodes[i]; i++) - if (Selector.handlers.previousElementSibling(targetNode) == node) - return [targetNode]; - } else nodes = h[combinator](nodes); - } - for (var i = 0, node; node = nodes[i]; i++) - if (node == targetNode) return [targetNode]; - return []; - } - return (targetNode && Element.descendantOf(targetNode, root)) ? [targetNode] : []; - }, - - className: function(nodes, root, className, combinator) { - if (nodes && combinator) nodes = this[combinator](nodes); - return Selector.handlers.byClassName(nodes, root, className); - }, - - byClassName: function(nodes, root, className) { - if (!nodes) nodes = Selector.handlers.descendant([root]); - var needle = ' ' + className + ' '; - for (var i = 0, results = [], node, nodeClassName; node = nodes[i]; i++) { - nodeClassName = node.className; - if (nodeClassName.length == 0) continue; - if (nodeClassName == className || (' ' + nodeClassName + ' ').include(needle)) - results.push(node); - } - return results; - }, - - attrPresence: function(nodes, root, attr) { - var results = []; - for (var i = 0, node; node = nodes[i]; i++) - if (Element.hasAttribute(node, attr)) results.push(node); - return results; - }, - - attr: function(nodes, root, attr, value, operator) { - if (!nodes) nodes = root.getElementsByTagName("*"); - var handler = Selector.operators[operator], results = []; - for (var i = 0, node; node = nodes[i]; i++) { - var nodeValue = Element.readAttribute(node, attr); - if (nodeValue === null) continue; - if (handler(nodeValue, value)) results.push(node); - } - return results; - }, - - pseudo: function(nodes, name, value, root, combinator) { - if (nodes && combinator) nodes = this[combinator](nodes); - if (!nodes) nodes = root.getElementsByTagName("*"); - return Selector.pseudos[name](nodes, value, root); - } - }, - - pseudos: { - 'first-child': function(nodes, value, root) { - for (var i = 0, results = [], node; node = nodes[i]; i++) { - if (Selector.handlers.previousElementSibling(node)) continue; - results.push(node); - } - return results; - }, - 'last-child': function(nodes, value, root) { - for (var i = 0, results = [], node; node = nodes[i]; i++) { - if (Selector.handlers.nextElementSibling(node)) continue; - results.push(node); - } - return results; - }, - 'only-child': function(nodes, value, root) { - var h = Selector.handlers; - for (var i = 0, results = [], node; node = nodes[i]; i++) - if (!h.previousElementSibling(node) && !h.nextElementSibling(node)) - results.push(node); - return results; - }, - 'nth-child': function(nodes, formula, root) { - return Selector.pseudos.nth(nodes, formula, root); - }, - 'nth-last-child': function(nodes, formula, root) { - return Selector.pseudos.nth(nodes, formula, root, true); - }, - 'nth-of-type': function(nodes, formula, root) { - return Selector.pseudos.nth(nodes, formula, root, false, true); - }, - 'nth-last-of-type': function(nodes, formula, root) { - return Selector.pseudos.nth(nodes, formula, root, true, true); - }, - 'first-of-type': function(nodes, formula, root) { - return Selector.pseudos.nth(nodes, "1", root, false, true); - }, - 'last-of-type': function(nodes, formula, root) { - return Selector.pseudos.nth(nodes, "1", root, true, true); - }, - 'only-of-type': function(nodes, formula, root) { - var p = Selector.pseudos; - return p['last-of-type'](p['first-of-type'](nodes, formula, root), formula, root); - }, - - // handles the an+b logic - getIndices: function(a, b, total) { - if (a == 0) return b > 0 ? [b] : []; - return $R(1, total).inject([], function(memo, i) { - if (0 == (i - b) % a && (i - b) / a >= 0) memo.push(i); - return memo; - }); - }, - - // handles nth(-last)-child, nth(-last)-of-type, and (first|last)-of-type - nth: function(nodes, formula, root, reverse, ofType) { - if (nodes.length == 0) return []; - if (formula == 'even') formula = '2n+0'; - if (formula == 'odd') formula = '2n+1'; - var h = Selector.handlers, results = [], indexed = [], m; - h.mark(nodes); - for (var i = 0, node; node = nodes[i]; i++) { - if (!node.parentNode._counted) { - h.index(node.parentNode, reverse, ofType); - indexed.push(node.parentNode); - } - } - if (formula.match(/^\d+$/)) { // just a number - formula = Number(formula); - for (var i = 0, node; node = nodes[i]; i++) - if (node.nodeIndex == formula) results.push(node); - } else if (m = formula.match(/^(-?\d*)?n(([+-])(\d+))?/)) { // an+b - if (m[1] == "-") m[1] = -1; - var a = m[1] ? Number(m[1]) : 1; - var b = m[2] ? Number(m[2]) : 0; - var indices = Selector.pseudos.getIndices(a, b, nodes.length); - for (var i = 0, node, l = indices.length; node = nodes[i]; i++) { - for (var j = 0; j < l; j++) - if (node.nodeIndex == indices[j]) results.push(node); - } - } - h.unmark(nodes); - h.unmark(indexed); - return results; - }, - - 'empty': function(nodes, value, root) { - for (var i = 0, results = [], node; node = nodes[i]; i++) { - // IE treats comments as element nodes - if (node.tagName == '!' || (node.firstChild && !node.innerHTML.match(/^\s*$/))) continue; - results.push(node); - } - return results; - }, - - 'not': function(nodes, selector, root) { - var h = Selector.handlers, selectorType, m; - var exclusions = new Selector(selector).findElements(root); - h.mark(exclusions); - for (var i = 0, results = [], node; node = nodes[i]; i++) - if (!node._counted) results.push(node); - h.unmark(exclusions); - return results; - }, - - 'enabled': function(nodes, value, root) { - for (var i = 0, results = [], node; node = nodes[i]; i++) - if (!node.disabled) results.push(node); - return results; - }, - - 'disabled': function(nodes, value, root) { - for (var i = 0, results = [], node; node = nodes[i]; i++) - if (node.disabled) results.push(node); - return results; - }, - - 'checked': function(nodes, value, root) { - for (var i = 0, results = [], node; node = nodes[i]; i++) - if (node.checked) results.push(node); - return results; - } - }, - - operators: { - '=': function(nv, v) { return nv == v; }, - '!=': function(nv, v) { return nv != v; }, - '^=': function(nv, v) { return nv.startsWith(v); }, - '$=': function(nv, v) { return nv.endsWith(v); }, - '*=': function(nv, v) { return nv.include(v); }, - '~=': function(nv, v) { return (' ' + nv + ' ').include(' ' + v + ' '); }, - '|=': function(nv, v) { return ('-' + nv.toUpperCase() + '-').include('-' + v.toUpperCase() + '-'); } - }, - - matchElements: function(elements, expression) { - var matches = new Selector(expression).findElements(), h = Selector.handlers; - h.mark(matches); - for (var i = 0, results = [], element; element = elements[i]; i++) - if (element._counted) results.push(element); - h.unmark(matches); - return results; - }, - - findElement: function(elements, expression, index) { - if (typeof expression == 'number') { - index = expression; expression = false; - } - return Selector.matchElements(elements, expression || '*')[index || 0]; - }, - - findChildElements: function(element, expressions) { - var exprs = expressions.join(','), expressions = []; - exprs.scan(/(([\w#:.~>+()\s-]+|\*|\[.*?\])+)\s*(,|$)/, function(m) { - expressions.push(m[1].strip()); - }); - var results = [], h = Selector.handlers; - for (var i = 0, l = expressions.length, selector; i < l; i++) { - selector = new Selector(expressions[i].strip()); - h.concat(results, selector.findElements(element)); - } - return (l > 1) ? h.unique(results) : results; - } -}); - -function $$() { - return Selector.findChildElements(document, $A(arguments)); -} -var Form = { - reset: function(form) { - $(form).reset(); - return form; - }, - - serializeElements: function(elements, getHash) { - var data = elements.inject({}, function(result, element) { - if (!element.disabled && element.name) { - var key = element.name, value = $(element).getValue(); - if (value != null) { - if (key in result) { - if (result[key].constructor != Array) result[key] = [result[key]]; - result[key].push(value); - } - else result[key] = value; - } - } - return result; - }); - - return getHash ? data : Hash.toQueryString(data); - } -}; - -Form.Methods = { - serialize: function(form, getHash) { - return Form.serializeElements(Form.getElements(form), getHash); - }, - - getElements: function(form) { - return $A($(form).getElementsByTagName('*')).inject([], - function(elements, child) { - if (Form.Element.Serializers[child.tagName.toLowerCase()]) - elements.push(Element.extend(child)); - return elements; - } - ); - }, - - getInputs: function(form, typeName, name) { - form = $(form); - var inputs = form.getElementsByTagName('input'); - - if (!typeName && !name) return $A(inputs).map(Element.extend); - - for (var i = 0, matchingInputs = [], length = inputs.length; i < length; i++) { - var input = inputs[i]; - if ((typeName && input.type != typeName) || (name && input.name != name)) - continue; - matchingInputs.push(Element.extend(input)); - } - - return matchingInputs; - }, - - disable: function(form) { - form = $(form); - Form.getElements(form).invoke('disable'); - return form; - }, - - enable: function(form) { - form = $(form); - Form.getElements(form).invoke('enable'); - return form; - }, - - findFirstElement: function(form) { - return $(form).getElements().find(function(element) { - return element.type != 'hidden' && !element.disabled && - ['input', 'select', 'textarea'].include(element.tagName.toLowerCase()); - }); - }, - - focusFirstElement: function(form) { - form = $(form); - form.findFirstElement().activate(); - return form; - }, - - request: function(form, options) { - form = $(form), options = Object.clone(options || {}); - - var params = options.parameters; - options.parameters = form.serialize(true); - - if (params) { - if (typeof params == 'string') params = params.toQueryParams(); - Object.extend(options.parameters, params); - } - - if (form.hasAttribute('method') && !options.method) - options.method = form.method; - - return new Ajax.Request(form.readAttribute('action'), options); - } -} - -/*--------------------------------------------------------------------------*/ - -Form.Element = { - focus: function(element) { - $(element).focus(); - return element; - }, - - select: function(element) { - $(element).select(); - return element; - } -} - -Form.Element.Methods = { - serialize: function(element) { - element = $(element); - if (!element.disabled && element.name) { - var value = element.getValue(); - if (value != undefined) { - var pair = {}; - pair[element.name] = value; - return Hash.toQueryString(pair); - } - } - return ''; - }, - - getValue: function(element) { - element = $(element); - var method = element.tagName.toLowerCase(); - return Form.Element.Serializers[method](element); - }, - - clear: function(element) { - $(element).value = ''; - return element; - }, - - present: function(element) { - return $(element).value != ''; - }, - - activate: function(element) { - element = $(element); - try { - element.focus(); - if (element.select && (element.tagName.toLowerCase() != 'input' || - !['button', 'reset', 'submit'].include(element.type))) - element.select(); - } catch (e) {} - return element; - }, - - disable: function(element) { - element = $(element); - element.blur(); - element.disabled = true; - return element; - }, - - enable: function(element) { - element = $(element); - element.disabled = false; - return element; - } -} - -/*--------------------------------------------------------------------------*/ - -var Field = Form.Element; -var $F = Form.Element.Methods.getValue; - -/*--------------------------------------------------------------------------*/ - -Form.Element.Serializers = { - input: function(element) { - switch (element.type.toLowerCase()) { - case 'checkbox': - case 'radio': - return Form.Element.Serializers.inputSelector(element); - default: - return Form.Element.Serializers.textarea(element); - } - }, - - inputSelector: function(element) { - return element.checked ? element.value : null; - }, - - textarea: function(element) { - return element.value; - }, - - select: function(element) { - return this[element.type == 'select-one' ? - 'selectOne' : 'selectMany'](element); - }, - - selectOne: function(element) { - var index = element.selectedIndex; - return index >= 0 ? this.optionValue(element.options[index]) : null; - }, - - selectMany: function(element) { - var values, length = element.length; - if (!length) return null; - - for (var i = 0, values = []; i < length; i++) { - var opt = element.options[i]; - if (opt.selected) values.push(this.optionValue(opt)); - } - return values; - }, - - optionValue: function(opt) { - // extend element because hasAttribute may not be native - return Element.extend(opt).hasAttribute('value') ? opt.value : opt.text; - } -} - -/*--------------------------------------------------------------------------*/ - -Abstract.TimedObserver = function() {} -Abstract.TimedObserver.prototype = { - initialize: function(element, frequency, callback) { - this.frequency = frequency; - this.element = $(element); - this.callback = callback; - - this.lastValue = this.getValue(); - this.registerCallback(); - }, - - registerCallback: function() { - setInterval(this.onTimerEvent.bind(this), this.frequency * 1000); - }, - - onTimerEvent: function() { - var value = this.getValue(); - var changed = ('string' == typeof this.lastValue && 'string' == typeof value - ? this.lastValue != value : String(this.lastValue) != String(value)); - if (changed) { - this.callback(this.element, value); - this.lastValue = value; - } - } -} - -Form.Element.Observer = Class.create(); -Form.Element.Observer.prototype = Object.extend(new Abstract.TimedObserver(), { - getValue: function() { - return Form.Element.getValue(this.element); - } -}); - -Form.Observer = Class.create(); -Form.Observer.prototype = Object.extend(new Abstract.TimedObserver(), { - getValue: function() { - return Form.serialize(this.element); - } -}); - -/*--------------------------------------------------------------------------*/ - -Abstract.EventObserver = function() {} -Abstract.EventObserver.prototype = { - initialize: function(element, callback) { - this.element = $(element); - this.callback = callback; - - this.lastValue = this.getValue(); - if (this.element.tagName.toLowerCase() == 'form') - this.registerFormCallbacks(); - else - this.registerCallback(this.element); - }, - - onElementEvent: function() { - var value = this.getValue(); - if (this.lastValue != value) { - this.callback(this.element, value); - this.lastValue = value; - } - }, - - registerFormCallbacks: function() { - Form.getElements(this.element).each(this.registerCallback.bind(this)); - }, - - registerCallback: function(element) { - if (element.type) { - switch (element.type.toLowerCase()) { - case 'checkbox': - case 'radio': - Event.observe(element, 'click', this.onElementEvent.bind(this)); - break; - default: - Event.observe(element, 'change', this.onElementEvent.bind(this)); - break; - } - } - } -} - -Form.Element.EventObserver = Class.create(); -Form.Element.EventObserver.prototype = Object.extend(new Abstract.EventObserver(), { - getValue: function() { - return Form.Element.getValue(this.element); - } -}); - -Form.EventObserver = Class.create(); -Form.EventObserver.prototype = Object.extend(new Abstract.EventObserver(), { - getValue: function() { - return Form.serialize(this.element); - } -}); -if (!window.Event) { - var Event = new Object(); -} - -Object.extend(Event, { - KEY_BACKSPACE: 8, - KEY_TAB: 9, - KEY_RETURN: 13, - KEY_ESC: 27, - KEY_LEFT: 37, - KEY_UP: 38, - KEY_RIGHT: 39, - KEY_DOWN: 40, - KEY_DELETE: 46, - KEY_HOME: 36, - KEY_END: 35, - KEY_PAGEUP: 33, - KEY_PAGEDOWN: 34, - - element: function(event) { - return $(event.target || event.srcElement); - }, - - isLeftClick: function(event) { - return (((event.which) && (event.which == 1)) || - ((event.button) && (event.button == 1))); - }, - - pointerX: function(event) { - return event.pageX || (event.clientX + - (document.documentElement.scrollLeft || document.body.scrollLeft)); - }, - - pointerY: function(event) { - return event.pageY || (event.clientY + - (document.documentElement.scrollTop || document.body.scrollTop)); - }, - - stop: function(event) { - if (event.preventDefault) { - event.preventDefault(); - event.stopPropagation(); - } else { - event.returnValue = false; - event.cancelBubble = true; - } - }, - - // find the first node with the given tagName, starting from the - // node the event was triggered on; traverses the DOM upwards - findElement: function(event, tagName) { - var element = Event.element(event); - while (element.parentNode && (!element.tagName || - (element.tagName.toUpperCase() != tagName.toUpperCase()))) - element = element.parentNode; - return element; - }, - - observers: false, - - _observeAndCache: function(element, name, observer, useCapture) { - if (!this.observers) this.observers = []; - if (element.addEventListener) { - this.observers.push([element, name, observer, useCapture]); - element.addEventListener(name, observer, useCapture); - } else if (element.attachEvent) { - this.observers.push([element, name, observer, useCapture]); - element.attachEvent('on' + name, observer); - } - }, - - unloadCache: function() { - if (!Event.observers) return; - for (var i = 0, length = Event.observers.length; i < length; i++) { - Event.stopObserving.apply(this, Event.observers[i]); - Event.observers[i][0] = null; - } - Event.observers = false; - }, - - observe: function(element, name, observer, useCapture) { - element = $(element); - useCapture = useCapture || false; - - if (name == 'keypress' && - (Prototype.Browser.WebKit || element.attachEvent)) - name = 'keydown'; - - Event._observeAndCache(element, name, observer, useCapture); - }, - - stopObserving: function(element, name, observer, useCapture) { - element = $(element); - useCapture = useCapture || false; - - if (name == 'keypress' && - (Prototype.Browser.WebKit || element.attachEvent)) - name = 'keydown'; - - if (element.removeEventListener) { - element.removeEventListener(name, observer, useCapture); - } else if (element.detachEvent) { - try { - element.detachEvent('on' + name, observer); - } catch (e) {} - } - } -}); - -/* prevent memory leaks in IE */ -if (Prototype.Browser.IE) - Event.observe(window, 'unload', Event.unloadCache, false); -var Position = { - // set to true if needed, warning: firefox performance problems - // NOT neeeded for page scrolling, only if draggable contained in - // scrollable elements - includeScrollOffsets: false, - - // must be called before calling withinIncludingScrolloffset, every time the - // page is scrolled - prepare: function() { - this.deltaX = window.pageXOffset - || document.documentElement.scrollLeft - || document.body.scrollLeft - || 0; - this.deltaY = window.pageYOffset - || document.documentElement.scrollTop - || document.body.scrollTop - || 0; - }, - - realOffset: function(element) { - var valueT = 0, valueL = 0; - do { - valueT += element.scrollTop || 0; - valueL += element.scrollLeft || 0; - element = element.parentNode; - } while (element); - return [valueL, valueT]; - }, - - cumulativeOffset: function(element) { - var valueT = 0, valueL = 0; - do { - valueT += element.offsetTop || 0; - valueL += element.offsetLeft || 0; - element = element.offsetParent; - } while (element); - return [valueL, valueT]; - }, - - positionedOffset: function(element) { - var valueT = 0, valueL = 0; - do { - valueT += element.offsetTop || 0; - valueL += element.offsetLeft || 0; - element = element.offsetParent; - if (element) { - if(element.tagName=='BODY') break; - var p = Element.getStyle(element, 'position'); - if (p == 'relative' || p == 'absolute') break; - } - } while (element); - return [valueL, valueT]; - }, - - offsetParent: function(element) { - if (element.offsetParent) return element.offsetParent; - if (element == document.body) return element; - - while ((element = element.parentNode) && element != document.body) - if (Element.getStyle(element, 'position') != 'static') - return element; - - return document.body; - }, - - // caches x/y coordinate pair to use with overlap - within: function(element, x, y) { - if (this.includeScrollOffsets) - return this.withinIncludingScrolloffsets(element, x, y); - this.xcomp = x; - this.ycomp = y; - this.offset = this.cumulativeOffset(element); - - return (y >= this.offset[1] && - y < this.offset[1] + element.offsetHeight && - x >= this.offset[0] && - x < this.offset[0] + element.offsetWidth); - }, - - withinIncludingScrolloffsets: function(element, x, y) { - var offsetcache = this.realOffset(element); - - this.xcomp = x + offsetcache[0] - this.deltaX; - this.ycomp = y + offsetcache[1] - this.deltaY; - this.offset = this.cumulativeOffset(element); - - return (this.ycomp >= this.offset[1] && - this.ycomp < this.offset[1] + element.offsetHeight && - this.xcomp >= this.offset[0] && - this.xcomp < this.offset[0] + element.offsetWidth); - }, - - // within must be called directly before - overlap: function(mode, element) { - if (!mode) return 0; - if (mode == 'vertical') - return ((this.offset[1] + element.offsetHeight) - this.ycomp) / - element.offsetHeight; - if (mode == 'horizontal') - return ((this.offset[0] + element.offsetWidth) - this.xcomp) / - element.offsetWidth; - }, - - page: function(forElement) { - var valueT = 0, valueL = 0; - - var element = forElement; - do { - valueT += element.offsetTop || 0; - valueL += element.offsetLeft || 0; - - // Safari fix - if (element.offsetParent == document.body) - if (Element.getStyle(element,'position')=='absolute') break; - - } while (element = element.offsetParent); - - element = forElement; - do { - if (!window.opera || element.tagName=='BODY') { - valueT -= element.scrollTop || 0; - valueL -= element.scrollLeft || 0; - } - } while (element = element.parentNode); - - return [valueL, valueT]; - }, - - clone: function(source, target) { - var options = Object.extend({ - setLeft: true, - setTop: true, - setWidth: true, - setHeight: true, - offsetTop: 0, - offsetLeft: 0 - }, arguments[2] || {}) - - // find page position of source - source = $(source); - var p = Position.page(source); - - // find coordinate system to use - target = $(target); - var delta = [0, 0]; - var parent = null; - // delta [0,0] will do fine with position: fixed elements, - // position:absolute needs offsetParent deltas - if (Element.getStyle(target,'position') == 'absolute') { - parent = Position.offsetParent(target); - delta = Position.page(parent); - } - - // correct by body offsets (fixes Safari) - if (parent == document.body) { - delta[0] -= document.body.offsetLeft; - delta[1] -= document.body.offsetTop; - } - - // set position - if(options.setLeft) target.style.left = (p[0] - delta[0] + options.offsetLeft) + 'px'; - if(options.setTop) target.style.top = (p[1] - delta[1] + options.offsetTop) + 'px'; - if(options.setWidth) target.style.width = source.offsetWidth + 'px'; - if(options.setHeight) target.style.height = source.offsetHeight + 'px'; - }, - - absolutize: function(element) { - element = $(element); - if (element.style.position == 'absolute') return; - Position.prepare(); - - var offsets = Position.positionedOffset(element); - var top = offsets[1]; - var left = offsets[0]; - var width = element.clientWidth; - var height = element.clientHeight; - - element._originalLeft = left - parseFloat(element.style.left || 0); - element._originalTop = top - parseFloat(element.style.top || 0); - element._originalWidth = element.style.width; - element._originalHeight = element.style.height; - - element.style.position = 'absolute'; - element.style.top = top + 'px'; - element.style.left = left + 'px'; - element.style.width = width + 'px'; - element.style.height = height + 'px'; - }, - - relativize: function(element) { - element = $(element); - if (element.style.position == 'relative') return; - Position.prepare(); - - element.style.position = 'relative'; - var top = parseFloat(element.style.top || 0) - (element._originalTop || 0); - var left = parseFloat(element.style.left || 0) - (element._originalLeft || 0); - - element.style.top = top + 'px'; - element.style.left = left + 'px'; - element.style.height = element._originalHeight; - element.style.width = element._originalWidth; - } -} - -// Safari returns margins on body which is incorrect if the child is absolutely -// positioned. For performance reasons, redefine Position.cumulativeOffset for -// KHTML/WebKit only. -if (Prototype.Browser.WebKit) { - Position.cumulativeOffset = function(element) { - var valueT = 0, valueL = 0; - do { - valueT += element.offsetTop || 0; - valueL += element.offsetLeft || 0; - if (element.offsetParent == document.body) - if (Element.getStyle(element, 'position') == 'absolute') break; - - element = element.offsetParent; - } while (element); - - return [valueL, valueT]; - } -} - -Element.addMethods();
\ No newline at end of file diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/scriptaculous.js b/ipa-server/ipa-gui/ipagui/static/javascript/scriptaculous.js deleted file mode 100644 index 7c472a600..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/scriptaculous.js +++ /dev/null @@ -1,58 +0,0 @@ -// script.aculo.us scriptaculous.js v1.7.1_beta3, Fri May 25 17:19:41 +0200 2007 - -// Copyright (c) 2005-2007 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) -// -// Permission is hereby granted, free of charge, to any person obtaining -// a copy of this software and associated documentation files (the -// "Software"), to deal in the Software without restriction, including -// without limitation the rights to use, copy, modify, merge, publish, -// distribute, sublicense, and/or sell copies of the Software, and to -// permit persons to whom the Software is furnished to do so, subject to -// the following conditions: -// -// The above copyright notice and this permission notice shall be -// included in all copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -// -// For details, see the script.aculo.us web site: http://script.aculo.us/ - -var Scriptaculous = { - Version: '1.7.1_beta3', - require: function(libraryName) { - // inserting via DOM fails in Safari 2.0, so brute force approach - document.write('<script type="text/javascript" src="'+libraryName+'"></script>'); - }, - REQUIRED_PROTOTYPE: '1.5.1', - load: function() { - function convertVersionString(versionString){ - var r = versionString.split('.'); - return parseInt(r[0])*100000 + parseInt(r[1])*1000 + parseInt(r[2]); - } - - if((typeof Prototype=='undefined') || - (typeof Element == 'undefined') || - (typeof Element.Methods=='undefined') || - (convertVersionString(Prototype.Version) < - convertVersionString(Scriptaculous.REQUIRED_PROTOTYPE))) - throw("script.aculo.us requires the Prototype JavaScript framework >= " + - Scriptaculous.REQUIRED_PROTOTYPE); - - $A(document.getElementsByTagName("script")).findAll( function(s) { - return (s.src && s.src.match(/scriptaculous\.js(\?.*)?$/)) - }).each( function(s) { - var path = s.src.replace(/scriptaculous\.js(\?.*)?$/,''); - var includes = s.src.match(/\?.*load=([a-z,]*)/); - (includes ? includes[1] : 'builder,effects,dragdrop,controls,slider,sound').split(',').each( - function(include) { Scriptaculous.require(path+include+'.js') }); - }); - } -} - -Scriptaculous.load();
\ No newline at end of file diff --git a/ipa-server/ipa-gui/ipagui/static/javascript/tablekit.js b/ipa-server/ipa-gui/ipagui/static/javascript/tablekit.js deleted file mode 100644 index 540369489..000000000 --- a/ipa-server/ipa-gui/ipagui/static/javascript/tablekit.js +++ /dev/null @@ -1,848 +0,0 @@ -/* -* -* Copyright (c) 2007 Andrew Tetlaw & Millstream Web Software -* http://www.millstream.com.au/view/code/tablekit/ -* Version: 1.2.1 2007-03-11 -* -* Permission is hereby granted, free of charge, to any person -* obtaining a copy of this software and associated documentation -* files (the "Software"), to deal in the Software without -* restriction, including without limitation the rights to use, copy, -* modify, merge, publish, distribute, sublicense, and/or sell copies -* of the Software, and to permit persons to whom the Software is -* furnished to do so, subject to the following conditions: -* -* The above copyright notice and this permission notice shall be -* included in all copies or substantial portions of the Software. -* -* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS -* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -* SOFTWARE. -* * -*/ - -// Use the TableKit class constructure if you'd prefer to init your tables as JS objects -var TableKit = Class.create(); - -TableKit.prototype = { - initialize : function(elm, options) { - var table = $(elm); - if(table.tagName !== "TABLE") { - return; - } - TableKit.register(table,Object.extend(TableKit.options,options || {})); - this.id = table.id; - var op = TableKit.option('sortable resizable editable', this.id); - if(op.sortable) { - TableKit.Sortable.init(table); - } - if(op.resizable) { - TableKit.Resizable.init(table); - } - if(op.editable) { - TableKit.Editable.init(table); - } - }, - sort : function(column, order) { - TableKit.Sortable.sort(this.id, column, order); - }, - resizeColumn : function(column, w) { - TableKit.Resizable.resize(this.id, column, w); - }, - editCell : function(row, column) { - TableKit.Editable.editCell(this.id, row, column); - } -}; - -Object.extend(TableKit, { - getBodyRows : function(table) { - table = $(table); - var id = table.id; - if(!TableKit.rows[id]) { - TableKit.rows[id] = (table.tHead && table.tHead.rows.length > 0) ? $A(table.tBodies[0].rows) : $A(table.rows).without(table.rows[0]); - } - return TableKit.rows[id]; - }, - getHeaderCells : function(table, cell) { - if(!table) { table = $(cell).up('table'); } - var id = table.id; - if(!TableKit.heads[id]) { - TableKit.heads[id] = $A((table.tHead && table.tHead.rows.length > 0) ? table.tHead.rows[table.tHead.rows.length-1].cells : table.rows[0].cells); - } - return TableKit.heads[id]; - }, - getCellIndex : function(cell) { - return $A(cell.parentNode.cells).indexOf(cell); - }, - getRowIndex : function(row) { - return $A(row.parentNode.rows).indexOf(row); - }, - getCellText : function(cell, refresh) { - if(!cell) { return ""; } - TableKit.registerCell(cell); - var data = TableKit.cells[cell.id]; - if(refresh || data.refresh || !data.textContent) { - data.textContent = cell.textContent ? cell.textContent : cell.innerText; - data.refresh = false; - } - return data.textContent; - }, - register : function(table, options) { - if(!table.id) { - TableKit._tblcount += 1; - table.id = "tablekit-table-" + TableKit._tblcount; - } - var id = table.id; - TableKit.tables[id] = TableKit.tables[id] ? Object.extend(TableKit.tables[id], options || {}) : Object.extend({sortable:false,resizable:false,editable:false}, options || {}); - }, - registerCell : function(cell) { - if(!cell.id) { - TableKit._cellcount += 1; - cell.id = "tablekit-cell-" + TableKit._cellcount; - } - if(!TableKit.cells[cell.id]) { - TableKit.cells[cell.id] = {textContent : '', htmlContent : '', active : false}; - } - }, - isSortable : function(table) { - return TableKit.tables[table.id] ? TableKit.tables[table.id].sortable : false; - }, - isResizable : function(table) { - return TableKit.tables[table.id] ? TableKit.tables[table.id].resizable : false; - }, - isEditable : function(table) { - return TableKit.tables[table.id] ? TableKit.tables[table.id].editable : false; - }, - setup : function(o) { - Object.extend(TableKit.options, o || {} ); - }, - option : function(s, id, o1, o2) { - o1 = o1 || TableKit.options; - o2 = o2 || (id ? (TableKit.tables[id] ? TableKit.tables[id] : {}) : {}); - var key = id + s; - if(!TableKit._opcache[key]){ - TableKit._opcache[key] = $A($w(s)).inject([],function(a,v){ - a.push(a[v] = o2[v] || o1[v]); - return a; - }); - } - return TableKit._opcache[key]; - }, - e : function(event) { - return event || window.event; - }, - tables : {}, - _opcache : {}, - cells : {}, - rows : {}, - heads : {}, - options : { - autoLoad : true, - stripe : true, - sortable : true, - resizable : true, - editable : true, - rowEvenClass : 'roweven', - rowOddClass : 'rowodd', - sortableSelector : ['table.sortable'], - columnClass : 'sortcol', - descendingClass : 'sortdesc', - ascendingClass : 'sortasc', - noSortClass : 'nosort', - sortFirstAscendingClass : 'sortfirstasc', - sortFirstDecendingClass : 'sortfirstdesc', - resizableSelector : ['table.resizable'], - minWidth : 10, - showHandle : true, - resizeOnHandleClass : 'resize-handle-active', - editableSelector : ['table.editable'], - formClassName : 'editable-cell-form', - noEditClass : 'noedit', - editAjaxURI : '/', - editAjaxOptions : {} - }, - _tblcount : 0, - _cellcount : 0, - load : function() { - if(TableKit.options.autoLoad) { - if(TableKit.options.sortable) { - $A(TableKit.options.sortableSelector).each(function(s){ - $$(s).each(function(t) { - TableKit.Sortable.init(t); - }); - }); - } - if(TableKit.options.resizable) { - $A(TableKit.options.resizableSelector).each(function(s){ - $$(s).each(function(t) { - TableKit.Resizable.init(t); - }); - }); - } - if(TableKit.options.editable) { - $A(TableKit.options.editableSelector).each(function(s){ - $$(s).each(function(t) { - TableKit.Editable.init(t); - }); - }); - } - } - } -}); - -TableKit.Rows = { - stripe : function(table) { - var rows = TableKit.getBodyRows(table); - rows.each(function(r,i) { - TableKit.Rows.addStripeClass(table,r,i); - }); - }, - addStripeClass : function(t,r,i) { - t = t || r.up('table'); - var op = TableKit.option('rowEvenClass rowOddClass', t.id); - var css = ((i+1)%2 === 0 ? op[0] : op[1]); - // using prototype's assClassName/RemoveClassName was not efficient for large tables, hence: - var cn = r.className.split(/\s+/); - var newCn = []; - for(var x = 0, l = cn.length; x < l; x += 1) { - if(cn[x] !== op[0] && cn[x] !== op[1]) { newCn.push(cn[x]); } - } - newCn.push(css); - r.className = newCn.join(" "); - } -}; - -TableKit.Sortable = { - init : function(elm, options){ - var table = $(elm); - if(table.tagName !== "TABLE") { - return; - } - TableKit.register(table,Object.extend(options || {},{sortable:true})); - var sortFirst; - var cells = TableKit.getHeaderCells(table); - var op = TableKit.option('noSortClass columnClass sortFirstAscendingClass sortFirstDecendingClass', table.id); - cells.each(function(c){ - c = $(c); - if(!c.hasClassName(op.noSortClass)) { - Event.observe(c, 'mousedown', TableKit.Sortable._sort); - c.addClassName(op.columnClass); - if(c.hasClassName(op.sortFirstAscendingClass) || c.hasClassName(op.sortFirstDecendingClass)) { - sortFirst = c; - } - } - }); - - if(sortFirst) { - if(sortFirst.hasClassName(op.sortFirstAscendingClass)) { - TableKit.Sortable.sort(table, sortFirst, 1); - } else { - TableKit.Sortable.sort(table, sortFirst, -1); - } - } else { // just add row stripe classes - TableKit.Rows.stripe(table); - } - }, - reload : function(table) { - table = $(table); - var cells = TableKit.getHeaderCells(table); - var op = TableKit.option('noSortClass columnClass', table.id); - cells.each(function(c){ - c = $(c); - if(!c.hasClassName(op.noSortClass)) { - Event.stopObserving(c, 'mousedown', TableKit.Sortable._sort); - c.removeClassName(op.columnClass); - } - }); - TableKit.Sortable.init(table); - }, - _sort : function(e) { - if(TableKit.Resizable._onHandle) {return;} - e = TableKit.e(e); - Event.stop(e); - var cell = Event.element(e); - while(!(cell.tagName && cell.tagName.match(/td|th/gi))) { - cell = cell.parentNode; - } - TableKit.Sortable.sort(null, cell); - }, - sort : function(table, index, order) { - var cell; - if(typeof index === 'number') { - if(!table || (table.tagName && table.tagName !== "TABLE")) { - return; - } - table = $(table); - index = Math.min(table.rows[0].cells.length, index); - index = Math.max(1, index); - index -= 1; - cell = (table.tHead && table.tHead.rows.length > 0) ? $(table.tHead.rows[table.tHead.rows.length-1].cells[index]) : $(table.rows[0].cells[index]); - } else { - cell = $(index); - table = table ? $(table) : cell.up('table'); - index = TableKit.getCellIndex(cell); - } - var op = TableKit.option('noSortClass descendingClass ascendingClass', table.id); - - if(cell.hasClassName(op.noSortClass)) {return;} - - // order = order ? order : (cell.hasClassName(op.descendingClass) ? 1 : -1); - // kmccarth - change default sort order to ascending - order = order ? order : (cell.hasClassName(op.ascendingClass) ? -1 : 1); - var rows = TableKit.getBodyRows(table); - - if(cell.hasClassName(op.ascendingClass) || cell.hasClassName(op.descendingClass)) { - rows.reverse(); // if it was already sorted we just need to reverse it. - } else { - var datatype = TableKit.Sortable.getDataType(cell,index,table); - var tkst = TableKit.Sortable.types; - rows.sort(function(a,b) { - return order * tkst[datatype].compare(TableKit.getCellText(a.cells[index]),TableKit.getCellText(b.cells[index])); - }); - } - var tb = table.tBodies[0]; - var tkr = TableKit.Rows; - rows.each(function(r,i) { - tb.appendChild(r); - tkr.addStripeClass(table,r,i); - }); - var hcells = TableKit.getHeaderCells(null, cell); - $A(hcells).each(function(c,i){ - c = $(c); - c.removeClassName(op.ascendingClass); - c.removeClassName(op.descendingClass); - if(index === i) { - if(order === 1) { - c.removeClassName(op.descendingClass); - c.addClassName(op.ascendingClass); - } else { - c.removeClassName(op.ascendingClass); - c.addClassName(op.descendingClass); - } - } - }); - }, - types : {}, - detectors : [], - addSortType : function() { - $A(arguments).each(function(o){ - TableKit.Sortable.types[o.name] = o; - }); - }, - getDataType : function(cell,index,table) { - cell = $(cell); - index = (index || index === 0) ? index : TableKit.getCellIndex(cell); - - var colcache = TableKit.Sortable._coltypecache; - var cache = colcache[table.id] ? colcache[table.id] : (colcache[table.id] = {}); - - if(!cache[index]) { - var t = ''; - // first look for a data type id on the heading row cell - if(cell.id && TableKit.Sortable.types[cell.id]) { - t = cell.id; - } - t = cell.classNames().detect(function(n){ // then look for a data type classname on the heading row cell - return (TableKit.Sortable.types[n]) ? true : false; - }); - if(!t) { - var rows = TableKit.getBodyRows(table); - cell = rows[0].cells[index]; // grab same index cell from body row to try and match data type - t = TableKit.Sortable.detectors.detect( - function(d){ - return TableKit.Sortable.types[d].detect(TableKit.getCellText(cell)); - }); - } - cache[index] = t; - } - return cache[index]; - }, - _coltypecache : {} -}; - -TableKit.Sortable.detectors = $A($w('date-iso date date-eu date-au time currency datasize number casesensitivetext text')); // setting it here because Safari complained when I did it above... - -TableKit.Sortable.Type = Class.create(); -TableKit.Sortable.Type.prototype = { - initialize : function(name, options){ - this.name = name; - options = Object.extend({ - normal : function(v){ - return v; - }, - pattern : /.*/ - }, options || {}); - this.normal = options.normal; - this.pattern = options.pattern; - if(options.compare) { - this.compare = options.compare; - } - if(options.detect) { - this.detect = options.detect; - } - }, - compare : function(a,b){ - return TableKit.Sortable.Type.compare(this.normal(a), this.normal(b)); - }, - detect : function(v){ - return this.pattern.test(v); - } -}; - -TableKit.Sortable.Type.compare = function(a,b) { - return a < b ? -1 : a === b ? 0 : 1; -}; - -TableKit.Sortable.addSortType( - new TableKit.Sortable.Type('number', { - pattern : /^[-+]?[\d]*\.?[\d]+(?:[eE][-+]?[\d]+)?/, - normal : function(v) { - // This will grab the first thing that looks like a number from a string, so you can use it to order a column of various srings containing numbers. - v = parseFloat(v.replace(/^.*?([-+]?[\d]*\.?[\d]+(?:[eE][-+]?[\d]+)?).*$/,"$1")); - return isNaN(v) ? 0 : v; - }}), - new TableKit.Sortable.Type('text',{ - normal : function(v) { - return v ? v.toLowerCase() : ''; - }}), - new TableKit.Sortable.Type('casesensitivetext',{pattern : /^[A-Z]+$/}), - new TableKit.Sortable.Type('datasize',{ - pattern : /^[-+]?[\d]*\.?[\d]+(?:[eE][-+]?[\d]+)?\s?[k|m|g|t]b$/i, - normal : function(v) { - var r = v.match(/^([-+]?[\d]*\.?[\d]+([eE][-+]?[\d]+)?)\s?([k|m|g|t]?b)?/i); - var b = r[1] ? Number(r[1]).valueOf() : 0; - var m = r[3] ? r[3].substr(0,1).toLowerCase() : ''; - var result = b; - switch(m) { - case 'k': - result = b * 1024; - break; - case 'm': - result = b * 1024 * 1024; - break; - case 'g': - result = b * 1024 * 1024 * 1024; - break; - case 't': - result = b * 1024 * 1024 * 1024 * 1024; - break; - } - return result; - }}), - new TableKit.Sortable.Type('date-au',{ - pattern : /^\d{2}\/\d{2}\/\d{4}\s?(?:\d{1,2}\:\d{2}(?:\:\d{2})?\s?[a|p]?m?)?/i, - normal : function(v) { - if(!this.pattern.test(v)) {return 0;} - var r = v.match(/^(\d{2})\/(\d{2})\/(\d{4})\s?(?:(\d{1,2})\:(\d{2})(?:\:(\d{2}))?\s?([a|p]?m?))?/i); - var yr_num = r[3]; - var mo_num = parseInt(r[2],10)-1; - var day_num = r[1]; - var hr_num = r[4] ? r[4] : 0; - if(r[7] && r[7].toLowerCase().indexOf('p') !== -1) { - hr_num = parseInt(r[4],10) + 12; - } - var min_num = r[5] ? r[5] : 0; - var sec_num = r[6] ? r[6] : 0; - return new Date(yr_num, mo_num, day_num, hr_num, min_num, sec_num, 0).valueOf(); - }}), - new TableKit.Sortable.Type('date-us',{ - pattern : /^\d{2}\/\d{2}\/\d{4}\s?(?:\d{1,2}\:\d{2}(?:\:\d{2})?\s?[a|p]?m?)?/i, - normal : function(v) { - if(!this.pattern.test(v)) {return 0;} - var r = v.match(/^(\d{2})\/(\d{2})\/(\d{4})\s?(?:(\d{1,2})\:(\d{2})(?:\:(\d{2}))?\s?([a|p]?m?))?/i); - var yr_num = r[3]; - var mo_num = parseInt(r[1],10)-1; - var day_num = r[2]; - var hr_num = r[4] ? r[4] : 0; - if(r[7] && r[7].toLowerCase().indexOf('p') !== -1) { - hr_num = parseInt(r[4],10) + 12; - } - var min_num = r[5] ? r[5] : 0; - var sec_num = r[6] ? r[6] : 0; - return new Date(yr_num, mo_num, day_num, hr_num, min_num, sec_num, 0).valueOf(); - }}), - new TableKit.Sortable.Type('date-eu',{ - pattern : /^\d{2}-\d{2}-\d{4}/i, - normal : function(v) { - if(!this.pattern.test(v)) {return 0;} - var r = v.match(/^(\d{2})-(\d{2})-(\d{4})/); - var yr_num = r[3]; - var mo_num = parseInt(r[2],10)-1; - var day_num = r[1]; - return new Date(yr_num, mo_num, day_num).valueOf(); - }}), - new TableKit.Sortable.Type('date-iso',{ - pattern : /[\d]{4}-[\d]{2}-[\d]{2}(?:T[\d]{2}\:[\d]{2}(?:\:[\d]{2}(?:\.[\d]+)?)?(Z|([-+][\d]{2}:[\d]{2})?)?)?/, // 2005-03-26T19:51:34Z - normal : function(v) { - if(!this.pattern.test(v)) {return 0;} - var d = v.match(/([\d]{4})(-([\d]{2})(-([\d]{2})(T([\d]{2}):([\d]{2})(:([\d]{2})(\.([\d]+))?)?(Z|(([-+])([\d]{2}):([\d]{2})))?)?)?)?/); - var offset = 0; - var date = new Date(d[1], 0, 1); - if (d[3]) { date.setMonth(d[3] - 1) ;} - if (d[5]) { date.setDate(d[5]); } - if (d[7]) { date.setHours(d[7]); } - if (d[8]) { date.setMinutes(d[8]); } - if (d[10]) { date.setSeconds(d[10]); } - if (d[12]) { date.setMilliseconds(Number("0." + d[12]) * 1000); } - if (d[14]) { - offset = (Number(d[16]) * 60) + Number(d[17]); - offset *= ((d[15] === '-') ? 1 : -1); - } - offset -= date.getTimezoneOffset(); - if(offset !== 0) { - var time = (Number(date) + (offset * 60 * 1000)); - date.setTime(Number(time)); - } - return date.valueOf(); - }}), - new TableKit.Sortable.Type('date',{ - pattern: /^(?:sun|mon|tue|wed|thu|fri|sat)\,\s\d{1,2}\s(?:jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)\s\d{4}(?:\s\d{2}\:\d{2}(?:\:\d{2})?(?:\sGMT(?:[+-]\d{4})?)?)?/i, //Mon, 18 Dec 1995 17:28:35 GMT - compare : function(a,b) { // must be standard javascript date format - if(a && b) { - return TableKit.Sortable.Type.compare(new Date(a),new Date(b)); - } else { - return TableKit.Sortable.Type.compare(a ? 1 : 0, b ? 1 : 0); - } - }}), - new TableKit.Sortable.Type('time',{ - pattern : /^\d{1,2}\:\d{2}(?:\:\d{2})?(?:\s[a|p]m)?$/i, - compare : function(a,b) { - var d = new Date(); - var ds = d.getMonth() + "/" + d.getDate() + "/" + d.getFullYear() + " "; - return TableKit.Sortable.Type.compare(new Date(ds + a),new Date(ds + b)); - }}), - new TableKit.Sortable.Type('currency',{ - pattern : /^[$£¥€¤]/, // dollar,pound,yen,euro,generic currency symbol - normal : function(v) { - return v ? parseFloat(v.replace(/[^-\d\.]/g,'')) : 0; - }}) -); - -TableKit.Resizable = { - init : function(elm, options){ - var table = $(elm); - if(table.tagName !== "TABLE") {return;} - TableKit.register(table,Object.extend(options || {},{resizable:true})); - var cells = TableKit.getHeaderCells(table); - cells.each(function(c){ - c = $(c); - Event.observe(c, 'mouseover', TableKit.Resizable.initDetect); - Event.observe(c, 'mouseout', TableKit.Resizable.killDetect); - }); - }, - resize : function(table, index, w) { - var cell; - if(typeof index === 'number') { - if(!table || (table.tagName && table.tagName !== "TABLE")) {return;} - table = $(table); - index = Math.min(table.rows[0].cells.length, index); - index = Math.max(1, index); - index -= 1; - cell = (table.tHead && table.tHead.rows.length > 0) ? $(table.tHead.rows[table.tHead.rows.length-1].cells[index]) : $(table.rows[0].cells[index]); - } else { - cell = $(index); - table = table ? $(table) : cell.up('table'); - index = TableKit.getCellIndex(cell); - } - var pad = parseInt(cell.getStyle('paddingLeft'),10) + parseInt(cell.getStyle('paddingRight'),10); - w = Math.max(w-pad, TableKit.option('minWidth', table.id)[0]); - - cell.setStyle({'width' : w + 'px'}); - }, - initDetect : function(e) { - e = TableKit.e(e); - var cell = Event.element(e); - Event.observe(cell, 'mousemove', TableKit.Resizable.detectHandle); - Event.observe(cell, 'mousedown', TableKit.Resizable.startResize); - }, - detectHandle : function(e) { - e = TableKit.e(e); - var cell = Event.element(e); - if(TableKit.Resizable.pointerPos(cell,Event.pointerX(e),Event.pointerY(e))){ - cell.addClassName(TableKit.option('resizeOnHandleClass', cell.up('table').id)[0]); - TableKit.Resizable._onHandle = true; - } else { - cell.removeClassName(TableKit.option('resizeOnHandleClass', cell.up('table').id)[0]); - TableKit.Resizable._onHandle = false; - } - }, - killDetect : function(e) { - e = TableKit.e(e); - TableKit.Resizable._onHandle = false; - var cell = Event.element(e); - Event.stopObserving(cell, 'mousemove', TableKit.Resizable.detectHandle); - Event.stopObserving(cell, 'mousedown', TableKit.Resizable.startResize); - cell.removeClassName(TableKit.option('resizeOnHandleClass', cell.up('table').id)[0]); - }, - startResize : function(e) { - e = TableKit.e(e); - if(!TableKit.Resizable._onHandle) {return;} - var cell = Event.element(e); - Event.stopObserving(cell, 'mousemove', TableKit.Resizable.detectHandle); - Event.stopObserving(cell, 'mousedown', TableKit.Resizable.startResize); - Event.stopObserving(cell, 'mouseout', TableKit.Resizable.killDetect); - TableKit.Resizable._cell = cell; - var table = cell.up('table'); - TableKit.Resizable._tbl = table; - if(TableKit.option('showHandle', table.id)[0]) { - TableKit.Resizable._handle = $(document.createElement('div')).addClassName('resize-handle').setStyle({ - 'top' : Position.cumulativeOffset(cell)[1] + 'px', - 'left' : Event.pointerX(e) + 'px', - 'height' : table.getDimensions().height + 'px' - }); - document.body.appendChild(TableKit.Resizable._handle); - } - Event.observe(document, 'mousemove', TableKit.Resizable.drag); - Event.observe(document, 'mouseup', TableKit.Resizable.endResize); - Event.stop(e); - }, - endResize : function(e) { - e = TableKit.e(e); - var cell = TableKit.Resizable._cell; - TableKit.Resizable.resize(null, cell, (Event.pointerX(e) - Position.cumulativeOffset(cell)[0])); - Event.stopObserving(document, 'mousemove', TableKit.Resizable.drag); - Event.stopObserving(document, 'mouseup', TableKit.Resizable.endResize); - if(TableKit.option('showHandle', TableKit.Resizable._tbl.id)[0]) { - $$('div.resize-handle').each(function(elm){ - document.body.removeChild(elm); - }); - } - Event.observe(cell, 'mouseout', TableKit.Resizable.killDetect); - TableKit.Resizable._tbl = TableKit.Resizable._handle = TableKit.Resizable._cell = null; - Event.stop(e); - }, - drag : function(e) { - e = TableKit.e(e); - if(TableKit.Resizable._handle === null) { - try { - TableKit.Resizable.resize(TableKit.Resizable._tbl, TableKit.Resizable._cell, (Event.pointerX(e) - Position.cumulativeOffset(TableKit.Resizable._cell)[0])); - } catch(e) {} - } else { - TableKit.Resizable._handle.setStyle({'left' : Event.pointerX(e) + 'px'}); - } - return false; - }, - pointerPos : function(element, x, y) { - var offset = Position.cumulativeOffset(element); - return (y >= offset[1] && - y < offset[1] + element.offsetHeight && - x >= offset[0] + element.offsetWidth - 5 && - x < offset[0] + element.offsetWidth); - }, - _onHandle : false, - _cell : null, - _tbl : null, - _handle : null -}; - - -TableKit.Editable = { - init : function(elm, options){ - var table = $(elm); - if(table.tagName !== "TABLE") {return;} - TableKit.register(table,Object.extend(options || {},{editable:true})); - Event.observe(table.tBodies[0], 'click', TableKit.Editable._editCell); - }, - _editCell : function(e) { - e = TableKit.e(e); - var cell = Event.findElement(e,'td'); - TableKit.Editable.editCell(null, cell); - }, - editCell : function(table, index, cindex) { - var cell, row; - if(typeof index === 'number') { - if(!table || (table.tagName && table.tagName !== "TABLE")) {return;} - table = $(table); - index = Math.min(table.tBodies[0].rows.length, index); - index = Math.max(1, index); - index -= 1; - cindex = Math.min(table.rows[0].cells.length, cindex); - cindex = Math.max(1, cindex); - cindex -= 1; - row = $(table.tBodies[0].rows[index]); - cell = $(row.cells[cindex]); - } else { - cell = $(index); - table = (table && table.tagName && table.tagName !== "TABLE") ? $(table) : cell.up('table'); - row = cell.up('tr'); - } - var op = TableKit.option('noEditClass', table.id); - if(cell.hasClassName(op.noEditClass)) {return;} - - var head = $(TableKit.getHeaderCells(table, cell)[TableKit.getCellIndex(cell)]); - if(head.hasClassName(op.noEditClass)) {return;} - - TableKit.registerCell(cell); - var data = TableKit.cells[cell.id]; - if(data.active) {return;} - data.htmlContent = cell.innerHTML; - var ftype = TableKit.Editable.types['text-input']; - if(head.id && TableKit.Editable.types[head.id]) { - ftype = TableKit.Editable.types[head.id]; - } else { - var n = head.classNames().detect(function(n){ - return (TableKit.Editable.types[n]) ? true : false; - }); - ftype = n ? TableKit.Editable.types[n] : ftype; - } - ftype.edit(cell); - data.active = true; - }, - types : {}, - addCellEditor : function(o) { - if(o && o.name) { TableKit.Editable.types[o.name] = o; } - } -}; - -TableKit.Editable.CellEditor = Class.create(); -TableKit.Editable.CellEditor.prototype = { - initialize : function(name, options){ - this.name = name; - this.options = Object.extend({ - element : 'input', - attributes : {name : 'value', type : 'text'}, - selectOptions : [], - showSubmit : true, - submitText : 'OK', - showCancel : true, - cancelText : 'Cancel', - ajaxURI : null, - ajaxOptions : null - }, options || {}); - }, - edit : function(cell) { - cell = $(cell); - var op = this.options; - var table = cell.up('table'); - - var form = $(document.createElement("form")); - form.id = cell.id + '-form'; - form.addClassName(TableKit.option('formClassName', table.id)[0]); - form.onsubmit = this._submit.bindAsEventListener(this); - - var field = document.createElement(op.element); - $H(op.attributes).each(function(v){ - field[v.key] = v.value; - }); - switch(op.element) { - case 'input': - case 'textarea': - field.value = TableKit.getCellText(cell); - break; - - case 'select': - var txt = TableKit.getCellText(cell); - $A(op.selectOptions).each(function(v){ - field.options[field.options.length] = new Option(v[0], v[1]); - if(txt === v[1]) { - field.options[field.options.length-1].selected = 'selected'; - } - }); - break; - } - form.appendChild(field); - if(op.element === 'textarea') { - form.appendChild(document.createElement("br")); - } - if(op.showSubmit) { - var okButton = document.createElement("input"); - okButton.type = "submit"; - okButton.value = op.submitText; - okButton.className = 'editor_ok_button'; - form.appendChild(okButton); - } - if(op.showCancel) { - var cancelLink = document.createElement("a"); - cancelLink.href = "#"; - cancelLink.appendChild(document.createTextNode(op.cancelText)); - cancelLink.onclick = this._cancel.bindAsEventListener(this); - cancelLink.className = 'editor_cancel'; - form.appendChild(cancelLink); - } - cell.innerHTML = ''; - cell.appendChild(form); - }, - _submit : function(e) { - var cell = Event.findElement(e,'td'); - var form = Event.findElement(e,'form'); - Event.stop(e); - this.submit(cell,form); - }, - submit : function(cell, form) { - var op = this.options; - form = form ? form : cell.down('form'); - var head = $(TableKit.getHeaderCells(null, cell)[TableKit.getCellIndex(cell)]); - var row = cell.up('tr'); - var table = cell.up('table'); - var s = '&row=' + (TableKit.getRowIndex(row)+1) + '&cell=' + (TableKit.getCellIndex(cell)+1) + '&id=' + row.id + '&field=' + head.id + '&' + Form.serialize(form); - this.ajax = new Ajax.Updater(cell, op.ajaxURI || TableKit.option('editAjaxURI', table.id)[0], Object.extend(op.ajaxOptions || TableKit.option('editAjaxOptions', table.id)[0], { - postBody : s, - onComplete : function() { - var data = TableKit.cells[cell.id]; - data.active = false; - data.refresh = true; // mark cell cache for refreshing, in case cell contents has changed and sorting is applied - } - })); - }, - _cancel : function(e) { - var cell = Event.findElement(e,'td'); - Event.stop(e); - this.cancel(cell); - }, - cancel : function(cell) { - this.ajax = null; - var data = TableKit.cells[cell.id]; - cell.innerHTML = data.htmlContent; - data.htmlContent = ''; - data.active = false; - }, - ajax : null -}; - -TableKit.Editable.textInput = function(n,attributes) { - TableKit.Editable.addCellEditor(new TableKit.Editable.CellEditor(n, { - element : 'input', - attributes : Object.extend({name : 'value', type : 'text'}, attributes||{}) - })); -}; -TableKit.Editable.textInput('text-input'); - -TableKit.Editable.multiLineInput = function(n,attributes) { - TableKit.Editable.addCellEditor(new TableKit.Editable.CellEditor(n, { - element : 'textarea', - attributes : Object.extend({name : 'value', rows : '5', cols : '20'}, attributes||{}) - })); -}; -TableKit.Editable.multiLineInput('multi-line-input'); - -TableKit.Editable.selectInput = function(n,attributes,selectOptions) { - TableKit.Editable.addCellEditor(new TableKit.Editable.CellEditor(n, { - element : 'select', - attributes : Object.extend({name : 'value'}, attributes||{}), - 'selectOptions' : selectOptions - })); -}; - -/* -TableKit.Bench = { - bench : [], - start : function(){ - TableKit.Bench.bench[0] = new Date().getTime(); - }, - end : function(s){ - TableKit.Bench.bench[1] = new Date().getTime(); - alert(s + ' ' + ((TableKit.Bench.bench[1]-TableKit.Bench.bench[0])/1000)+' seconds.') //console.log(s + ' ' + ((TableKit.Bench.bench[1]-TableKit.Bench.bench[0])/1000)+' seconds.') - TableKit.Bench.bench = []; - } -} */ - -if(window.FastInit) { - FastInit.addOnLoad(TableKit.load); -} else { - Event.observe(window, 'load', TableKit.load); -} diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/Makefile.am b/ipa-server/ipa-gui/ipagui/subcontrollers/Makefile.am deleted file mode 100644 index 4a7ff58df..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/subcontrollers -app_PYTHON = \ - __init__.py \ - group.py \ - ipacontroller.py \ - ipapolicy.py \ - policy.py \ - user.py \ - delegation.py \ - principal.py \ - $(NULL) - -EXTRA_DIST = \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/__init__.py b/ipa-server/ipa-gui/ipagui/subcontrollers/__init__.py deleted file mode 100644 index 143f486c0..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/__init__.py +++ /dev/null @@ -1 +0,0 @@ -# __init__.py diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py deleted file mode 100644 index 3f80da523..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py +++ /dev/null @@ -1,415 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import os -from pickle import dumps, loads -from base64 import b64encode, b64decode -import copy -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -from ipacontroller import IPAController -from ipa.entity import utf8_encode_values -from ipa import ipaerror -import ipagui.forms.delegate -import ipa.aci - -import ldap.dn -import operator - -log = logging.getLogger(__name__) - -aci_fields = ['*', 'aci'] - -delegate_form = ipagui.forms.delegate.DelegateForm() - -class DelegationController(IPAController): - - @expose() - @identity.require(identity.not_anonymous()) - def index(self, tg_errors=None): - raise turbogears.redirect("/delegate/list") - - @expose("ipagui.templates.delegatenew") - @identity.require(identity.in_group("admins")) - def new(self): - """Display delegate page""" - client = self.get_ipaclient() - delegate = {} - delegate['source_group_cn'] = "Please choose:" - delegate['dest_group_cn'] = "Please choose:" - - return dict(form=delegate_form, delegate=delegate) - - @expose() - @identity.require(identity.in_group("admins")) - def create(self, **kw): - """Creates a new delegation""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit', '').startswith('Cancel'): - turbogears.flash("Add delegation cancelled") - raise turbogears.redirect('/delegate/list') - - # Try to handle the case where the user entered just some data - # into the source/dest group name but didn't do a Find. We'll do - # our best to see if a group by that name exists and if so, use it. - dest_group_dn = kw.get('dest_group_dn') - dest_group_cn = kw.get('dest_group_cn') - if not dest_group_dn and dest_group_cn: - try: - group = client.get_entry_by_cn(dest_group_cn, ['dn']) - kw['dest_group_dn'] = group.dn - except: - kw['dest_group_cn'] = "Please choose:" - source_group_dn = kw.get('source_group_dn') - source_group_cn = kw.get('source_group_cn') - if not source_group_dn and source_group_cn: - try: - group = client.get_entry_by_cn(source_group_cn, ['dn']) - kw['source_group_dn'] = group.dn - except: - kw['source_group_cn'] = "Please choose:" - tg_errors, kw = self.delegatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=delegate_form, delegate=kw, - tg_template='ipagui.templates.delegatenew') - - try: - aci_entry = client.get_aci_entry(aci_fields) - - new_aci = ipa.aci.ACI() - new_aci.name = kw.get('name') - new_aci.source_group = kw.get('source_group_dn') - new_aci.dest_group = kw.get('dest_group_dn') - new_aci.attrs = kw.get('attrs') - if isinstance(new_aci.attrs, basestring): - new_aci.attrs = [new_aci.attrs] - - # Look for an existing ACI of the same name - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - for aci_str in aci_str_list: - try: - old_aci = ipa.aci.ACI(aci_str) - if old_aci.name == new_aci.name: - turbogears.flash("Delgate add failed: a delegation of that name already exists") - return dict(form=delegate_form, delegate=kw, - tg_template='ipagui.templates.delegatenew') - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - - - # not pulling down existing aci attributes - aci_entry = client.get_aci_entry(['dn']) - aci_entry.setValue('aci', new_aci.export_to_string()) - - client.update_entry(aci_entry) - - # Now add to the editors group so they can make changes in the UI - try: - group = client.get_entry_by_cn("editors") - client.add_group_to_group(new_aci.source_group, group.dn) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - # This is ok, ignore it - pass - - except ipaerror.IPAError, e: - turbogears.flash("Delgate add failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=delegate_form, delegate=kw, - tg_template='ipagui.templates.delegatenew') - - turbogears.flash("delegate created") - raise turbogears.redirect('/delegate/list') - - @expose("ipagui.templates.delegateedit") - @identity.require(identity.in_group("admins")) - def edit(self, acistr, tg_errors=None): - """Display delegate page""" - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - client = self.get_ipaclient() - - try: - aci_entry = client.get_aci_entry(aci_fields) - aci = ipa.aci.ACI(acistr) - group_dn_to_cn = ipa.aci.extract_group_cns([aci], client) - - delegate = aci.to_dict() - delegate['source_group_dn'] = delegate['source_group'] - delegate['source_group_cn'] = group_dn_to_cn[delegate['source_group_dn']] - delegate['dest_group_dn'] = delegate['dest_group'] - delegate['dest_group_cn'] = group_dn_to_cn[delegate['dest_group_dn']] - - return dict(form=delegate_form, delegate=delegate) - except (SyntaxError, ipaerror.IPAError), e: - turbogears.flash("Delegation edit failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/delegate/list') - - - @expose() - @identity.require(identity.in_group("admins")) - def update(self, **kw): - """Display delegate page""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit', '').startswith('Cancel'): - turbogears.flash("Edit delegation cancelled") - raise turbogears.redirect('/delegate/list') - - # Try to handle the case where the user entered just some data - # into the source/dest group name but didn't do a Find. We'll do - # our best to see if a group by that name exists and if so, use it. - dest_group_cn = kw.get('dest_group_cn') - if dest_group_cn: - try: - group = client.get_entry_by_cn(dest_group_cn, ['dn']) - kw['dest_group_dn'] = group.dn - except: - # This _notfound value is used in delegatevalidate() - kw['dest_group_cn_notfound'] = True - source_group_cn = kw.get('source_group_cn') - if source_group_cn: - try: - group = client.get_entry_by_cn(source_group_cn, ['dn']) - kw['source_group_dn'] = group.dn - except: - # This _notfound value is used in delegatevalidate() - kw['source_group_cn_notfound'] = True - - tg_errors, kw = self.delegatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=delegate_form, delegate=kw, - tg_template='ipagui.templates.delegateedit') - - try: - aci_entry = client.get_aci_entry(aci_fields) - - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - try : - old_aci_index = aci_str_list.index(kw['orig_acistr']) - except ValueError: - turbogears.flash("Delegation update failed:<br />" + - "The delegation you were attempting to update has been " + - "concurrently modified. Please cancel the edit " + - "and try editing the delegation again.") - return dict(form=delegate_form, delegate=kw, - tg_template='ipagui.templates.delegateedit') - - new_aci = ipa.aci.ACI() - new_aci.name = kw.get('name') - new_aci.source_group = kw.get('source_group_dn') - new_aci.dest_group = kw.get('dest_group_dn') - new_aci.attrs = kw.get('attrs') - if isinstance(new_aci.attrs, basestring): - new_aci.attrs = [new_aci.attrs] - new_aci_str = new_aci.export_to_string() - - new_aci_str_list = copy.copy(aci_str_list) - old_aci = ipa.aci.ACI(new_aci_str_list[old_aci_index]) - new_aci_str_list[old_aci_index] = new_aci_str - aci_entry.setValue('aci', new_aci_str_list) - - client.update_entry(aci_entry) - - if new_aci.source_group != old_aci.source_group: - aci_list = [] - last = True - for aci_str in new_aci_str_list: - try: - aci = ipa.aci.ACI(aci_str) - if aci.source_group == old_aci.source_group: - last = False - break - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - if last: - group = client.get_entry_by_cn("editors") - client.remove_member_from_group(old_aci.source_group, group.dn) - - # Now add to the editors group so they can make changes in the UI - try: - group = client.get_entry_by_cn("editors") - client.add_group_to_group(new_aci.source_group, group.dn) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): - # This is ok, ignore it - pass - - - turbogears.flash("delegate updated") - raise turbogears.redirect('/delegate/list') - except (SyntaxError, ipaerror.IPAError), e: - turbogears.flash("Delegation update failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=delegate_form, delegate=kw, - tg_template='ipagui.templates.delegateedit') - - @expose("ipagui.templates.delegatelist") - @identity.require(identity.not_anonymous()) - def list(self): - """Display delegate page""" - client = self.get_ipaclient() - - try: - aci_entry = client.get_aci_entry(aci_fields) - except ipaerror.IPAError, e: - turbogears.flash("Delegation list failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/') - - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - aci_list = [] - for aci_str in aci_str_list: - try: - aci = ipa.aci.ACI(aci_str) - aci_list.append(aci) - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - group_dn_to_cn = ipa.aci.extract_group_cns(aci_list, client) - - aci_list = sorted(aci_list, key=operator.itemgetter(0)) - # The list page needs to display field labels, not raw - # LDAP attributes - for aci in aci_list: - aci.attrs = map(lambda name: - ipagui.forms.delegate.aci_name_to_label.get(name, name), - aci.attrs) - - return dict(aci_list=aci_list, group_dn_to_cn=group_dn_to_cn, - fields=ipagui.forms.delegate.DelegateFields()) - - @expose() - @identity.require(identity.in_group("admins")) - def delete(self, acistr): - """Display delegate page""" - self.restrict_post() - client = self.get_ipaclient() - - try: - aci_entry = client.get_aci_entry(aci_fields) - - aci_str_list = aci_entry.getValues('aci') - if aci_str_list is None: - aci_str_list = [] - if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)): - aci_str_list = [aci_str_list] - - try : - old_aci_index = aci_str_list.index(acistr) - except ValueError: - turbogears.flash("Delegation deletion failed:<br />" + - "The delegation you were attempting to delete has been " + - "concurrently modified.") - raise turbogears.redirect('/delegate/list') - - old_aci = ipa.aci.ACI(aci_str_list[old_aci_index]) - new_aci_str_list = copy.copy(aci_str_list) - del new_aci_str_list[old_aci_index] - aci_entry.setValue('aci', new_aci_str_list) - - client.update_entry(aci_entry) - - aci_list = [] - last = True - for aci_str in new_aci_str_list: - try: - aci = ipa.aci.ACI(aci_str) - if aci.source_group == old_aci.source_group: - last = False - break - except SyntaxError: - # ignore aci_str's that ACI can't parse - pass - if last: - group = client.get_entry_by_cn("editors") - client.remove_member_from_group(old_aci.source_group, group.dn) - - turbogears.flash("delegate deleted") - raise turbogears.redirect('/delegate/list') - except (SyntaxError, ipaerror.IPAError), e: - turbogears.flash("Delegation deletion failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/delegate/list') - - @expose("ipagui.templates.delegategroupsearch") - @identity.require(identity.not_anonymous()) - def group_search(self, **kw): - """Searches for groups and displays list of results in a table. - This method is used for the ajax search on the delegation pages.""" - client = self.get_ipaclient() - - groups = [] - groups_counter = 0 - searchlimit = 100 - criteria = kw.get('criteria') - if criteria != None and len(criteria) > 0: - try: - groups = client.find_groups(criteria.encode('utf-8'), None, - searchlimit) - groups_counter = groups[0] - groups = groups[1:] - except ipaerror.IPAError, e: - turbogears.flash("search failed: " + str(e)) - - return dict(groups=groups, criteria=criteria, - which_group=kw.get('which_group'), - counter=groups_counter) - - @validate(form=delegate_form) - @identity.require(identity.not_anonymous()) - def delegatevalidate(self, tg_errors=None, **kw): - # We are faking this because otherwise it shows up as one huge - # block of color in the UI when it has a not empty validator. - if not tg_errors: - tg_errors = {} - if not kw.get('attrs'): - tg_errors['attrs'] = _("Please select at least one value") - if kw.get('dest_group_cn_notfound'): - tg_errors['dest_group_dn'] = _("Group not found") - if kw.get('source_group_cn_notfound'): - tg_errors['source_group_dn'] = _("Group not found") - cherrypy.request.validation_errors = tg_errors - return tg_errors, kw diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/group.py b/ipa-server/ipa-gui/ipagui/subcontrollers/group.py deleted file mode 100644 index 6196d13dc..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/group.py +++ /dev/null @@ -1,484 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -from pickle import dumps, loads -from base64 import b64encode, b64decode -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -from ipacontroller import IPAController -import ipa.config -import ipa.group -from ipa.entity import utf8_encode_values -from ipa import ipaerror -import ipagui.forms.group - -log = logging.getLogger(__name__) - -group_new_form = ipagui.forms.group.GroupNewForm() -group_edit_form = ipagui.forms.group.GroupEditForm() - -group_fields = ['*', 'nsAccountLock'] - -class GroupController(IPAController): - - - ######### - # Group # - ######### - - @expose() - @identity.require(identity.not_anonymous()) - def index(self, tg_errors=None): - raise turbogears.redirect("/group/list") - - @expose("ipagui.templates.groupnew") - @identity.require(identity.in_group("admins")) - def new(self, tg_errors=None): - """Displays the new group form""" - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - client = self.get_ipaclient() - - return dict(form=group_new_form, group={}) - - @expose() - @identity.require(identity.in_group("admins")) - def create(self, **kw): - """Creates a new group""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit') == 'Cancel': - turbogears.flash("Add group cancelled") - raise turbogears.redirect('/') - - tg_errors, kw = self.groupcreatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=group_new_form, group=kw, - tg_template='ipagui.templates.groupnew') - - # - # Create the group itself - # - try: - new_group = ipa.group.Group() - new_group.setValue('cn', kw.get('cn')) - new_group.setValue('description', kw.get('description')) - - rv = client.add_group(new_group) - - if kw.get('nsAccountLock'): - client.mark_group_inactive(kw.get('cn')) - except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): - turbogears.flash("Group with name '%s' already exists" % - kw.get('cn')) - return dict(form=group_new_form, group=kw, - tg_template='ipagui.templates.groupnew') - except ipaerror.IPAError, e: - turbogears.flash("Group add failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=group_new_form, group=kw, - tg_template='ipagui.templates.groupnew') - - # - # NOTE: from here on, the group now exists. - # on any error, we redirect to the _edit_ group page. - # this code does data setup, similar to groupedit() - # - if isinstance(kw['cn'], list): - cn0 = kw['cn'][0] - else: - cn0 = kw['cn'] - group = client.get_entry_by_cn(cn0, group_fields) - group_dict = group.toDict() - member_dicts = [] - - # store a copy of the original group for the update later - group_data = b64encode(dumps(group_dict)) - member_data = b64encode(dumps(member_dicts)) - group_dict['group_orig'] = group_data - group_dict['member_data'] = member_data - - # preserve group add info in case of errors - group_dict['dnadd'] = kw.get('dnadd') - group_dict['dn_to_info_json'] = kw.get('dn_to_info_json') - - # - # Add members - # - failed_adds = [] - try: - dnadds = kw.get('dnadd') - if dnadds != None: - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - failed_adds = client.add_members_to_group( - utf8_encode_values(dnadds), group.dn) - kw['dnadd'] = failed_adds - except ipaerror.IPAError, e: - failed_adds = dnadds - - if len(failed_adds) > 0: - message = "Group successfully created.<br />" - message += "There was an error adding group members.<br />" - message += "Failures have been preserved in the add/remove lists." - turbogears.flash(message) - return dict(form=group_edit_form, group=group_dict, - members=member_dicts, - tg_template='ipagui.templates.groupedit') - - turbogears.flash("%s added!" % kw.get('cn')) - raise turbogears.redirect('/group/show', cn=kw.get('cn')) - - @expose("ipagui.templates.dynamiceditsearch") - @identity.require(identity.not_anonymous()) - def edit_search(self, **kw): - """Searches for users+groups and displays list of results in a table. - This method is used for the ajax search on the group edit page.""" - client = self.get_ipaclient() - - users = [] - groups = [] - counter = 0 - searchlimit = 100 - criteria = kw.get('criteria') - if criteria != None and len(criteria) > 0: - try: - users = client.find_users(criteria.encode('utf-8'), None, searchlimit) - users_counter = users[0] - users = users[1:] - - groups = client.find_groups(criteria.encode('utf-8'), None, - searchlimit) - groups_counter = groups[0] - groups = groups[1:] - - if users_counter < 0 or groups_counter < 0: - counter = -1 - else: - counter = users_counter + groups_counter - except ipaerror.IPAError, e: - turbogears.flash("search failed: " + str(e)) - - return dict(users=users, groups=groups, criteria=criteria, - counter=counter) - - - @expose("ipagui.templates.groupedit") - @identity.require(identity.in_group("admins")) - def edit(self, cn, tg_errors=None): - """Displays the edit group form""" - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - client = self.get_ipaclient() - - try: - group = client.get_entry_by_cn(cn, group_fields) - - group_dict = group.toDict() - - # - # convert members to users, for easier manipulation on the page - # - - members = client.group_members(group.dn, ['dn', 'givenname', 'sn', 'uid', 'cn'], 1) - members = members[1:] - members.sort(self.sort_group_member) - - # Map users into an array of dicts, which can be serialized - # (so we don't have to do this on each round trip) - member_dicts = map(lambda member: member.toDict(), members) - - indirect_members = client.group_members(group.dn, ['dn', 'givenname', 'sn', 'uid', 'cn'], 2) - indirect_members = indirect_members[1:] - indirect_members.sort(self.sort_group_member) - - # add our own flag - for i in range(len(indirect_members)): - indirect_members[i].setValue('inherited', True) - - # Map users into an array of dicts, which can be serialized - # (so we don't have to do this on each round trip) - indirect_members_dicts = map(lambda member: member.toDict(), indirect_members) - - member_dicts = member_dicts + indirect_members_dicts - - # store a copy of the original group for the update later - group_data = b64encode(dumps(group_dict)) - member_data = b64encode(dumps(member_dicts)) - group_dict['group_orig'] = group_data - group_dict['member_data'] = member_data - - return dict(form=group_edit_form, group=group_dict, members=member_dicts) - except ipaerror.IPAError, e: - turbogears.flash("Group edit failed: " + str(e)) - raise turbogears.redirect('/group/show', uid=cn) - - @expose() - @identity.require(identity.in_group("admins")) - def update(self, **kw): - """Updates an existing group""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit') == 'Cancel Edit': - orig_group_dict = loads(b64decode(kw.get('group_orig'))) - # if cancelling need to use the original group because the one - # in kw may not exist yet. - cn = orig_group_dict.get('cn') - if (isinstance(cn,basestring)): - cn = [cn] - turbogears.flash("Edit group cancelled") - raise turbogears.redirect('/group/show', cn=cn[0]) - - if kw.get('editprotected') == '': - # if editprotected set these don't get sent in kw - orig_group_dict = loads(b64decode(kw.get('group_orig'))) - kw['cn'] = orig_group_dict['cn'] - kw['gidnumber'] = orig_group_dict['gidnumber'] - - # Decode the member data, in case we need to round trip - member_dicts = loads(b64decode(kw.get('member_data'))) - - tg_errors, kw = self.groupupdatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=group_edit_form, group=kw, members=member_dicts, - tg_template='ipagui.templates.groupedit') - - group_modified = False - - # - # Update group itself - # - try: - orig_group_dict = loads(b64decode(kw.get('group_orig'))) - - new_group = ipa.group.Group(orig_group_dict) - if new_group.description != kw.get('description'): - group_modified = True - new_group.setValue('description', kw.get('description')) - if kw.get('editprotected') == 'true': - new_gid = str(kw.get('gidnumber')) - if new_group.gidnumber != new_gid: - group_modified = True - new_group.setValue('gidnumber', new_gid) - else: - new_group.setValue('gidnumber', orig_group_dict.get('gidnumber')) - new_group.setValue('cn', orig_group_dict.get('cn')) - if new_group.cn != kw.get('cn'): - group_modified = True - new_group.setValue('cn', kw['cn']) - - if group_modified: - rv = client.update_group(new_group) - # - # If the group update succeeds, but below operations fail, we - # need to make sure a subsequent submit doesn't try to update - # the group again. - # - kw['group_orig'] = b64encode(dumps(new_group.toDict())) - except ipaerror.IPAError, e: - turbogears.flash("Group update failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=group_edit_form, group=kw, members=member_dicts, - tg_template='ipagui.templates.groupedit') - - if kw.get('nsAccountLock') == '': - kw['nsAccountLock'] = "false" - - modify_no_update = False - try: - if kw.get('nsAccountLock') == "false" and new_group.getValues('nsaccountlock') == "true": - client.mark_group_active(kw.get('cn')) - modify_no_update = True - elif kw.get('nsAccountLock') == "true" and new_group.nsaccountlock != "true": - client.mark_group_inactive(kw.get('cn')) - modify_no_update = True - except ipaerror.IPAError, e: - turbogears.flash("Group status change failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=group_edit_form, group=kw, members=member_dicts, - tg_template='ipagui.templates.groupedit') - - # - # Add members - # - failed_adds = [] - try: - dnadds = kw.get('dnadd') - if dnadds != None: - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - failed_adds = client.add_members_to_group( - utf8_encode_values(dnadds), new_group.dn) - kw['dnadd'] = failed_adds - group_modified = True - except ipaerror.IPAError, e: - turbogears.flash("Updating group membership failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=group_edit_form, group=kw, members=member_dicts, - tg_template='ipagui.templates.groupedit') - - # - # Remove members - # - failed_dels = [] - try: - dndels = kw.get('dndel') - if dndels != None: - if not(isinstance(dndels,list) or isinstance(dndels,tuple)): - dndels = [dndels] - failed_dels = client.remove_members_from_group( - utf8_encode_values(dndels), new_group.dn) - kw['dndel'] = failed_dels - group_modified = True - except ipaerror.IPAError, e: - turbogears.flash("Updating group membership failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=group_edit_form, group=kw, members=member_dicts, - tg_template='ipagui.templates.groupedit') - - # - # TODO - check failed ops to see if it's because of another update. - # handle "someone else already did it" errors better - perhaps - # not even as an error - # TODO - update the Group Members list. - # (note that we have to handle the above todo first, or else - # there will be an error message, but the add/del lists will - # be empty) - # - if (len(failed_adds) > 0) or (len(failed_dels) > 0): - message = "There was an error updating group members.<br />" - message += "Failures have been preserved in the add/remove lists." - if group_modified: - message = "Group Details successfully updated.<br />" + message - turbogears.flash(message) - return dict(form=group_edit_form, group=kw, members=member_dicts, - tg_template='ipagui.templates.groupedit') - - if isinstance(kw['cn'], list): - cn0 = kw['cn'][0] - else: - cn0 = kw['cn'] - if group_modified == True or modify_no_update == True: - turbogears.flash("%s updated!" % cn0) - else: - turbogears.flash("No modifications requested.") - raise turbogears.redirect('/group/show', cn=cn0) - - - @expose("ipagui.templates.grouplist") - @identity.require(identity.not_anonymous()) - def list(self, **kw): - """Search for groups and display results""" - client = self.get_ipaclient() - - groups = None - # counter = 0 - criteria = kw.get('criteria') - if criteria != None and len(criteria) > 0: - try: - groups = client.find_groups(criteria.encode('utf-8'), None, 0, 2) - counter = groups[0] - groups = groups[1:] - if counter == -1: - turbogears.flash("These results are truncated.<br />" + - "Please refine your search and try again.") - except ipaerror.IPAError, e: - turbogears.flash("Find groups failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect("/group/list") - - return dict(groups=groups, criteria=criteria, - fields=ipagui.forms.group.GroupFields()) - - @expose("ipagui.templates.groupshow") - @identity.require(identity.not_anonymous()) - def show(self, cn): - """Retrieve a single group for display""" - client = self.get_ipaclient() - - try: - group = client.get_entry_by_cn(cn, group_fields) - group_dict = group.toDict() - - # - # convert members to users, for display on the page - # - - members = client.group_members(group.dn, ['dn', 'givenname', 'sn', 'uid', 'cn'], 1) - members = members[1:] - members.sort(self.sort_group_member) - member_dicts = map(lambda member: member.toDict(), members) - - indirect_members = client.group_members(group.dn, ['dn', 'givenname', 'sn', 'uid', 'cn'], 2) - indirect_members = indirect_members[1:] - indirect_members.sort(self.sort_group_member) - - # add our own flag - for i in range(len(indirect_members)): - indirect_members[i].setValue('inherited', True) - - # Map users into an array of dicts, which can be serialized - # (so we don't have to do this on each round trip) - indirect_members_dicts = map(lambda member: member.toDict(), indirect_members) - - member_dicts = member_dicts + indirect_members_dicts - logging.info("%s" % member_dicts) - - return dict(group=group_dict, fields=ipagui.forms.group.GroupFields(), - members = member_dicts) - except ipaerror.IPAError, e: - turbogears.flash("Group show failed: " + str(e)) - raise turbogears.redirect("/") - - @expose() - @identity.require(identity.not_anonymous()) - def delete(self, dn): - """Delete group.""" - self.restrict_post() - client = self.get_ipaclient() - - try: - client.delete_group(dn) - - turbogears.flash("group deleted") - raise turbogears.redirect('/group/list') - except (SyntaxError, ipaerror.IPAError), e: - turbogears.flash("Group deletion failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/group/list') - - @validate(form=group_new_form) - @identity.require(identity.not_anonymous()) - def groupcreatevalidate(self, tg_errors=None, **kw): - return tg_errors, kw - - @validate(form=group_edit_form) - @identity.require(identity.not_anonymous()) - def groupupdatevalidate(self, tg_errors=None, **kw): - return tg_errors, kw - diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/ipacontroller.py b/ipa-server/ipa-gui/ipagui/subcontrollers/ipacontroller.py deleted file mode 100644 index db7f04cbf..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/ipacontroller.py +++ /dev/null @@ -1,92 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import os -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -import ipa.ipaclient -from ipaserver import funcs -import ipa.config - -log = logging.getLogger(__name__) - -ipa.config.init_config() - -class IPAController(controllers.Controller): - def restrict_post(self): - if cherrypy.request.method != "POST": - turbogears.flash("This method only accepts posts") - raise turbogears.redirect("/") - - def get_ipaclient(self): - transport = funcs.IPAServer() - client = ipa.ipaclient.IPAClient(transport) - client.set_krbccache(os.environ["KRB5CCNAME"]) - return client - - def utf8_encode(self, value): - if value != None: - value = value.encode('utf-8') - return value - - def sort_group_member(self, a, b): - """Comparator function used for sorting group members.""" - if a.getValue('uid') and b.getValue('uid'): - if a.getValue('sn') == b.getValue('sn'): - if a.getValue('givenName') == b.getValue('givenName'): - if a.getValue('uid') == b.getValue('uid'): - return 0 - elif a.getValue('uid') < b.getValue('uid'): - return -1 - else: - return 1 - elif a.getValue('givenName') < b.getValue('givenName'): - return -1 - else: - return 1 - elif a.getValue('sn') < b.getValue('sn'): - return -1 - else: - return 1 - elif a.getValue('uid'): - return -1 - elif b.getValue('uid'): - return 1 - else: - if a.getValue('cn') == b.getValue('cn'): - return 0 - elif a.getValue('cn') < b.getValue('cn'): - return -1 - else: - return 1 - - def sort_by_cn(self, a, b): - """Comparator function used for sorting groups.""" - if a.getValue('cn') == b.getValue('cn'): - return 0 - elif a.getValue('cn') < b.getValue('cn'): - return -1 - else: - return 1 diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py b/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py deleted file mode 100644 index 1db062b40..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py +++ /dev/null @@ -1,208 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import os -from pickle import dumps, loads -from base64 import b64encode, b64decode -import copy -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -from ipacontroller import IPAController -from ipa.entity import utf8_encode_values -from ipa import ipaerror -import ipa.entity -import ipagui.forms.ipapolicy -from ipagui.helpers import ipahelper - -import ldap.dn - -log = logging.getLogger(__name__) - -ipapolicy_edit_form = ipagui.forms.ipapolicy.IPAPolicyForm() - -class IPAPolicyController(IPAController): - - @expose() - @identity.require(identity.in_group("admins")) - def index(self): - raise turbogears.redirect("/ipapolicy/show") - - @expose("ipagui.templates.ipapolicyshow") - @identity.require(identity.in_group("admins")) - def show(self, tg_errors=None): - """Displays the one policy page""" - client = self.get_ipaclient() - config = client.get_ipa_config() - ipapolicy = config.toDict() - - ppolicy = client.get_password_policy() - password = ppolicy.toDict() - - return dict(ipapolicy=ipapolicy,password=password,fields=ipagui.forms.ipapolicy.IPAPolicyFields()) - - @expose("ipagui.templates.ipapolicyedit") - @identity.require(identity.in_group("admins")) - def edit(self, tg_errors=None): - """Displays the edit IPA policy form""" - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - try: - client = self.get_ipaclient() - config = client.get_ipa_config() - ipapolicy_dict = config.toDict() - - ppolicy = client.get_password_policy() - password_dict = ppolicy.toDict() - - # store a copy of the original policy for the update later - ipapolicy_data = b64encode(dumps(ipapolicy_dict)) - ipapolicy_dict['ipapolicy_orig'] = ipapolicy_data - - # store a copy of the original policy for the update later - password_data = b64encode(dumps(password_dict)) - password_dict['password_orig'] = password_data - - # Combine the 2 dicts to make the form easier - ipapolicy_dict.update(password_dict) - - # Load potential multi-valued fields - if isinstance(ipapolicy_dict.get('ipauserobjectclasses',''), basestring): - ipapolicy_dict['ipauserobjectclasses'] = [ipapolicy_dict.get('ipauserobjectclasses')] - ipapolicy_dict['userobjectclasses'] = ipahelper.setup_mv_fields(ipapolicy_dict.get('ipauserobjectclasses'), 'ipauserobjectclasses') - - if isinstance(ipapolicy_dict.get('ipagroupobjectclasses',''), basestring): - ipapolicy_dict['ipagroupobjectclasses'] = [ipapolicy_dict.get('ipagroupobjectclasses')] - ipapolicy_dict['groupobjectclasses'] = ipahelper.setup_mv_fields(ipapolicy_dict.get('ipagroupobjectclasses'), 'ipagroupobjectclasses') - - return dict(form=ipapolicy_edit_form, ipapolicy=ipapolicy_dict) - except ipaerror.IPAError, e: - turbogears.flash("IPA Policy edit failed: " + str(e) + "<br/>" + str(e.detail)) - raise turbogears.redirect('/ipapolicy/show') - - - @expose() - @identity.require(identity.in_group("admins")) - def update(self, **kw): - """Display delegate page""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit', '').startswith('Cancel'): - turbogears.flash("Edit policy cancelled") - raise turbogears.redirect('/ipapolicy/show') - - # Fix incoming multi-valued fields we created for the form - kw = ipahelper.fix_incoming_fields(kw, 'ipauserobjectclasses', 'userobjectclasses') - kw = ipahelper.fix_incoming_fields(kw, 'ipagroupobjectclasses', 'groupobjectclasses') - - tg_errors, kw = self.ipapolicyupdatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=ipapolicy_edit_form, ipapolicy=kw, - tg_template='ipagui.templates.ipapolicyedit') - - policy_modified = False - password_modified = False - - try: - orig_ipapolicy_dict = loads(b64decode(kw.get('ipapolicy_orig'))) - orig_password_dict = loads(b64decode(kw.get('password_orig'))) - - new_ipapolicy = ipa.entity.Entity(orig_ipapolicy_dict) - new_password = ipa.entity.Entity(orig_password_dict) - - if str(new_ipapolicy.getValues('ipasearchtimelimit')) != str(kw.get('ipasearchtimelimit')): - policy_modified = True - new_ipapolicy.setValue('ipasearchtimelimit', kw.get('ipasearchtimelimit')) - if str(new_ipapolicy.getValues('ipasearchrecordslimit')) != str(kw.get('ipasearchrecordslimit')): - policy_modified = True - new_ipapolicy.setValue('ipasearchrecordslimit', kw.get('ipasearchrecordslimit')) - if new_ipapolicy.getValues('ipausersearchfields') != kw.get('ipausersearchfields'): - policy_modified = True - new_ipapolicy.setValue('ipausersearchfields', kw.get('ipausersearchfields')) - if new_ipapolicy.getValues('ipagroupsearchfields') != kw.get('ipagroupsearchfields'): - policy_modified = True - new_ipapolicy.setValue('ipagroupsearchfields', kw.get('ipagroupsearchfields')) - if str(new_ipapolicy.getValues('ipapwdexpadvnotify')) != str(kw.get('ipapwdexpadvnotify')): - policy_modified = True - new_ipapolicy.setValue('ipapwdexpadvnotify', kw.get('ipapwdexpadvnotify')) - if str(new_ipapolicy.getValues('ipamaxusernamelength')) != str(kw.get('ipamaxusernamelength')): - policy_modified = True - new_ipapolicy.setValue('ipamaxusernamelength', kw.get('ipamaxusernamelength')) - if new_ipapolicy.getValues('ipahomesrootdir') != kw.get('ipahomesrootdir'): - policy_modified = True - new_ipapolicy.setValue('ipahomesrootdir', kw.get('ipahomesrootdir')) - if new_ipapolicy.getValues('ipadefaultloginshell') != kw.get('ipadefaultloginshell'): - policy_modified = True - new_ipapolicy.setValue('ipadefaultloginshell', kw.get('ipadefaultloginshell')) - if new_ipapolicy.getValues('ipadefaultprimarygroup') != kw.get('ipadefaultprimarygroup'): - policy_modified = True - new_ipapolicy.setValue('ipadefaultprimarygroup', kw.get('ipadefaultprimarygroup')) -# if new_ipapolicy.getValues('ipauserobjectclasses') != kw.get('ipauserobjectclasses'): -# policy_modified = True -# new_ipapolicy.setValue('ipauserobjectclasses', kw.get('ipauserobjectclasses')) -# if new_ipapolicy.getValues('ipagroupobjectclasses') != kw.get('ipagroupobjectclasses'): -# policy_modified = True -# new_ipapolicy.setValue('ipagroupobjectclasses', kw.get('ipagroupobjectclasses')) - if new_ipapolicy.getValues('ipadefaultemaildomain') != kw.get('ipadefaultemaildomain'): - policy_modified = True - new_ipapolicy.setValue('ipadefaultemaildomain', kw.get('ipadefaultemaildomain')) - - if policy_modified: - rv = client.update_ipa_config(new_ipapolicy) - - # Now check the password policy for updates - if str(new_password.getValues('krbmaxpwdlife')) != str(kw.get('krbmaxpwdlife')): - password_modified = True - new_password.setValue('krbmaxpwdlife', str(kw.get('krbmaxpwdlife'))) - if str(new_password.getValues('krbminpwdlife')) != str(kw.get('krbminpwdlife')): - password_modified = True - new_password.setValue('krbminpwdlife', str(kw.get('krbminpwdlife'))) - if str(new_password.getValues('krbpwdhistorylength')) != str(kw.get('krbpwdhistorylength')): - password_modified = True - new_password.setValue('krbpwdhistorylength', str(kw.get('krbpwdhistorylength'))) - if str(new_password.getValues('krbpwdmindiffchars')) != str(kw.get('krbpwdmindiffchars')): - password_modified = True - new_password.setValue('krbpwdmindiffchars', str(kw.get('krbpwdmindiffchars'))) - if str(new_password.getValues('krbpwdminlength')) != str(kw.get('krbpwdminlength')): - password_modified = True - new_password.setValue('krbpwdminlength', str(kw.get('krbpwdminlength'))) - if password_modified: - rv = client.update_password_policy(new_password) - - turbogears.flash("IPA Policy updated") - raise turbogears.redirect('/ipapolicy/show') - except ipaerror.IPAError, e: - turbogears.flash("Policy update failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=ipapolicy_edit_form, ipapolicy=kw, - tg_template='ipagui.templates.ipapolicyedit') - - @validate(form=ipapolicy_edit_form) - @identity.require(identity.not_anonymous()) - def ipapolicyupdatevalidate(self, tg_errors=None, **kw): - return tg_errors, kw diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/policy.py b/ipa-server/ipa-gui/ipagui/subcontrollers/policy.py deleted file mode 100644 index 8b905335f..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/policy.py +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import os -from pickle import dumps, loads -from base64 import b64encode, b64decode -import copy -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -from ipacontroller import IPAController -from ipa.entity import utf8_encode_values -from ipa import ipaerror - -import ldap.dn - -log = logging.getLogger(__name__) - -class PolicyController(IPAController): - - @expose("ipagui.templates.policyindex") - @identity.require(identity.in_group("admins")) - def index(self, tg_errors=None): - """Displays the one policy page""" - - # TODO: return a dict of the items and URLs to display on - # Manage Policy - return dict() diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py b/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py deleted file mode 100644 index 3c3d94637..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py +++ /dev/null @@ -1,193 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import os -from pickle import dumps, loads -from base64 import b64encode, b64decode -import copy -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -from ipacontroller import IPAController -from ipa.entity import utf8_encode_values -from ipa import ipaerror -import ipagui.forms.principal - -import ldap.dn - -log = logging.getLogger(__name__) - -principal_new_form = ipagui.forms.principal.PrincipalNewForm() -principal_fields = ['*'] - -class PrincipalController(IPAController): - - @expose() - @identity.require(identity.in_group("admins")) - def index(self, tg_errors=None): - raise turbogears.redirect("/principal/list") - - @expose("ipagui.templates.principalnew") - @identity.require(identity.in_group("admins")) - def new(self, tg_errors=None): - """Displays the new service principal form""" - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - client = self.get_ipaclient() - - return dict(form=principal_new_form, principal={}) - - @expose() - @identity.require(identity.in_group("admins")) - def create(self, **kw): - """Creates a service principal group""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit') == 'Cancel': - turbogears.flash("Add principal cancelled") - raise turbogears.redirect('/') - - tg_errors, kw = self.principalcreatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=principal_new_form, principal=kw, - tg_template='ipagui.templates.principalnew') - - principal_name = "" - hostname = kw.get('hostname') - # - # Create the principal itself - # - try: - if kw.get('service') == "other": - service = kw.get('other') - if not service: - turbogears.flash("Service type must be provided") - return dict(form=principal_new_form, principal=kw, - tg_template='ipagui.templates.principalnew') - else: - service = kw.get('service') - - # The realm is added by add_service_principal - principal_name = utf8_encode_values(service + "/" + kw.get('hostname')) - - rv = client.add_service_principal(principal_name, 0) - except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): - turbogears.flash("Service principal '%s' already exists" % - principal_name) - return dict(form=principal_new_form, principal=kw, - tg_template='ipagui.templates.principalnew') - except ipaerror.IPAError, e: - turbogears.flash("Service principal add failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=principal_new_form, principal=kw, - tg_template='ipagui.templates.principalnew') - - turbogears.flash("%s added!" % principal_name) - raise turbogears.redirect('/principal/list', hostname=hostname) - - @expose("ipagui.templates.principallist") - @identity.require(identity.not_anonymous()) - def list(self, **kw): - """Searches for service principals and displays list of results""" - client = self.get_ipaclient() - - principals = None - counter = 0 - hostname = kw.get('hostname') - if hostname != None and len(hostname) > 0: - try: - principals = client.find_service_principal(hostname.encode('utf-8'), principal_fields, 0, 2) - counter = principals[0] - principals = principals[1:] - - if counter == -1: - turbogears.flash("These results are truncated.<br />" + - "Please refine your search and try again.") - - # For each entry break out service type and hostname - for i in range(len(principals)): - (service,host) = principals[i].krbprincipalname.split('/') - h = host.split('@') - principals[i].setValue('service', service) - principals[i].setValue('hostname', h[0]) - - except ipaerror.IPAError, e: - turbogears.flash("principal list failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect("/principal/list") - - return dict(principals=principals, hostname=hostname, fields=ipagui.forms.principal.PrincipalFields()) - - @expose("ipagui.templates.principalshow") - @identity.require(identity.not_anonymous()) - def show(self, **kw): - """Display a single service principal""" - - try: - princ = kw['principal'] - princ_dn = kw['principal_dn'] - except KeyError, e: - turbogears.flash("Principal show failed. Unable to find key %s" % e) - raise turbogears.redirect("/principal/list") - - principal = {} - - try: - # The principal info is passed in. Not going to both to re-query this. - (service,host) = princ.split('/') - h = host.split('@') - principal['service'] = service - principal['hostname'] = h[0] - principal['principal_dn'] = princ_dn - - return dict(principal=principal) - except: - turbogears.flash("Principal show failed %s" % princ) - raise turbogears.redirect("/") - - @expose() - @identity.require(identity.in_group("admins")) - def delete(self, principal): - """Delete a service principal""" - self.restrict_post() - client = self.get_ipaclient() - - print "Deleting %s" % principal - - try: - client.delete_service_principal(principal) - - turbogears.flash("Service principal deleted") - raise turbogears.redirect('/principal/list') - except (SyntaxError, ipaerror.IPAError), e: - turbogears.flash("Service principal deletion failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/principal/list') - - @validate(form=principal_new_form) - @identity.require(identity.not_anonymous()) - def principalcreatevalidate(self, tg_errors=None, **kw): - return tg_errors, kw diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py deleted file mode 100644 index d8fabb6b5..000000000 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py +++ /dev/null @@ -1,854 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import re -import random -from pickle import dumps, loads -from base64 import b64encode, b64decode -import logging - -import cherrypy -import turbogears -from turbogears import controllers, expose, flash -from turbogears import validators, validate -from turbogears import widgets, paginate -from turbogears import error_handler -from turbogears import identity - -from ipacontroller import IPAController -import ipa.user -from ipa.entity import utf8_encode_values -from ipa import ipaerror -import ipagui.forms.user -import ipa.config -from ipagui.helpers import ipahelper - -log = logging.getLogger(__name__) - -password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" - -user_new_form = ipagui.forms.user.UserNewForm() -user_edit_form = ipagui.forms.user.UserEditForm() - -user_fields = ['*', 'nsAccountLock'] - -class UserController(IPAController): - - def __init__(self, *args, **kw): - super(UserController,self).__init__(*args, **kw) -# self.load_custom_fields() - - def get_email_domain(self): - client = self.get_ipaclient() - - conf = client.get_ipa_config() - email_domain = conf.ipadefaultemaildomain - - return email_domain - - def load_custom_fields(self): - - client = self.get_ipaclient() - schema = client.get_custom_fields() - - # FIXME: Don't load from LDAP every single time it is called - - # FIXME: Is removing the attributes on the fly thread-safe? Do we - # need to lock here? - for s in schema: - required=False - if (s['required'].lower() == "true"): - required=True - field = widgets.TextField(name=s['field'],label=s['label']) - validator = validators.String(not_empty=required) - - # Don't allow dupes on the new form - try: - for i in range(len(user_new_form.custom_fields)): - if user_new_form.custom_fields[i].name == s['field']: - user_new_form.custom_fields.pop(i) - except: - pass - - # Don't allow dupes on the edit form - try: - for i in range(len(user_edit_form.custom_fields)): - if user_edit_form.custom_fields[i].name == s['field']: - user_edit_form.custom_fields.pop(i) - except: - pass - - # Don't allow dupes in the list of user fields - try: - for i in range(len(ipagui.forms.user.UserFields.custom_fields)): - if ipagui.forms.user.UserFields.custom_fields[i].name == s['field']: - ipagui.forms.user.UserFields.custom_fields.pop(i) - except: - pass - - ipagui.forms.user.UserFields.custom_fields.append(field) - user_new_form.custom_fields.append(field) - user_edit_form.custom_fields.append(field) - - user_new_form.validator.add_field(s['field'], validator) - user_edit_form.validator.add_field(s['field'], validator) - - def initialize_mv_fields(self, user_dict): - """We use a separate attribute to store multi-values while on - the edit page. It is important that this be at least []. If - it is None it will cause an error to be thrown.""" - - # Load potential multi-valued fields - if isinstance(user_dict['cn'], basestring): - user_dict['cn'] = [user_dict['cn']] - user_dict['cns'] = ipahelper.setup_mv_fields(user_dict['cn'], 'cn') - - if isinstance(user_dict.get('telephonenumber',''), basestring): - user_dict['telephonenumber'] = [user_dict.get('telephonenumber')] - user_dict['telephonenumbers'] = ipahelper.setup_mv_fields(user_dict.get('telephonenumber'), 'telephonenumber') - - if isinstance(user_dict.get('facsimiletelephonenumber',''), basestring): - user_dict['facsimiletelephonenumber'] = [user_dict.get('facsimiletelephonenumber')] - user_dict['facsimiletelephonenumbers'] = ipahelper.setup_mv_fields(user_dict.get('facsimiletelephonenumber'), 'facsimiletelephonenumber') - - if isinstance(user_dict.get('mobile',''), basestring): - user_dict['mobile'] = [user_dict.get('mobile')] - user_dict['mobiles'] = ipahelper.setup_mv_fields(user_dict.get('mobile'), 'mobile') - - if isinstance(user_dict.get('pager',''), basestring): - user_dict['pager'] = [user_dict.get('pager')] - user_dict['pagers'] = ipahelper.setup_mv_fields(user_dict.get('pager'), 'pager') - - if isinstance(user_dict.get('homephone',''), basestring): - user_dict['homephone'] = [user_dict.get('homephone')] - user_dict['homephones'] = ipahelper.setup_mv_fields(user_dict.get('homephone'), 'homephone') - - return user_dict - - @expose() - def index(self): - raise turbogears.redirect("/user/list") - - @expose("ipagui.templates.usernew") - @identity.require(identity.in_any_group("admins","editors")) - def new(self, tg_errors=None): - """Displays the new user form""" - self.load_custom_fields() - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - return dict(form=user_new_form, user={}) - - @expose() - @identity.require(identity.in_any_group("admins","editors")) - def create(self, **kw): - """Creates a new user""" - self.restrict_post() - client = self.get_ipaclient() - - if kw.get('submit') == 'Cancel': - turbogears.flash("Add user cancelled") - raise turbogears.redirect('/user/list') - - # Fix incoming multi-valued fields we created for the form - kw = ipahelper.fix_incoming_fields(kw, 'cn', 'cns') - kw = ipahelper.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') - kw = ipahelper.fix_incoming_fields(kw, 'facsimiletelephonenumber', 'facsimiletelephonenumbers') - kw = ipahelper.fix_incoming_fields(kw, 'mobile', 'mobiles') - kw = ipahelper.fix_incoming_fields(kw, 'pager', 'pagers') - kw = ipahelper.fix_incoming_fields(kw, 'homephone', 'homephones') - - tg_errors, kw = self.usercreatevalidate(**kw) - - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=user_new_form, user=kw, - tg_template='ipagui.templates.usernew') - - # - # Create the user itself - # - try: - new_user = ipa.user.User() - new_user.setValueNotEmpty('title', kw.get('title')) - new_user.setValueNotEmpty('givenname', kw.get('givenname')) - new_user.setValueNotEmpty('sn', kw.get('sn')) - new_user.setValueNotEmpty('cn', kw.get('cn')) - new_user.setValueNotEmpty('displayname', kw.get('displayname')) - new_user.setValueNotEmpty('initials', kw.get('initials')) - - new_user.setValueNotEmpty('uid', kw.get('uid')) - new_user.setValueNotEmpty('loginshell', kw.get('loginshell')) - new_user.setValueNotEmpty('gecos', kw.get('gecos')) - - new_user.setValueNotEmpty('mail', kw.get('mail')) - new_user.setValueNotEmpty('telephonenumber', kw.get('telephonenumber')) - new_user.setValueNotEmpty('facsimiletelephonenumber', - kw.get('facsimiletelephonenumber')) - new_user.setValueNotEmpty('mobile', kw.get('mobile')) - new_user.setValueNotEmpty('pager', kw.get('pager')) - new_user.setValueNotEmpty('homephone', kw.get('homephone')) - - new_user.setValueNotEmpty('street', kw.get('street')) - new_user.setValueNotEmpty('l', kw.get('l')) - new_user.setValueNotEmpty('st', kw.get('st')) - new_user.setValueNotEmpty('postalcode', kw.get('postalcode')) - - new_user.setValueNotEmpty('ou', kw.get('ou')) - new_user.setValueNotEmpty('businesscategory', kw.get('businesscategory')) - new_user.setValueNotEmpty('description', kw.get('description')) - new_user.setValueNotEmpty('employeetype', kw.get('employeetype')) - if kw.get('manager'): - new_user.setValueNotEmpty('manager', kw.get('manager')) - new_user.setValueNotEmpty('roomnumber', kw.get('roomnumber')) - if kw.get('secretary'): - new_user.setValueNotEmpty('secretary', kw.get('secretary')) - - new_user.setValueNotEmpty('carlicense', kw.get('carlicense')) - new_user.setValueNotEmpty('labeleduri', kw.get('labeleduri')) - - for custom_field in user_new_form.custom_fields: - new_user.setValueNotEmpty(custom_field.name, - kw.get(custom_field.name, '')) - - rv = client.add_user(new_user) - - if kw.get('nsAccountLock'): - client.mark_user_inactive(kw.get('uid')) - except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): - turbogears.flash("User with login '%s' already exists" % - kw.get('uid')) - return dict(form=user_new_form, user=kw, - tg_template='ipagui.templates.usernew') - except ipaerror.IPAError, e: - turbogears.flash("User add failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=user_new_form, user=kw, - tg_template='ipagui.templates.usernew') - - # - # NOTE: from here on, the user account now exists. - # on any error, we redirect to the _edit_ user page. - # this code does data setup, similar to useredit() - # - user = client.get_user_by_uid(kw['uid'], user_fields) - user_dict = user.toDict() - - user_groups_dicts = [] - user_groups_data = b64encode(dumps(user_groups_dicts)) - - # store a copy of the original user for the update later - user_data = b64encode(dumps(user_dict)) - user_dict['user_orig'] = user_data - user_dict['user_groups_data'] = user_groups_data - - # preserve group add info in case of errors - user_dict['dnadd'] = kw.get('dnadd') - user_dict['dn_to_info_json'] = kw.get('dn_to_info_json') - - # - # Set the Password - # - if kw.get('krbprincipalkey'): - try: - client.modifyPassword(user_dict['krbprincipalname'], "", kw.get('krbprincipalkey')) - except ipaerror.IPAError, e: - message = "User successfully created.<br />" - message += "There was an error setting the password.<br />" - turbogears.flash(message) - return dict(form=user_edit_form, user=user_dict, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - # - # Add groups - # - failed_adds = [] - try: - dnadds = kw.get('dnadd') - cherrypy.session['uid'] = user_dict.get('uid') - - # remove the default group from failed add - if dnadds != None: - try: - conf=client.get_ipa_config() - default_cn="cn=%s" % conf.getValue('ipadefaultprimarygroup') - - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - - for d in dnadds: - e = d.find(default_cn) - if e >= 0: - dnadds.remove(d) - except: - pass - - if len(dnadds) > 0: - failed_adds = client.add_groups_to_user( - utf8_encode_values(dnadds), user.dn) - kw['dnadd'] = failed_adds - except ipaerror.IPAError, e: - failed_adds = dnadds - - if len(failed_adds) > 0: - message = "User successfully created.<br />" - message += "There was an error adding groups.<br />" - message += "Failures have been preserved in the add/remove lists." - turbogears.flash(message) - - # Setup any multi-value fields, otherwise you'll get: - # 'NoneType' object is not iterable - user_dict = self.initialize_mv_fields(user_dict) - return dict(form=user_edit_form, user=user_dict, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - turbogears.flash("%s added!" % kw['uid']) - print "Succeeded " - raise turbogears.redirect('/user/show', uid=kw['uid']) - - @expose("ipagui.templates.dynamiceditsearch") - @identity.require(identity.not_anonymous()) - def edit_search(self, **kw): - """Searches for groups and displays list of results in a table. - This method is used for the ajax search on the user edit page.""" - client = self.get_ipaclient() - - groups = [] - groups_counter = 0 - searchlimit = 100 - criteria = kw.get('criteria') - if criteria != None and len(criteria) > 0: - try: - groups = client.find_groups(criteria.encode('utf-8'), None, - searchlimit) - groups_counter = groups[0] - groups = groups[1:] - except ipaerror.IPAError, e: - turbogears.flash("search failed: " + str(e)) - - return dict(users=None, groups=groups, criteria=criteria, - counter=groups_counter) - - - @expose("ipagui.templates.useredit") - @identity.require(identity.not_anonymous()) - def edit(self, uid=None, principal=None, tg_errors=None): - """Displays the edit user form""" - self.load_custom_fields() - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - - client = self.get_ipaclient() - - try: - if uid is not None: - user = client.get_user_by_uid(uid, user_fields) - elif principal is not None: - principal = principal + "@" + ipa.config.config.default_realm - user = client.get_user_by_principal(principal, user_fields) - else: - turbogears.flash("User edit failed: No uid or principal provided") - raise turbogears.redirect('/') - user_dict = user.toDict() - - user_dict = self.initialize_mv_fields(user_dict) - - # Edit shouldn't fill in the password field. - if user_dict.has_key('krbprincipalkey'): - del(user_dict['krbprincipalkey']) - - user_dict['uid_hidden'] = user_dict.get('uid') - - user_groups = client.get_groups_by_member(user.dn, ['dn', 'cn']) - user_groups.sort(self.sort_by_cn) - user_groups_dicts = map(lambda group: group.toDict(), user_groups) - user_groups_data = b64encode(dumps(user_groups_dicts)) - - # store a copy of the original user for the update later - user_data = b64encode(dumps(user_dict)) - user_dict['user_orig'] = user_data - user_dict['user_groups_data'] = user_groups_data - - # grab manager and secretary names - if user.manager: - try: - user_manager = client.get_entry_by_dn(user.manager, - ['givenname', 'sn', 'uid']) - user_dict['manager_cn'] = "%s %s" % ( - user_manager.getValue('givenname', ''), - user_manager.getValue('sn', '')) - except (ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND), - ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR)): - pass - if user.secretary: - try: - user_secretary = client.get_entry_by_dn(user.secretary, - ['givenname', 'sn', 'uid']) - user_dict['secretary_cn'] = "%s %s" % ( - user_secretary.getValue('givenname', ''), - user_secretary.getValue('sn', '')) - except (ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND), - ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR)): - pass - - # Set the uid we're editing in the session. If it doesn't match - # later the update will not be processed - cherrypy.session['uid'] = user_dict.get('uid') - - # Hack. The admin user doesn't have inetorgperson as an - # objectclass so don't require the givenName attribute if - # this objectclass doesn't exist in the record. - oc = [x.lower() for x in user_dict.get('objectclass')] - try: - p = oc.index('inetorgperson') - except ValueError: - # This entry doesn't have inetorgperson so don't require gn - user_edit_form.validator.fields.get('givenname').not_empty=False - - return dict(form=user_edit_form, user=user_dict, - user_groups=user_groups_dicts) - except ipaerror.IPAError, e: - if uid is None: - uid = principal - turbogears.flash("User edit failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/user/show', uid=uid) - - @expose() - @identity.require(identity.not_anonymous()) - def update(self, **kw): - """Updates an existing user""" - self.restrict_post() - client = self.get_ipaclient() - - if not kw.get('uid'): - kw['uid'] = kw.get('uid_hidden') - - if kw.get('submit') == 'Cancel Edit': - turbogears.flash("Edit user cancelled") - raise turbogears.redirect('/user/show', uid=kw.get('uid')) - - edituid = cherrypy.session.get('uid') - if edituid and edituid != kw.get('uid') and edituid != kw.get('uid_hidden'): - turbogears.flash("Something went wrong. You last viewed %s but are trying to update %s" % (kw.get('uid'), edituid)) - raise turbogears.redirect('/user/show', uid=kw.get('uid')) - - # Fix incoming multi-valued fields we created for the form - kw = ipahelper.fix_incoming_fields(kw, 'cn', 'cns') - kw = ipahelper.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') - kw = ipahelper.fix_incoming_fields(kw, 'facsimiletelephonenumber', 'facsimiletelephonenumbers') - kw = ipahelper.fix_incoming_fields(kw, 'mobile', 'mobiles') - kw = ipahelper.fix_incoming_fields(kw, 'pager', 'pagers') - kw = ipahelper.fix_incoming_fields(kw, 'homephone', 'homephones') - - # admins and editors can update anybody. A user can only update - # themselves. We need this check because it is very easy to guess - # the edit URI. - if ((not 'admins' in turbogears.identity.current.groups and - not 'editors' in turbogears.identity.current.groups) and - (kw.get('uid_hidden') != turbogears.identity.current.display_name)): - turbogears.flash("You do not have permission to update this user.") - raise turbogears.redirect('/user/show', uid=kw.get('uid')) - - if (kw.get('uid_hidden') == turbogears.identity.current.display_name and - kw.get('uid') != kw.get('uid_hidden')): - turbogears.flash("You cannot change your own login name.") - raise turbogears.redirect('/user/show', uid=kw.get('uid_hidden')) - - # Decode the group data, in case we need to round trip - user_groups_dicts = loads(b64decode(kw.get('user_groups_data'))) - - tg_errors, kw = self.userupdatevalidate(**kw) - if tg_errors: - turbogears.flash("There were validation errors.<br/>" + - "Please see the messages below for details.") - return dict(form=user_edit_form, user=kw, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - # We don't want to inadvertantly add this to a record - try: - del kw['uid_hidden'] - except KeyError: - pass - - password_change = False - user_modified = False - - # - # Update the user itself - # - try: - orig_user_dict = loads(b64decode(kw.get('user_orig'))) - - # remove multi-valued fields we created for the form - del(orig_user_dict['cns']) - del(orig_user_dict['telephonenumbers']) - del(orig_user_dict['facsimiletelephonenumbers']) - del(orig_user_dict['mobiles']) - del(orig_user_dict['pagers']) - del(orig_user_dict['homephones']) - - new_user = ipa.user.User(orig_user_dict) - new_user.setValueNotEmpty('title', kw.get('title')) - new_user.setValueNotEmpty('givenname', kw.get('givenname')) - new_user.setValueNotEmpty('sn', kw.get('sn')) - new_user.setValueNotEmpty('cn', kw.get('cn')) - new_user.setValueNotEmpty('displayname', kw.get('displayname')) - new_user.setValueNotEmpty('initials', kw.get('initials')) - - new_user.setValueNotEmpty('loginshell', kw.get('loginshell')) - new_user.setValueNotEmpty('gecos', kw.get('gecos')) - - new_user.setValueNotEmpty('mail', kw.get('mail')) - new_user.setValueNotEmpty('telephonenumber', kw.get('telephonenumber')) - new_user.setValueNotEmpty('facsimiletelephonenumber', - kw.get('facsimiletelephonenumber')) - new_user.setValueNotEmpty('mobile', kw.get('mobile')) - new_user.setValueNotEmpty('pager', kw.get('pager')) - new_user.setValueNotEmpty('homephone', kw.get('homephone')) - - new_user.setValueNotEmpty('street', kw.get('street')) - new_user.setValueNotEmpty('l', kw.get('l')) - new_user.setValueNotEmpty('st', kw.get('st')) - new_user.setValueNotEmpty('postalcode', kw.get('postalcode')) - - new_user.setValueNotEmpty('ou', kw.get('ou')) - new_user.setValueNotEmpty('businesscategory', kw.get('businesscategory')) - new_user.setValueNotEmpty('description', kw.get('description')) - new_user.setValueNotEmpty('employeetype', kw.get('employeetype')) - new_user.setValueNotEmpty('manager', kw.get('manager')) - new_user.setValueNotEmpty('roomnumber', kw.get('roomnumber')) - new_user.setValueNotEmpty('secretary', kw.get('secretary')) - - new_user.setValueNotEmpty('carlicense', kw.get('carlicense')) - new_user.setValueNotEmpty('labeleduri', kw.get('labeleduri')) - - if kw.get('editprotected') == 'true': - if kw.get('krbprincipalkey'): - password_change = True - new_user.setValueNotEmpty('uidnumber', str(kw.get('uidnumber'))) - new_user.setValueNotEmpty('gidnumber', str(kw.get('gidnumber'))) - new_user.setValueNotEmpty('homedirectory', str(kw.get('homedirectory'))) - new_user.setValueNotEmpty('uid', str(kw.get('uid'))) - - for custom_field in user_edit_form.custom_fields: - new_user.setValueNotEmpty(custom_field.name, - kw.get(custom_field.name, '')) - - rv = client.update_user(new_user) - # - # If the user update succeeds, but below operations fail, we - # need to make sure a subsequent submit doesn't try to update - # the user again. - # - user_modified = True - kw['user_orig'] = b64encode(dumps(new_user.toDict())) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST), e: - # could be a password change - # could be groups change - # too much work to figure out unless someone really screams - pass - except ipaerror.IPAError, e: - turbogears.flash("User update failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=user_edit_form, user=kw, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - # - # Password change - # - try: - if password_change: - rv = client.modifyPassword(orig_user_dict['krbprincipalname'], "", kw.get('krbprincipalkey')) - except ipaerror.IPAError, e: - turbogears.flash("User password change failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=user_edit_form, user=kw, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - except Exception, e: - turbogears.flash("User password change failed: " + str(e)) - return dict(form=user_edit_form, user=kw, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - # - # Add groups - # - failed_adds = [] - try: - dnadds = kw.get('dnadd') - if dnadds != None: - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - failed_adds = client.add_groups_to_user( - utf8_encode_values(dnadds), new_user.dn) - kw['dnadd'] = failed_adds - except ipaerror.IPAError, e: - failed_adds = dnadds - - # - # Remove groups - # - failed_dels = [] - try: - dndels = kw.get('dndel') - if dndels != None: - if not(isinstance(dndels,list) or isinstance(dndels,tuple)): - dndels = [dndels] - failed_dels = client.remove_groups_from_user( - utf8_encode_values(dndels), new_user.dn) - kw['dndel'] = failed_dels - except ipaerror.IPAError, e: - failed_dels = dndels - - if (len(failed_adds) > 0) or (len(failed_dels) > 0): - message = "There was an error updating groups.<br />" - message += "Failures have been preserved in the add/remove lists." - if user_modified: - message = "User Details successfully updated.<br />" + message - if password_change: - message = "User password successfully updated.<br />" + message - turbogears.flash(message) - return dict(form=user_edit_form, user=kw, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - if kw.get('nsAccountLock') == '': - kw['nsAccountLock'] = "false" - - try: - if kw.get('nsAccountLock') == "false" and new_user.getValues('nsaccountlock') == "true": - client.mark_user_active(kw.get('uid')) - elif kw.get('nsAccountLock') == "true" and new_user.nsaccountlock != "true": - client.mark_user_inactive(kw.get('uid')) - except ipaerror.IPAError, e: - turbogears.flash("User status change failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - return dict(form=user_edit_form, user=kw, - user_groups=user_groups_dicts, - tg_template='ipagui.templates.useredit') - - turbogears.flash("%s updated!" % kw['uid']) - raise turbogears.redirect('/user/show', uid=kw['uid']) - - - @expose("ipagui.templates.userlist") - @identity.require(identity.not_anonymous()) - def list(self, **kw): - """Searches for users and displays list of results""" - client = self.get_ipaclient() - - users = None - counter = 0 - uid = kw.get('uid') - if uid != None and len(uid) > 0: - try: - users = client.find_users(uid.encode('utf-8'), user_fields) - counter = users[0] - users = users[1:] - if counter == -1: - turbogears.flash("These results are truncated.<br />" + - "Please refine your search and try again.") - except ipaerror.IPAError, e: - turbogears.flash("User list failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect("/user/list") - - return dict(users=users, uid=uid, fields=ipagui.forms.user.UserFields()) - - - @expose("ipagui.templates.usershow") - @identity.require(identity.not_anonymous()) - def show(self, uid): - """Retrieve a single user for display""" - client = self.get_ipaclient() - self.load_custom_fields() - - try: - user = client.get_user_by_uid(uid, user_fields) - user_groups = client.get_groups_by_member(user.dn, ['cn']) - user_groups.sort(self.sort_by_cn) - user_reports = client.get_users_by_manager(user.dn, - ['givenname', 'sn', 'uid']) - user_reports.sort(self.sort_group_member) - - user_manager = None - user_secretary = None - try: - if user.manager: - user_manager = client.get_entry_by_dn(user.manager, - ['givenname', 'sn', 'uid']) - except (ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND), - ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR)): - pass - - try: - if user.secretary: - user_secretary = client.get_entry_by_dn(user.secretary, - ['givenname', 'sn', 'uid']) - except (ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND), - ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR)): - pass - - return dict(user=user.toDict(), fields=ipagui.forms.user.UserFields(), - user_groups=user_groups, user_reports=user_reports, - user_manager=user_manager, user_secretary=user_secretary) - except ipaerror.IPAError, e: - turbogears.flash("User show failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect("/") - - @expose() - @identity.require(identity.not_anonymous()) - def delete(self, uid): - """Delete user.""" - self.restrict_post() - client = self.get_ipaclient() - - try: - client.delete_user(uid) - - turbogears.flash("user deleted") - raise turbogears.redirect('/user/list') - except (SyntaxError, ipaerror.IPAError), e: - turbogears.flash("User deletion failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - raise turbogears.redirect('/user/list') - - @validate(form=user_new_form) - @identity.require(identity.not_anonymous()) - def usercreatevalidate(self, tg_errors=None, **kw): - return tg_errors, kw - - @validate(form=user_edit_form) - @identity.require(identity.not_anonymous()) - def userupdatevalidate(self, tg_errors=None, **kw): - return tg_errors, kw - - # @expose() - def generate_password(self): - password = "" - generator = random.SystemRandom() - for char in range(8): - password += generator.choice(password_chars) - - return password - - @expose() - @identity.require(identity.not_anonymous()) - def suggest_uid(self, givenname, sn): - # filter illegal uid characters out - givenname = re.sub(r'[^a-zA-Z_\-0-9]', "", givenname) - sn = re.sub(r'[^a-zA-Z_\-0-9]', "", sn) - - if (len(givenname) == 0) or (len(sn) == 0): - return "" - - client = self.get_ipaclient() - - givenname = givenname.lower() - sn = sn.lower() - - uid = givenname[0] + sn[:7] - try: - client.get_user_by_uid(uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return uid - - uid = givenname[:7] + sn[0] - try: - client.get_user_by_uid(uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return uid - - uid = (givenname + sn)[:8] - try: - client.get_user_by_uid(uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return uid - - uid = sn[:8] - try: - client.get_user_by_uid(uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return uid - - suffix = 2 - template = givenname[0] + sn[:7] - while suffix < 20: - uid = template[:8 - len(str(suffix))] + str(suffix) - try: - client.get_user_by_uid(uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return uid - suffix += 1 - - return "" - - @expose() - @identity.require(identity.not_anonymous()) - def suggest_email(self, givenname, sn): - # remove illegal email characters - givenname = re.sub(r'[^a-zA-Z0-9!#\$%\*/?\|\^\{\}`~&\'\+\-=_]', "", givenname) - sn = re.sub(r'[^a-zA-Z0-9!#\$%\*/?\|\^\{\}`~&\'\+\-=_]', "", sn) - - if (len(givenname) == 0) or (len(sn) == 0): - return "" - - client = self.get_ipaclient() - - givenname = givenname.lower() - sn = sn.lower() - - email = "%s.%s@%s" % (givenname, sn, self.get_email_domain()) - try: - client.get_user_by_email(email) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return email - - email = "%s@%s" % (self.suggest_uid(givenname, sn), self.get_email_domain()) - try: - client.get_user_by_email(email) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return email - - return "" - - @expose("ipagui.templates.userselectsearch") - @identity.require(identity.not_anonymous()) - def user_select_search(self, **kw): - """Searches for users and displays list of results in a table. - This method is used for the ajax search for managers - and secrectary on the user pages.""" - client = self.get_ipaclient() - - users = [] - users_counter = 0 - searchlimit = 100 - criteria = kw.get('criteria') - if criteria != None and len(criteria) > 0: - try: - users = client.find_users(criteria.encode('utf-8'), None, - searchlimit) - users_counter = users[0] - users = users[1:] - except ipaerror.IPAError, e: - turbogears.flash("search failed: " + str(e) + "<br/>" + e.detail[0].get('desc','') + ". " + e.detail[0].get('info','')) - - return dict(users=users, criteria=criteria, - which_select=kw.get('which_select'), - counter=users_counter) diff --git a/ipa-server/ipa-gui/ipagui/templates/Makefile.am b/ipa-server/ipa-gui/ipagui/templates/Makefile.am deleted file mode 100644 index ddc8666ca..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/Makefile.am +++ /dev/null @@ -1,55 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/templates -app_PYTHON = \ - __init__.py \ - $(NULL) - -app_DATA = \ - delegateedit.kid \ - delegateform.kid \ - delegategroupsearch.kid \ - delegatelayout.kid \ - delegatelist.kid \ - delegatenew.kid \ - dynamiceditsearch.kid \ - groupeditform.kid \ - groupedit.kid \ - grouplayout.kid \ - grouplist.kid \ - groupnewform.kid \ - groupnew.kid \ - groupshow.kid \ - ipapolicyeditform.kid \ - ipapolicyedit.kid \ - ipapolicyshow.kid \ - loginfailed.kid \ - master.kid \ - not_found.kid \ - policyindex.kid \ - policylayout.kid \ - principallayout.kid \ - principallist.kid \ - principalshow.kid \ - principalnewform.kid \ - principalnew.kid \ - usereditform.kid \ - useredit.kid \ - userlayout.kid \ - userlist.kid \ - usernewform.kid \ - usernew.kid \ - userselectsearch.kid \ - usershow.kid \ - welcome.kid \ - unhandled_exception.kid \ - $(NULL) - -EXTRA_DIST = \ - $(app_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/templates/__init__.py b/ipa-server/ipa-gui/ipagui/templates/__init__.py deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/__init__.py +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid b/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid deleted file mode 100644 index d9f6c3c4e..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid +++ /dev/null @@ -1,33 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'delegatelayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Edit Delegation</title> -</head> -<body> - - <h1 class="accesscontrol">Edit Delegation</h1> - - ${form.display(action=tg.url("/delegate/update"), value=delegate, - actionname='Update')} - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegateform.kid b/ipa-server/ipa-gui/ipagui/templates/delegateform.kid deleted file mode 100644 index 71d08a4fe..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/delegateform.kid +++ /dev/null @@ -1,213 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - - <?python searchurl = tg.url('/delegate/group_search') ?> - - <script type="text/javascript"> - function lostFocus(which_group) { - /* The user has left the field, save what they put in there in case - * they don't do a Find. */ - group_cn_field = $('form_' + which_group + '_group_cn'); - group_criteria_field = $(which_group + '_criteria') - group_cn_field.value = group_criteria_field.value - } - - function enterDoSearch(e, which_group) { - var keyPressed; - if (window.event) { - keyPressed = window.event.keyCode; - } else { - keyPressed = e.which; - } - - if (keyPressed == 13) { - return doSearch(which_group); - } else { - return true; - } - } - - function doSearch(which_group) { - $(which_group + '_searchresults').update("Searching..."); - new Ajax.Updater(which_group + '_searchresults', - '${searchurl}', - { asynchronous:true, - parameters: { criteria: $(which_group + '_criteria').value, - which_group: which_group}, - evalScripts: true }); - return false; - } - - function selectGroup(which_group, group_dn, group_cn) { - group_dn_field = $('form_' + which_group + '_group_dn'); - group_cn_field = $('form_' + which_group + '_group_cn'); - group_cn_span = $(which_group + '_group_cn'); - - group_dn_field.value = group_dn; - group_cn_field.value = group_cn; - group_cn_span.update(group_cn); - - new Effect.Fade($(which_group + '_searcharea'), {duration: 0.25}); - new Effect.Appear($(which_group + '_change_link'), {duration: 0.25}); - } - - function confirmDelete() { - if (confirm("Are you sure you want to delete this delegation?")) { - $('deleteform').submit(); - } - return false; - } - </script> - - <form style="display:none" id='deleteform' - method="post" action="${tg.url('/delegate/delete')}"> - <input type="hidden" name="acistr" value="${value.get('orig_acistr')}" /> - </form> - - <form action="${action}" name="${name}" method="${method}" class="tableform"> - - <input type="submit" class="submitbutton" name="submit" - value="${actionname} Delegation"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel ${actionname}"/> - <span py:if='actionname == "Update"'> - <input type="button" class="deletebutton" - value="Delete Delegation" - onclick="return confirmDelete();" - /> - </span> - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - -<h2>Delegation Details</h2> - - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th valign="top"> - <label class="fieldlabel" for="${delegate_fields.name.field_id}" - py:content="delegate_fields.name.label" />: - </th> - <td> - <span py:replace="delegate_fields.name.display(value_for(delegate_fields.name))" /> - <span py:if="tg.errors.get('name')" class="fielderror" - py:content="tg.errors.get('name')" /> - </td> - </tr> - <tr> - <th valign="top"> - <label class="fieldlabel" for="${delegate_fields.source_group_cn.field_id}" - py:content="delegate_fields.source_group_cn.label" />: - </th> - <td> - <div> - <span id='source_group_cn'>${value_for(delegate_fields.source_group_cn)}</span> - <a href="#" id='source_change_link' - onclick="new Effect.Appear($('source_searcharea'), {duration: 0.25}); - new Effect.Fade(this, {duration: 0.25}); - return false;">change</a> - <span py:if="tg.errors.get('source_group_dn')" class="fielderror" - py:content="tg.errors.get('source_group_dn')" /> - </div> - <div id="source_searcharea" style="display:none"> - <input class="requiredfield" id="source_criteria" type="text" - onkeypress="return enterDoSearch(event, 'source');" onblur="return lostFocus('source');"/> - <input class="searchbutton" type="button" value="Find" - onclick="return doSearch('source');" - /> - <div id="source_searchresults"> - </div> - </div> - </td> - </tr> - <tr> - <th valign="top"> - <label class="fieldlabel" for="${delegate_fields.attrs.field_id}" - py:content="delegate_fields.attrs.label" />: - </th> - <td valign="top"> - <span py:if="tg.errors.get('attrs')" class="fielderror" - py:content="tg.errors.get('attrs')" /> - <span py:replace="delegate_fields.attrs.display(value_for(delegate_fields.attrs))" /> - </td> - </tr> - <tr> - <th valign="top"> - <label class="fieldlabel" for="${delegate_fields.dest_group_cn.field_id}" - py:content="delegate_fields.dest_group_cn.label" />: - </th> - <td> - <div> - <span id='dest_group_cn'>${value_for(delegate_fields.dest_group_cn)}</span> - <a href="#" id='dest_change_link' - onclick="new Effect.Appear($('dest_searcharea'), {duration: 0.25}); - new Effect.Fade(this, {duration: 0.25}); - return false;">change</a> - <span py:if="tg.errors.get('dest_group_dn')" class="fielderror" - py:content="tg.errors.get('dest_group_dn')" /> - </div> - <div id="dest_searcharea" style="display:none"> - <div> - <input class="requiredfield" id="dest_criteria" type="text" - onkeypress="return enterDoSearch(event, 'dest');" onblur="return lostFocus('dest');"/> - <input class="searchbutton" type="button" value="Find" - onclick="return doSearch('dest');" - /> - </div> - <div id="dest_searchresults"> - </div> - </div> - </td> - </tr> - </table> - -<hr /> - - <input type="submit" class="submitbutton" name="submit" - value="${actionname} Delegation"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel ${actionname}"/> - <span py:if='actionname == "Update"'> - <input type="button" class="deletebutton" - value="Delete Delegation" - onclick="return confirmDelete();" - /> - </span> - - <script py:if="not value.get('source_group_dn')" - type="text/javascript"> - new Effect.Appear($('source_searcharea'), {duration: 0.25}); - new Effect.Fade($('source_change_link'), {duration: 0.25}); - </script> - <script py:if="not value.get('dest_group_dn')" - type="text/javascript"> - new Effect.Appear($('dest_searcharea'), {duration: 0.25}); - new Effect.Fade($('dest_change_link'), {duration: 0.25}); - </script> - - </form> - - - <script type="text/javascript"> - document.getElementById("form_name").focus(); - </script> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegategroupsearch.kid b/ipa-server/ipa-gui/ipagui/templates/delegategroupsearch.kid deleted file mode 100644 index f8f8b5c66..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/delegategroupsearch.kid +++ /dev/null @@ -1,48 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#"> - -<?python -from ipagui.helpers import ipahelper -?> - <div py:if='(groups != None) and (len(groups) > 0)'> - <div id="search-results-count"> - ${len(groups)} results returned: - <span py:if="counter < 0"> - (truncated) - </span> - </div> - - <div py:for="group in groups"> - <?python - group_dn_esc = ipahelper.javascript_string_escape(group.dn) - group_cn_esc = ipahelper.javascript_string_escape(group.cn) - which_group_esc = ipahelper.javascript_string_escape(which_group) - ?> - - ${group.cn} - <a href="" - onclick="selectGroup('${which_group_esc}', '${group_dn_esc}', '${group_cn_esc}'); - return false;" - >select</a> - </div> - </div> - <div py:if='(groups != None) and (len(groups) == 0)'> - No results found for "${criteria}" - </div> -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegatelayout.kid b/ipa-server/ipa-gui/ipagui/templates/delegatelayout.kid deleted file mode 100644 index 7ece6cf97..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/delegatelayout.kid +++ /dev/null @@ -1,34 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -</head> - -<body py:match="item.tag=='{http://www.w3.org/1999/xhtml}body'" py:attrs="item.items()"> - <div id="main_content"> -<div id="details"> - <div id="alertbox" py:if="value_of('tg_flash', None)"><p py:content="XML(tg_flash)"></p></div> - - <div py:replace="[item.text]+item[:]"></div> - </div> -</div> -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid b/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid deleted file mode 100644 index 81ecfeb00..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid +++ /dev/null @@ -1,93 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'delegatelayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Delegations</title> -</head> -<body> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - - <script type="text/javascript"> - function editDelegation(acistr) { - $('edit_acistr').value = acistr; - $('editform').submit(); - return false; - } - </script> - - <form style="display:none" id='editform' - method="post" action="${tg.url('/delegate/edit')}"> - <input type="hidden" id="edit_acistr" name="acistr" value="" /> - </form> - <h1 class="accesscontrol">Delegations</h1> - - <table id="resultstable" class="details sortable resizable"> - <thead> - <tr> - <th>${fields.name.label}</th> - <th>${fields.source_group_cn.label}</th> - <th>${fields.attrs.label}</th> - <th>${fields.dest_group_cn.label}</th> - </tr> - </thead> - <tbody> - <tr py:for='aci in aci_list'> - <?python - source_cn = group_dn_to_cn.get(aci.source_group) - dest_cn = group_dn_to_cn.get(aci.dest_group) - acistr = aci.orig_acistr - acistr_esc = ipahelper.javascript_string_escape(acistr) - ?> - <td> - <a href="#" onclick="return editDelegation('${acistr_esc}');" - >${aci.name}</a> - </td> - <td> - <a href="${tg.url('/group/show', cn=source_cn)}" - >${source_cn}</a> - </td> - <td> - ${", ".join(aci.attrs)} - </td> - <td> - <a href="${tg.url('/group/show', cn=dest_cn)}" - >${dest_cn}</a> - </td> - </tr> - </tbody> - </table> - - <table border="0"> - <tbody> - <tr> - <td> - <a href="${tg.url('/delegate/new')}">add new delegation</a><br /> - </td> - </tr> - </tbody> - </table> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid b/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid deleted file mode 100644 index 12ba9e362..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid +++ /dev/null @@ -1,31 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'delegatelayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Add Delegation</title> -</head> -<body> - <h1 class="accesscontrol">Add Delegation</h1> - - ${form.display(action=tg.url("/delegate/create"), value=delegate, - actionname='Add')} -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/dynamiceditsearch.kid b/ipa-server/ipa-gui/ipagui/templates/dynamiceditsearch.kid deleted file mode 100644 index 2407f6653..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/dynamiceditsearch.kid +++ /dev/null @@ -1,97 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#"> - -<?python -from ipagui.helpers import ipahelper -# -# This file is used to render the results from an AJAX search onto a page. -# It has many expectations of the page being rendered into: -# - Source page must have included dynamicedit.js and followed all of its -# requirements -# -?> - <div id="search-results-count"> - </div> - <?python - criteria_esc = ipahelper.javascript_string_escape(criteria) - ?> - <script type="text/javascript"> - search_string = "${criteria_esc}"; - results_counter = 0; - </script> - <?python search_div_counter = 1 ?> - <div py:for="entities in (users, groups)"> - <div py:if='(entities != None) and (len(entities) > 0)'> - <div py:for="entity in entities" id="search-${search_div_counter}"> - <?python - ent_dn_esc = ipahelper.javascript_string_escape(entity.dn) - ent_uid = entity.uid - if ent_uid: - ent_name = "%s %s" % (entity.getValue('givenName', ''), - entity.getValue('sn', '')) - ent_descr = "(%s)" % entity.uid - ent_type = "user" - else: - ent_name = entity.cn - ent_descr = "[group]" - ent_type = "group" - ent_name_esc = ipahelper.javascript_string_escape(ent_name) - ent_descr_esc = ipahelper.javascript_string_escape(ent_descr) - ent_type_esc = ipahelper.javascript_string_escape(ent_type) - ?> - <span id="search-info-${search_div_counter}"></span> - <script type="text/javascript"> - if ((added_hash["${ent_dn_esc}"] == 1) || - (member_hash["${ent_dn_esc}"] == 1)) { - $("search-${search_div_counter}").style.display = 'none'; - } else { - results_counter = results_counter + 1; - } - - renderMemberInfo($('search-info-${search_div_counter}'), - new MemberDisplayInfo('${ent_name_esc}', - '${ent_descr_esc}', - '${ent_type_esc}')); - </script> - <a href="" - onclick="addmemberHandler(this, '${ent_dn_esc}', - new MemberDisplayInfo('${ent_name_esc}', - '${ent_descr_esc}', - '${ent_type_esc}')); - return false;" - >add</a> - <?python - search_div_counter = search_div_counter + 1 - ?> - </div> - </div> - </div> - <script type="text/javascript"> - if (results_counter == 0) { - var message = "No results found for '" + search_string + "'"; - } else { - var message = results_counter + " results found:"; - } - $('search-results-count').appendChild(document.createTextNode(message)); - </script> - <script py:if="counter < 0"> - $('search-results-count').appendChild(document.createTextNode( - " (truncated)")); - </script> -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/groupedit.kid b/ipa-server/ipa-gui/ipagui/templates/groupedit.kid deleted file mode 100644 index 9614770f4..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/groupedit.kid +++ /dev/null @@ -1,36 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'grouplayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>Edit Group</title> -</head> -<body> - <div id="details"> - <h1 class="usergroup">Edit Group</h1> -<input type="checkbox" id="toggleprotected_checkbox" - onclick="toggleProtectedFields(this);"> - <span class="small">edit protected fields</span> - </input> - - ${form.display(action=tg.url('/group/update'), value=group, members=members)} -</div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/groupeditform.kid b/ipa-server/ipa-gui/ipagui/templates/groupeditform.kid deleted file mode 100644 index 78f76b0a1..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/groupeditform.kid +++ /dev/null @@ -1,289 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - - <form style="display:none" id='deleteform' - method="post" action="${tg.url('/group/delete')}"> - <input type="hidden" name="dn" value="${value.get('dn')}" /> - </form> - - <form action="${action}" name="${name}" method="${method}" class="tableform" - onsubmit="preSubmit()" > - - <input type="submit" class="submitbutton" name="submit" - value="Update Group"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel Edit" /> - <input type="button" class="deletebutton" - value="Delete Group" - onclick="return confirmDelete();" - /> - - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicedit.js')}"></script> - <script type="text/javascript" charset="utf-8" - src="${tg.url('/tg_widgets/tg_expanding_form_widget/javascript/expanding_form.js')}"></script> - - <?python searchurl = tg.url('/group/edit_search') ?> - - <script type="text/javascript"> - function toggleProtectedFields(checkbox) { - var gidnumberField = $('form_gidnumber'); - var cnField = $('form_cn'); - if (checkbox.checked) { - gidnumberField.disabled = false; - cnField.disabled = false; - $('form_editprotected').value = 'true'; - } else { - gidnumberField.disabled = true; - cnField.disabled = true; - $('form_editprotected').value = ''; - } - } - - function doSearch() { - $('searchresults').update("Searching..."); - new Ajax.Updater('searchresults', - '${searchurl}', - { asynchronous:true, - parameters: { criteria: $('criteria').value }, - evalScripts: true }); - return false; - } - - function confirmDelete() { - if (confirm("Are you sure you want to delete this group?")) { - $('deleteform').submit(); - } - return false; - } - </script> - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - - <h2 class="formsection">Group Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${group_fields.cn.field_id}" - py:content="group_fields.cn.label" />: - </th> - <td> - <span py:replace="group_fields.cn.display(value_for(group_fields.cn))" /> - <span py:if="tg.errors.get('cn')" class="fielderror" - py:content="tg.errors.get('cn')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${group_fields.description.field_id}" - py:content="group_fields.description.label" />: - </th> - <td> - <span py:replace="group_fields.description.display(value_for(group_fields.description))" /> - <span py:if="tg.errors.get('description')" class="fielderror" - py:content="tg.errors.get('description')" /> - - <script type="text/javascript"> - document.getElementById('form_cn').disabled = true; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${group_fields.gidnumber.field_id}" - py:content="group_fields.gidnumber.label" />: - </th> - <td> - <span py:replace="group_fields.gidnumber.display(value_for(group_fields.gidnumber))" /> - <span py:if="tg.errors.get('gidnumber')" class="fielderror" - py:content="tg.errors.get('gidnumber')" /> - - <script type="text/javascript"> - document.getElementById('form_gidnumber').disabled = true; - </script> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${group_fields.nsAccountLock.field_id}" py:content="group_fields.nsAccountLock.label" />: - </th> - <td> - <span py:replace="group_fields.nsAccountLock.display(value_for(group_fields.nsAccountLock))" /> - <span py:if="tg.errors.get('nsAccountLock')" class="fielderror" - py:content="tg.errors.get('nsAccountLock')" /> - </td> - </tr> - </table> - - <div> - <h2 class="formsection">Group Members</h2> - - <div class="floatlist"> - <div class="floatheader">To Remove:</div> - <div id="delmembers"> - </div> - </div> - - <div> - <?python div_counter = 1 ?> - <div py:for="member in members" id="member-${div_counter}"> - <?python - member_dn = member.get('dn') - member_dn_esc = ipahelper.javascript_string_escape(member_dn) - - member_uid = member.get('uid') - member_inherited = member.get('inherited') - if member_uid: - member_name = "%s %s" % (member.get('givenName', ''), - member.get('sn', '')) - member_descr = "(%s)" % member.get('uid') - if member_inherited: - member_type = "iuser" - else: - member_type = "user" - else: - member_name = member.get('cn') - member_descr = "[group]" - if member_inherited: - member_type = "igroup" - else: - member_type = "group" - member_name_esc = ipahelper.javascript_string_escape(member_name) - member_descr_esc = ipahelper.javascript_string_escape(member_descr) - member_type_esc = ipahelper.javascript_string_escape(member_type) - ?> - <span id="member-info-${div_counter}"></span> - <script type="text/javascript"> - renderMemberInfo($('member-info-${div_counter}'), - new MemberDisplayInfo('${member_name_esc}', - '${member_descr_esc}', - '${member_type_esc}')); - </script> - <a py:if="member_inherited != True" href="#" - onclick="removememberHandler(this, '${member_dn_esc}', - new MemberDisplayInfo('${member_name_esc}', - '${member_descr_esc}', - '${member_type_esc}')); - return false;" - >remove</a> - <script type="text/javascript"> - dn_to_member_div_id['${member_dn_esc}'] = "member-${div_counter}"; - member_hash["${member_dn_esc}"] = 1; - </script> - <?python - div_counter = div_counter + 1 - ?> - </div> - <!-- a space here to prevent an empty div --> - </div> - - </div> - - <div style="clear:both"> - <h2 class="formsection">Add Members</h2> - - <div class="floatlist"> - <div class="floatheader">To Add:</div> - <div id="newmembers"> - </div> - </div> - - <div> - <div id="search"> - <input id="criteria" type="text" name="criteria" - onkeypress="return enterDoSearch(event);" /> - <input class="searchbutton" type="button" value="Find" - onclick="return doSearch();" - /> - </div> - <div id="searchresults"> - </div> - </div> - </div> -<hr /> - <input type="submit" class="submitbutton" name="submit" - value="Update Group"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel Edit" /> - <input type="button" class="deletebutton" - value="Delete Group" - onclick="return confirmDelete();" - /> - </form> - - <script type="text/javascript"> - /* - * This section restores the contents of the add and remove lists - * dynamically if we have to refresh the page - */ - if ($('form_dn_to_info_json').value != "") { - dn_to_info_hash = new Hash($('form_dn_to_info_json').value.evalJSON()); - } - - if ($('form_editprotected').value != "") { - $('toggleprotected_checkbox').checked = true; - toggleProtectedFields($('toggleprotected_checkbox')); - } - </script> - - <?python - dnadds = value.get('dnadd', []) - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - - dndels = value.get('dndel', []) - if not(isinstance(dndels,list) or isinstance(dndels,tuple)): - dndels = [dndels] - ?> - - <script py:for="dnadd in dnadds"> - <?python - dnadd_esc = ipahelper.javascript_string_escape(dnadd) - ?> - var dn = "${dnadd_esc}"; - var info = dn_to_info_hash[dn]; - var newdiv = addmember(dn, info); - if (newdiv != null) { - newdiv.style.display = 'block'; - } - </script> - - <script py:for="dndel in dndels"> - <?python - dndel_esc = ipahelper.javascript_string_escape(dndel) - ?> - var dn = "${dndel_esc}"; - var info = dn_to_info_hash[dn]; - var newdiv = removemember(dn, info); - newdiv.style.display = 'block'; - orig_div_id = dn_to_member_div_id[dn] - $(orig_div_id).style.display = 'none'; - </script> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/grouplayout.kid b/ipa-server/ipa-gui/ipagui/templates/grouplayout.kid deleted file mode 100644 index fe013ca08..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/grouplayout.kid +++ /dev/null @@ -1,40 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -</head> - -<body py:match="item.tag=='{http://www.w3.org/1999/xhtml}body'" py:attrs="item.items()"> - <div id="main_content"> - <div id="alertbox" py:if="value_of('tg_flash', None)"> - <p py:content="XML(tg_flash)"></p></div> - - <div py:replace="[item.text]+item[:]"></div> - </div> - -<!-- <div id="sidebar"> - <h2>Tools</h2> - <a href="${tg.url('/group/index')}">Add Group</a><br/> - <a href="${tg.url('/group/index')}">Find Group</a><br/> - <a href="${tg.url('/group/index')}">List Groups</a><br/> - </div> --> -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/grouplist.kid b/ipa-server/ipa-gui/ipagui/templates/grouplist.kid deleted file mode 100644 index 00fd03aa6..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/grouplist.kid +++ /dev/null @@ -1,93 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'grouplayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Find Groups</title> -</head> -<body> -<div id="details"> - <h1 class="usergroup">Find Groups</h1> - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - <div id="search"> - <form action="${tg.url('/group/list')}" method="get"> - <input id="criteria" type="text" name="criteria" value="${criteria}" /> - <input type="submit" value="Find Groups"/> - </form> - <script type="text/javascript"> - document.getElementById("criteria").focus(); - </script> - </div> - <div py:if='(groups != None) and (len(groups) > 0)'> - <h2>${len(groups)} results returned:</h2> - <table id="resultstable" class="details sortable resizable" cellspacing="0"> - <thead> - <tr> - <th> - ${fields.cn.label} - </th> - <th> - ${fields.description.label} - </th> - </tr> - </thead> - <tbody> - <tr py:for="group in groups" py:if="group.nsAccountLock != 'true'"> - <td> - <a href="${tg.url('/group/show',cn=group.cn)}">${group.cn}</a> - </td> - <td> - ${group.description} - </td> - </tr> - <tr id="inactive" py:for="group in groups" py:if="group.nsAccountLock == 'true'"> - <td> - <a href="${tg.url('/group/show',cn=group.cn)}">${group.cn}</a> - </td> - <td> - ${group.description} - </td> - </tr> - </tbody> - </table> - </div> - <div py:if='(groups != None) and (len(groups) == 0)'> - <h2>No results found for "${criteria}"</h2> - </div> - <div class="instructions" py:if='groups == None'> - <p> - Search automatically looks across multiple fields. If you want to find - Joe in Finance, try typing "joe finance" into the search box. - </p> - <p> - Exact matches are listed first, followed by partial matches. If your search - is too broad, you will get a warning that the search returned too many - results. Try being more specific. - </p> - <p> - The results that come back are sortable. Simply click on a column - header to sort on that header. A triangle will indicate the sorted - column, along with its direction. Clicking and dragging between headers - will allow you to resize the header. - </p> - </div> -</div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/groupnew.kid b/ipa-server/ipa-gui/ipagui/templates/groupnew.kid deleted file mode 100644 index f5c83caee..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/groupnew.kid +++ /dev/null @@ -1,32 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'grouplayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>Add Group</title> -</head> -<body> -<div id="details"> - <h1 class="usergroup">Add Group</h1> - - ${form.display(action=tg.url('/group/create'), value=group)} -</div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/groupnewform.kid b/ipa-server/ipa-gui/ipagui/templates/groupnewform.kid deleted file mode 100644 index ef3210795..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/groupnewform.kid +++ /dev/null @@ -1,149 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - <form action="${action}" name="${name}" method="${method}" class="tableform" - onsubmit="preSubmit()" > - - <input type="submit" class="submitbutton" name="submit" value="Add Group"/> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicedit.js')}"></script> - - <?python searchurl = tg.url('/group/edit_search') ?> - - <script type="text/javascript"> - function doSearch() { - $('searchresults').update("Searching..."); - new Ajax.Updater('searchresults', - '${searchurl}', - { asynchronous:true, - parameters: { criteria: $('criteria').value }, - evalScripts: true }); - return false; - } - </script> - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - - <h2 class="formsection">Group Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${group_fields.cn.field_id}" - py:content="group_fields.cn.label" />: - </th> - <td> - <span py:replace="group_fields.cn.display(value_for(group_fields.cn))" /> - <span py:if="tg.errors.get('cn')" class="fielderror" - py:content="tg.errors.get('cn')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${group_fields.description.field_id}" - py:content="group_fields.description.label" />: - </th> - <td> - <span py:replace="group_fields.description.display(value_for(group_fields.description))" /> - <span py:if="tg.errors.get('description')" class="fielderror" - py:content="tg.errors.get('description')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${group_fields.gidnumber.field_id}" - py:content="group_fields.gidnumber.label" />: - </th> - <td> - Generated by server - </td> - </tr> - </table> - - <div style="clear:both"> - <h2 class="formsection">Add Members</h2> - - <div class="floatlist"> - <div class="floatheader">To Add:</div> - <div id="newmembers"> - </div> - </div> - - <div> - <div id="search"> - <input id="criteria" type="text" name="criteria" - onkeypress="return enterDoSearch(event);" /> - <input type="button" value="Find" - onclick="return doSearch();" - /> - </div> - <div id="searchresults"> - </div> - </div> - </div> - -<hr /> - - <input type="submit" class="submitbutton" name="submit" value="Add Group"/> - - </form> - - <script type="text/javascript"> - document.getElementById("form_cn").focus(); - </script> - - <script type="text/javascript"> - /* - * This section restores the contents of the add and remove lists - * dynamically if we have to refresh the page - */ - if ($('form_dn_to_info_json').value != "") { - dn_to_info_hash = new Hash($('form_dn_to_info_json').value.evalJSON()); - } - </script> - - <?python - dnadds = value.get('dnadd', []) - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - ?> - - <script py:for="dnadd in dnadds"> - <?python - dnadd_esc = ipahelper.javascript_string_escape(dnadd) - ?> - var dn = "${dnadd_esc}"; - var info = dn_to_info_hash[dn]; - var newdiv = addmember(dn, info); - if (newdiv != null) { - newdiv.style.display = 'block'; - } - </script> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/groupshow.kid b/ipa-server/ipa-gui/ipagui/templates/groupshow.kid deleted file mode 100644 index d0ca6982a..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/groupshow.kid +++ /dev/null @@ -1,131 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'grouplayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>View Group</title> -</head> -<body> -<?python -cn = group.get('cn') -if isinstance(cn, list): - cn = cn[0] -edit_url = tg.url('/group/edit', cn=cn) -from ipagui.helpers import userhelper -?> -<div id="details"> - <h1 class="usergroup">View Group</h1> - - <input py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups" - class="submitbutton" type="button" - onclick="document.location.href='${edit_url}'" - value="Edit Group" /> - - <h2 class="formsection">Group Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.cn.label" />: - </th> - <td>${group.get("cn")}</td> - </tr> - - <tr> - <th> - <label class="fieldlabel" py:content="fields.description.label" />: - </th> - <td>${group.get("description")}</td> - </tr> - - <tr> - <th> - <label class="fieldlabel" py:content="fields.gidnumber.label" />: - </th> - <td>${group.get("gidnumber")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.nsAccountLock.label" />: - </th> - <td>${userhelper.account_status_display(group.get("nsAccountLock"))}</td> - </tr> - </table> - - <h2 class="formsection">Group Members</h2> - <div py:for="member in members"> - <?python - - member_uid = member.get('uid') - member_inherited = member.get('inherited') - if member_uid: - member_cn = "%s %s" % (member.get('givenName', ''), member.get('sn', '')) - member_desc = "(%s)" % member_uid - if member_inherited: - member_type = "iuser" - else: - member_type = "user" - view_url = tg.url('/user/show', uid=member_uid) - else: - mem = member.get('cn') - if isinstance(mem, list): - mem = mem[0] - member_cn = "%s" % mem - member_desc = "[group]" - if member_inherited: - member_type = "igroup" - else: - member_type = "group" - view_url = tg.url('/group/show', cn=member_cn) - ?> - <span py:if='member_type == "user"'> - <b> - <a href="${view_url}" - >${member_cn}</a> ${member_desc} - </b> - </span> - <span py:if='member_type == "iuser"'> - <a href="${view_url}" - >${member_cn}</a> ${member_desc} - </span> - <span py:if='member_type == "group"'> - <b> - <i> - <a href="${view_url}" - >${member_cn}</a> ${member_desc} - </i> - </b> - </span> - <span py:if='member_type == "igroup"'> - <i> - <a href="${view_url}" - >${member_cn}</a> ${member_desc} - </i> - </span> - </div> - - <br/> -<hr /> - <input py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups" - class="submitbutton" type="button" - onclick="document.location.href='${edit_url}'" - value="Edit Group" /> -</div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/ipapolicyedit.kid b/ipa-server/ipa-gui/ipagui/templates/ipapolicyedit.kid deleted file mode 100644 index 6b071d2d6..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyedit.kid +++ /dev/null @@ -1,32 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'policylayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>Edit IPA Policy</title> -</head> -<body> - <div> - <h1 class="policy">Edit IPA Policy</h1> - - ${form.display(action=tg.url('/ipapolicy/update'), value=ipapolicy)} -</div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid b/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid deleted file mode 100644 index a608829c0..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid +++ /dev/null @@ -1,280 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - - <form action="${action}" name="${name}" method="${method}" class="tableform" - onsubmit="preSubmit()" > - - <input type="submit" class="submitbutton" name="submit" - value="Update Policy"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel Edit" /> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicedit.js')}"></script> - <script type="text/javascript" charset="utf-8" - src="${tg.url('/tg_widgets/tg_expanding_form_widget/javascript/expanding_form.js')}"></script> - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - - <h2 class="formsection">Search</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipasearchtimelimit.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipasearchtimelimit.display(value_for(ipapolicy_fields.ipasearchtimelimit))" /> - <span py:if="tg.errors.get('ipasearchtimelimit')" class="fielderror" - py:content="tg.errors.get('ipasearchtimelimit')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipasearchrecordslimit.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipasearchrecordslimit.display(value_for(ipapolicy_fields.ipasearchrecordslimit))" /> - <span py:if="tg.errors.get('ipasearchrecordslimit')" class="fielderror" - py:content="tg.errors.get('ipasearchrecordslimit')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipausersearchfields.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipausersearchfields.display(value_for(ipapolicy_fields.ipausersearchfields))" /> - <span py:if="tg.errors.get('ipausersearchfields')" class="fielderror" - py:content="tg.errors.get('ipausersearchfields')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipagroupsearchfields.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipagroupsearchfields.display(value_for(ipapolicy_fields.ipagroupsearchfields))" /> - <span py:if="tg.errors.get('ipagroupsearchfields')" class="fielderror" - py:content="tg.errors.get('ipagroupsearchfields')" /> - </td> - </tr> - </table> - - <h2 class="formsection">Password Policy</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipapwdexpadvnotify.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipapwdexpadvnotify.display(value_for(ipapolicy_fields.ipapwdexpadvnotify))" /> - <span py:if="tg.errors.get('ipapwdexpadvnotify')" class="fielderror" - py:content="tg.errors.get('ipapwdexpadvnotify')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.krbminpwdlife.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.krbminpwdlife.display(value_for(ipapolicy_fields.krbminpwdlife))" /> - <span py:if="tg.errors.get('krbminpwdlife')" class="fielderror" - py:content="tg.errors.get('krbminpwdlife')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.krbmaxpwdlife.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.krbmaxpwdlife.display(value_for(ipapolicy_fields.krbmaxpwdlife))" /> - <span py:if="tg.errors.get('krbmaxpwdlife')" class="fielderror" - py:content="tg.errors.get('krbmaxpwdlife')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.krbpwdmindiffchars.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.krbpwdmindiffchars.display(value_for(ipapolicy_fields.krbpwdmindiffchars))" /> - <span py:if="tg.errors.get('krbpwdmindiffchars')" class="fielderror" - py:content="tg.errors.get('krbpwdmindiffchars')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.krbpwdminlength.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.krbpwdminlength.display(value_for(ipapolicy_fields.krbpwdminlength))" /> - <span py:if="tg.errors.get('krbpwdminlength')" class="fielderror" - py:content="tg.errors.get('krbpwdminlength')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.krbpwdhistorylength.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.krbpwdhistorylength.display(value_for(ipapolicy_fields.krbpwdhistorylength))" /> - <span py:if="tg.errors.get('krbpwdhistorylength')" class="fielderror" - py:content="tg.errors.get('krbpwdhistorylength')" /> - </td> - </tr> - </table> - - <h2 class="formsection">User Settings</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipamaxusernamelength.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipamaxusernamelength.display(value_for(ipapolicy_fields.ipamaxusernamelength))" /> - <span py:if="tg.errors.get('ipamaxusernamelength')" class="fielderror" - py:content="tg.errors.get('ipamaxusernamelength')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipahomesrootdir.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipahomesrootdir.display(value_for(ipapolicy_fields.ipahomesrootdir))" /> - <span py:if="tg.errors.get('ipahomesrootdir')" class="fielderror" - py:content="tg.errors.get('ipahomesrootdir')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipadefaultloginshell.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipadefaultloginshell.display(value_for(ipapolicy_fields.ipadefaultloginshell))" /> - <span py:if="tg.errors.get('ipadefaultloginshell')" class="fielderror" - py:content="tg.errors.get('ipadefaultloginshell')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipadefaultprimarygroup.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipadefaultprimarygroup.display(value_for(ipapolicy_fields.ipadefaultprimarygroup))" /> - <span py:if="tg.errors.get('ipadefaultprimarygroup')" class="fielderror" - py:content="tg.errors.get('ipadefaultprimarygroup')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="ipapolicy_fields.ipadefaultemaildomain.label" />: - </th> - <td> - <span py:replace="ipapolicy_fields.ipadefaultemaildomain.display(value_for(ipapolicy_fields.ipadefaultemaildomain))" /> - <span py:if="tg.errors.get('ipadefaultemaildomain')" class="fielderror" - py:content="tg.errors.get('ipadefaultemaildomain')" /> - </td> - </tr> - <!-- - <tr> - <th> - <label class="fieldlabel" for="${ipapolicy_fields.userobjectclasses.field_id}" - py:content="ipapolicy_fields.userobjectclasses.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${ipapolicy_fields.userobjectclasses.field_id}"> - <tbody> - <?python repetition = 0 - fld_index = 0 - fld_error = tg.errors.get('ipauserobjectclasses') - ?> - <tr py:for="fld in value_for(ipapolicy_fields.ipauserobjectclasses)" - id="${ipapolicy_fields.userobjectclasses.field_id}_${repetition}" - class="${ipapolicy_fields.userobjectclasses.field_class}"> - - <td py:for="field in ipapolicy_fields.userobjectclasses.fields"> - <span><input class="textfield" type="text" id="${ipapolicy_fields.userobjectclasses.field_id}_${repetition}_ipauserobjectclasses" name="userobjectclasses-${repetition}.ipauserobjectclasses" value="${fld}"/></span> - <span py:if="fld_error and fld_error[fld_index]" class="fielderror" - py:content="tg.errors.get('ipauserobjectclasses')" /> - </td> - <?python fld_index = fld_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${ipapolicy_fields.userobjectclasses.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${ipapolicy_fields.userobjectclasses.field_id}_doclink" href="javascript:ExpandingForm.addItem('${ipapolicy_fields.userobjectclasses.field_id}');">Add User Object Class</a> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${ipapolicy_fields.groupobjectclasses.field_id}" - py:content="ipapolicy_fields.groupobjectclasses.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${ipapolicy_fields.groupobjectclasses.field_id}"> - <tbody> - <?python repetition = 0 - fld_index = 0 - fld_error = tg.errors.get('ipagroupobjectclasses') - ?> - <tr py:for="fld in value_for(ipapolicy_fields.ipagroupobjectclasses)" - id="${ipapolicy_fields.groupobjectclasses.field_id}_${repetition}" - class="${ipapolicy_fields.groupobjectclasses.field_class}"> - - <td py:for="field in ipapolicy_fields.groupobjectclasses.fields"> - <span><input class="textfield" type="text" id="${ipapolicy_fields.groupobjectclasses.field_id}_${repetition}_ipagroupobjectclasses" name="groupobjectclasses-${repetition}.ipagroupobjectclasses" value="${fld}"/></span> - <span py:if="fld_error and fld_error[fld_index]" class="fielderror" - py:content="tg.errors.get('ipagroupobjectclasses')" /> - </td> - <?python fld_index = fld_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${ipapolicy_fields.groupobjectclasses.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${ipapolicy_fields.groupobjectclasses.field_id}_doclink" href="javascript:ExpandingForm.addItem('${ipapolicy_fields.groupobjectclasses.field_id}');">Add Group Object Class</a> - </td> - </tr> - --> - </table> - - <hr/> - - <input type="submit" class="submitbutton" name="submit" - value="Update Policy"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel Edit" /> - </form> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid b/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid deleted file mode 100644 index 3549a9f13..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid +++ /dev/null @@ -1,188 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'policylayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Manage IPA Policy</title> -</head> -<body> - -<?python -from ipagui.helpers import ipahelper -edit_url = tg.url('/ipapolicy/edit') -?> - - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - - <h1 class="policy">Manage IPA Policy</h1> - <input class="submitbutton" type="button" - onclick="document.location.href='${edit_url}'" - value="Edit Policy" /> - - <h2 class="formsection">Search</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipasearchtimelimit.label" />: - </th> - <td>${ipapolicy.get("ipasearchtimelimit")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipasearchrecordslimit.label" />: - </th> - <td>${ipapolicy.get("ipasearchrecordslimit")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipausersearchfields.label" />: - </th> - <td>${ipapolicy.get("ipausersearchfields")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipagroupsearchfields.label" />: - </th> - <td>${ipapolicy.get("ipagroupsearchfields")}</td> - </tr> - </table> - - <h2 class="formsection">Password Policy</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipapwdexpadvnotify.label" />: - </th> - <td>${ipapolicy.get("ipapwdexpadvnotify")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.krbminpwdlife.label" />: - </th> - <td>${password.get("krbminpwdlife")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.krbmaxpwdlife.label" />: - </th> - <td>${password.get("krbmaxpwdlife")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.krbpwdmindiffchars.label" />: - </th> - <td>${password.get("krbpwdmindiffchars")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.krbpwdminlength.label" />: - </th> - <td>${password.get("krbpwdminlength")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.krbpwdhistorylength.label" />: - </th> - <td>${password.get("krbpwdhistorylength")}</td> - </tr> - </table> - <h2 class="formsection">User Settings</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipamaxusernamelength.label" />: - </th> - <td>${ipapolicy.get("ipamaxusernamelength")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipahomesrootdir.label" />: - </th> - <td>${ipapolicy.get("ipahomesrootdir")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipadefaultloginshell.label" />: - </th> - <td>${ipapolicy.get("ipadefaultloginshell")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipadefaultprimarygroup.label" />: - </th> - <td>${ipapolicy.get("ipadefaultprimarygroup")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipadefaultemaildomain.label" />: - </th> - <td>${ipapolicy.get("ipadefaultemaildomain")}</td> - </tr> - <!-- - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipauserobjectclasses.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = ipapolicy.get("ipauserobjectclasses", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ipagroupobjectclasses.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = ipapolicy.get("ipagroupobjectclasses", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - --> - </table> -<hr /> - <input class="submitbutton" type="button" - onclick="document.location.href='${edit_url}'" - value="Edit Policy" /> - - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/loginfailed.kid b/ipa-server/ipa-gui/ipagui/templates/loginfailed.kid deleted file mode 100644 index 064cebbbc..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/loginfailed.kid +++ /dev/null @@ -1,41 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Permission Denied</title> -</head> - -<body> - <div id="main_content"> - <div id="details"> - <div id="alertbox" py:if="value_of('tg_flash', None)"> - <p py:content="XML(tg_flash)"></p></div> - <h1>Permission Denied</h1> - <div class="instructions"> - <p> - You do not have permission to access this page. - </p> - </div> - </div> - </div> -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/master.kid b/ipa-server/ipa-gui/ipagui/templates/master.kid deleted file mode 100644 index d8b341428..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/master.kid +++ /dev/null @@ -1,121 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<?python import sitetemplate ?> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" py:extends="sitetemplate"> - -<head py:match="item.tag=='{http://www.w3.org/1999/xhtml}head'" py:attrs="item.items()"> - <meta content="text/html; charset=UTF-8" http-equiv="content-type" py:replace="''"/> - <title py:replace="''">Your title goes here</title> - <meta py:replace="item[:]"/> - <style type="text/css" media="all"> - @import "${tg.url('/static/css/style_platform.css')}"; - @import "${tg.url('/static/css/style_platform-objects.css')}"; - @import "${tg.url('/static/css/style_freeipa.css')}"; - </style> - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/prototype.js')}"></script> - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/scriptaculous.js?load=effects')}"></script> - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/ipautil.js')}"></script> -</head> - -<body py:match="item.tag=='{http://www.w3.org/1999/xhtml}body'" py:attrs="item.items()"> - - <div id="head"> - <h1><a href="${tg.url('/')}">Free IPA</a></h1> - <div id="headerinfo"> - <div id="searchbar"> - <form action="${tg.url('/topsearch')}" method="post"> - <select name="searchtype"> - <option>Users</option> - <option>Groups</option> - </select> - <input class="searchtext" id="topsearchbox" type="text" - name="searchvalue" - value="Type search terms here." - onfocus="clearsearch()" /> - <input type="submit" value="Search"/> - </form> - <script type="text/javascript"> - function clearsearch() { - topsearchbox = document.getElementById('topsearchbox'); - topsearchbox.onfocus = null; - topsearchbox.value = ""; - } - </script> - </div> - </div> -</div> - <div id="navbar"> -<!-- hiding the tabs - <ul> - <li><a href="#">Overview</a></li> - <li class="active"><a href="#">Users</a></li> - <li><a href="#">Groups</a></li> - <li><a href="#">Resources</a></li> - <li><a href="#">Policy</a></li> - <li><a href="#">Search</a></li> - </ul> ---> - <div id="login"> - <div py:if="tg.config('identity.on') and not defined('logging_in')" id="pageLogin"> - <span py:if="tg.identity.anonymous"> - Kerberos login failed. - </span> - <span py:if="not tg.identity.anonymous"> - Logged in as: ${tg.identity.user.display_name} - </span> - </div> - </div> - - - </div> - - <div id="content"> - <div id="sidebar"> - <h2>Tasks</h2> - <ul> - <li py:if="'admins' in tg.identity.groups"><a href="${tg.url('/user/new')}">Add User</a></li> - <li><a href="${tg.url('/user/list')}">Find Users</a></li> - </ul> - <ul> - <li py:if="'admins' in tg.identity.groups"><a href="${tg.url('/group/new')}">Add Group</a></li> - <li><a href="${tg.url('/group/list')}">Find Groups</a></li> - </ul> - <ul py:if="'admins' in tg.identity.groups"> - <li><a href="${tg.url('/principal/new')}">Add Service Principal</a></li> - <li><a href="${tg.url('/principal/list')}">Find Service Principal</a></li> - </ul> - <ul py:if="'admins' in tg.identity.groups"> - <li><a href="${tg.url('/policy/index')}">Manage Policy</a></li> - </ul> - <ul> - <li py:if="not tg.identity.anonymous"><a href="${tg.url('/user/edit/', principal=tg.identity.user.display_name)}">Self Service</a></li> - </ul> - <ul py:if="'admins' in tg.identity.groups"> - <li><a href="${tg.url('/delegate/list')}">Delegations</a></li> - </ul> - </div> - - <div py:replace="[item.text]+item[:]"></div> - - - </div> - -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/not_found.kid b/ipa-server/ipa-gui/ipagui/templates/not_found.kid deleted file mode 100644 index 0bc4c05c0..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/not_found.kid +++ /dev/null @@ -1,37 +0,0 @@ -<!-- - Copyright (C) 2007-2008 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" - xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Page Not Found</title> -</head> - -<body> - <div id="main_content"> - <h1>Page Not Found</h1> - <div py:if='message'> - ${message} - </div> - - </div> - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/policyindex.kid b/ipa-server/ipa-gui/ipagui/templates/policyindex.kid deleted file mode 100644 index 081b942da..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/policyindex.kid +++ /dev/null @@ -1,48 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'policylayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Manage Policy</title> -</head> -<body> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - - <h1 class="policy">Manage Policy</h1> - - <table> - <tbody> - <tr> - <td> - <a href="${tg.url('/ipapolicy/show')}" - >IPA Policy</a> - </td> - </tr> - </tbody> - </table> - - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/policylayout.kid b/ipa-server/ipa-gui/ipagui/templates/policylayout.kid deleted file mode 100644 index 7ece6cf97..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/policylayout.kid +++ /dev/null @@ -1,34 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -</head> - -<body py:match="item.tag=='{http://www.w3.org/1999/xhtml}body'" py:attrs="item.items()"> - <div id="main_content"> -<div id="details"> - <div id="alertbox" py:if="value_of('tg_flash', None)"><p py:content="XML(tg_flash)"></p></div> - - <div py:replace="[item.text]+item[:]"></div> - </div> -</div> -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/principallayout.kid b/ipa-server/ipa-gui/ipagui/templates/principallayout.kid deleted file mode 100644 index 62ec92bcb..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/principallayout.kid +++ /dev/null @@ -1,36 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -</head> - -<body py:match="item.tag=='{http://www.w3.org/1999/xhtml}body'" py:attrs="item.items()"> - <div id="main_content"> - <div id="details"> - <div id="alertbox" py:if="value_of('tg_flash', None)"> - <p py:content="XML(tg_flash)"></p></div> - - <div py:replace="[item.text]+item[:]"></div> - </div> - - </div> -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/principallist.kid b/ipa-server/ipa-gui/ipagui/templates/principallist.kid deleted file mode 100644 index 9dc627eaa..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/principallist.kid +++ /dev/null @@ -1,82 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'principallayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Find Service Principals</title> -</head> -<body> - <h1 class="system">Find Service Principals</h1> - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - <div id="search"> - <form action="${tg.url('/principal/list')}" method="get"> - <input id="hostname" type="text" name="hostname" value="${hostname}" /> - <input class="searchbutton" type="submit" value="Find Service Principals"/> - </form> - <script type="text/javascript"> - document.getElementById("hostname").focus(); - </script> - </div> - <div py:if='(principals != None) and (len(principals) > 0)'> - <h2>${len(principals)} results returned:</h2> - <table id="resultstable" class="details sortable resizable" cellspacing="0"> - <thead> - <tr> - <th> - Hostname - </th> - <th> - Service - </th> - </tr> - </thead> - <tbody> - <tr py:for="principal in principals"> - <td> - <a href="${tg.url('/principal/show',principal=principal.krbprincipalname,principal_dn=principal.dn)}" - >${principal.hostname}</a> - </td> - <td> - <a href="${tg.url('/principal/show',principal=principal.krbprincipalname,principal_dn=principal.dn)}" - >${principal.service}</a> - </td> - </tr> - </tbody> - </table> - </div> - <div id="alertbox" py:if='(principals != None) and (len(principals) == 0)'> - <p>No results found for "${hostname}"</p> - </div> - - <div class="instructions" py:if='principals == None'> - <p> - Exact matches are listed first, followed by partial matches. If your search - is too broad, you will get a warning that the search returned too many - results. Try being more specific. - </p> - <p> - The results that come back are sortable. Simply click on a column - header to sort on that header. A triangle will indicate the sorted - column, along with its direction. Clicking and dragging between headers - will allow you to resize the header. - </p> - </div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/principalnew.kid b/ipa-server/ipa-gui/ipagui/templates/principalnew.kid deleted file mode 100644 index b7e028911..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/principalnew.kid +++ /dev/null @@ -1,30 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'principallayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>Add Service Principal</title> -</head> -<body> - <h1 class="system">Add Service Principal</h1> - - ${form.display(action=tg.url('/principal/create'), value=principal)} -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/principalnewform.kid b/ipa-server/ipa-gui/ipagui/templates/principalnewform.kid deleted file mode 100644 index fe865b524..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/principalnewform.kid +++ /dev/null @@ -1,119 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - <form action="${action}" name="${name}" method="${method}" class="tableform" - onsubmit="preSubmit()" > - - <input type="submit" class="submitbutton" name="submit" value="Add Principal"/> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicedit.js')}"></script> - - <?python searchurl = tg.url('/principal/edit_search') ?> - - <script type="text/javascript"> - function toggleOther(field) { - otherField = document.getElementById('form_other'); - var e=document.getElementById(field).value; - if ( e == "other") { - otherField.disabled = false; - } else { - otherField.disabled =true; - } - } - - function doSearch() { - $('searchresults').update("Searching..."); - new Ajax.Updater('searchresults', - '${searchurl}', - { asynchronous:true, - parameters: { criteria: $('criteria').value }, - evalScripts: true }); - return false; - } - </script> - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - - <h2 class="formsection">Service Principal Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${principal_fields.hostname.field_id}" - py:content="principal_fields.hostname.label" />: - </th> - <td> - <span py:replace="principal_fields.hostname.display(value_for(principal_fields.hostname))" /> - <span py:if="tg.errors.get('hostname')" class="fielderror" - py:content="tg.errors.get('hostname')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${principal_fields.service.field_id}" - py:content="principal_fields.service.label" />: - </th> - <td> - <span py:replace="principal_fields.service.display(value_for(principal_fields.service))" /> - <span py:if="tg.errors.get('service')" class="fielderror" - py:content="tg.errors.get('service')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${principal_fields.other.field_id}" - py:content="principal_fields.other.label" />: - </th> - <td> - <span py:replace="principal_fields.other.display(value_for(principal_fields.other))" /> - <span py:if="tg.errors.get('other')" class="fielderror" - py:content="tg.errors.get('other')" /> - <script type="text/javascript"> - var e=document.getElementById('form_service').value; - if ( e != "other") { - document.getElementById('form_other').disabled = true; - } - </script> - - </td> - </tr> - - </table> - -<hr /> - - <input type="submit" class="submitbutton" name="submit" value="Add Principal"/> - - </form> - - <script type="text/javascript"> - document.getElementById("form_hostname").focus(); - </script> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/principalshow.kid b/ipa-server/ipa-gui/ipagui/templates/principalshow.kid deleted file mode 100644 index 5904f0347..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/principalshow.kid +++ /dev/null @@ -1,70 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'policylayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>View Service Principal</title> -</head> -<body> - - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - - <script type="text/javascript" charset="utf-8"> - function confirmDelete() { - if (confirm("Are you sure you want to delete this service principal?")) { - $('deleteform').submit(); - } - return false; - } - </script> - - <form id='deleteform' - method="post" action="${tg.url('/principal/delete')}"> - - <input type="hidden" name="principal" value="${principal.get('principal_dn')}" /> - - <input type="submit" class="submitbutton" - value="Delete Principal" - onclick="return confirmDelete();" - /> - - <h1 class="system">View Service Principal</h1> - - <h2 class="formsection">Principal</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel">Host</label>: - </th> - <td>${principal.get("hostname")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel">Service</label>: - </th> - <td>${principal.get("service")}</td> - </tr> - </table> - </form> - -<hr /> - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/unhandled_exception.kid b/ipa-server/ipa-gui/ipagui/templates/unhandled_exception.kid deleted file mode 100644 index 89aececca..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/unhandled_exception.kid +++ /dev/null @@ -1,48 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" - xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Error</title> -</head> - -<body> - <div id="main_content"> - <h1>An unexpected error occured</h1> - - <div py:if='message'> - <b>Message:</b> - <pre>${message}</pre> - </div> - - <div py:if='error_msg'> - <b>HTTP Error Message:</b> - <pre>${error_msg}</pre> - </div> - - <div py:if='details'> - <b>Stack Trace:</b> - <pre>${details}</pre> - </div> - </div> - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/useredit.kid b/ipa-server/ipa-gui/ipagui/templates/useredit.kid deleted file mode 100644 index 9633b53a4..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/useredit.kid +++ /dev/null @@ -1,57 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'userlayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Edit User</title> -</head> -<body> - - <div> - <div style="float:right"> - <input type="checkbox" id="toggleprotected_checkbox" - onclick="toggleProtectedFields(this);"> - <span class="small">edit protected fields</span> - </input> - </div> - <h1 class="user">Edit User</h1> - </div> - -<?python -from ipagui.helpers import userhelper -pw_expires_days = userhelper.password_expires_in(user.get("krbPasswordExpiration")) -pw_expires_soon = userhelper.password_expires_soon(pw_expires_days) -pw_is_expired = userhelper.password_is_expired(pw_expires_days) -if pw_expires_days != 1: - days_suffix = "s" -else: - days_suffix = "" -?> - - <div py:if='pw_expires_soon' class="warning_message"> - ${user.get("uid")}'s password will expire in ${pw_expires_days} day${days_suffix} - </div> - <div py:if='pw_is_expired' class="warning_message"> - ${user.get("uid")}'s password has expired - </div> - - ${form.display(action=tg.url('/user/update'), value=user, user_groups=user_groups)} -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid deleted file mode 100644 index b2a3c39c5..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid +++ /dev/null @@ -1,949 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - - <form style="display:none" id='deleteform' - method="post" action="${tg.url('/user/delete')}"> - <input type="hidden" name="uid" value="${value.get('uid')}" /> - </form> - - <form action="${action}" name="${name}" method="${method}" class="tableform" - onsubmit="preSubmit()"> - - <input type="submit" class="submitbutton" name="submit" - value="Update User"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel Edit" /> - <input py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups and tg.identity.display_name != value.get('uid')" - type="button" class="submitbutton" - value="Delete User" - onclick="return confirmDelete();" - /> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicedit.js')}"></script> - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicselect.js')}"></script> - <script type="text/javascript" charset="utf-8" - src="${tg.url('/tg_widgets/tg_expanding_form_widget/javascript/expanding_form.js')}"></script> - - <?python - searchurl = tg.url('/user/edit_search') - selectSearchurl = tg.url('/user/user_select_search') - ?> - - <script type="text/javascript"> - function toggleProtectedFields(checkbox) { - passwordField = document.getElementById('form_krbprincipalkey'); - passwordConfirmField = document.getElementById('form_krbprincipalkey_confirm'); - uidField = document.getElementById('form_uid'); - uidnumberField = document.getElementById('form_uidnumber'); - gidnumberField = document.getElementById('form_gidnumber'); - homedirectoryField = document.getElementById('form_homedirectory'); - if (checkbox.checked) { - passwordField.disabled = false; - passwordConfirmField.disabled = false; - uidField.disabled = false; - uidnumberField.disabled = false; - gidnumberField.disabled = false; - homedirectoryField.disabled = false; - $('form_editprotected').value = 'true'; - } else { - passwordField.disabled = true; - passwordConfirmField.disabled = true; - uidField.disabled = true; - uidnumberField.disabled = true; - gidnumberField.disabled = true; - homedirectoryField.disabled = true; - $('form_editprotected').value = ''; - } - } - - function warnRDN() { - if (confirm("Are you sure you want to change the login name?\nThis can have unexpected results. Additionally, a password change will be required.")) { - return true; - } - return false; - } - - function doSearch() { - $('searchresults').update("Searching..."); - new Ajax.Updater('searchresults', - '${searchurl}', - { asynchronous:true, - parameters: { criteria: $('criteria').value }, - evalScripts: true }); - return false; - } - - // override dynamicedit.js version - // we don't need to show [group] nor italize groups - function renderMemberInfo(newdiv, info) { - if (info.type == "group") { - newdiv.appendChild(document.createTextNode( - info.name + " ")); - } - } - - function doSelectSearch(which_select) { - $(which_select + '_searchresults').update("Searching..."); - new Ajax.Updater(which_select + '_searchresults', - '${selectSearchurl}', - { asynchronous:true, - parameters: { criteria: $(which_select + '_criteria').value, - which_select: which_select}, - evalScripts: true }); - return false; - } - - function confirmDelete() { - if (confirm("Are you sure you want to delete this person?")) { - $('deleteform').submit(); - } - return false; - } - </script> - - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - - <h2 class="formsection">Identity Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.title.field_id}" - py:content="user_fields.title.label" />: - </th> - <td> - <span py:replace="user_fields.title.display(value_for(user_fields.title))" /> - <span py:if="tg.errors.get('title')" class="fielderror" - py:content="tg.errors.get('title')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.givenname.field_id}" - py:content="user_fields.givenname.label" />: - </th> - <td> - <span py:replace="user_fields.givenname.display(value_for(user_fields.givenname))" /> - <span py:if="tg.errors.get('givenname')" class="fielderror" - py:content="tg.errors.get('givenname')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.sn.field_id}" - py:content="user_fields.sn.label" />: - </th> - <td> - <span py:replace="user_fields.sn.display(value_for(user_fields.sn))" /> - <span py:if="tg.errors.get('sn')" class="fielderror" - py:content="tg.errors.get('sn')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.cns.field_id}" - py:content="user_fields.cns.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.cns.field_id}"> - <tbody> - <?python repetition = 0 - cn_index = 0 - cn_error = tg.errors.get('cn') - ?> - <tr py:for="cn in value_for(user_fields.cn)" - id="${user_fields.cns.field_id}_${repetition}" - class="${user_fields.cns.field_class}"> - - <td py:for="field in user_fields.cns.fields"> - <span><input class="textfield" type="text" id="${user_fields.cns.field_id}_${repetition}_cn" name="cns-${repetition}.cn" value="${cn}"/></span> - <span py:if="cn_error and cn_error[cn_index]" class="fielderror" - py:content="tg.errors.get('cn')" /> - </td> - <?python cn_index = cn_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.cns.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.cns.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.cns.field_id}');">Add Full Name</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.displayname.field_id}" - py:content="user_fields.displayname.label" />: - </th> - <td> - <span py:replace="user_fields.displayname.display(value_for(user_fields.displayname))" /> - <span py:if="tg.errors.get('displayname')" class="fielderror" - py:content="tg.errors.get('displayname')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.initials.field_id}" - py:content="user_fields.initials.label" />: - </th> - <td> - <span py:replace="user_fields.initials.display(value_for(user_fields.initials))" /> - <span py:if="tg.errors.get('initials')" class="fielderror" - py:content="tg.errors.get('initials')" /> - - </td> - </tr> - </table> - - <h2 class="formsection">Account Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.nsAccountLock.field_id}" - py:content="user_fields.nsAccountLock.label" />: - </th> - <td> - <span py:replace="user_fields.nsAccountLock.display(value_for(user_fields.nsAccountLock))" /> - <span py:if="tg.errors.get('nsAccountLock')" class="fielderror" - py:content="tg.errors.get('nsAccountLock')" /> - <script py:if="tg.identity.display_name == value.get('uid')" type="text/javascript"> - document.getElementById('form_nsAccountLock').disabled = true; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.uid.field_id}" - py:content="user_fields.uid.label" />: - </th> - <td> - <span py:replace="user_fields.uid.display( - value_for(user_fields.uid))" /> - <span py:if="tg.errors.get('uid')" class="fielderror" - py:content="tg.errors.get('uid')" /> - - <script type="text/javascript"> - document.getElementById('form_uid').disabled = true; - </script> - </td> - </tr> - - <tr> - <th valign="top"> - <label class="fieldlabel" for="${user_fields.krbprincipalkey.field_id}" - py:content="user_fields.krbprincipalkey.label" />: - </th> - <td valign="top"> - <span py:replace="user_fields.krbprincipalkey.display(value_for(user_fields.krbprincipalkey))" /> - <span py:if="tg.errors.get('krbprincipalkey')" class="fielderror" - py:content="tg.errors.get('krbprincipalkey')" /> - - <script type="text/javascript"> - document.getElementById('form_krbprincipalkey').disabled = true; - </script> - - <!-- - <span id="password_text">********</span> - <input id="genpassword_button" type="button" value="Generate Password" - disabled="true" - onclick="new Ajax.Request('${tg.url('/user/generate_password')}', - { - method: 'get', - onSuccess: function(transport) { - document.getElementById('form_krbprincipalkey').value = - transport.responseText; - } - });" /> - <br /> - <input type="checkbox" - onclick="togglePassword(this);"><span class="xsmall">edit</span></input> - <script type="text/javascript"> - document.getElementById('form_krbprincipalkey').style.display='none'; - - function togglePassword(checkbox) { - passwordField = document.getElementById('form_krbprincipalkey'); - passwordText = document.getElementById('password_text'); - passwordButton = document.getElementById('genpassword_button'); - if (checkbox.checked) { - passwordField.style.display='inline'; - passwordText.style.display='none'; - passwordButton.disabled=false; - } else { - passwordField.style.display='none'; - passwordText.style.display='inline'; - passwordButton.disabled=true; - } - } - </script> - --> - </td> - </tr> - - <tr> - <th valign="top"> - <label class="fieldlabel" for="${user_fields.krbprincipalkey_confirm.field_id}" - py:content="user_fields.krbprincipalkey_confirm.label" />: - </th> - <td valign="top"> - <span py:replace="user_fields.krbprincipalkey_confirm.display( - value_for(user_fields.krbprincipalkey_confirm))" /> - <span py:if="tg.errors.get('krbprincipalkey_confirm')" class="fielderror" - py:content="tg.errors.get('krbprincipalkey_confirm')" /> - - <script type="text/javascript"> - document.getElementById('form_krbprincipalkey_confirm').disabled = true; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.uidnumber.field_id}" - py:content="user_fields.uidnumber.label" />: - </th> - <td> - <span py:replace="user_fields.uidnumber.display( - value_for(user_fields.uidnumber))" /> - <span py:if="tg.errors.get('uidnumber')" class="fielderror" - py:content="tg.errors.get('uidnumber')" /> - - <script type="text/javascript"> - document.getElementById('form_uidnumber').disabled = true; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.gidnumber.field_id}" - py:content="user_fields.gidnumber.label" />: - </th> - <td> - <span py:replace="user_fields.gidnumber.display( - value_for(user_fields.gidnumber))" /> - <span py:if="tg.errors.get('gidnumber')" class="fielderror" - py:content="tg.errors.get('gidnumber')" /> - - <script type="text/javascript"> - document.getElementById('form_gidnumber').disabled = true; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.homedirectory.field_id}" - py:content="user_fields.homedirectory.label" />: - </th> - <td> - <span py:replace="user_fields.homedirectory.display( - value_for(user_fields.homedirectory))" /> - <span py:if="tg.errors.get('homedirectory')" class="fielderror" - py:content="tg.errors.get('homedirectory')" /> - - <script type="text/javascript"> - document.getElementById('form_homedirectory').disabled = true; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.loginshell.field_id}" - py:content="user_fields.loginshell.label" />: - </th> - <td> - <span py:replace="user_fields.loginshell.display( - value_for(user_fields.loginshell))" /> - <span py:if="tg.errors.get('loginshell')" class="fielderror" - py:content="tg.errors.get('loginshell')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.gecos.field_id}" - py:content="user_fields.gecos.label" />: - </th> - <td> - <span py:replace="user_fields.gecos.display( - value_for(user_fields.gecos))" /> - <span py:if="tg.errors.get('gecos')" class="fielderror" - py:content="tg.errors.get('gecos')" /> - </td> - </tr> - </table> - - <h2 class="formsection">Contact Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.mail.field_id}" - py:content="user_fields.mail.label" />: - </th> - <td> - <span py:replace="user_fields.mail.display(value_for(user_fields.mail))" /> - <span py:if="tg.errors.get('mail')" class="fielderror" - py:content="tg.errors.get('mail')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.telephonenumbers.field_id}" - py:content="user_fields.telephonenumbers.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.telephonenumbers.field_id}"> - <tbody> - <?python repetition = 0 - tele_index = 0 - tele_error = tg.errors.get('telephonenumber') - ?> - <tr py:for="tele in value_for(user_fields.telephonenumber)" - id="${user_fields.telephonenumbers.field_id}_${repetition}" - class="${user_fields.telephonenumbers.field_class}"> - - <td py:for="field in user_fields.telephonenumbers.fields"> - <span><input class="textfield" type="text" id="${user_fields.telephonenumbers.field_id}_${repetition}_telephonenumber" name="telephonenumbers-${repetition}.telephonenumber" value="${tele}"/></span> - <span py:if="tele_error and tele_error[tele_index]" class="fielderror" - py:content="tg.errors.get('telephonenumber')" /> - </td> - <?python tele_index = tele_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.telephonenumbers.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.telephonenumbers.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.telephonenumbers.field_id}');">Add Work Number</a> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.facsimiletelephonenumbers.field_id}" - py:content="user_fields.facsimiletelephonenumbers.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.facsimiletelephonenumbers.field_id}"> - <tbody> - <?python repetition = 0 - fax_index = 0 - fax_error = tg.errors.get('facsimiletelephonenumber') - ?> - <tr py:for="fax in value_for(user_fields.facsimiletelephonenumber)" - id="${user_fields.facsimiletelephonenumbers.field_id}_${repetition}" - class="${user_fields.facsimiletelephonenumbers.field_class}"> - - <td py:for="field in user_fields.facsimiletelephonenumbers.fields"> - <span><input class="textfield" type="text" id="${user_fields.facsimiletelephonenumbers.field_id}_${repetition}_facsimiletelephonenumber" name="facsimiletelephonenumbers-${repetition}.facsimiletelephonenumber" value="${fax}"/></span> - <span py:if="fax_error and fax_error[fax_index]" class="fielderror" - py:content="tg.errors.get('facsimiletelephonenumber')" /> - </td> - <?python fax_index = fax_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.facsimiletelephonenumbers.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.facsimiletelephonenumbers.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.facsimiletelephonenumbers.field_id}');">Add Fax Number</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.mobiles.field_id}" - py:content="user_fields.mobiles.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.mobiles.field_id}"> - <tbody> - <?python repetition = 0 - mobile_index = 0 - mobile_error = tg.errors.get('mobile') - ?> - <tr py:for="mobile in value_for(user_fields.mobile)" - id="${user_fields.mobiles.field_id}_${repetition}" - class="${user_fields.mobiles.field_class}"> - - <td py:for="field in user_fields.mobiles.fields"> - <span><input class="textfield" type="text" id="${user_fields.mobiles.field_id}_${repetition}_mobile" name="mobiles-${repetition}.mobile" value="${mobile}"/></span> - <span py:if="mobile_error and mobile_error[mobile_index]" class="fielderror" - py:content="tg.errors.get('mobile')" /> - </td> - <?python mobile_index = mobile_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.mobiles.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.mobiles.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.mobiles.field_id}');">Add Cell Number</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.pagers.field_id}" - py:content="user_fields.pagers.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.pagers.field_id}"> - <tbody> - <?python repetition = 0 - pager_index = 0 - pager_error = tg.errors.get('pager') - ?> - <tr py:for="pager in value_for(user_fields.pager)" - id="${user_fields.pagers.field_id}_${repetition}" - class="${user_fields.pagers.field_class}"> - - <td py:for="field in user_fields.pagers.fields"> - <span><input class="textfield" type="text" id="${user_fields.pagers.field_id}_${repetition}_pager" name="pagers-${repetition}.pager" value="${pager}"/></span> - <span py:if="pager_error and pager_error[pager_index]" class="fielderror" - py:content="tg.errors.get('pager')" /> - </td> - <?python pager_index = pager_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.pagers.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.pagers.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.pagers.field_id}');">Add Pager Number</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.homephones.field_id}" - py:content="user_fields.homephones.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.homephones.field_id}"> - <tbody> - <?python repetition = 0 - homephone_index = 0 - homephone_error = tg.errors.get('homephone') - ?> - <tr py:for="homephone in value_for(user_fields.homephone)" - id="${user_fields.homephones.field_id}_${repetition}" - class="${user_fields.homephones.field_class}"> - - <td py:for="field in user_fields.homephones.fields"> - <span><input class="textfield" type="text" id="${user_fields.homephones.field_id}_${repetition}_homephone" name="homephones-${repetition}.homephone" value="${homephone}"/></span> - <span py:if="homephone_error and homephone_error[homephone_index]" class="fielderror" - py:content="tg.errors.get('homephone')" /> - </td> - <?python homephone_index = homephone_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.homephones.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.homephones.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.homephones.field_id}');">Add Home Phone</a> - </td> - </tr> - </table> - - <h2 class="formsection">Mailing Address</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.street.field_id}" - py:content="user_fields.street.label" />: - </th> - <td> - <span py:replace="user_fields.street.display(value_for(user_fields.street))" /> - <span py:if="tg.errors.get('street')" class="fielderror" - py:content="tg.errors.get('street')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.roomnumber.field_id}" - py:content="user_fields.roomnumber.label" />: - </th> - <td> - <span py:replace="user_fields.roomnumber.display(value_for(user_fields.roomnumber))" /> - <span py:if="tg.errors.get('roomnumber')" class="fielderror" - py:content="tg.errors.get('roomnumber')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.l.field_id}" - py:content="user_fields.l.label" />: - </th> - <td> - <span py:replace="user_fields.l.display(value_for(user_fields.l))" /> - <span py:if="tg.errors.get('l')" class="fielderror" - py:content="tg.errors.get('l')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.st.field_id}" - py:content="user_fields.st.label" />: - </th> - <td> - <span py:replace="user_fields.st.display(value_for(user_fields.st))" /> - <span py:if="tg.errors.get('st')" class="fielderror" - py:content="tg.errors.get('st')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.postalcode.field_id}" - py:content="user_fields.postalcode.label" />: - </th> - <td> - <span py:replace="user_fields.postalcode.display(value_for(user_fields.postalcode))" /> - <span py:if="tg.errors.get('postalcode')" class="fielderror" - py:content="tg.errors.get('postalcode')" /> - </td> - </tr> - </table> - - <h2 class="formsection">Employee Information</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.ou.field_id}" - py:content="user_fields.ou.label" />: - </th> - <td> - <span py:replace="user_fields.ou.display(value_for(user_fields.ou))" /> - <span py:if="tg.errors.get('ou')" class="fielderror" - py:content="tg.errors.get('ou')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.businesscategory.field_id}" - py:content="user_fields.businesscategory.label" />: - </th> - <td> - <span py:replace="user_fields.businesscategory.display(value_for(user_fields.businesscategory))" /> - <span py:if="tg.errors.get('businesscategory')" class="fielderror" - py:content="tg.errors.get('businesscategory')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.description.field_id}" - py:content="user_fields.description.label" />: - </th> - <td> - <span py:replace="user_fields.description.display(value_for(user_fields.description))" /> - <span py:if="tg.errors.get('description')" class="fielderror" - py:content="tg.errors.get('description')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.employeetype.field_id}" - py:content="user_fields.employeetype.label" />: - </th> - <td> - <span py:replace="user_fields.employeetype.display(value_for(user_fields.employeetype))" /> - <span py:if="tg.errors.get('employeetype')" class="fielderror" - py:content="tg.errors.get('employeetype')" /> - </td> - </tr> - - <tr> - <th valign="top"> - <label class="fieldlabel" for="${user_fields.manager.field_id}" - py:content="user_fields.manager.label" />: - </th> - <td valign="top"> - <div> - <span id='manager_select_cn'>${value_for(user_fields.manager_cn)}</span> - <span py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups or tg.identity.display_name != value.get('uid')" id='manager_links'> - <a href="#" onclick="return clearSelect('manager');">clear</a> - <a href="#" onclick="return startSelect('manager');">change</a> - </span> - <span py:if="tg.errors.get('manager')" class="fielderror" - py:content="tg.errors.get('manager')" /> - </div> - <div id="manager_searcharea" style="display:none"> - <div> - <input id="manager_criteria" type="text" - onkeypress="return enterDoSelectSearch(event, 'manager');" /> - <input type="button" value="Find" - onclick="return doSelectSearch('manager');" - /> - </div> - <div id="manager_searchresults"> - </div> - </div> - </td> - </tr> - - <tr> - <th valign="top"> - <label class="fieldlabel" for="${user_fields.secretary.field_id}" - py:content="user_fields.secretary.label" />: - </th> - <td valign="top"> - <div> - <span id='secretary_select_cn'>${value_for(user_fields.secretary_cn)}</span> - <span id='secretary_links'> - <a href="#" onclick="return clearSelect('secretary');">clear</a> - <a href="#" onclick="return startSelect('secretary');">change</a> - </span> - <span py:if="tg.errors.get('secretary')" class="fielderror" - py:content="tg.errors.get('secretary')" /> - </div> - <div id="secretary_searcharea" style="display:none"> - <div> - <input id="secretary_criteria" type="text" - onkeypress="return enterDoSelectSearch(event, 'secretary');" /> - <input type="button" value="Find" - onclick="return doSelectSearch('secretary');" - /> - </div> - <div id="secretary_searchresults"> - </div> - </div> - </td> - </tr> - </table> - - <h2 class="formsection">Misc Information</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.carlicense.field_id}" - py:content="user_fields.carlicense.label" />: - </th> - <td> - <span py:replace="user_fields.carlicense.display(value_for(user_fields.carlicense))" /> - <span py:if="tg.errors.get('carlicense')" class="fielderror" - py:content="tg.errors.get('carlicense')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.labeleduri.field_id}" - py:content="user_fields.labeleduri.label" />: - </th> - <td> - <span py:replace="user_fields.labeleduri.display(value_for(user_fields.labeleduri))" /> - <span py:if="tg.errors.get('labeleduri')" class="fielderror" - py:content="tg.errors.get('labeleduri')" /> - </td> - </tr> - </table> - - <div py:if='len(custom_fields) > 0'> - <h2 class="formsection" >Custom Fields</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr py:for='custom_field in custom_fields'> - <th> - <label class="fieldlabel" for="${custom_field.field_id}" - py:content="custom_field.label" />: - </th> - <td> - <span py:replace="custom_field.display(value_for(custom_field))" /> - <span py:if="tg.errors.get(custom_field.name)" class="fielderror" - py:content="tg.errors.get(custom_field.name)" /> - </td> - </tr> - </table> - </div> - - - <div> - <h2 class="formsection">Groups</h2> - - <div class="floatlist"> - <div py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups or tg.identity.display_name != value.get('uid')" class="floatheader">To Remove:</div> - <div id="delmembers"> - </div> - </div> - - <div> - <?python div_counter = 1 ?> - <div py:for="group in user_groups" id="member-${div_counter}"> - <?python - group_dn = group.get('dn') - group_dn_esc = ipahelper.javascript_string_escape(group_dn) - - group_name = group.get('cn') - group_descr = "[group]" - group_type = "group" - - group_name_esc = ipahelper.javascript_string_escape(group_name) - group_descr_esc = ipahelper.javascript_string_escape(group_descr) - group_type_esc = ipahelper.javascript_string_escape(group_type) - ?> - <span id="member-info-${div_counter}"></span> - <script type="text/javascript"> - renderMemberInfo($('member-info-${div_counter}'), - new MemberDisplayInfo('${group_name_esc}', - '${group_descr_esc}', - '${group_type_esc}')); - </script> - <a py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups or tg.identity.display_name != value.get('uid')" href="#" - onclick="removememberHandler(this, '${group_dn_esc}', - new MemberDisplayInfo('${group_name_esc}', - '${group_descr_esc}', - '${group_type_esc}')); - return false;" - >remove</a> - <script type="text/javascript"> - dn_to_member_div_id['${group_dn_esc}'] = "member-${div_counter}"; - member_hash["${group_dn_esc}"] = 1; - </script> - <?python - div_counter = div_counter + 1 - ?> - </div> - <!-- a space here to prevent an empty div --> - </div> - - </div> - - <div py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups or tg.identity.display_name != value.get('uid')" style="clear:both"> - <h2 class="formsection">Add Groups</h2> - - <div class="floatlist"> - <div class="floatheader">To Add:</div> - <div id="newmembers"> - </div> - </div> - - <div> - <div id="search"> - <input id="criteria" type="text" name="criteria" - onkeypress="return enterDoSearch(event);" /> - <input type="button" value="Find" - onclick="return doSearch();" - /> - </div> - <div id="searchresults"> - </div> - </div> - </div> - - <hr/> - - <input type="submit" class="submitbutton" name="submit" - value="Update User"/> - <input type="submit" class="submitbutton" name="submit" - value="Cancel Edit" /> - <input py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups and tg.identity.display_name != value.get('uid')" - type="button" class="submitbutton" - value="Delete User" - onclick="return confirmDelete();" - /> - - </form> - - <script type="text/javascript"> - /* - * This section restores the contents of the add and remove lists - * dynamically if we have to refresh the page - */ - if ($('form_dn_to_info_json').value != "") { - dn_to_info_hash = new Hash($('form_dn_to_info_json').value.evalJSON()); - } - - if ($('form_editprotected').value != "") { - $('toggleprotected_checkbox').checked = true; - toggleProtectedFields($('toggleprotected_checkbox')); - } - </script> - - <?python - dnadds = value.get('dnadd', []) - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - - dndels = value.get('dndel', []) - if not(isinstance(dndels,list) or isinstance(dndels,tuple)): - dndels = [dndels] - ?> - - <script py:for="dnadd in dnadds"> - <?python - dnadd_esc = ipahelper.javascript_string_escape(dnadd) - ?> - var dn = "${dnadd_esc}"; - var info = dn_to_info_hash[dn]; - var newdiv = addmember(dn, info); - if (newdiv != null) { - newdiv.style.display = 'block'; - } - </script> - - <script py:for="dndel in dndels"> - <?python - dndel_esc = ipahelper.javascript_string_escape(dndel) - ?> - var dn = "${dndel_esc}"; - var info = dn_to_info_hash[dn]; - var newdiv = removemember(dn, info); - newdiv.style.display = 'block'; - orig_div_id = dn_to_member_div_id[dn] - $(orig_div_id).style.display = 'none'; - </script> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/userlayout.kid b/ipa-server/ipa-gui/ipagui/templates/userlayout.kid deleted file mode 100644 index 7625ffdd2..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/userlayout.kid +++ /dev/null @@ -1,41 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -</head> - -<body py:match="item.tag=='{http://www.w3.org/1999/xhtml}body'" py:attrs="item.items()"> - <div id="main_content"> - <div id="details"> - <div id="alertbox" py:if="value_of('tg_flash', None)"> - <p py:content="XML(tg_flash)"></p></div> - - <div py:replace="[item.text]+item[:]"></div> - </div> - -<!-- <div id="sidebar"> - <h2>Tools</h2> - <a href="${tg.url('/user/new')}">Add User</a><br/> - <a href="${tg.url('/user/list')}">Find Users</a><br/> - </div> --> - </div> -</body> - -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/userlist.kid b/ipa-server/ipa-gui/ipagui/templates/userlist.kid deleted file mode 100644 index 5dfe2bde7..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/userlist.kid +++ /dev/null @@ -1,118 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'userlayout.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Find Users</title> -</head> -<body> - <h1 class="user">Find Users</h1> - <script type="text/javascript" charset="utf-8" src="${tg.url('/static/javascript/tablekit.js')}"></script> - <div id="search"> - <form action="${tg.url('/user/list')}" method="get"> - <input id="uid" type="text" name="uid" value="${uid}" /> - <input class="searchbutton" type="submit" value="Find Users"/> - </form> - <script type="text/javascript"> - document.getElementById("uid").focus(); - </script> - </div> - <div py:if='(users != None) and (len(users) > 0)'> - <h2>${len(users)} results returned:</h2> - <table id="resultstable" class="details sortable resizable" cellspacing="0"> - <thead> - <tr> - <th> - User - </th> - <th> - Phone - </th> - <th> - Unit - </th> - <th> - Job Title - </th> - </tr> - </thead> - <tbody> - <tr py:for="user in users" py:if="user.nsAccountLock != 'true'"> - <td> - <a - href="${tg.url('/user/show',uid=user.uid)}" - py:content="u'%s %s (%s)' % (user.givenName, user.sn, user.uid)" - /> - </td> - <td> - ${user.telephoneNumber} - </td> - <td> - ${user.ou} - </td> - <td> - ${user.title} - </td> - </tr> - </tbody> - <tbody> - <tr id="inactive" py:for="user in users" py:if="user.nsAccountLock == 'true'"> - <td> - <a - href="${tg.url('/user/show',uid=user.uid)}" - py:content="u'%s %s (%s)' % (user.givenName, user.sn, user.uid)" - /> - </td> - <td> - ${user.telephoneNumber} - </td> - <td> - ${user.ou} - </td> - <td> - ${user.title} - </td> - </tr> - </tbody> - </table> - </div> - <div id="alertbox" py:if='(users != None) and (len(users) == 0)'> - <p>No results found for "${uid}"</p> - </div> - - <div class="instructions" py:if='users == None'> - <p> - Search automatically looks across multiple fields. If you want to find - Joe in Finance, try typing "joe finance" into the search box. - </p> - <p> - Exact matches are listed first, followed by partial matches. If your search - is too broad, you will get a warning that the search returned too many - results. Try being more specific. - </p> - <p> - The results that come back are sortable. Simply click on a column - header to sort on that header. A triangle will indicate the sorted - column, along with its direction. Clicking and dragging between headers - will allow you to resize the header. - </p> - </div> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/usernew.kid b/ipa-server/ipa-gui/ipagui/templates/usernew.kid deleted file mode 100644 index bbb743248..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/usernew.kid +++ /dev/null @@ -1,30 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'userlayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>Add User</title> -</head> -<body> - <h1 class="user">Add User</h1> - - ${form.display(action=tg.url("/user/create"), value=user)} -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid deleted file mode 100644 index cd924a729..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid +++ /dev/null @@ -1,842 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#" - class="simpleroster"> - <form action="${action}" name="${name}" method="${method}" class="tableform" - onsubmit="preSubmit()"> - -<input type="submit" class="submitbutton" name="submit" value="Add User"/> - -<?python -from ipagui.helpers import ipahelper -?> - - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicedit.js')}"></script> - <script type="text/javascript" charset="utf-8" - src="${tg.url('/static/javascript/dynamicselect.js')}"></script> - <script type="text/javascript" charset="utf-8" - src="${tg.url('/tg_widgets/tg_expanding_form_widget/javascript/expanding_form.js')}"></script> - - <?python - searchurl = tg.url('/user/edit_search') - selectSearchurl = tg.url('/user/user_select_search') - ?> - - <script type="text/javascript"> - function doSearch() { - $('searchresults').update("Searching..."); - new Ajax.Updater('searchresults', - '${searchurl}', - { asynchronous:true, - parameters: { criteria: $('criteria').value }, - evalScripts: true }); - return false; - } - - // override dynamicedit.js version - // we don't need to show [group] nor italize groups - function renderMemberInfo(newdiv, info) { - if (info.type == "group") { - newdiv.appendChild(document.createTextNode( - info.name + " ")); - } - } - function doSelectSearch(which_select) { - $(which_select + '_searchresults').update("Searching..."); - new Ajax.Updater(which_select + '_searchresults', - '${selectSearchurl}', - { asynchronous:true, - parameters: { criteria: $(which_select + '_criteria').value, - which_select: which_select}, - evalScripts: true }); - return false; - } - </script> - - <div py:for="field in hidden_fields" - py:replace="field.display(value_for(field), **params_for(field))" - /> - - <h2 class="formsection">Identity Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.title.field_id}" - py:content="user_fields.title.label" />: - </th> - <td> - <span py:replace="user_fields.title.display(value_for(user_fields.title))" /> - <span py:if="tg.errors.get('title')" class="fielderror" - py:content="tg.errors.get('title')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.givenname.field_id}" - py:content="user_fields.givenname.label" />: - </th> - <td> - <span py:replace="user_fields.givenname.display(value_for(user_fields.givenname))" /> - <span py:if="tg.errors.get('givenname')" class="fielderror" - py:content="tg.errors.get('givenname')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.sn.field_id}" - py:content="user_fields.sn.label" />: - </th> - <td> - <span py:replace="user_fields.sn.display(value_for(user_fields.sn))" /> - <span py:if="tg.errors.get('sn')" class="fielderror" - py:content="tg.errors.get('sn')" /> - <script type="text/javascript"> - var uid_suggest = ""; - var mail_suggest = ""; - var cn_suggest = ""; - var displayname_suggest = ""; - var initials_suggest = ""; - - function autofill(self) { - var givenname = $('form_givenname'); - var sn = $('form_sn'); - if ((givenname.value == "") || (sn.value == "")) { - return; - } - - var uid = $('form_uid'); - var mail = $('form_mail'); - var cn = $('form_cns_0_cn'); - var displayname = $('form_displayname'); - var initials = $('form_initials'); - - if ((cn.value == "") || (cn.value == cn_suggest)) { - cn.value = givenname.value + " " + sn.value; - cn_suggest = cn.value; - new Effect.Highlight(cn); - } - - if ((displayname.value == "") || - (displayname.value == displayname_suggest)) { - displayname.value = givenname.value + " " + sn.value; - displayname_suggest = displayname.value; - new Effect.Highlight(displayname); - } - - if ((initials.value == "") || - (initials.value == initials_suggest)) { - initials.value = givenname.value[0] + sn.value[0]; - initials_suggest = initials.value; - new Effect.Highlight(initials); - } - - if ((uid.value == "") || (uid.value == uid_suggest)) { - new Ajax.Request('${tg.url('/user/suggest_uid')}', { - method: 'get', - parameters: {'givenname': givenname.value, 'sn': sn.value}, - onSuccess: function(transport) { - uid.value = transport.responseText; - uid_suggest = uid.value; - new Effect.Highlight(uid); - } - }); - } - - if ((mail.value == "") || (mail.value == mail_suggest)) { - new Ajax.Request('${tg.url('/user/suggest_email')}', { - method: 'get', - parameters: {'givenname': givenname.value, 'sn': sn.value}, - onSuccess: function(transport) { - mail.value = transport.responseText; - mail_suggest = mail.value; - new Effect.Highlight(mail); - } - }); - } - } - - document.getElementById('form_givenname').onchange = autofill; - document.getElementById('form_sn').onchange = autofill; - </script> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.cns.field_id}" - py:content="user_fields.cns.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.cns.field_id}"> - <tbody> - <?python repetition = 0 - cn_index = 0 - cn_error = tg.errors.get('cn') - values = value_for(user_fields.cn) - if values is None: - values=[''] - ?> - <tr py:for="cn in values" - id="${user_fields.cns.field_id}_${repetition}" - class="${user_fields.cns.field_class}"> - - <td py:for="field in user_fields.cns.fields"> - <span><input class="textfield" type="text" id="${user_fields.cns.field_id}_${repetition}_cn" name="cns-${repetition}.cn" value="${cn}"/></span> - <span py:if="cn_error and cn_error[cn_index]" class="fielderror" - py:content="tg.errors.get('cn')" /> - </td> - <?python cn_index = cn_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.cns.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.cns.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.cns.field_id}');">Add Full Name</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.displayname.field_id}" - py:content="user_fields.displayname.label" />: - </th> - <td> - <span py:replace="user_fields.displayname.display(value_for(user_fields.displayname))" /> - <span py:if="tg.errors.get('displayname')" class="fielderror" - py:content="tg.errors.get('displayname')" /> - - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.initials.field_id}" - py:content="user_fields.initials.label" />: - </th> - <td> - <span py:replace="user_fields.initials.display(value_for(user_fields.initials))" /> - <span py:if="tg.errors.get('initials')" class="fielderror" - py:content="tg.errors.get('initials')" /> - - </td> - </tr> - </table> - - <h2 class="formsection">Account Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.nsAccountLock.field_id}" - py:content="user_fields.nsAccountLock.label" />: - </th> - <td> - <span py:replace="user_fields.nsAccountLock.display(value_for(user_fields.nsAccountLock))" /> - <span py:if="tg.errors.get('nsAccountLock')" class="fielderror" - py:content="tg.errors.get('nsAccountLock')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.uid.field_id}" - py:content="user_fields.uid.label" />: - </th> - <td> - <span py:replace="user_fields.uid.display(value_for(user_fields.uid))" /> - <span py:if="tg.errors.get('uid')" class="fielderror" - py:content="tg.errors.get('uid')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.krbprincipalkey.field_id}" - py:content="user_fields.krbprincipalkey.label" />: - </th> - <td> - <span py:replace="user_fields.krbprincipalkey.display(value_for(user_fields.krbprincipalkey))" /> - <span py:if="tg.errors.get('krbprincipalkey')" class="fielderror" - py:content="tg.errors.get('krbprincipalkey')" /> - - <!-- - <input type="button" value="Generate Password" - onclick="new Ajax.Request('${tg.url('/user/generate_password')}', - { - method: 'get', - onSuccess: function(transport) { - document.getElementById('form_krbprincipalkey').value = - transport.responseText; - } - });" /> - --> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.krbprincipalkey_confirm.field_id}" - py:content="user_fields.krbprincipalkey_confirm.label" />: - </th> - <td> - <span py:replace="user_fields.krbprincipalkey_confirm.display( - value_for(user_fields.krbprincipalkey_confirm))" /> - <span py:if="tg.errors.get('krbprincipalkey_confirm')" class="fielderror" - py:content="tg.errors.get('krbprincipalkey_confirm')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.uidnumber.field_id}" - py:content="user_fields.uidnumber.label" />: - </th> - <td> - Generated by server - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.gidnumber.field_id}" - py:content="user_fields.gidnumber.label" />: - </th> - <td> - Generated by server - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.homedirectory.field_id}" - py:content="user_fields.homedirectory.label" />: - </th> - <td> - Generated by server - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.loginshell.field_id}" - py:content="user_fields.loginshell.label" />: - </th> - <td> - <span py:replace="user_fields.loginshell.display( - value_for(user_fields.loginshell))" /> - <span py:if="tg.errors.get('loginshell')" class="fielderror" - py:content="tg.errors.get('loginshell')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.gecos.field_id}" - py:content="user_fields.gecos.label" />: - </th> - <td> - <span py:replace="user_fields.gecos.display( - value_for(user_fields.gecos))" /> - <span py:if="tg.errors.get('gecos')" class="fielderror" - py:content="tg.errors.get('gecos')" /> - </td> - </tr> - </table> - - <h2 class="formsection">Contact Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.mail.field_id}" - py:content="user_fields.mail.label" />: - </th> - <td> - <span py:replace="user_fields.mail.display(value_for(user_fields.mail))" /> - <span py:if="tg.errors.get('mail')" class="fielderror" - py:content="tg.errors.get('mail')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.telephonenumbers.field_id}" - py:content="user_fields.telephonenumbers.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.telephonenumbers.field_id}"> - <tbody> - <?python repetition = 0 - tele_index = 0 - tele_error = tg.errors.get('telephonenumber') - values = value_for(user_fields.telephonenumber) - if values is None: - values=[''] - ?> - <tr py:for="tele in values" - id="${user_fields.telephonenumbers.field_id}_${repetition}" - class="${user_fields.telephonenumbers.field_class}"> - - <td py:if="user_fields.telephonenumbers.fields is not None" py:for="field in user_fields.telephonenumbers.fields"> - <span><input class="textfield" type="text" id="${user_fields.telephonenumbers.field_id}_${repetition}_telephonenumber" name="telephonenumbers-${repetition}.telephonenumber" value="${tele}"/></span> - <span py:if="tele_error and tele_error[tele_index]" class="fielderror" - py:content="tg.errors.get('telephonenumber')" /> - </td> - <?python tele_index = tele_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.telephonenumbers.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.telephonenumbers.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.telephonenumbers.field_id}');">Add Work Number</a> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.facsimiletelephonenumbers.field_id}" - py:content="user_fields.facsimiletelephonenumbers.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.facsimiletelephonenumbers.field_id}"> - <tbody> - <?python repetition = 0 - fax_index = 0 - fax_error = tg.errors.get('facsimiletelephonenumber') - values = value_for(user_fields.facsimiletelephonenumber) - if values is None: - values=[''] - ?> - <tr py:for="fax in values" - id="${user_fields.facsimiletelephonenumbers.field_id}_${repetition}" - class="${user_fields.facsimiletelephonenumbers.field_class}"> - - <td py:for="field in user_fields.facsimiletelephonenumbers.fields"> - <span><input class="textfield" type="text" id="${user_fields.facsimiletelephonenumbers.field_id}_${repetition}_facsimiletelephonenumber" name="facsimiletelephonenumbers-${repetition}.facsimiletelephonenumber" value="${fax}"/></span> - <span py:if="fax_error and fax_error[fax_index]" class="fielderror" - py:content="tg.errors.get('facsimiletelephonenumber')" /> - </td> - <?python fax_index = fax_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.facsimiletelephonenumbers.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.facsimiletelephonenumbers.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.facsimiletelephonenumbers.field_id}');">Add Fax Number</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.mobiles.field_id}" - py:content="user_fields.mobiles.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.mobiles.field_id}"> - <tbody> - <?python repetition = 0 - mobile_index = 0 - mobile_error = tg.errors.get('mobile') - values = value_for(user_fields.mobile) - if values is None: - values=[''] - ?> - <tr py:for="mobile in values" - id="${user_fields.mobiles.field_id}_${repetition}" - class="${user_fields.mobiles.field_class}"> - - <td py:for="field in user_fields.mobiles.fields"> - <span><input class="textfield" type="text" id="${user_fields.mobiles.field_id}_${repetition}_mobile" name="mobiles-${repetition}.mobile" value="${mobile}"/></span> - <span py:if="mobile_error and mobile_error[mobile_index]" class="fielderror" - py:content="tg.errors.get('mobile')" /> - </td> - <?python mobile_index = mobile_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.mobiles.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.mobiles.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.mobiles.field_id}');">Add Cell Number</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.pagers.field_id}" - py:content="user_fields.pagers.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.pagers.field_id}"> - <tbody> - <?python repetition = 0 - pager_index = 0 - pager_error = tg.errors.get('pager') - values = value_for(user_fields.pager) - if values is None: - values=[''] - ?> - <tr py:for="pager in values" - id="${user_fields.pagers.field_id}_${repetition}" - class="${user_fields.pagers.field_class}"> - - <td py:for="field in user_fields.pagers.fields"> - <span><input class="textfield" type="text" id="${user_fields.pagers.field_id}_${repetition}_pager" name="pagers-${repetition}.pager" value="${pager}"/></span> - <span py:if="pager_error and pager_error[pager_index]" class="fielderror" - py:content="tg.errors.get('pager')" /> - </td> - <?python pager_index = pager_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.pagers.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.pagers.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.pagers.field_id}');">Add Pager Number</a> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.homephones.field_id}" - py:content="user_fields.homephones.label" />: - </th> - <td colspan="3"> - <table class="formtable" cellpadding="2" cellspacing="0" border="0" id="${user_fields.homephones.field_id}"> - <tbody> - <?python repetition = 0 - homephone_index = 0 - homephone_error = tg.errors.get('homephone') - values = value_for(user_fields.homephone) - if values is None: - values=[''] - ?> - <tr py:for="homephone in values" - id="${user_fields.homephones.field_id}_${repetition}" - class="${user_fields.homephones.field_class}"> - - <td py:for="field in user_fields.homephones.fields"> - <span><input class="textfield" type="text" id="${user_fields.homephones.field_id}_${repetition}_homephone" name="homephones-${repetition}.homephone" value="${homephone}"/></span> - <span py:if="homephone_error and homephone_error[homephone_index]" class="fielderror" - py:content="tg.errors.get('homephone')" /> - </td> - <?python homephone_index = homephone_index + 1 ?> - <td> - <a - href="javascript:ExpandingForm.removeItem('${user_fields.homephones.field_id}_${repetition}')">Remove</a> - </td> - <?python repetition = repetition + 1?> - </tr> - </tbody> - </table> - <a id="${user_fields.homephones.field_id}_doclink" href="javascript:ExpandingForm.addItem('${user_fields.homephones.field_id}');">Add Home Phone</a> - </td> - </tr> - - </table> - - <h2 class="formsection">Mailing Address</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.street.field_id}" - py:content="user_fields.street.label" />: - </th> - <td> - <span py:replace="user_fields.street.display(value_for(user_fields.street))" /> - <span py:if="tg.errors.get('street')" class="fielderror" - py:content="tg.errors.get('street')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.roomnumber.field_id}" - py:content="user_fields.roomnumber.label" />: - </th> - <td> - <span py:replace="user_fields.roomnumber.display(value_for(user_fields.roomnumber))" /> - <span py:if="tg.errors.get('roomnumber')" class="fielderror" - py:content="tg.errors.get('roomnumber')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.l.field_id}" - py:content="user_fields.l.label" />: - </th> - <td> - <span py:replace="user_fields.l.display(value_for(user_fields.l))" /> - <span py:if="tg.errors.get('l')" class="fielderror" - py:content="tg.errors.get('l')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.st.field_id}" - py:content="user_fields.st.label" />: - </th> - <td> - <span py:replace="user_fields.st.display(value_for(user_fields.st))" /> - <span py:if="tg.errors.get('st')" class="fielderror" - py:content="tg.errors.get('st')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.postalcode.field_id}" - py:content="user_fields.postalcode.label" />: - </th> - <td> - <span py:replace="user_fields.postalcode.display(value_for(user_fields.postalcode))" /> - <span py:if="tg.errors.get('postalcode')" class="fielderror" - py:content="tg.errors.get('postalcode')" /> - </td> - </tr> - </table> - - <h2 class="formsection">Employee Information</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.ou.field_id}" - py:content="user_fields.ou.label" />: - </th> - <td> - <span py:replace="user_fields.ou.display(value_for(user_fields.ou))" /> - <span py:if="tg.errors.get('ou')" class="fielderror" - py:content="tg.errors.get('ou')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.businesscategory.field_id}" - py:content="user_fields.businesscategory.label" />: - </th> - <td> - <span py:replace="user_fields.businesscategory.display(value_for(user_fields.businesscategory))" /> - <span py:if="tg.errors.get('businesscategory')" class="fielderror" - py:content="tg.errors.get('businesscategory')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.description.field_id}" - py:content="user_fields.description.label" />: - </th> - <td> - <span py:replace="user_fields.description.display(value_for(user_fields.description))" /> - <span py:if="tg.errors.get('description')" class="fielderror" - py:content="tg.errors.get('description')" /> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.employeetype.field_id}" - py:content="user_fields.employeetype.label" />: - </th> - <td> - <span py:replace="user_fields.employeetype.display(value_for(user_fields.employeetype))" /> - <span py:if="tg.errors.get('employeetype')" class="fielderror" - py:content="tg.errors.get('employeetype')" /> - </td> - </tr> - - <tr> - <th valign="top"> - <label class="fieldlabel" for="${user_fields.manager.field_id}" - py:content="user_fields.manager.label" />: - </th> - <td valign="top"> - <div> - <span id='manager_select_cn'>${value_for(user_fields.manager)}</span> - <span id='manager_links'> - <a href="#" onclick="return clearSelect('manager');">clear</a> - <a href="#" onclick="return startSelect('manager');">change</a> - </span> - <span py:if="tg.errors.get('manager')" class="fielderror" - py:content="tg.errors.get('manager')" /> - </div> - <div id="manager_searcharea" style="display:none"> - <div> - <input id="manager_criteria" type="text" - onkeypress="return enterDoSelectSearch(event, 'manager');" /> - <input type="button" value="Find" - onclick="return doSelectSearch('manager');" - /> - </div> - <div id="manager_searchresults"> - </div> - </div> - </td> - </tr> - - <tr> - <th> - <label class="fieldlabel" for="${user_fields.secretary.field_id}" - py:content="user_fields.secretary.label" />: - </th> - <td> - <div> - <span id='secretary_select_cn'>${value_for(user_fields.secretary)}</span> - <span id='secretary_links'> - <a href="#" onclick="return clearSelect('secretary');">clear</a> - <a href="#" onclick="return startSelect('secretary');">change</a> - </span> - <span py:if="tg.errors.get('secretary')" class="fielderror" - py:content="tg.errors.get('secretary')" /> - </div> - <div id="secretary_searcharea" style="display:none"> - <div> - <input id="secretary_criteria" type="text" - onkeypress="return enterDoSelectSearch(event, 'secretary');" /> - <input type="button" value="Find" - onclick="return doSelectSearch('secretary');" - /> - </div> - <div id="secretary_searchresults"> - </div> - </div> - </td> - </tr> - </table> - - <h2 class="formsection">Misc Information</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.carlicense.field_id}" - py:content="user_fields.carlicense.label" />: - </th> - <td> - <span py:replace="user_fields.carlicense.display(value_for(user_fields.carlicense))" /> - <span py:if="tg.errors.get('carlicense')" class="fielderror" - py:content="tg.errors.get('carlicense')" /> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" for="${user_fields.labeleduri.field_id}" - py:content="user_fields.labeleduri.label" />: - </th> - <td> - <span py:replace="user_fields.labeleduri.display(value_for(user_fields.labeleduri))" /> - <span py:if="tg.errors.get('labeleduri')" class="fielderror" - py:content="tg.errors.get('labeleduri')" /> - </td> - </tr> - </table> - - <div py:if='len(custom_fields) > 0'> - <div class="formsection" >Custom Fields</div> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr py:for='custom_field in custom_fields'> - <th> - <label class="fieldlabel" for="${custom_field.field_id}" - py:content="custom_field.label" />: - </th> - <td> - <span py:replace="custom_field.display(value_for(custom_field))" /> - <span py:if="tg.errors.get(custom_field.name)" class="fielderror" - py:content="tg.errors.get(custom_field.name)" /> - </td> - </tr> - </table> - </div> - - <div style="clear:both"> - <h2 class="formsection">Add Groups</h2> - - - <div class="floatlist"> - <div class="floatheader">To Add:</div> - <div id="newmembers"> - </div> - </div> - - <div> - <div id="search"> - <input id="criteria" type="text" name="criteria" - onkeypress="return enterDoSearch(event);" /> - <input class="searchbutton" type="button" value="Find" - onclick="return doSearch();" - /> - </div> - <div id="searchresults"> - </div> - </div> - </div> - -<hr /> -<input type="submit" class="submitbutton" name="submit" value="Add User"/> - - </form> - - <script type="text/javascript"> - document.getElementById("form_title").focus(); - </script> - - <script type="text/javascript"> - /* - * This section restores the contents of the add and remove lists - * dynamically if we have to refresh the page - */ - if ($('form_dn_to_info_json').value != "") { - dn_to_info_hash = new Hash($('form_dn_to_info_json').value.evalJSON()); - } - </script> - - <?python - dnadds = value.get('dnadd', []) - if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)): - dnadds = [dnadds] - ?> - - <script py:for="dnadd in dnadds"> - <?python - dnadd_esc = ipahelper.javascript_string_escape(dnadd) - ?> - var dn = "${dnadd_esc}"; - var info = dn_to_info_hash[dn]; - var newdiv = addmember(dn, info); - if (newdiv != null) { - newdiv.style.display = 'block'; - } - </script> - -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/userselectsearch.kid b/ipa-server/ipa-gui/ipagui/templates/userselectsearch.kid deleted file mode 100644 index b8a60ed51..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/userselectsearch.kid +++ /dev/null @@ -1,53 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<div xmlns:py="http://purl.org/kid/ns#"> - -<?python -from ipagui.helpers import ipahelper -?> - <div py:if='(users != None) and (len(users) > 0)'> - <div id="search-results-count"> - ${len(users)} results returned: - <span py:if="counter < 0"> - (truncated) - </span> - </div> - - <div py:for="user in users"> - <?python - user_name = "%s %s" % (user.getValue('givenName', ''), - user.getValue('sn', '')) - user_descr = "(%s)" % user.uid - - user_dn_esc = ipahelper.javascript_string_escape(user.dn) - user_name_esc = ipahelper.javascript_string_escape(user_name) - user_descr_esc = ipahelper.javascript_string_escape(user_descr) - which_select_esc = ipahelper.javascript_string_escape(which_select) - ?> - - ${user_name} ${user_descr} - <a href="" - onclick="doSelect('${which_select_esc}', '${user_dn_esc}', '${user_name_esc}'); - return false;" - >select</a> - </div> - </div> - <div py:if='(users != None) and (len(users) == 0)'> - No results found for "${criteria}" - </div> -</div> diff --git a/ipa-server/ipa-gui/ipagui/templates/usershow.kid b/ipa-server/ipa-gui/ipagui/templates/usershow.kid deleted file mode 100644 index 0c2582b2e..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/usershow.kid +++ /dev/null @@ -1,399 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'userlayout.kid'"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> - <title>View User</title> -</head> -<body> -<?python -edit_url = tg.url('/user/edit', uid=user.get('uid')) -?> - <h1 class="user">View User</h1> - - <input py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups or tg.identity.display_name == user.get('uid')" - class="submitbutton" type="button" - onclick="document.location.href='${edit_url}'" - value="Edit User" /> - -<?python -from ipagui.helpers import userhelper -pw_expires_days = userhelper.password_expires_in(user.get("krbPasswordExpiration")) -pw_expires_soon = userhelper.password_expires_soon(pw_expires_days) -pw_is_expired = userhelper.password_is_expired(pw_expires_days) -if pw_expires_days != 1: - days_suffix = "s" -else: - days_suffix = "" -?> - - <div id="alertbox" py:if='pw_expires_soon' class="warning_message"> - ${user.get("uid")}'s password will expire in ${pw_expires_days} day${days_suffix} - </div> - <div id="alertbox" py:if='pw_is_expired' class="warning_message"> - ${user.get("uid")}'s password has expired - </div> - - <h2 class="formsection">Identity Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.title.label" />: - </th> - <td>${user.get("title")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.givenname.label" />: - </th> - <td>${user.get("givenname")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.sn.label" />: - </th> - <td>${user.get("sn")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.cn.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = user.get("cn") - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.displayname.label" />: - </th> - <td>${user.get("displayname")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.initials.label" />: - </th> - <td>${user.get("initials")}</td> - </tr> - </table> - - <h2 class="formsection">Account Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.nsAccountLock.label" />: - </th> - <td>${userhelper.account_status_display(user.get("nsAccountLock"))}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.uid.label" />: - </th> - <td>${user.get("uid")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.uidnumber.label" />: - </th> - <td>${user.get("uidnumber")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.gidnumber.label" />: - </th> - <td>${user.get("gidnumber")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.homedirectory.label" />: - </th> - <td>${user.get("homedirectory")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.loginshell.label" />: - </th> - <td>${user.get("loginshell")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.gecos.label" />: - </th> - <td>${user.get("gecos")}</td> - </tr> - </table> - - <h2 class="formsection">Contact Details</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.mail.label" />: - </th> - <td><a py:if="user.get('mail')" - href="mailto:${user.get('mail')}">${user.get("mail")}</a></td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.telephonenumber.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = user.get("telephonenumber", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.facsimiletelephonenumber.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = user.get("facsimiletelephonenumber", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.mobile.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = user.get("mobile", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.pager.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = user.get("pager", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.homephone.label" />: - </th> - <td> - <table cellpadding="2" cellspacing="0" border="0"> - <tbody> - <?python - index = 0 - values = user.get("homephone", '') - if isinstance(values, str): - values = [values] - ?> - <tr py:for="index in range(len(values))"> - <td>${values[index]}</td> - </tr> - </tbody> - </table> - </td> - </tr> - </table> - - <h2 class="formsection">Mailing Address</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.street.label" />: - </th> - <td>${user.get("street")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.roomnumber.label" />: - </th> - <td>${user.get("roomnumber")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.l.label" />: - </th> - <td>${user.get("l")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.st.label" />: - </th> - <td>${user.get("st")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.postalcode.label" />: - </th> - <td>${user.get("postalcode")}</td> - </tr> - </table> - - <h2 class="formsection">Employee Information</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.ou.label" />: - </th> - <td>${user.get("ou")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.businesscategory.label" />: - </th> - <td>${user.get("businesscategory")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.description.label" />: - </th> - <td>${user.get("description")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.employeetype.label" />: - </th> - <td>${user.get("employeetype")}</td> - </tr> - <tr py:if='user_manager'> - <th> - <label class="fieldlabel" py:content="fields.manager.label" />: - </th> - <td> - <a href="${tg.url('/user/show', uid=user_manager.uid)}" - >${user_manager.givenname} ${user_manager.sn}</a> - </td> - </tr> - <tr py:if='user_secretary'> - <th> - <label class="fieldlabel" py:content="fields.secretary.label" />: - </th> - <td> - <a href="${tg.url('/user/show', uid=user_secretary.uid)}" - >${user_secretary.givenname} ${user_secretary.sn}</a> - </td> - </tr> - </table> - - <h2 class="formsection">Misc Information</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr> - <th> - <label class="fieldlabel" py:content="fields.carlicense.label" />: - </th> - <td>${user.get("carlicense")}</td> - </tr> - <tr> - <th> - <label class="fieldlabel" py:content="fields.labeleduri.label" />: - </th> - <td> - <a py:if="user.get('labeleduri')" - href="${user.get('labeleduri')}">${user.get('labeleduri')}</a> - </td> - </tr> - </table> - - <div py:if='len(fields.custom_fields) > 0'> - <h2 class="formsection">Custom Fields</h2> - <table class="formtable" cellpadding="2" cellspacing="0" border="0"> - <tr py:for='custom_field in fields.custom_fields'> - <th> - <label class="fieldlabel" for="${custom_field.field_id}" - py:content="custom_field.label" />: - </th> - <td> - ${user.get(custom_field.name)} - </td> - </tr> - </table> - </div> - - <h2 class="formsection" py:if='len(user_reports) > 0'>Direct Reports</h2> - <ol py:if="len(user_reports) > 0"> - <li py:for="report in user_reports"> - <a href="${tg.url('/user/show', uid=report.uid)}" - >${report.givenname} ${report.sn}</a> - </li> - </ol> - - <h2 class="formsection">Groups</h2> - <div py:for="group in user_groups"> - <a href="${tg.url('/group/show', cn=group.cn)}">${group.cn}</a> - </div> - - <br/> -<hr /> - <input py:if="'editors' in tg.identity.groups or 'admins' in tg.identity.groups or tg.identity.display_name == user.get('uid')" - class="submitbutton" type="button" - onclick="document.location.href='${edit_url}'" - value="Edit User" /> -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/welcome.kid b/ipa-server/ipa-gui/ipagui/templates/welcome.kid deleted file mode 100644 index ce3b444c4..000000000 --- a/ipa-server/ipa-gui/ipagui/templates/welcome.kid +++ /dev/null @@ -1,53 +0,0 @@ -<!-- - Copyright (C) 2007 Red Hat - see file 'COPYING' for use and warranty information - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License as - published by the Free Software Foundation; version 2 only - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ---> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" - py:extends="'master.kid'"> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> -<title>Welcome</title> -</head> -<body> - <div id="details"> - <div id="alertbox" py:if="value_of('tg_flash', None)"> - <p py:content="XML(tg_flash)"></p></div> - <h1>Welcome to Free IPA</h1> - - <noscript> - <span class="warning_message"> - This site makes heavy use of JavaScript.<br /> - Please enable JavaScript in your browser to make sure all pages function properly. - </span> - </noscript> - - <p> -IPA is used to manage Identity, Policy, and Auditing for your organization. - </p> - <p> - To get started, you can use the search box in the top right to find - users or groups you need to work on. Search automatically looks - across multiple fields. If you want to find Joe in Finance, try typing - "joe finance" into the search box. - </p> - <p> - Alternatively, select a task from the right sidebar. - </p> - </div> - -</body> -</html> diff --git a/ipa-server/ipa-gui/ipagui/tests/Makefile.am b/ipa-server/ipa-gui/ipagui/tests/Makefile.am deleted file mode 100644 index bf06ef2fa..000000000 --- a/ipa-server/ipa-gui/ipagui/tests/Makefile.am +++ /dev/null @@ -1,16 +0,0 @@ -NULL = - -appdir = $(IPA_DATA_DIR)/ipagui/tests -app_PYTHON = \ - __init__.py \ - test_controllers.py \ - test_model.py \ - $(NULL) - -EXTRA_DIST = \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - *.pyc \ - Makefile.in diff --git a/ipa-server/ipa-gui/ipagui/tests/__init__.py b/ipa-server/ipa-gui/ipagui/tests/__init__.py deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/ipa-gui/ipagui/tests/__init__.py +++ /dev/null diff --git a/ipa-server/ipa-gui/ipagui/tests/test_controllers.py b/ipa-server/ipa-gui/ipagui/tests/test_controllers.py deleted file mode 100644 index fc4014d0f..000000000 --- a/ipa-server/ipa-gui/ipagui/tests/test_controllers.py +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import unittest -import turbogears -from turbogears import testutil -from ipagui.controllers import Root -import cherrypy - -cherrypy.root = Root() - -class TestPages(unittest.TestCase): - - def setUp(self): - turbogears.startup.startTurboGears() - - def tearDown(self): - """Tests for apps using identity need to stop CP/TG after each test to - stop the VisitManager thread. - See http://trac.turbogears.org/turbogears/ticket/1217 for details. - """ - turbogears.startup.stopTurboGears() - - def test_method(self): - "the index method should return a string called now" - import types - result = testutil.call(cherrypy.root.index) - assert type(result["now"]) == types.StringType - - def test_indextitle(self): - "The indexpage should have the right title" - testutil.createRequest("/") - response = cherrypy.response.body[0].lower() - assert "<title>welcome to turbogears</title>" in response - diff --git a/ipa-server/ipa-gui/ipagui/tests/test_model.py b/ipa-server/ipa-gui/ipagui/tests/test_model.py deleted file mode 100644 index 5bfb2315e..000000000 --- a/ipa-server/ipa-gui/ipagui/tests/test_model.py +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -# If your project uses a database, you can set up database tests -# similar to what you see below. Be sure to set the db_uri to -# an appropriate uri for your testing database. sqlite is a good -# choice for testing, because you can use an in-memory database -# which is very fast. - -from turbogears import testutil, database -# from ipagui.model import YourDataClass, User - -# database.set_db_uri("sqlite:///:memory:") - -# class TestUser(testutil.DBTest): -# def get_model(self): -# return User -# def test_creation(self): -# "Object creation should set the name" -# obj = User(user_name = "creosote", -# email_address = "spam@python.not", -# display_name = "Mr Creosote", -# password = "Wafer-thin Mint") -# assert obj.display_name == "Mr Creosote" - diff --git a/ipa-server/ipa-gui/locales/ja/LC_MESSAGES/messages.po b/ipa-server/ipa-gui/locales/ja/LC_MESSAGES/messages.po deleted file mode 100644 index 1e03419ba..000000000 --- a/ipa-server/ipa-gui/locales/ja/LC_MESSAGES/messages.po +++ /dev/null @@ -1,757 +0,0 @@ -# Japanese Translation of IPA TurboGears UI -# Copyright (C) 2007 Red Hat, Inc. -# Masato Taruishi <taruishi@redhat.com>, 2007 -# -msgid "" -msgstr "" -"Project-Id-Version: 1.0\n" -"POT-Creation-Date: 2007-12-20 18:55\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: Masato Taruishi <taruishi@redhat.com>\n" -"Language-Team: LANGUAGE <LL@li.org>\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=utf-8\n" -"Content-Transfer-Encoding: utf-8\n" -"Generated-By: pygettext.py 1.5\n" - -#: ipagui/templates/groupnew.kid:title -msgid "Add Group" -msgstr "グループã®è¿½åŠ " - -#: ipagui/templates/ipapolicyeditform.kid:h2 -msgid "Search" -msgstr "検索" - -#: ipagui/templates/ipapolicyeditform.kid:h2 -msgid "Password Policy" -msgstr "パスワードãƒãƒªã‚·" - -#: ipagui/templates/ipapolicyeditform.kid:h2 -msgid "User Settings" -msgstr "ユーザè¨å®š" - -#: ipagui/templates/ipapolicyeditform.kid:a -msgid "Remove" -msgstr "削除" - -#: ipagui/templates/ipapolicyeditform.kid:a -msgid "Add User Object Class" -msgstr "ユーザオブジェクトクラスã®è¿½åŠ " - -#: ipagui/templates/ipapolicyeditform.kid:a -msgid "Add Group Object Class" -msgstr "グループオブジェクトクラスã®è¿½åŠ " - -#: ipagui/templates/userlist.kid:title -msgid "Find Users" -msgstr "ユーザã®æ¤œç´¢" - -#: ipagui/templates/userlist.kid:script -msgid "document.getElementById(\"uid\").focus();" -msgstr "" - -#: ipagui/templates/userlist.kid:h2 -msgid "${len(users)} results returned:" -msgstr "${len(users)} 件見ã¤ã‹ã‚Šã¾ã—ãŸ:" - -#: ipagui/templates/userlist.kid:th -msgid "User" -msgstr "ユーザ" - -#: ipagui/templates/userlist.kid:th -msgid "Phone" -msgstr "電話" - -#: ipagui/templates/userlist.kid:th -msgid "Unit" -msgstr "ユニット" - -#: ipagui/templates/userlist.kid:th -msgid "Job Title" -msgstr "" - -#: ipagui/templates/userlist.kid:a -msgid "${user.givenName} ${user.sn}" -msgstr "" - -#: ipagui/templates/userlist.kid:td -msgid "${user.telephoneNumber}" -msgstr "" - -#: ipagui/templates/userlist.kid:td -msgid "${user.ou}" -msgstr "" - -#: ipagui/templates/userlist.kid:td -msgid "${user.title}" -msgstr "" - -#: ipagui/templates/userlist.kid:p -msgid "No results found for \"${uid}\"" -msgstr "" - -#: ipagui/templates/userlist.kid:p -msgid "" -"Search automatically looks across multiple fields. If you want to find\n" -" Joe in Finance, try typing \"joe finance\" into the search box." -msgstr "" -"検索ã¯è¤‡æ•°ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«å¯¾ã—ã¦è¡Œã‚ã‚Œã¾ã™ã€‚ã—ãŸãŒã£ã¦ã€ä¾‹ãˆã°çµŒç†éƒ¨ã®ç”°ä¸ã•ã‚“ã‚’\n" -"検索ã—ãŸã„å ´åˆã¯ã€\"ç”°ä¸ çµŒç†\" ã¨æ¤œç´¢ãƒœãƒƒã‚¯ã‚¹ã«å…¥åŠ›ã—ã¾ã™ã€‚" - -#: ipagui/templates/userlist.kid:p -msgid "" -"Exact matches are listed first, followed by partial matches. If your search\n" -" is too broad, you will get a warning that the search returned too many\n" -" results. Try being more specific." -msgstr "" -"完全一致ã®çµæžœãŒåˆã‚ã«ã€æ¬¡ã«éƒ¨åˆ†ä¸€è‡´ã®çµæžœãŒè¡¨ç¤ºã•ã‚Œã¾ã™ã€‚検索å¼ãŒçŸã™ãŽã‚‹ã¨ã€\n" -"検索çµæžœãŒå¤šã™ãŽã‚‹ã¨ã„ã†è¦å‘Šãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¡¨ç¤ºã•ã‚Œã¦ã—ã¾ã„ã¾ã™ã®ã§ã€é•·ã„検索å¼\n" -"を利用ã—ã¦ãã ã•ã„。" - -#: ipagui/templates/userlist.kid:p -msgid "" -"The results that come back are sortable. Simply click on a column\n" -" header to sort on that header. A triangle will indicate the sorted\n" -" column, along with its direction. Clicking and dragging between headers\n" -" will allow you to resize the header." -msgstr "" -"çµæžœã¯ã‚½ãƒ¼ãƒˆã•ã‚Œã¾ã™ã€‚カラムをクリックã™ã‚‹ã“ã¨ã§ã‚½ãƒ¼ãƒˆã™ã‚‹ãƒ˜ãƒƒãƒ€ã‚’変ãˆã‚‰ã‚Œã¾ã™ã€‚\n" -"ソートã«åˆ©ç”¨ã•ã‚ŒãŸã‚«ãƒ©ãƒ ã«ã¯ä¸‰è§’å½¢ãŒè¡¨ç¤ºã•ã‚Œã€ä¸‰è§’å½¢ã®å‘ããŒã‚½ãƒ¼ãƒˆã®æ–¹å‘を表ã—ã¾ã™ã€‚\n" -"ヘッダをドラッグã™ã‚‹ã“ã¨ã§ãƒ˜ãƒƒãƒ€ã®ã‚µã‚¤ã‚ºã‚’変ãˆã‚‰ã‚Œã¾ã™ã€‚" - -#: ipagui/templates/unhandled_exception.kid:title -msgid "Error" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:h1 -msgid "An unexpected error occured" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:b -msgid "Message:" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:pre -msgid "${message}" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:b -msgid "HTTP Error Message:" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:pre -msgid "${error_msg}" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:b -msgid "Stack Trace:" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:pre -msgid "${details}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:title -msgid "Manage IPA Policy" -msgstr "IPA ãƒãƒªã‚·ã®ç®¡ç†" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipasearchtimelimit\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipasearchrecordslimit\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipausersearchfields\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipagroupsearchfields\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipapwdexpadvnotify\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbminpwdlife\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbmaxpwdlife\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbpwdmindiffchars\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbpwdminlength\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbpwdhistorylength\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipamaxusernamelength\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipahomesrootdir\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipadefaultloginshell\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipadefaultprimarygroup\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipadefaultemaildomain\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${values[index]}" -msgstr "" - -#: ipagui/templates/usernew.kid:title -msgid "Add User" -msgstr "ユーザã®è¿½åŠ " - -#: ipagui/templates/principalnewform.kid:h2 -msgid "Service Principal Details" -msgstr "サービスプリンシパル詳細" - -#: ipagui/templates/delegateform.kid:h2 -msgid "Delegation Details" -msgstr "権é™å§”è²ã®è©³ç´°" - -#: ipagui/templates/delegateform.kid:span -msgid "${value_for(delegate_fields.source_group_cn)}" -msgstr "" - -#: ipagui/templates/delegateform.kid:a -msgid "change" -msgstr "" - -#: ipagui/templates/delegateform.kid:span -msgid "${value_for(delegate_fields.dest_group_cn)}" -msgstr "" - -#: ipagui/templates/ipapolicyedit.kid:title -msgid "Edit IPA Policy" -msgstr "IPA ãƒãƒªã‚·ã®ç·¨é›†" - -#: ipagui/templates/master.kid:title -msgid "Your title goes here" -msgstr "" - -#: ipagui/templates/master.kid:style -msgid "@import \"${tg.url('/static/css/style.css')}\";" -msgstr "" - -#: ipagui/templates/master.kid:a -msgid "Free IPA" -msgstr "" - -#: ipagui/templates/master.kid:option -msgid "Users" -msgstr "" - -#: ipagui/templates/master.kid:option -msgid "Groups" -msgstr "" - -#: ipagui/templates/master.kid:script -msgid "" -"function clearsearch() {\n" -" topsearchbox = document.getElementById('topsearchbox');\n" -" topsearchbox.onfocus = null;\n" -" topsearchbox.value = \"\";\n" -" }" -msgstr "" - -#: ipagui/templates/master.kid:span -msgid "Kerberos login failed." -msgstr "Keberos ãƒã‚°ã‚¤ãƒ³ã«å¤±æ•—ã—ã¾ã—ãŸã€‚" - -#: ipagui/templates/master.kid:span -msgid "Logged in as: ${tg.identity.user.display_name}" -msgstr "${tg.identity.user.display_name} ã§ãƒã‚°ã‚¤ãƒ³ã—ã¦ã„ã¾ã™" - -#: ipagui/templates/master.kid:h2 -msgid "Tasks" -msgstr "タスク一覧" - -#: ipagui/templates/master.kid:a -msgid "Find Groups" -msgstr "グループã®æ¤œç´¢" - -#: ipagui/templates/master.kid:a -msgid "Add Service Principal" -msgstr "サービスプリンシパルã®è¿½åŠ " - -#: ipagui/templates/master.kid:a -msgid "Find Service Principal" -msgstr "サービスプリンシパルã®æ¤œç´¢" - -#: ipagui/templates/master.kid:a -msgid "Manage Policy" -msgstr "ãƒãƒªã‚·ã®ç®¡ç†" - -#: ipagui/templates/master.kid:a -msgid "Self Service" -msgstr "自サービス" - -#: ipagui/templates/master.kid:a -msgid "Delegations" -msgstr "権é™ã®å§”è²" - -#: ipagui/templates/master.kid:a -msgid "Powered by FreeIPA" -msgstr "" - -#: ipagui/templates/groupeditform.kid:h2 -msgid "Group Details" -msgstr "グループ詳細" - -#: ipagui/templates/groupeditform.kid:h2 -msgid "Group Members" -msgstr "グループメンãƒ" - -#: ipagui/templates/groupeditform.kid:div -msgid "To Remove:" -msgstr "" - -#: ipagui/templates/groupeditform.kid:a -msgid "remove" -msgstr "" - -#: ipagui/templates/groupeditform.kid:h2 -msgid "Add Members" -msgstr "メンãƒã®è¿½åŠ " - -#: ipagui/templates/groupeditform.kid:div -msgid "To Add:" -msgstr "" - -#: ipagui/templates/usereditform.kid:h2 -msgid "Identity Details" -msgstr "アイデンティティ詳細" - -#: ipagui/templates/usereditform.kid:a -msgid "Add Common Name" -msgstr "ニックãƒãƒ¼ãƒ ã®è¿½åŠ " - -#: ipagui/templates/usereditform.kid:h2 -msgid "Account Details" -msgstr "アカウント詳細" - -#: ipagui/templates/usereditform.kid:h2 -msgid "Contact Details" -msgstr "連絡先詳細" - -#: ipagui/templates/usereditform.kid:a -msgid "Add Work Number" -msgstr "è·å ´ã®é›»è©±ç•ªå·ã‚’è¿½åŠ " - -#: ipagui/templates/usereditform.kid:a -msgid "Add Fax Number" -msgstr "ファックス番å·ã‚’è¿½åŠ " - -#: ipagui/templates/usereditform.kid:a -msgid "Add Cell Number" -msgstr "" - -#: ipagui/templates/usereditform.kid:a -msgid "Add Pager Number" -msgstr "" - -#: ipagui/templates/usereditform.kid:a -msgid "Add Home Phone" -msgstr "自宅ã®é›»è©±ç•ªå·ã‚’è¿½åŠ " - -#: ipagui/templates/usereditform.kid:h2 -msgid "Mailing Address" -msgstr "メールアドレス" - -#: ipagui/templates/usereditform.kid:h2 -msgid "Employee Information" -msgstr "ç¤¾å“¡æƒ…å ±" - -#: ipagui/templates/usereditform.kid:span -msgid "${value_for(user_fields.manager_cn)}" -msgstr "" - -#: ipagui/templates/usereditform.kid:a -msgid "clear" -msgstr "" - -#: ipagui/templates/usereditform.kid:span -msgid "${value_for(user_fields.secretary_cn)}" -msgstr "" - -#: ipagui/templates/usereditform.kid:h2 -msgid "Misc Information" -msgstr "ãã®ä»–" - -#: ipagui/templates/usereditform.kid:h2 -msgid "Custom Fields" -msgstr "カスタムフィールド" - -#: ipagui/templates/usereditform.kid:h2 -msgid "Add Groups" -msgstr "グループã®è¿½åŠ " - -#: ipagui/templates/grouplist.kid:script -msgid "document.getElementById(\"criteria\").focus();" -msgstr "" - -#: ipagui/templates/grouplist.kid:h2 -msgid "${len(groups)} results returned:" -msgstr "" - -#: ipagui/templates/grouplist.kid:th -msgid "${fields.cn.label}" -msgstr "" - -#: ipagui/templates/grouplist.kid:th -msgid "${fields.description.label}" -msgstr "" - -#: ipagui/templates/grouplist.kid:a -msgid "${group.cn}" -msgstr "" - -#: ipagui/templates/grouplist.kid:td -msgid "${group.description}" -msgstr "" - -#: ipagui/templates/grouplist.kid:h2 -msgid "No results found for \"${criteria}\"" -msgstr "" - -#: ipagui/templates/dynamiceditsearch.kid:a -msgid "add" -msgstr "" - -#: ipagui/templates/usernewform.kid:td -msgid "Generated by server" -msgstr "サーãƒã«ã‚ˆã‚Šç”Ÿæˆã•ã‚Œã¾ã™" - -#: ipagui/templates/usernewform.kid:span -msgid "${value_for(user_fields.manager)}" -msgstr "" - -#: ipagui/templates/usernewform.kid:span -msgid "${value_for(user_fields.secretary)}" -msgstr "" - -#: ipagui/templates/userselectsearch.kid:span -msgid "(truncated)" -msgstr "" - -#: ipagui/templates/userselectsearch.kid:div -msgid "${user_name} ${user_descr}" -msgstr "" - -#: ipagui/templates/userselectsearch.kid:a -msgid "select" -msgstr "" - -#: ipagui/templates/groupshow.kid:title -msgid "View Group" -msgstr "グループã®é–²è¦§" - -#: ipagui/templates/groupshow.kid:td -msgid "${group.get(\"cn\")}" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${group.get(\"description\")}" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${group.get(\"gidnumber\")}" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${userhelper.account_status_display(group.get(\"nsAccountLock\"))}" -msgstr "" - -#: ipagui/templates/groupshow.kid:a -msgid "${member_cn}" -msgstr "" - -#: ipagui/templates/groupedit.kid:title -msgid "Edit Group" -msgstr "グループã®ç·¨é›†" - -#: ipagui/templates/groupedit.kid:span -msgid "edit protected fields" -msgstr "ä¿è·ã•ã‚ŒãŸãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®ç·¨é›†" - -#: ipagui/templates/policyindex.kid:a -msgid "IPA Policy" -msgstr "IPA ãƒãƒªã‚·" - -#: ipagui/templates/delegatelist.kid:script -msgid "" -"function editDelegation(acistr) {\n" -" $('edit_acistr').value = acistr;\n" -" $('editform').submit();\n" -" return false;\n" -" }" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.name.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.source_group_cn.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.attrs.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.dest_group_cn.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "${aci.name}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "${source_cn}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:td -msgid "${\", \".join(aci.attrs)}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "${dest_cn}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "add new delegation" -msgstr "æ–°ã—ã„権é™å§”è²ã®è¿½åŠ " - -#: ipagui/templates/useredit.kid:title -msgid "Edit User" -msgstr "ユーザã®ç·¨é›†" - -#: ipagui/templates/useredit.kid:div -msgid "${user.get(\"uid\")}'s password will expire in ${pw_expires_days} day${days_suffix}" -msgstr "" - -#: ipagui/templates/useredit.kid:div -msgid "${user.get(\"uid\")}'s password has expired" -msgstr "" - -#: ipagui/templates/welcome.kid:title -msgid "Welcome" -msgstr "よã†ã“ã" - -#: ipagui/templates/welcome.kid:h1 -msgid "Welcome to Free IPA" -msgstr "Free IPA ã¸ã‚ˆã†ã“ã" - -#: ipagui/templates/welcome.kid:span -msgid "This site makes heavy use of JavaScript." -msgstr "ã“ã®ã‚µã‚¤ãƒˆã¯ JavaScript を多用ã—ã¦ã„ã¾ã™ã€‚" - -#: ipagui/templates/welcome.kid:p -msgid "IPA is used to manage Identity, Policy, and Auditing for your organization." -msgstr "IPA ã¯çµ„ç¹”ã®ã‚¢ã‚¤ãƒ‡ãƒ³ãƒ†ã‚£ãƒ†ã‚£ã€ãƒãƒªã‚·ã€ç›£æŸ»ã‚·ã‚¹ãƒ†ãƒ を管ç†ã—ã¾ã™ã€‚" - -#: ipagui/templates/welcome.kid:p -msgid "" -"To get started, you can use the search box in the top right to find\n" -" users or groups you need to work on. Search automatically looks\n" -" across multiple fields. If you want to find Joe in Finance, try typing\n" -" \"joe finance\" into the search box." -msgstr "" -"ãã‚Œã§ã¯å§‹ã‚ã¾ã—ょã†ã€‚作æ¥ã™ã‚‹å¿…è¦ã®ã‚るユーザやグループを検索ã™ã‚‹ã®ã«å³ä¸Šã®æ¤œç´¢\n" -"ボックスãŒåˆ©ç”¨ã§ãã¾ã™ã€‚検索ã¯è¤‡æ•°ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«å¯¾ã—ã¦è¡Œã‚ã‚Œã¾ã™ï¼Žã—ãŸãŒã£ã¦ã€\n" -"経ç†éƒ¨ã®ç”°ä¸ã•ã‚“を検索ã—ãŸã„å ´åˆã¯ã€\"経ç†éƒ¨ ç”°ä¸\" ã¨å…¥åŠ›ã—ã¾ã™ã€‚" - -#: ipagui/templates/welcome.kid:p -msgid "Alternatively, select a task from the right sidebar." -msgstr "ã‚‚ã—ãã¯å³ã®ã‚µã‚¤ãƒ‰ãƒãƒ¼ã‚ˆã‚Šã‚¿ã‚¹ã‚¯ã‚’é¸æŠžã—ã¦ãã ã•ã„。" - -#: ipagui/templates/principallist.kid:title -msgid "Find Service Principals" -msgstr "サービスプリンシパルã®æ¤œç´¢" - -#: ipagui/templates/principallist.kid:script -msgid "document.getElementById(\"hostname\").focus();" -msgstr "" - -#: ipagui/templates/principallist.kid:h2 -msgid "${len(principals)} results returned:" -msgstr "${len(principals)} 件見ã¤ã‹ã‚Šã¾ã—ãŸ:" - -#: ipagui/templates/principallist.kid:th -msgid "Hostname" -msgstr "ホストå" - -#: ipagui/templates/principallist.kid:th -msgid "Service" -msgstr "サービス" - -#: ipagui/templates/principallist.kid:td -msgid "${principal.hostname}" -msgstr "" - -#: ipagui/templates/principallist.kid:td -msgid "${principal.service}" -msgstr "" - -#: ipagui/templates/principallist.kid:p -msgid "No results found for \"${hostname}\"" -msgstr "" - -#: ipagui/templates/delegateedit.kid:title -msgid "Edit Delegation" -msgstr "権é™å§”è²ã®ç·¨é›†" - -#: ipagui/templates/usershow.kid:title -msgid "View User" -msgstr "ãƒ¦ãƒ¼ã‚¶æƒ…å ±ã®é–²è¦§" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"title\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"givenname\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"sn\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"displayname\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"initials\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${userhelper.account_status_display(user.get(\"nsAccountLock\"))}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"uid\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"uidnumber\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"gidnumber\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"homedirectory\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"loginshell\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"gecos\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user.get(\"mail\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"street\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"roomnumber\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"l\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"st\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"postalcode\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"ou\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"businesscategory\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"description\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"employeetype\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user_manager.givenname} ${user_manager.sn}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user_secretary.givenname} ${user_secretary.sn}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"carlicense\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user.get('labeleduri')}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(custom_field.name)}" -msgstr "" - -#: ipagui/templates/usershow.kid:h2 -msgid "Direct Reports" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${report.givenname} ${report.sn}" -msgstr "" - -#: ipagui/templates/loginfailed.kid:title -msgid "Permission Denied" -msgstr "権é™ãŒã‚ã‚Šã¾ã›ã‚“" - -#: ipagui/templates/loginfailed.kid:p -msgid "You do not have permission to access this page." -msgstr "ã“ã®ãƒšãƒ¼ã‚¸ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“。" - -#: ipagui/templates/delegatenew.kid:title -msgid "Add Delegation" -msgstr "権é™å§”è²ã®è¿½åŠ " diff --git a/ipa-server/ipa-gui/locales/messages.pot b/ipa-server/ipa-gui/locales/messages.pot deleted file mode 100644 index 9140381ca..000000000 --- a/ipa-server/ipa-gui/locales/messages.pot +++ /dev/null @@ -1,782 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR ORGANIZATION -# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. -# -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: 2008-07-25 09:17\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: LANGUAGE <LL@li.org>\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=utf-8\n" -"Content-Transfer-Encoding: utf-8\n" -"Generated-By: pygettext.py 1.5\n" - - -#: ipagui/forms/delegate.py:83 ipagui/forms/delegate.py:85 -msgid "Please choose a group" -msgstr "" - -#: ipagui/helpers/validators.py:42 -msgid "Duplicate values are not allowed" -msgstr "" - -#: ipagui/helpers/validators.py:43 -msgid "Empty values not allowed" -msgstr "" - -#: ipagui/subcontrollers/delegation.py:409 -msgid "Please select at least one value" -msgstr "" - -#: ipagui/subcontrollers/delegation.py:411 -#: ipagui/subcontrollers/delegation.py:413 -msgid "Group not found" -msgstr "" - -#: ipagui/templates/ipapolicyeditform.kid:div -msgid "" -msgstr "" - -#: ipagui/templates/ipapolicyeditform.kid:h2 -msgid "Search" -msgstr "" - -#: ipagui/templates/ipapolicyeditform.kid:h2 -msgid "Password Policy" -msgstr "" - -#: ipagui/templates/ipapolicyeditform.kid:h2 -msgid "User Settings" -msgstr "" - -#: ipagui/templates/principalshow.kid:title -msgid "View Service Principal" -msgstr "" - -#: ipagui/templates/principalshow.kid:script -msgid "" -"function confirmDelete() {\n" -" if (confirm(\"Are you sure you want to delete this service principal?\")) {\n" -" $('deleteform').submit();\n" -" }\n" -" return false;\n" -" }" -msgstr "" - -#: ipagui/templates/principalshow.kid:h2 -msgid "Principal" -msgstr "" - -#: ipagui/templates/principalshow.kid:label -msgid "Host" -msgstr "" - -#: ipagui/templates/principalshow.kid:td -msgid "${principal.get(\"hostname\")}" -msgstr "" - -#: ipagui/templates/principalshow.kid:label -msgid "Service" -msgstr "" - -#: ipagui/templates/principalshow.kid:td -msgid "${principal.get(\"service\")}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:title -msgid "Delegations" -msgstr "" - -#: ipagui/templates/delegatelist.kid:script -msgid "" -"function editDelegation(acistr) {\n" -" $('edit_acistr').value = acistr;\n" -" $('editform').submit();\n" -" return false;\n" -" }" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.name.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.source_group_cn.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.attrs.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:th -msgid "${fields.dest_group_cn.label}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "${aci.name}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "${source_cn}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:td -msgid "${\", \".join(aci.attrs)}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "${dest_cn}" -msgstr "" - -#: ipagui/templates/delegatelist.kid:a -msgid "add new delegation" -msgstr "" - -#: ipagui/templates/welcome.kid:title -msgid "Welcome" -msgstr "" - -#: ipagui/templates/welcome.kid:h1 -msgid "Welcome to Free IPA" -msgstr "" - -#: ipagui/templates/welcome.kid:span -msgid "This site makes heavy use of JavaScript." -msgstr "" - -#: ipagui/templates/welcome.kid:p -msgid "IPA is used to manage Identity, Policy, and Auditing for your organization." -msgstr "" - -#: ipagui/templates/welcome.kid:p -msgid "" -"To get started, you can use the search box in the top right to find\n" -" users or groups you need to work on. Search automatically looks\n" -" across multiple fields. If you want to find Joe in Finance, try typing\n" -" \"joe finance\" into the search box." -msgstr "" - -#: ipagui/templates/welcome.kid:p -msgid "Alternatively, select a task from the right sidebar." -msgstr "" - -#: ipagui/templates/delegateedit.kid:title -msgid "Edit Delegation" -msgstr "" - -#: ipagui/templates/delegategroupsearch.kid:div -msgid "${len(groups)} results returned:" -msgstr "" - -#: ipagui/templates/delegategroupsearch.kid:span -msgid "(truncated)" -msgstr "" - -#: ipagui/templates/delegategroupsearch.kid:div -msgid "${group.cn}" -msgstr "" - -#: ipagui/templates/delegategroupsearch.kid:a -msgid "select" -msgstr "" - -#: ipagui/templates/delegategroupsearch.kid:div -msgid "No results found for \"${criteria}\"" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Identity Details" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Remove" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Add Full Name" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Account Details" -msgstr "" - -#: ipagui/templates/usernewform.kid:td -msgid "Generated by server" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Contact Details" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Add Work Number" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Add Fax Number" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Add Cell Number" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Add Pager Number" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "Add Home Phone" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Mailing Address" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Employee Information" -msgstr "" - -#: ipagui/templates/usernewform.kid:span -msgid "${value_for(user_fields.manager)}" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "clear" -msgstr "" - -#: ipagui/templates/usernewform.kid:a -msgid "change" -msgstr "" - -#: ipagui/templates/usernewform.kid:span -msgid "${value_for(user_fields.secretary)}" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Misc Information" -msgstr "" - -#: ipagui/templates/usernewform.kid:div -msgid "Custom Fields" -msgstr "" - -#: ipagui/templates/usernewform.kid:h2 -msgid "Add Groups" -msgstr "" - -#: ipagui/templates/usernewform.kid:div -msgid "To Add:" -msgstr "" - -#: ipagui/templates/policyindex.kid:title -msgid "Manage Policy" -msgstr "" - -#: ipagui/templates/policyindex.kid:a -msgid "IPA Policy" -msgstr "" - -#: ipagui/templates/principallist.kid:title -msgid "Find Service Principals" -msgstr "" - -#: ipagui/templates/principallist.kid:script -msgid "document.getElementById(\"hostname\").focus();" -msgstr "" - -#: ipagui/templates/principallist.kid:h2 -msgid "${len(principals)} results returned:" -msgstr "" - -#: ipagui/templates/principallist.kid:th -msgid "Hostname" -msgstr "" - -#: ipagui/templates/principallist.kid:a -msgid "${principal.hostname}" -msgstr "" - -#: ipagui/templates/principallist.kid:a -msgid "${principal.service}" -msgstr "" - -#: ipagui/templates/principallist.kid:p -msgid "No results found for \"${hostname}\"" -msgstr "" - -#: ipagui/templates/principallist.kid:p -msgid "" -"Exact matches are listed first, followed by partial matches. If your search\n" -" is too broad, you will get a warning that the search returned too many\n" -" results. Try being more specific." -msgstr "" - -#: ipagui/templates/principallist.kid:p -msgid "" -"The results that come back are sortable. Simply click on a column\n" -" header to sort on that header. A triangle will indicate the sorted\n" -" column, along with its direction. Clicking and dragging between headers\n" -" will allow you to resize the header." -msgstr "" - -#: ipagui/templates/usernew.kid:title -msgid "Add User" -msgstr "" - -#: ipagui/templates/delegatenew.kid:title -msgid "Add Delegation" -msgstr "" - -#: ipagui/templates/usershow.kid:title -msgid "View User" -msgstr "" - -#: ipagui/templates/usershow.kid:div -msgid "${user.get(\"uid\")}'s password will expire in ${pw_expires_days} day${days_suffix}" -msgstr "" - -#: ipagui/templates/usershow.kid:div -msgid "${user.get(\"uid\")}'s password has expired" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"title\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"givenname\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"sn\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${values[index]}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"displayname\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"initials\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${userhelper.account_status_display(user.get(\"nsAccountLock\"))}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"uid\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"uidnumber\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"gidnumber\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"homedirectory\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"loginshell\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"gecos\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user.get(\"mail\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"street\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"roomnumber\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"l\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"st\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"postalcode\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"ou\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"businesscategory\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"description\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"employeetype\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user_manager.givenname} ${user_manager.sn}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user_secretary.givenname} ${user_secretary.sn}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(\"carlicense\")}" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${user.get('labeleduri')}" -msgstr "" - -#: ipagui/templates/usershow.kid:td -msgid "${user.get(custom_field.name)}" -msgstr "" - -#: ipagui/templates/usershow.kid:h2 -msgid "Direct Reports" -msgstr "" - -#: ipagui/templates/usershow.kid:a -msgid "${report.givenname} ${report.sn}" -msgstr "" - -#: ipagui/templates/usershow.kid:h2 -msgid "Groups" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:title -msgid "Manage IPA Policy" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipasearchtimelimit\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipasearchrecordslimit\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipausersearchfields\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipagroupsearchfields\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipapwdexpadvnotify\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbminpwdlife\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbmaxpwdlife\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbpwdmindiffchars\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbpwdminlength\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${password.get(\"krbpwdhistorylength\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipamaxusernamelength\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipahomesrootdir\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipadefaultloginshell\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipadefaultprimarygroup\")}" -msgstr "" - -#: ipagui/templates/ipapolicyshow.kid:td -msgid "${ipapolicy.get(\"ipadefaultemaildomain\")}" -msgstr "" - -#: ipagui/templates/loginfailed.kid:title -msgid "Permission Denied" -msgstr "" - -#: ipagui/templates/loginfailed.kid:p -msgid "You do not have permission to access this page." -msgstr "" - -#: ipagui/templates/not_found.kid:title -msgid "Page Not Found" -msgstr "" - -#: ipagui/templates/not_found.kid:div -msgid "${message}" -msgstr "" - -#: ipagui/templates/groupedit.kid:title -msgid "Edit Group" -msgstr "" - -#: ipagui/templates/groupedit.kid:span -msgid "edit protected fields" -msgstr "" - -#: ipagui/templates/groupnew.kid:title -msgid "Add Group" -msgstr "" - -#: ipagui/templates/groupshow.kid:title -msgid "View Group" -msgstr "" - -#: ipagui/templates/groupshow.kid:h2 -msgid "Group Details" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${group.get(\"cn\")}" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${group.get(\"description\")}" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${group.get(\"gidnumber\")}" -msgstr "" - -#: ipagui/templates/groupshow.kid:td -msgid "${userhelper.account_status_display(group.get(\"nsAccountLock\"))}" -msgstr "" - -#: ipagui/templates/groupshow.kid:h2 -msgid "Group Members" -msgstr "" - -#: ipagui/templates/groupshow.kid:a -msgid "${member_cn}" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:title -msgid "Error" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:h1 -msgid "An unexpected error occured" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:b -msgid "Message:" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:b -msgid "HTTP Error Message:" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:pre -msgid "${error_msg}" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:b -msgid "Stack Trace:" -msgstr "" - -#: ipagui/templates/unhandled_exception.kid:pre -msgid "${details}" -msgstr "" - -#: ipagui/templates/ipapolicyedit.kid:title -msgid "Edit IPA Policy" -msgstr "" - -#: ipagui/templates/principalnew.kid:title -msgid "Add Service Principal" -msgstr "" - -#: ipagui/templates/useredit.kid:title -msgid "Edit User" -msgstr "" - -#: ipagui/templates/userlist.kid:title -msgid "Find Users" -msgstr "" - -#: ipagui/templates/userlist.kid:script -msgid "document.getElementById(\"uid\").focus();" -msgstr "" - -#: ipagui/templates/userlist.kid:h2 -msgid "${len(users)} results returned:" -msgstr "" - -#: ipagui/templates/userlist.kid:th -msgid "User" -msgstr "" - -#: ipagui/templates/userlist.kid:th -msgid "Phone" -msgstr "" - -#: ipagui/templates/userlist.kid:th -msgid "Unit" -msgstr "" - -#: ipagui/templates/userlist.kid:th -msgid "Job Title" -msgstr "" - -#: ipagui/templates/userlist.kid:a -msgid "${user.givenName} ${user.sn}" -msgstr "" - -#: ipagui/templates/userlist.kid:td -msgid "${user.telephoneNumber}" -msgstr "" - -#: ipagui/templates/userlist.kid:td -msgid "${user.ou}" -msgstr "" - -#: ipagui/templates/userlist.kid:td -msgid "${user.title}" -msgstr "" - -#: ipagui/templates/userlist.kid:p -msgid "No results found for \"${uid}\"" -msgstr "" - -#: ipagui/templates/userlist.kid:p -msgid "" -"Search automatically looks across multiple fields. If you want to find\n" -" Joe in Finance, try typing \"joe finance\" into the search box." -msgstr "" - -#: ipagui/templates/userselectsearch.kid:div -msgid "${user_name} ${user_descr}" -msgstr "" - -#: ipagui/templates/delegateform.kid:h2 -msgid "Delegation Details" -msgstr "" - -#: ipagui/templates/delegateform.kid:span -msgid "${value_for(delegate_fields.source_group_cn)}" -msgstr "" - -#: ipagui/templates/delegateform.kid:span -msgid "${value_for(delegate_fields.dest_group_cn)}" -msgstr "" - -#: ipagui/templates/principalnewform.kid:h2 -msgid "Service Principal Details" -msgstr "" - -#: ipagui/templates/groupnewform.kid:h2 -msgid "Add Members" -msgstr "" - -#: ipagui/templates/grouplist.kid:title -msgid "Find Groups" -msgstr "" - -#: ipagui/templates/grouplist.kid:script -msgid "document.getElementById(\"criteria\").focus();" -msgstr "" - -#: ipagui/templates/grouplist.kid:th -msgid "${fields.cn.label}" -msgstr "" - -#: ipagui/templates/grouplist.kid:th -msgid "${fields.description.label}" -msgstr "" - -#: ipagui/templates/grouplist.kid:td -msgid "${group.description}" -msgstr "" - -#: ipagui/templates/dynamiceditsearch.kid:a -msgid "add" -msgstr "" - -#: ipagui/templates/master.kid:title -msgid "Your title goes here" -msgstr "" - -#: ipagui/templates/master.kid:style -msgid "" -"@import \"${tg.url('/static/css/style_platform.css')}\";\n" -" @import \"${tg.url('/static/css/style_platform-objects.css')}\";\n" -" @import \"${tg.url('/static/css/style_freeipa.css')}\";" -msgstr "" - -#: ipagui/templates/master.kid:a -msgid "Free IPA" -msgstr "" - -#: ipagui/templates/master.kid:option -msgid "Users" -msgstr "" - -#: ipagui/templates/master.kid:script -msgid "" -"function clearsearch() {\n" -" topsearchbox = document.getElementById('topsearchbox');\n" -" topsearchbox.onfocus = null;\n" -" topsearchbox.value = \"\";\n" -" }" -msgstr "" - -#: ipagui/templates/master.kid:span -msgid "Kerberos login failed." -msgstr "" - -#: ipagui/templates/master.kid:span -msgid "Logged in as: ${tg.identity.user.display_name}" -msgstr "" - -#: ipagui/templates/master.kid:h2 -msgid "Tasks" -msgstr "" - -#: ipagui/templates/master.kid:a -msgid "Find Service Principal" -msgstr "" - -#: ipagui/templates/master.kid:a -msgid "Self Service" -msgstr "" - diff --git a/ipa-server/ipa-gui/sample-prod.cfg b/ipa-server/ipa-gui/sample-prod.cfg deleted file mode 100644 index f8416b93a..000000000 --- a/ipa-server/ipa-gui/sample-prod.cfg +++ /dev/null @@ -1,77 +0,0 @@ -[global] -# DATABASE - -# no database for ipagui since everything is stored in LDAP - -# IDENTITY - -# Our our sqlobject-derived proxy provider -identity.provider='proxyprovider' - -# the first thing checked on any request. We want to short-circuit this -# as early as possible -identity.source = 'visit' - -# Turn on identity and visit (visit is required for identity) -identity.on=True -identity.failure_url="/loginfailed" -visit.on=True -visit.manager='proxyvisit' - -# SERVER - -server.environment="production" -autoreload.package="ipagui" -autoreload.on = False - -# Sets the number of threads the server uses -server.thread_pool = 10 - -# if this is part of a larger site, you can set the path -# to the TurboGears instance here -# server.webpath="" - -# Set to True if you are deploying your App behind a proxy -# e.g. Apache using mod_proxy -# base_url_filter.on = False - -# Set to True if your proxy adds the x_forwarded_host header -# base_url_filter.use_x_forwarded_host = True - -# If your proxy does not add the x_forwarded_host header, set -# the following to the *public* host url. -# (Note: This will be overridden by the use_x_forwarded_host option -# if it is set to True and the proxy adds the header correctly. -# base_url_filter.base_url = "http://www.example.com" - -# Set to True if you'd like to abort execution if a controller gets an -# unexpected parameter. False by default -# tg.strict_parameters = False - -# LOGGING -# Logging configuration generally follows the style of the standard -# Python logging module configuration. Note that when specifying -# log format messages, you need to use *() for formatting variables. -# Deployment independent log configuration is in ipagui/config/log.cfg -[logging] - -[[handlers]] - -[[[access_out]]] -# set the filename as the first argument below -args="('ipagui',)" -class='FileHandler' -level='INFO' -formatter='datestamped' - -[[loggers]] -[[[ipagui]]] -level='ERROR' -qualname='ipagui' -handlers=['debug_out'] - -[[[access]]] -level='INFO' -qualname='turbogears.access' -handlers=['access_out'] -propagate=0 diff --git a/ipa-server/ipa-gui/setup.py b/ipa-server/ipa-gui/setup.py deleted file mode 100644 index c8a7d73bd..000000000 --- a/ipa-server/ipa-gui/setup.py +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -from setuptools import setup, find_packages -from turbogears.finddata import find_package_data - -import os -execfile(os.path.join("ipagui", "release.py")) - -setup( - name="ipa-gui", - version=version, - - # uncomment the following lines if you fill them out in release.py - #description=description, - #author=author, - #author_email=email, - #url=url, - #download_url=download_url, - #license=license, - - install_requires = [ - "TurboGears >= 1.0.2.2", - ], - zip_safe=False, - packages=find_packages(), - package_data = find_package_data(where='ipagui', - package='ipagui'), - classifiers = [ - 'Development Status :: 3 - Alpha', - 'Operating System :: OS Independent', - 'Programming Language :: Python', - 'Topic :: Software Development :: Libraries :: Python Modules', - 'Framework :: TurboGears', - # if this is an application that you'll distribute through - # the Cheeseshop, uncomment the next line - # 'Framework :: TurboGears :: Applications', - - # if this is a package that includes widgets that you'll distribute - # through the Cheeseshop, uncomment the next line - # 'Framework :: TurboGears :: Widgets', - ], - test_suite = 'nose.collector', - entry_points = """ - [turbogears.identity.provider] - proxyprovider = ipagui.proxyprovider:ProxyIdentityProvider - [turbogears.visit.manager] - proxyvisit = ipagui.proxyvisit:ProxyVisitManager - """, - ) - diff --git a/ipa-server/ipa-gui/start-ipagui.py b/ipa-server/ipa-gui/start-ipagui.py deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/ipa-gui/start-ipagui.py +++ /dev/null diff --git a/ipa-server/ipa-gui/test.cfg b/ipa-server/ipa-gui/test.cfg deleted file mode 100644 index df909c99d..000000000 --- a/ipa-server/ipa-gui/test.cfg +++ /dev/null @@ -1,4 +0,0 @@ -# You can place test-specific configuration options here (like test db uri, etc) - -sqlobject.dburi = "sqlite:///:memory:" - diff --git a/ipa-server/ipa-server.spec.in b/ipa-server/ipa-server.spec.in deleted file mode 100644 index dfadac128..000000000 --- a/ipa-server/ipa-server.spec.in +++ /dev/null @@ -1,290 +0,0 @@ -Name: ipa-server -Version: __VERSION__ -Release: __RELEASE__%{?dist} -Summary: IPA authentication server - -Group: System Environment/Base -License: GPLv2 -URL: http://www.freeipa.org -Source0: %{name}-%{version}.tgz -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) - -BuildRequires: fedora-ds-base-devel >= 1.1 -BuildRequires: mozldap-devel -BuildRequires: openssl-devel -BuildRequires: openldap-devel -BuildRequires: krb5-devel -BuildRequires: nss-devel -BuildRequires: libcap-devel - -Requires(post): ipa-server-selinux -Requires: ipa-python -Requires: ipa-admintools -Requires: ipa-client -Requires: fedora-ds-base >= 1.1 -Requires: openldap-clients -Requires: nss -Requires: nss-tools -Requires: krb5-server -Requires: krb5-server-ldap -Requires: cyrus-sasl-gssapi -Requires: ntp -Requires: httpd -Requires: mod_python -Requires: mod_auth_kerb -Requires: mod_nss >= 1.0.7-2 -Requires: python-ldap -Requires: python -Requires: python-krbV -Requires: TurboGears -Requires: python-tgexpandingformwidget -Requires: acl -Requires: python-pyasn1 -Requires: libcap -Requires: slapi-nis - -Conflicts: mod_ssl - -%define httpd_conf /etc/httpd/conf.d -%define plugin_dir %{_libdir}/dirsrv/plugins - -%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} - -%description -IPA is a server for identity, policy, and audit. - -%prep -%setup -q -./configure --prefix=%{buildroot}/usr --libdir=%{buildroot}/%{_libdir} --sysconfdir=%{buildroot}/etc --localstatedir=%{buildroot}/var --mandir=%{buildroot}/usr/share/man - -%build - -make - -%install -rm -rf %{buildroot} - -make install - -# Remove .la files from libtool - we don't want to package -# these files -rm %{buildroot}/%{plugin_dir}/libipa_pwd_extop.la -rm %{buildroot}/%{plugin_dir}/libipa-memberof-plugin.la -rm %{buildroot}/%{plugin_dir}/libipa-dna-plugin.la -rm %{buildroot}/%{plugin_dir}/libipa_winsync.la - -# Some user-modifiable HTML files are provided. Move these to /etc -# and link back. -mkdir -p %{buildroot}/%{_sysconfdir}/ipa/html -mv %{buildroot}/%{_usr}/share/ipa/html/ssbrowser.html %{buildroot}/%{_sysconfdir}/ipa/html -mv %{buildroot}/%{_usr}/share/ipa/html/unauthorized.html %{buildroot}/%{_sysconfdir}/ipa/html -ln -s ../../../..%{_sysconfdir}/ipa/html/ssbrowser.html \ - %{buildroot}%{_usr}/share/ipa/html/ssbrowser.html -ln -s ../../../..%{_sysconfdir}/ipa/html/unauthorized.html \ - %{buildroot}%{_usr}/share/ipa/html/unauthorized.html - -%clean -rm -rf %{buildroot} - -%post -if [ $1 = 1 ]; then - /sbin/chkconfig --add ipa_kpasswd - /sbin/chkconfig --add ipa_webgui -fi -if [ -e /usr/share/ipa/serial ]; then - mv /usr/share/ipa/serial /var/lib/ipa/ca_serialno -fi -/bin/touch /var/log/ipa_error.log -/bin/chown apache /var/log/ipa_error.log -/bin/chmod 600 /var/log/ipa_error.log -restorecon /var/log/ipa_error.log -/usr/sbin/ipa-upgradeconfig || : - -%preun -if [ $1 = 0 ]; then - /sbin/chkconfig --del ipa_kpasswd - /sbin/chkconfig --del ipa_webgui - /sbin/service ipa_kpasswd stop >/dev/null 2>&1 || : - /sbin/service ipa_webgui stop >/dev/null 2>&1 || : -fi - -%postun -if [ "$1" -ge "1" ]; then - /sbin/service ipa_kpasswd condrestart >/dev/null 2>&1 || : - /sbin/service ipa_webgui condrestart >/dev/null 2>&1 || : - /sbin/service httpd condrestart >/dev/null 2>&1 || : - /sbin/service dirsrv condrestart >/dev/null 2>&1 || : -fi - -%files -%defattr(-,root,root,-) -%{_sbindir}/ipa-server-install -%{_sbindir}/ipa-replica-install -%{_sbindir}/ipa-replica-prepare -%{_sbindir}/ipa-replica-manage -%{_sbindir}/ipa-server-certinstall -%{_sbindir}/ipactl -%{_sbindir}/ipa_kpasswd -%{_sbindir}/ipa_webgui -%{_sbindir}/ipa-upgradeconfig -%{_sbindir}/ipa-fix-CVE-2008-3274 -%{_sbindir}/ipa-ldap-updater -%{_sbindir}/ipa-compat-manage -%attr(755,root,root) %{_initrddir}/ipa_kpasswd -%attr(755,root,root) %{_initrddir}/ipa_webgui - -%dir %{_usr}/share/ipa -%{_usr}/share/ipa/*.ldif -%{_usr}/share/ipa/*.uldif -%{_usr}/share/ipa/*.template -%dir %{_usr}/share/ipa/html -%{_usr}/share/ipa/html/ssbrowser.html -%{_usr}/share/ipa/html/unauthorized.html -%dir %{_sysconfdir}/ipa -%dir %{_sysconfdir}/ipa/html -%config(noreplace) %{_sysconfdir}/ipa/html/ssbrowser.html -%config(noreplace) %{_sysconfdir}/ipa/html/unauthorized.html -%{_usr}/share/ipa/ipa_webgui.cfg -%{_usr}/share/ipa/ipa.conf -%{_usr}/share/ipa/ipa-rewrite.conf -%dir %{_usr}/share/ipa/ipagui -%{_usr}/share/ipa/ipagui/* -%dir %{_usr}/share/ipa/ipa_gui.egg-info -%{_usr}/share/ipa/ipa_gui.egg-info/* -%dir %{_usr}/share/ipa/ipaserver -%{_usr}/share/ipa/ipaserver/* -%dir %{_usr}/share/ipa/locales/ -%{_usr}/share/ipa/locales/* -%dir %{_usr}/share/ipa/updates/ -%{_usr}/share/ipa/updates/* - -%dir %{python_sitelib}/ipaserver -%{python_sitelib}/ipaserver/*.py* - -%attr(755,root,root) %{plugin_dir}/libipa_pwd_extop.so -%attr(755,root,root) %{plugin_dir}/libipa-memberof-plugin.so -%attr(755,root,root) %{plugin_dir}/libipa-dna-plugin.so -%attr(755,root,root) %{plugin_dir}/libipa_winsync.so - -%dir %{_localstatedir}/lib/ipa -%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/sysrestore -%dir %{_localstatedir}/cache/ipa -%attr(700,root,root) %dir %{_localstatedir}/cache/ipa/kpasswd -%attr(700,apache,apache) %dir %{_localstatedir}/cache/ipa/sessions - -%{_mandir}/man8/ipactl.8.gz -%{_mandir}/man8/ipa_kpasswd.8.gz -%{_mandir}/man8/ipa_webgui.8.gz -%{_mandir}/man1/ipa-replica-install.1.gz -%{_mandir}/man1/ipa-replica-manage.1.gz -%{_mandir}/man1/ipa-replica-prepare.1.gz -%{_mandir}/man1/ipa-server-certinstall.1.gz -%{_mandir}/man1/ipa-server-install.1.gz -%{_mandir}/man1/ipa-ldap-updater.1.gz -%{_mandir}/man1/ipa-compat-manage.1.gz - -%changelog -* Wed Sep 17 2008 Rob Crittenden <rcritten@redhat.com> - 1.2.0-0 -- Add ipa-upgradeconfig command and run it at post -- Move location of the self-signed CA serial number -- Add ipa-ldap-updater -- Add updates directory -- Restart httpd and dirsrv services after upgrade -- Added WinSync Support - winsync plugin, ipa-replica-manage - -* Thu Apr 3 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-1 -- Version bump for release - -* Fri Mar 14 2008 Rob Crittenden <rcritten@redhat.com> - 0.99.0-5 -- Run restorecon on /var/log/ipa_error.log to ensure correct selinux context -- Add (post) to ipa-server-selinux Requires - -* Fri Mar 14 2008 Rob Crittenden <rcritten@redhat.com> - 0.99.0-4 -- Add missing man pages -- Add Conflicts for mod_ssl - -* Thu Feb 26 2008 Rob Crittenden <rcritten@redhat.com> - 0.99.0-3 -- Add ipactl command - -* Thu Feb 21 2008 Rob Crittenden <rcritten@redhat.com> - 0.99.0-2 -- package new file ipa-rewrite.conf - -* Thu Feb 21 2008 Rob Crittenden <rcritten@redhat.com> - 0.99.0-1 -- Version bump for release - -* Thu Feb 7 2008 Masato Taruishi <taruishi@redhat.com> = 0.6.0-9 -- Internationalize the kid templates and include a Japanese translation. - -* Thu Feb 6 2008 Karl MacMillan <kmacmill@redhat.com> = 0.6.0-8 -- Add requirement on ipa-server-selinux - -* Thu Jan 31 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-7 -- Marked with wrong license. IPA is GPLv2. - -* Thu Jan 31 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-6 -- Ensure that the ipa_webgui error log exists and has correct permissions. - -* Tue Jan 29 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-5 -- Put user-modifiable files into /etc/ipa so they can be marked as - config(noreplace). - -* Thu Jan 24 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-4 -- Use new name of pyasn1, python-pyasn1, in Requires - -* Tue Jan 22 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-3 -- add session cache directory - -* Thu Jan 17 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-2 -- Fixed License in specfile -- Include files from /usr/lib/python*/site-packages/ipaserver - -* Fri Dec 21 2007 Karl MacMillan <kmacmill@redhat.com> - 0.6.0-1 -- Version bump for release - -* Wed Nov 21 2007 Karl MacMillan <kmacmill@mentalrootkit.com> - 0.5.0-1 -- Preverse mode on ipa-keytab-util -- Version bump for relase and rpm name change - -* Thu Nov 15 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.1-2 -- Broke invididual Requires and BuildRequires onto separate lines and - reordered them -- Added python-tgexpandingformwidget as a dependency -- Require at least fedora-ds-base 1.1 - -* Thu Nov 1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1 -- Version bump for release - -* Wed Oct 31 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-6 -- Add dep for freeipa-admintools and acl - -* Wed Oct 24 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-5 -- Add dependency for python-krbV - -* Fri Oct 19 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-4 -- Require mod_nss-1.0.7-2 for mod_proxy fixes - -* Thu Oct 18 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-3 -- Convert to autotools-based build - -* Tue Sep 25 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-2 -- Package ipa-webgui - -* Fri Sep 7 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1 -- Added support for libipa-dna-plugin - -* Fri Aug 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.2.0-1 -- Added support for ipa_kpasswd and ipa_pwd_extop - -* Mon Aug 5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3 -- Abstracted client class to work directly or over RPC - -* Wed Aug 1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2 -- Add mod_auth_kerb and cyrus-sasl-gssapi to Requires -- Remove references to admin server in ipa-server-setupssl -- Generate a client certificate for the XML-RPC server to connect to LDAP with -- Create a keytab for Apache -- Create an ldif with a test user -- Provide a certmap.conf for doing SSL client authentication - -* Fri Jul 27 2007 Karl MacMillan <kmacmill@redhat.com> - 0.1.0-1 -- Initial rpm version diff --git a/ipa-server/xmlrpc-server/Makefile.am b/ipa-server/xmlrpc-server/Makefile.am deleted file mode 100644 index 49457ba4c..000000000 --- a/ipa-server/xmlrpc-server/Makefile.am +++ /dev/null @@ -1,38 +0,0 @@ -NULL = - -SUBDIRS = \ - test \ - $(NULL) - -htmldir = $(IPA_DATA_DIR)/html -html_DATA = \ - ssbrowser.html \ - unauthorized.html \ - $(NULL) - -coredir = $(pythondir)/ipaserver -core_PYTHON = \ - attrs.py \ - funcs.py \ - $(NULL) - -serverdir = $(IPA_DATA_DIR)/ipaserver -server_PYTHON = \ - ipaxmlrpc.py \ - $(NULL) - -appdir = $(IPA_DATA_DIR) -app_DATA = \ - ipa.conf \ - ipa-rewrite.conf \ - $(NULL) - -EXTRA_DIST = \ - README \ - $(app_DATA) \ - $(html_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - Makefile.in diff --git a/ipa-server/xmlrpc-server/README b/ipa-server/xmlrpc-server/README deleted file mode 100644 index e69de29bb..000000000 --- a/ipa-server/xmlrpc-server/README +++ /dev/null diff --git a/ipa-server/xmlrpc-server/attrs.py b/ipa-server/xmlrpc-server/attrs.py deleted file mode 100644 index 415744a23..000000000 --- a/ipa-server/xmlrpc-server/attrs.py +++ /dev/null @@ -1,53 +0,0 @@ -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -attr_label_list = { - "givenname":"First Name", - "sn":"Last Name", - "cn":"Full Name", - "title":"Job Title", - "displayname":"Display Name", - "initials":"Initials", - "uid":"Login", - "krbprincipalkey":"Password", - "uidnumber":"UID", - "gidnumber":"GID", - "homedirectory":"Home Directory", - "loginshell":"Login Shell", - "gecos":"GECOS", - "mail":"E-mail Address", - "telephonenumber":"Work Number", - "facsimiletelephonenumber":"Fax Number", - "mobile":"Cell Number", - "homephone":"Home Number", - "street":"Street Address", - "l":"City", - "st":"State", - "postalcode":"ZIP", - "ou":"Org Unit", - "businesscategory":"Tags", - "description":"Description", - "employeetype":"Employee Type", - "manager":"Manager", - "roomnumber":"Room Number", - "secretary":"Secretary", - "carlicense":"Car License", - "labelduri":"Home Page", - "nsaccountlock":"Account Status" -} diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py deleted file mode 100644 index cf9e7de58..000000000 --- a/ipa-server/xmlrpc-server/funcs.py +++ /dev/null @@ -1,2291 +0,0 @@ -# Authors: Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -import sys - -import krbV -import ldap -import ldap.dn -import ipaserver.dsinstance -import ipaserver.ipaldap -import copy -from ipaserver import attrs -from ipa import version -from ipa import ipaerror -from ipa import ipautil -from urllib import quote,unquote -from ipa import radius_util -from ipa import dnsclient - -import string -from types import * -import re -import logging -import subprocess - -try: - from threading import Lock -except ImportError: - from dummy_threading import Lock - -# Need a global to store this between requests -_LDAPPool = None - -ACIContainer = "cn=accounts" -DefaultUserContainer = "cn=users,cn=accounts" -DefaultGroupContainer = "cn=groups,cn=accounts" -DefaultServiceContainer = "cn=services,cn=accounts" - -# -# Apache runs in multi-process mode so each process will have its own -# connection. This could theoretically drive the total number of connections -# very high but since this represents just the administrative interface -# this is not anticipated. -# -# The pool consists of two things, a dictionary keyed on the principal name -# that contains the connection and a list that is used to keep track of the -# order. If the list fills up just pop the top entry off and you've got -# the least recently used. - -# maxsize = 0 means no limit -class IPAConnPool: - def __init__(self, maxsize = 0): - self._dict = {} - self._lru = [] - self._lock = Lock() - self._maxsize = maxsize - self._ctx = krbV.default_context() - - def getConn(self, host, port, krbccache=None, debug=None): - conn = None - - ccache = krbV.CCache(name=krbccache, context=self._ctx) - cprinc = ccache.principal() - - conn = ipaserver.ipaldap.IPAdmin(host,port,None,None,None,debug) - - # This will bind the connection - try: - conn.set_krbccache(krbccache, cprinc.name) - except ldap.UNWILLING_TO_PERFORM: - raise ipaerror.gen_exception(ipaerror.CONNECTION_UNWILLING) - except Exception, e: - raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CONN, nested_exception=e) - - return conn - - def releaseConn(self, conn): - if conn is None: - return - - conn.unbind_s() - -class IPAServer: - - def __init__(self): - global _LDAPPool - # FIXME, this needs to be auto-discovered - self.host = 'localhost' - self.port = 389 - self.sslport = 636 - self.bindcert = "/usr/share/ipa/cert.pem" - self.bindkey = "/usr/share/ipa/key.pem" - self.bindca = "/usr/share/ipa/cacert.asc" - self.krbctx = krbV.default_context() - self.realm = self.krbctx.default_realm - - if _LDAPPool is None: - _LDAPPool = IPAConnPool(128) - self.basedn = ipautil.realm_to_suffix(self.realm) - self.accountsdn = "cn=accounts," + self.basedn - self.scope = ldap.SCOPE_SUBTREE - self.princ = None - self.krbccache = None - - def set_principal(self, princ): - self.princ = princ - - def set_krbccache(self, krbccache): - self.krbccache = krbccache - - def get_dn_from_principal(self, princ, debug): - """Given a kerberos principal get the LDAP uid""" - global _LDAPPool - - princ = self.__safe_filter(princ) - searchfilter = "(krbPrincipalName=" + princ + ")" - # The only anonymous search we should have - conn = _LDAPPool.getConn(self.host,self.sslport,self.bindca,self.bindcert,self.bindkey,None,None,debug) - try: - ent = conn.getEntry(self.accountsdn, self.scope, searchfilter, ['dn']) - finally: - _LDAPPool.releaseConn(conn) - - return "dn:" + ent.dn - - def __setup_connection(self, opts): - """Set up common things done in the connection. - If there is a Kerberos credentials cache then return None as the - proxy dn and the ccache otherwise return the proxy dn and None as - the ccache. - - We only want one or the other used at one time and we prefer - the Kerberos credentials cache. So if there is a ccache, return - that and None for proxy dn to make calling getConn() easier. - """ - - debug = "Off" - - if opts is not None: - debug = opts.get('ipadebug') - if opts.get('krbccache'): - self.set_krbccache(opts['krbccache']) - self.set_principal(None) - else: - self.set_krbccache(None) - self.set_principal(opts['remoteuser']) - else: - # The caller should have already set the principal or the - # krbccache. If not they'll get an authentication error later. - pass - - if self.princ is not None: - return self.get_dn_from_principal(self.princ, debug), None, debug - else: - return None, self.krbccache, debug - - def getConnection(self, opts): - """Wrapper around IPAConnPool.getConn() so we don't have to pass - around self.* every time a connection is needed. - - For SASL connections (where we have a krbccache) we can't set - the SSL variables for certificates. It confuses the ldap - module. - """ - global _LDAPPool - - (proxy_dn, krbccache, debug) = self.__setup_connection(opts) - - if krbccache is not None: - bindca = None - bindcert = None - bindkey = None - port = self.port - else: - raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CCACHE) - - try: - conn = _LDAPPool.getConn(self.host,port,krbccache,debug) - except ldap.INVALID_CREDENTIALS, e: - raise ipaerror.gen_exception(ipaerror.CONNECTION_GSSAPI_CREDENTIALS, nested_exception=e) - - if conn is None: - raise ipaerror.gen_exception(ipaerror.CONNECTION_NO_CONN) - - return conn - - def releaseConnection(self, conn): - global _LDAPPool - - _LDAPPool.releaseConn(conn) - - def convert_entry(self, ent): - entry = dict(ent.data) - entry['dn'] = ent.dn - # For now convert single entry lists to a string for the ui. - # TODO: we need to deal with multi-values better - for key,value in entry.iteritems(): - if isinstance(value,list) or isinstance(value,tuple): - if len(value) == 0: - entry[key] = '' - elif len(value) == 1: - entry[key] = value[0] - return entry - - # TODO: rethink the get_entry vs get_list API calls. - # they currently restrict the data coming back without - # restricting scope. For now adding a __get_base/sub_entry() - # calls, but the API isn't great. - def __get_entry (self, base, scope, searchfilter, sattrs=None, opts=None): - """Get a specific entry (with a parametized scope). - Return as a dict of values. - Multi-valued fields are represented as lists. - """ - ent="" - - conn = self.getConnection(opts) - try: - ent = conn.getEntry(base, scope, searchfilter, sattrs) - - finally: - self.releaseConnection(conn) - - return self.convert_entry(ent) - - def __get_base_entry (self, base, searchfilter, sattrs=None, opts=None): - """Get a specific entry (with a scope of BASE). - Return as a dict of values. - Multi-valued fields are represented as lists. - """ - return self.__get_entry(base, ldap.SCOPE_BASE, searchfilter, sattrs, opts) - - def __get_sub_entry (self, base, searchfilter, sattrs=None, opts=None): - """Get a specific entry (with a scope of SUB). - Return as a dict of values. - Multi-valued fields are represented as lists. - """ - return self.__get_entry(base, ldap.SCOPE_SUBTREE, searchfilter, sattrs, opts) - - def __get_list (self, base, searchfilter, sattrs=None, opts=None): - """Gets a list of entries. Each is converted to a dict of values. - Multi-valued fields are represented as lists. - """ - entries = [] - - conn = self.getConnection(opts) - try: - entries = conn.getList(base, self.scope, searchfilter, sattrs) - finally: - self.releaseConnection(conn) - - return map(self.convert_entry, entries) - - def __update_entry (self, oldentry, newentry, opts=None): - """Update an LDAP entry - - oldentry is a dict - newentry is a dict - """ - oldentry = self.convert_scalar_values(oldentry) - newentry = self.convert_scalar_values(newentry) - - # Should be able to get this from either the old or new entry - # but just in case someone has decided to try changing it, use the - # original - try: - moddn = oldentry['dn'] - except KeyError: - raise ipaerror.gen_exception(ipaerror.LDAP_MISSING_DN) - - conn = self.getConnection(opts) - try: - res = conn.updateEntry(moddn, oldentry, newentry) - finally: - self.releaseConnection(conn) - return res - - def __safe_filter(self, criteria): - """Make sure any arguments used when creating a filter are safe.""" - - # TODO: this escaper assumes the python-ldap library will error out - # on invalid codepoints. we need to check malformed utf-8 input - # where the second byte in a multi-byte character - # is (illegally) ')' and make sure python-ldap - # bombs out. - criteria = re.sub(r'[\(\)\\\*]', ldap_search_escape, criteria) - - return criteria - - def __generate_match_filters(self, search_fields, criteria_words): - """Generates a search filter based on a list of words and a list - of fields to search against. - - Returns a tuple of two filters: (exact_match, partial_match)""" - - # construct search pattern for a single word - # (|(f1=word)(f2=word)...) - search_pattern = "(|" - for field in search_fields: - search_pattern += "(" + field + "=%(match)s)" - search_pattern += ")" - gen_search_pattern = lambda word: search_pattern % {'match':word} - - # construct the giant match for all words - exact_match_filter = "(&" - partial_match_filter = "(|" - for word in criteria_words: - exact_match_filter += gen_search_pattern(word) - partial_match_filter += gen_search_pattern("*%s*" % word) - exact_match_filter += ")" - partial_match_filter += ")" - - return (exact_match_filter, partial_match_filter) - - def __get_schema(self, opts=None): - """Retrieves the current LDAP schema from the LDAP server.""" - - schema_entry = self.__get_base_entry("", "objectclass=*", ['dn','subschemasubentry'], opts) - schema_cn = schema_entry.get('subschemasubentry') - schema = self.__get_base_entry(schema_cn, "objectclass=*", ['*'], opts) - - return schema - - def __get_objectclasses(self, opts=None): - """Returns a list of available objectclasses that the LDAP - server supports. This parses out the syntax, attributes, etc - and JUST returns a lower-case list of the names.""" - - schema = self.__get_schema(opts) - - objectclasses = schema.get('objectclasses') - - # Convert this list into something more readable - result = [] - for i in range(len(objectclasses)): - oc = objectclasses[i].lower().split(" ") - result.append(oc[3].replace("'","")) - - return result - - def __has_nsaccountlock(self, dn, opts): - """Check to see if an entry has the nsaccountlock attribute. - This attribute is provided by the Class of Service plugin so - doing a search isn't enough. It is provided by the two - entries cn=inactivated and cn=activated. So if the entry has - the attribute and isn't in either cn=activated or cn=inactivated - then the attribute must be in the entry itself. - - Returns True or False - """ - # First get the entry. If it doesn't have nsaccountlock at all we - # can exit early. - entry = self.get_entry_by_dn(dn, ['dn', 'nsaccountlock', 'memberof'], opts) - if not entry.get('nsaccountlock'): - return False - - # Now look to see if they are in activated or inactivated - # entry is a member - memberof = entry.get('memberof') - if isinstance(memberof, basestring): - memberof = [memberof] - for m in memberof: - inactivated = m.find("cn=inactivated") - activated = m.find("cn=activated") - # if they are in either group that means that the nsaccountlock - # value comes from there, otherwise it must be in this entry. - if inactivated >= 0 or activated >= 0: - return False - - return True - -# Higher-level API - def version(self, opts=None): - """The version of IPA""" - logging.debug("IPA: version %d" % version.NUM_VERSION) - return version.NUM_VERSION - - def get_aci_entry(self, sattrs, opts=None): - """Returns the entry containing access control ACIs.""" - - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: get_aci_entry") - - dn="%s,%s" % (ACIContainer, self.basedn) - return self.get_entry_by_dn(dn, sattrs, opts) - -# General searches - - def get_entry_by_dn (self, dn, sattrs, opts=None): - """Get a specific entry. Return as a dict of values. - Multi-valued fields are represented as lists. - """ - if not isinstance(dn,basestring) or len(dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - searchfilter = "(objectClass=*)" - logging.info("IPA: get_entry_by_dn '%s'" % dn) - return self.__get_base_entry(dn, searchfilter, sattrs, opts) - - def get_entry_by_cn (self, cn, sattrs, opts=None): - """Get a specific entry by cn. Return as a dict of values. - Multi-valued fields are represented as lists. - """ - - if not isinstance(cn,basestring) or len(cn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: get_entry_by_cn '%s'" % cn) - cn = self.__safe_filter(cn) - searchfilter = "(cn=" + cn + ")" - return self.__get_sub_entry(self.accountsdn, searchfilter, sattrs, opts) - - def update_entry (self, oldentry, newentry, opts=None): - """Update an entry in LDAP - - oldentry and newentry are XML-RPC structs. - - If oldentry is not empty then it is used when determine what - has changed. - - If oldentry is empty then the value of newentry is compared - to the current value of oldentry. - """ - if not newentry: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - if not oldentry: - oldentry = self.get_entry_by_dn(newentry.get('dn'), None, opts) - if oldentry is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - logging.info("IPA: update_entry '%s'" % newentry.get('dn')) - return self.__update_entry(oldentry, newentry, opts) - -# User support - - def __is_user_unique(self, uid, opts): - """Return True if the uid is unique in the tree, False otherwise.""" - uid = self.__safe_filter(uid) - searchfilter = "(&(uid=%s)(objectclass=posixAccount))" % uid - - try: - entry = self.__get_sub_entry(self.accountsdn, searchfilter, ['dn','uid'], opts) - return False - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return True - - def __uid_too_long(self, uid, opts): - """Verify that the new uid is within the limits we set. This is a - very narrow test. - - Returns True if it is longer than allowed - False otherwise - """ - if not isinstance(uid,basestring) or len(uid) == 0: - # It is bad, but not too long - return False - logging.debug("IPA: __uid_too_long(%s)" % uid) - try: - config = self.get_ipa_config(opts) - maxlen = int(config.get('ipamaxusernamelength', 0)) - if maxlen > 0 and len(uid) > maxlen: - return True - except Exception, e: - logging.debug("There was a problem " + str(e)) - - return False - - def get_user_by_uid (self, uid, sattrs, opts=None): - """Get a specific user's entry. Return as a dict of values. - Multi-valued fields are represented as lists. - """ - - if not isinstance(uid,basestring) or len(uid) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: get_user_by_uid '%s'" % uid) - uid = self.__safe_filter(uid) - searchfilter = "(uid=" + uid + ")" - return self.__get_sub_entry(self.accountsdn, searchfilter, sattrs, opts) - - def get_user_by_principal(self, principal, sattrs, opts=None): - """Get a user entry searching by Kerberos Principal Name. - Return as a dict of values. Multi-valued fields are - represented as lists. - """ - - if not isinstance(principal,basestring) or len(principal) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - searchfilter = "(krbPrincipalName="+self.__safe_filter(principal)+")" - logging.info("IPA: get_user_by_principal '%s'" % principal) - return self.__get_sub_entry(self.accountsdn, searchfilter, sattrs, opts) - - def get_user_by_email (self, email, sattrs, opts=None): - """Get a specific user's entry. Return as a dict of values. - Multi-valued fields are represented as lists. - """ - - if not isinstance(email,basestring) or len(email) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: get_user_by_email '%s'" % email) - email = self.__safe_filter(email) - searchfilter = "(mail=" + email + ")" - return self.__get_sub_entry(self.basedn, searchfilter, sattrs, opts) - - def get_users_by_manager (self, manager_dn, sattrs, opts=None): - """Gets the users that report to a particular manager. - """ - - if not isinstance(manager_dn,basestring) or len(manager_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: get_user_by_manager '%s'" % manager_dn) - manager_dn = self.__safe_filter(manager_dn) - searchfilter = "(&(objectClass=person)(manager=%s))" % manager_dn - - try: - return self.__get_list(self.accountsdn, searchfilter, sattrs, opts) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return [] - - def add_user (self, user, user_container, opts=None): - """Add a user in LDAP. Takes as input a dict where the key is the - attribute name and the value is either a string or in the case - of a multi-valued field a list of values. user_container sets - where in the tree the user is placed. - """ - logging.info("IPA: add_user") - if not user_container: - user_container = DefaultUserContainer - - if not isinstance(user,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(user_container,basestring) or len(user_container) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - if not self.__is_user_unique(user['uid'], opts): - raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE) - if self.__uid_too_long(user['uid'], opts): - raise ipaerror.gen_exception(ipaerror.INPUT_UID_TOO_LONG) - - # dn is set here, not by the user - try: - del user['dn'] - except KeyError: - pass - - # No need to set empty fields, and they can cause issues when they - # get to LDAP, like: - # TypeError: ('expected a string in the list', None) - for k in user.keys(): - if not user[k] or len(user[k]) == 0 or (isinstance(user[k],list) and len(user[k]) == 1 and '' in user[k]): - del user[k] - - dn="uid=%s,%s,%s" % (ldap.dn.escape_dn_chars(user['uid']), - user_container,self.basedn) - entry = ipaserver.ipaldap.Entry(dn) - - # FIXME: This should be dynamic and can include just about anything - - # Get our configuration - config = self.get_ipa_config(opts) - - # Let us add in some missing attributes - if user.get('homedirectory') is None: - user['homedirectory'] = '%s/%s' % (config.get('ipahomesrootdir'), user.get('uid')) - user['homedirectory'] = user['homedirectory'].replace('//', '/') - user['homedirectory'] = user['homedirectory'].rstrip('/') - if user.get('loginshell') is None: - user['loginshell'] = config.get('ipadefaultloginshell') - if user.get('gecos') is None: - user['gecos'] = user['uid'] - - # If uidnumber is blank the the FDS dna_plugin will automatically - # assign the next value. So we don't have to do anything with it. - - group_dn="cn=%s,%s,%s" % (config.get('ipadefaultprimarygroup'), DefaultGroupContainer, self.basedn) - try: - default_group = self.get_entry_by_dn(group_dn, ['dn','gidNumber'], opts) - if default_group: - user['gidnumber'] = default_group.get('gidnumber') - except ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR), e: - raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, message=None, nested_exception=e.detail) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # Fake an LDAP error so we can return something useful to the user - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND, "The default group for new users, '%s', cannot be found." % config.get('ipadefaultprimarygroup')) - - if user.get('krbprincipalname') is None: - user['krbprincipalname'] = "%s@%s" % (user.get('uid'), self.realm) - - # FIXME. This is a hack so we can request separate First and Last - # name in the GUI. - if user.get('cn') is None: - user['cn'] = "%s %s" % (user.get('givenname'), - user.get('sn')) - - if user.get('gn'): - del user['gn'] - - # some required objectclasses - entry.setValues('objectClass', (config.get('ipauserobjectclasses'))) - - # fill in our new entry with everything sent by the user - for u in user: - entry.setValues(u, user[u]) - - conn = self.getConnection(opts) - try: - try: - res = conn.addEntry(entry) - except TypeError, e: - raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, "There is a problem with one of the data types.") - except ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR), e: - raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, message=None, nested_exception=e.detail) - except Exception, e: - raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, nested_exception=e) - try: - self.add_user_to_group(user.get('uid'), group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR), e: - raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, message=None, nested_exception=e.detail) - except Exception, e: - raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, "The user was created but adding to group %s failed" % group_dn) - finally: - self.releaseConnection(conn) - return res - - def get_custom_fields (self, opts=None): - """Get the list of custom user fields. - - A schema is a list of dict's of the form: - label: The label dispayed to the user - field: the attribute name - required: true/false - - It is displayed to the user in the order of the list. - """ - - config = self.get_ipa_config(opts) - - fields = config.get('ipacustomfields') - - if fields is None or fields == '': - return [] - - fl = fields.split('$') - schema = [] - for x in range(len(fl)): - vals = fl[x].split(',') - if len(vals) != 3: - # Raise? - logging.debug("IPA: Invalid field, skipping: %s", vals) - d = dict(label=unquote(vals[0]), field=unquote(vals[1]), required=unquote(vals[2])) - schema.append(d) - - return schema -# radius support - - # clients - def get_radius_client_by_ip_addr(self, ip_addr, container=None, sattrs=None, opts=None): - filter = radius_util.radius_client_filter(ip_addr) - basedn = radius_util.radius_clients_basedn(container, self.basedn) - return self.__get_sub_entry(basedn, filter, sattrs, opts) - - def __radius_client_exists(self, ip_addr, container, opts): - filter = radius_util.radius_client_filter(ip_addr) - basedn = radius_util.radius_clients_basedn(container, self.basedn) - - try: - entry = self.__get_sub_entry(basedn, filter, ['dn','uid'], opts) - return True - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return False - - def add_radius_client (self, client, container=None, opts=None): - if container is None: - container = radius_util.clients_container - - ip_addr = client['radiusClientIPAddress'] - - if self.__radius_client_exists(ip_addr, container, opts): - raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE) - - dn = radius_util.radius_client_dn(ip_addr, container, self.basedn) - entry = ipaserver.ipaldap.Entry(dn) - - # some required objectclasses - entry.setValues('objectClass', 'top', 'radiusClientProfile') - - # fill in our new entry with everything sent by the client - for attr in client: - entry.setValues(attr, client[attr]) - - conn = self.getConnection(opts) - try: - res = conn.addEntry(entry) - finally: - self.releaseConnection(conn) - return res - - def update_radius_client(self, oldentry, newentry, opts=None): - return self.update_entry(oldentry, newentry, opts) - - def delete_radius_client(self, ip_addr, container=None, opts=None): - client = self.get_radius_client_by_ip_addr(ip_addr, container, ['dn', 'cn'], opts) - if client is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - conn = self.getConnection(opts) - try: - res = conn.deleteEntry(client['dn']) - finally: - self.releaseConnection(conn) - return res - - def find_radius_clients(self, ip_attrs, container=None, sattrs=None, sizelimit=-1, timelimit=-1, opts=None): - def gen_filter(objectclass, attr, values): - '''Given ('myclass', 'myattr', [v1, v2]) returns - (&(objectclass=myclass)(|(myattr=v1)(myattr=v2))) - ''' - # Don't use __safe_filter, prevents wildcarding - #attrs = ''.join(['(%s=%s)' % (attr, self.__safe_filter(val)) for val in values]) - attrs = ''.join(['(%s=%s)' % (attr, val) for val in values]) - filter = "(&(objectclass=%s)(|%s))" % (objectclass, attrs) - return filter - - basedn = radius_util.radius_clients_basedn(container, self.basedn) - filter = gen_filter('radiusClientProfile', 'radiusClientIPAddress', ip_attrs) - conn = self.getConnection(opts) - try: - try: - results = conn.getListAsync(basedn, self.scope, filter, sattrs, 0, None, None, timelimit, sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - results = [0] - finally: - self.releaseConnection(conn) - - counter = results[0] - results = results[1:] - radius_clients = [counter] - for radius_client in results: - radius_clients.append(self.convert_entry(radius_client)) - - return radius_clients - - # profiles - def get_radius_profile_by_uid(self, uid, user_profile=True, sattrs=None, opts=None): - if user_profile: - container = DefaultUserContainer - else: - container = radius_util.profiles_container - - uid = self.__safe_filter(uid) - filter = radius_util.radius_profile_filter(uid) - basedn = radius_util.radius_profiles_basedn(container, self.basedn) - return self.__get_sub_entry(basedn, filter, sattrs, opts) - - def __radius_profile_exists(self, uid, user_profile, opts): - if user_profile: - container = DefaultUserContainer - else: - container = radius_util.profiles_container - - uid = self.__safe_filter(uid) - filter = radius_util.radius_profile_filter(uid) - basedn = radius_util.radius_profiles_basedn(container, self.basedn) - - try: - entry = self.__get_sub_entry(basedn, filter, ['dn','uid'], opts) - return True - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return False - - def add_radius_profile (self, profile, user_profile=True, opts=None): - uid = profile['uid'] - - if self.__radius_profile_exists(uid, user_profile, opts): - raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE) - - if user_profile: - container = DefaultUserContainer - else: - container = radius_util.profiles_container - - dn = radius_util.radius_profile_dn(uid, container, self.basedn) - entry = ipaserver.ipaldap.Entry(dn) - - # some required objectclasses - entry.setValues('objectClass', 'top', 'radiusprofile') - - # fill in our new entry with everything sent by the profile - for attr in profile: - entry.setValues(attr, profile[attr]) - - conn = self.getConnection(opts) - try: - res = conn.addEntry(entry) - finally: - self.releaseConnection(conn) - return res - - def update_radius_profile(self, oldentry, newentry, opts=None): - return self.update_entry(oldentry, newentry, opts) - - def delete_radius_profile(self, uid, user_profile, opts=None): - profile = self.get_radius_profile_by_uid(uid, user_profile, ['dn', 'cn'], opts) - if profile is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - conn = self.getConnection(opts) - try: - res = conn.deleteEntry(profile['dn']) - finally: - self.releaseConnection(conn) - return res - - def find_radius_profiles(self, uids, user_profile=True, sattrs=None, sizelimit=-1, timelimit=-1, opts=None): - def gen_filter(objectclass, attr, values): - '''Given ('myclass', 'myattr', [v1, v2]) returns - (&(objectclass=myclass)(|(myattr=v1)(myattr=v2))) - ''' - # Don't use __safe_filter, prevents wildcarding - #attrs = ''.join(['(%s=%s)' % (attr, self.__safe_filter(val)) for val in values]) - attrs = ''.join(['(%s=%s)' % (attr, val) for val in values]) - filter = "(&(objectclass=%s)(|%s))" % (objectclass, attrs) - return filter - - if user_profile: - container = DefaultUserContainer - else: - container = radius_util.profiles_container - - filter = gen_filter('radiusprofile', 'uid', uids) - basedn="%s,%s" % (container, self.basedn) - conn = self.getConnection(opts) - try: - try: - results = conn.getListAsync(basedn, self.scope, filter, sattrs, 0, None, None, timelimit, sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - results = [0] - finally: - self.releaseConnection(conn) - - counter = results[0] - results = results[1:] - radius_profiles = [counter] - for radius_profile in results: - radius_profiles.append(self.convert_entry(radius_profile)) - - return radius_profiles - - def set_custom_fields (self, schema, opts=None): - """Set the list of custom user fields. - - A schema is a list of dict's of the form: - label: The label dispayed to the user - field: the attribute name - required: true/false - - It is displayed to the user in the order of the list. - """ - if not isinstance(schema,basestring) or len(schema) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - config = self.get_ipa_config(opts) - - # The schema is stored as: - # label,field,required$label,field,required$... - # quote() from urilib is used to ensure that it is easy to unparse - - stored_schema = "" - for i in range(len(schema)): - entry = schema[i] - entry = quote(entry.get('label')) + "," + quote(entry.get('field')) + "," + quote(entry.get('required')) - - if stored_schema != "": - stored_schema = stored_schema + "$" + entry - else: - stored_schema = entry - - new_config = copy.deepcopy(config) - new_config['ipacustomfields'] = stored_schema - - return self.update_entry(config, new_config, opts) - - def get_all_users (self, opts=None): - """Return a list containing a User object for each - existing user. - """ - logging.info("IPA: get_all_users") - searchfilter = "(objectclass=posixAccount)" - - conn = self.getConnection(opts) - try: - all_users = conn.getList(self.accountsdn, self.scope, searchfilter, None) - finally: - self.releaseConnection(conn) - - users = [] - for u in all_users: - users.append(self.convert_entry(u)) - - return users - - def find_users (self, criteria, sattrs, sizelimit=-1, timelimit=-1, - opts=None): - """Returns a list: counter followed by the results. - If the results are truncated, counter will be set to -1.""" - - if not isinstance(criteria,basestring) or len(criteria) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs, list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(sizelimit,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(timelimit,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: find_users '%s'" % criteria) - config = self.get_ipa_config(opts) - if timelimit < 0: - timelimit = float(config.get('ipasearchtimelimit')) - if sizelimit < 0: - sizelimit = int(config.get('ipasearchrecordslimit')) - - # Assume the list of fields to search will come from a central - # configuration repository. A good format for that would be - # a comma-separated list of fields - search_fields_conf_str = config.get('ipausersearchfields') - search_fields = string.split(search_fields_conf_str, ",") - - criteria = self.__safe_filter(criteria) - criteria_words = re.split(r'\s+', criteria) - criteria_words = filter(lambda value:value!="", criteria_words) - if len(criteria_words) == 0: - return [0] - - (exact_match_filter, partial_match_filter) = self.__generate_match_filters( - search_fields, criteria_words) - - # - # further constrain search to just the objectClass - # TODO - need to parameterize this into generate_match_filters, - # and work it into the field-specification search feature - # - exact_match_filter = "(&(objectClass=person)%s)" % exact_match_filter - partial_match_filter = "(&(objectClass=person)%s)" % partial_match_filter - - conn = self.getConnection(opts) - try: - try: - exact_results = conn.getListAsync(self.accountsdn, self.scope, - exact_match_filter, sattrs, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - exact_results = [0] - - try: - partial_results = conn.getListAsync(self.accountsdn, self.scope, - partial_match_filter, sattrs, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - partial_results = [0] - finally: - self.releaseConnection(conn) - - exact_counter = exact_results[0] - partial_counter = partial_results[0] - - exact_results = exact_results[1:] - partial_results = partial_results[1:] - - # Remove exact matches from the partial_match list - exact_dns = set(map(lambda e: e.dn, exact_results)) - partial_results = filter(lambda e: e.dn not in exact_dns, - partial_results) - - if (exact_counter == -1) or (partial_counter == -1): - counter = -1 - else: - counter = len(exact_results) + len(partial_results) - - users = [counter] - for u in exact_results + partial_results: - users.append(self.convert_entry(u)) - - return users - - def convert_scalar_values(self, orig_dict): - """LDAP update dicts expect all values to be a list (except for dn). - This method converts single entries to a list.""" - if not orig_dict or not isinstance(orig_dict, dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - new_dict={} - for (k,v) in orig_dict.iteritems(): - if not isinstance(v, list) and k != 'dn': - v = [v] - new_dict[k] = v - - return new_dict - - def update_user (self, oldentry, newentry, opts=None): - """Wrapper around update_entry with user-specific handling. - - oldentry and newentry are XML-RPC structs. - - If oldentry is not empty then it is used when determine what - has changed. - - If oldentry is empty then the value of newentry is compared - to the current value of oldentry. - - If you want to change the RDN of a user you must use - this function. update_entry will fail. - """ - logging.info("IPA: update_user") - if not isinstance(newentry,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if oldentry and not isinstance(oldentry,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not oldentry: - oldentry = self.get_entry_by_dn(newentry.get('dn'), None, opts) - if oldentry is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - newrdn = 0 - - if oldentry.get('uid') != newentry.get('uid'): - if self.__uid_too_long(newentry.get('uid'), opts): - raise ipaerror.gen_exception(ipaerror.INPUT_UID_TOO_LONG) - # RDN change - conn = self.getConnection(opts) - try: - res = conn.updateRDN(oldentry.get('dn'), "uid=" + newentry.get('uid')) - newdn = oldentry.get('dn') - newdn = newdn.replace("uid=%s" % oldentry.get('uid'), "uid=%s" % newentry.get('uid')) - - # Now fix up the dns and uids so they aren't seen as having - # changed. - oldentry['dn'] = newdn - newentry['dn'] = newdn - oldentry['uid'] = newentry['uid'] - newrdn = 1 - finally: - self.releaseConnection(conn) - - # Get our configuration - config = self.get_ipa_config(opts) - - # Make sure we have the latest object classes - # newentry['objectclass'] = uniq_list(newentry.get('objectclass') + config.get('ipauserobjectclasses')) - - try: - rv = self.update_entry(oldentry, newentry, opts) - return rv - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # This means that there was just an rdn change, nothing else. - if newrdn == 1: - return "Success" - else: - raise - - def mark_entry_active (self, dn, opts=None): - """Mark an entry as active in LDAP.""" - - # This can be tricky. The entry itself can be marked inactive - # by being in the inactivated group. It can also be inactivated by - # being the member of an inactive group. - # - # First we try to remove the entry from the inactivated group. Then - # if it is still inactive we have to add it to the activated group - # which will override the group membership. - - if not dn: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - res = "" - # First, check the entry status - entry = self.get_entry_by_dn(dn, ['dn', 'nsAccountlock'], opts) - - if entry.get('nsaccountlock', 'false').lower() == "false": - logging.debug("IPA: already active") - raise ipaerror.gen_exception(ipaerror.STATUS_ALREADY_ACTIVE) - - if self.__has_nsaccountlock(dn, opts): - logging.debug("IPA: appears to have the nsaccountlock attribute") - raise ipaerror.gen_exception(ipaerror.STATUS_HAS_NSACCOUNTLOCK) - - group = self.get_entry_by_cn("inactivated", None, opts) - try: - self.remove_member_from_group(entry.get('dn'), group.get('dn'), opts) - except ipaerror.exception_for(ipaerror.STATUS_NOT_GROUP_MEMBER): - # Perhaps the user is there as a result of group membership - pass - - # Now they aren't a member of inactivated directly, what is the status - # now? - entry = self.get_entry_by_dn(dn, ['dn', 'nsAccountlock'], opts) - - if entry.get('nsaccountlock', 'false').lower() == "false": - # great, we're done - logging.debug("IPA: removing from inactivated did it.") - return res - - # So still inactive, add them to activated - group = self.get_entry_by_cn("activated", None, opts) - res = self.add_member_to_group(dn, group.get('dn'), opts) - logging.debug("IPA: added to activated.") - - return res - - def mark_entry_inactive (self, dn, opts=None): - """Mark an entry as inactive in LDAP.""" - - if not dn: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - entry = self.get_entry_by_dn(dn, ['dn', 'nsAccountlock', 'memberOf'], opts) - - if entry.get('nsaccountlock', 'false').lower() == "true": - logging.debug("IPA: already marked as inactive") - raise ipaerror.gen_exception(ipaerror.STATUS_ALREADY_INACTIVE) - - if self.__has_nsaccountlock(dn, opts): - logging.debug("IPA: appears to have the nsaccountlock attribute") - raise ipaerror.gen_exception(ipaerror.STATUS_HAS_NSACCOUNTLOCK) - - # First see if they are in the activated group as this will override - # the our inactivation. - group = self.get_entry_by_cn("activated", None, opts) - try: - self.remove_member_from_group(dn, group.get('dn'), opts) - except ipaerror.exception_for(ipaerror.STATUS_NOT_GROUP_MEMBER): - # this is fine, they may not be explicitly in this group - pass - - # Now add them to inactivated - group = self.get_entry_by_cn("inactivated", None, opts) - res = self.add_member_to_group(dn, group.get('dn'), opts) - - return res - - def mark_user_active(self, uid, opts=None): - """Mark a user as active""" - - if not isinstance(uid,basestring) or len(uid) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - user = self.get_user_by_uid(uid, ['dn', 'uid'], opts) - logging.info("IPA: mark_user_active '%s'" % user.get('dn')) - return self.mark_entry_active(user.get('dn')) - - def mark_user_inactive(self, uid, opts=None): - """Mark a user as inactive""" - - if not isinstance(uid,basestring) or len(uid) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if uid == "admin": - raise ipaerror.gen_exception(ipaerror.INPUT_CANT_INACTIVATE) - user = self.get_user_by_uid(uid, ['dn', 'uid'], opts) - logging.info("IPA: mark_user_inactive '%s'" % user.get('dn')) - return self.mark_entry_inactive(user.get('dn')) - - def delete_user (self, uid, opts=None): - """Delete a user. Not to be confused with inactivate_user. This - makes the entry go away completely. - - uid is the uid of the user to delete - - The memberOf plugin handles removing the user from any other - groups. - """ - if not isinstance(uid,basestring) or len(uid) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if uid == "admin": - raise ipaerror.gen_exception(ipaerror.INPUT_ADMIN_REQUIRED) - logging.info("IPA: delete_user '%s'" % uid) - user = self.get_user_by_uid(uid, ['dn', 'uid', 'objectclass'], opts) - if user is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - conn = self.getConnection(opts) - try: - res = conn.deleteEntry(user['dn']) - finally: - self.releaseConnection(conn) - return res - - def modifyPassword (self, principal, oldpass, newpass, opts=None): - """Set/Reset a user's password - - uid tells us who's password to change - oldpass is the old password (if available) - newpass is the new password - """ - if not isinstance(principal,basestring) or len(principal) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if oldpass and not isinstance(oldpass,basestring): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(newpass,basestring) or len(newpass) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: modifyPassword '%s'" % principal) - - user = self.get_user_by_principal(principal, ['krbprincipalname'], opts) - if user is None or user['krbprincipalname'] != principal: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - conn = self.getConnection(opts) - try: - res = conn.modifyPassword(user['dn'], oldpass, newpass) - finally: - self.releaseConnection(conn) - return res - -# Group support - - def __is_group_unique(self, cn, opts): - """Return True if the cn is unique in the tree, False otherwise.""" - cn = self.__safe_filter(cn) - searchfilter = "(&(cn=%s)(objectclass=posixGroup))" % cn - - try: - entry = self.__get_sub_entry(self.accountsdn, searchfilter, ['dn','cn'], opts) - return False - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return True - - def get_groups_by_member (self, member_dn, sattrs, opts=None): - """Get all of the groups an object is explicitly a member of. - - This does not include groups an entry may be a member of as a - result of recursion (being a group that is a member of another - group). In other words, this searches on 'member' and not - 'memberof'. - - Return as a dict of values. - Multi-valued fields are represented as lists. - """ - if not isinstance(member_dn,basestring) or len(member_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: get_groups_by_member '%s'" % member_dn) - - member_dn = self.__safe_filter(member_dn) - searchfilter = "(&(objectClass=posixGroup)(member=%s))" % member_dn - - try: - return self.__get_list(self.accountsdn, searchfilter, sattrs, opts) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return [] - - def add_group (self, group, group_container, opts=None): - """Add a group in LDAP. Takes as input a dict where the key is the - attribute name and the value is either a string or in the case - of a multi-valued field a list of values. group_container sets - where in the tree the group is placed.""" - if not group_container: - group_container = DefaultGroupContainer - - if not isinstance(group,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_container,basestring) or len(group_container) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - if not self.__is_group_unique(group['cn'], opts): - raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE) - - # Get our configuration - config = self.get_ipa_config(opts) - - dn="cn=%s,%s,%s" % (ldap.dn.escape_dn_chars(group['cn']), - group_container,self.basedn) - logging.info("IPA: add_group '%s'" % dn) - entry = ipaserver.ipaldap.Entry(dn) - - # some required objectclasses - entry.setValues('objectClass', (config.get('ipagroupobjectclasses'))) - - # No need to explicitly set gidNumber. The dna_plugin will do this - # for us if the value isn't provided by the user. - - # fill in our new entry with everything sent by the user - for g in group: - entry.setValues(g, group[g]) - - conn = self.getConnection(opts) - try: - res = conn.addEntry(entry) - finally: - self.releaseConnection(conn) - - def find_groups (self, criteria, sattrs, sizelimit=-1, timelimit=-1, - opts=None): - """Return a list containing a User object for each - existing group that matches the criteria. - """ - if not isinstance(criteria,basestring) or len(criteria) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs, list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(sizelimit,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(timelimit,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: find groups '%s'" % criteria) - - config = self.get_ipa_config(opts) - if timelimit < 0: - timelimit = float(config.get('ipasearchtimelimit')) - if sizelimit < 0: - sizelimit = int(config.get('ipasearchrecordslimit')) - - # Assume the list of fields to search will come from a central - # configuration repository. A good format for that would be - # a comma-separated list of fields - search_fields_conf_str = config.get('ipagroupsearchfields') - search_fields = string.split(search_fields_conf_str, ",") - - criteria = self.__safe_filter(criteria) - criteria_words = re.split(r'\s+', criteria) - criteria_words = filter(lambda value:value!="", criteria_words) - if len(criteria_words) == 0: - return [0] - - (exact_match_filter, partial_match_filter) = self.__generate_match_filters( - search_fields, criteria_words) - - # - # further constrain search to just the objectClass - # TODO - need to parameterize this into generate_match_filters, - # and work it into the field-specification search feature - # - exact_match_filter = "(&(objectClass=posixGroup)%s)" % exact_match_filter - partial_match_filter = "(&(objectClass=posixGroup)%s)" % partial_match_filter - - # - # TODO - copy/paste from find_users. needs to be refactored - # - conn = self.getConnection(opts) - try: - try: - exact_results = conn.getListAsync(self.accountsdn, self.scope, - exact_match_filter, sattrs, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - exact_results = [0] - - try: - partial_results = conn.getListAsync(self.accountsdn, self.scope, - partial_match_filter, sattrs, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - partial_results = [0] - finally: - self.releaseConnection(conn) - - exact_counter = exact_results[0] - partial_counter = partial_results[0] - - exact_results = exact_results[1:] - partial_results = partial_results[1:] - - # Remove exact matches from the partial_match list - exact_dns = set(map(lambda e: e.dn, exact_results)) - partial_results = filter(lambda e: e.dn not in exact_dns, - partial_results) - - if (exact_counter == -1) or (partial_counter == -1): - counter = -1 - else: - counter = len(exact_results) + len(partial_results) - - groups = [counter] - for u in exact_results + partial_results: - groups.append(self.convert_entry(u)) - - return groups - - def add_member_to_group(self, member_dn, group_dn, opts=None): - """Add a member to an existing group. - """ - if not isinstance(member_dn,basestring) or len(member_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: add_member_to_group '%s' to '%s'" % (member_dn, group_dn)) - if member_dn.lower() == group_dn.lower(): - raise ipaerror.gen_exception(ipaerror.INPUT_SAME_GROUP) - - old_group = self.get_entry_by_dn(group_dn, None, opts) - if old_group is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - new_group = copy.deepcopy(old_group) - - # check to make sure member_dn exists - member_entry = self.__get_base_entry(member_dn, "(objectClass=*)", ['dn','uid'], opts) - if not member_entry: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - if new_group.get('member') is not None: - if isinstance(new_group.get('member'),basestring): - new_group['member'] = [new_group['member']] - new_group['member'].append(member_dn) - else: - new_group['member'] = member_dn - - try: - ret = self.__update_entry(old_group, new_group, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - raise - return ret - - def add_members_to_group(self, member_dns, group_dn, opts=None): - """Given a list of dn's, add them to the group cn denoted by group - Returns a list of the member_dns that were not added to the group. - """ - if not (isinstance(member_dns,list) or isinstance(member_dns,basestring)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - if not member_dns or not group_dn: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: add_members_to_group '%s'" % group_dn) - - failed = [] - - if (isinstance(member_dns,basestring)): - member_dns = [member_dns] - - for member_dn in member_dns: - try: - self.add_member_to_group(member_dn, group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # User is already in the group - failed.append(member_dn) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # User or the group does not exist - failed.append(member_dn) - - return failed - - def remove_member_from_group(self, member_dn, group_dn, opts=None): - """Remove a member_dn from an existing group. - """ - if not isinstance(member_dn,basestring) or len(member_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - old_group = self.get_entry_by_dn(group_dn, None, opts) - if old_group is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - if old_group.get('cn') == "admins": - member = self.get_entry_by_dn(member_dn, ['dn','uid'], opts) - if member.get('uid') == "admin": - raise ipaerror.gen_exception(ipaerror.INPUT_ADMIN_REQUIRED_IN_ADMINS) - logging.info("IPA: remove_member_from_group '%s' from '%s'" % (member_dn, group_dn)) - new_group = copy.deepcopy(old_group) - - if new_group.get('member') is not None: - if isinstance(new_group.get('member'),basestring): - new_group['member'] = [new_group['member']] - for i in range(len(new_group['member'])): - new_group['member'][i] = ipaserver.ipaldap.IPAdmin.normalizeDN(new_group['member'][i]) - try: - new_group['member'].remove(member_dn) - except ValueError: - # member is not in the group - # FIXME: raise more specific error? - raise ipaerror.gen_exception(ipaerror.STATUS_NOT_GROUP_MEMBER) - else: - # Nothing to do if the group has no members - raise ipaerror.gen_exception(ipaerror.STATUS_NOT_GROUP_MEMBER) - - try: - ret = self.__update_entry(old_group, new_group, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - raise - return ret - - def remove_members_from_group(self, member_dns, group_dn, opts=None): - """Given a list of member dn's remove them from the group. - Returns a list of the members not removed from the group. - """ - if not (isinstance(member_dns,list) or isinstance(member_dns,basestring)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: remove_members_from_group '%s'" % group_dn) - failed = [] - - if (isinstance(member_dns,basestring)): - member_dns = [member_dns] - - for member_dn in member_dns: - try: - self.remove_member_from_group(member_dn, group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # member is not in the group - failed.append(member_dn) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # member_dn or the group does not exist - failed.append(member_dn) - except ipaerror.exception_for(ipaerror.STATUS_NOT_GROUP_MEMBER): - # not a member of the group - failed.append(member_dn) - except ipaerror.exception_for(ipaerror.INPUT_ADMIN_REQUIRED_IN_ADMINS): - # Can't remove admin from admins group - failed.append(member_dn) - - return failed - - def add_user_to_group(self, user_uid, group_dn, opts=None): - """Add a user to an existing group. - """ - if not isinstance(user_uid,basestring) or len(user_uid) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: add_user_to_group '%s' to '%s'" % (user_uid, group_dn)) - - user = self.get_user_by_uid(user_uid, ['dn', 'uid', 'objectclass'], opts) - if user is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - return self.add_member_to_group(user['dn'], group_dn, opts) - - def add_users_to_group(self, user_uids, group_dn, opts=None): - """Given a list of user uid's add them to the group cn denoted by group - Returns a list of the users were not added to the group. - """ - if not (isinstance(user_uids,list) or isinstance(user_uids,basestring)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: add_users_to_group '%s'" % group_dn) - failed = [] - - if (isinstance(user_uids,basestring)): - user_uids = [user_uids] - - for user_uid in user_uids: - try: - self.add_user_to_group(user_uid, group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # User is already in the group - failed.append(user_uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # User or the group does not exist - failed.append(user_uid) - - return failed - - def remove_user_from_group(self, user_uid, group_dn, opts=None): - """Remove a user from an existing group. - """ - if not isinstance(user_uid,basestring) or len(user_uid) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: remove_user_from_group '%s' from '%s'" % (user_uid, group_dn)) - user = self.get_user_by_uid(user_uid, ['dn', 'uid', 'objectclass'], opts) - if user is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - return self.remove_member_from_group(user['dn'], group_dn, opts) - - def remove_users_from_group(self, user_uids, group_dn, opts=None): - """Given a list of user uid's remove them from the group - Returns a list of the user uids not removed from the group. - """ - if not (isinstance(user_uids,list) or isinstance(user_uids,basestring)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: remove_users_from_group '%s'" % group_dn) - failed = [] - - if (isinstance(user_uids,basestring)): - user_uids = [user_uids] - - for user_uid in user_uids: - try: - self.remove_user_from_group(user_uid, group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # User is not in the group - failed.append(user_uid) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # User or the group does not exist - failed.append(user_uid) - - return failed - - def add_groups_to_user(self, group_dns, user_dn, opts=None): - """Given a list of group dn's add them to the user. - - Returns a list of the group dns that were not added. - """ - if not (isinstance(group_dns,list) or isinstance(group_dns,basestring)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(user_dn,basestring) or len(user_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: add_groups_to_user '%s'" % user_dn) - failed = [] - - if (isinstance(group_dns, basestring)): - group_dns = [group_dns] - - for group_dn in group_dns: - try: - self.add_member_to_group(user_dn, group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # User is already in the group - failed.append(group_dn) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # User or the group does not exist - failed.append(group_dn) - - return failed - - def remove_groups_from_user(self, group_dns, user_dn, opts=None): - """Given a list of group dn's remove them from the user. - - Returns a list of the group dns that were not removed. - """ - if not (isinstance(group_dns,list) or isinstance(group_dns,basestring)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(user_dn,basestring) or len(user_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - logging.info("IPA: remove_groups_from_user '%s'" % user_dn) - failed = [] - - if (isinstance(group_dns,basestring)): - group_dns = [group_dns] - - for group_dn in group_dns: - try: - self.remove_member_from_group(user_dn, group_dn, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - # User is not in the group - failed.append(group_dn) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - # User or the group does not exist - failed.append(group_dn) - except ipaerror.exception_for(ipaerror.STATUS_NOT_GROUP_MEMBER): - # User is not in the group - failed.append(group_dn) - except ipaerror.exception_for(ipaerror.INPUT_ADMIN_REQUIRED_IN_ADMINS): - # Can't remove admin from admins group - failed.append(member_dn) - - return failed - - def update_group (self, oldentry, newentry, opts=None): - """Wrapper around update_entry with group-specific handling. - - oldentry and newentry are XML-RPC structs. - - If oldentry is not empty then it is used when determine what - has changed. - - If oldentry is empty then the value of newentry is compared - to the current value of oldentry. - - If you want to change the RDN of a group you must use - this function. update_entry will fail. - """ - if not isinstance(newentry,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if oldentry and not isinstance(oldentry,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not oldentry: - oldentry = self.get_entry_by_dn(newentry.get('dn'), None, opts) - if oldentry is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - logging.info("IPA: update_group '%s'" % oldentry.get('cn')) - newrdn = 0 - - oldcn=oldentry.get('cn') - newcn=newentry.get('cn') - if isinstance(oldcn,basestring): - oldcn = [oldcn] - if isinstance(newcn,basestring): - newcn = [newcn] - - if "admins" in oldcn: - raise ipaerror.gen_exception(ipaerror.INPUT_ADMINS_IMMUTABLE) - - oldcn.sort() - newcn.sort() - if oldcn != newcn: - # RDN change - conn = self.getConnection(opts) - try: - res = conn.updateRDN(oldentry.get('dn'), "cn=" + newcn[0]) - newdn = oldentry.get('dn') - newcn = newentry.get('cn') - if isinstance(newcn,basestring): - newcn = [newcn] - - # Ick. Need to find the exact cn used in the old DN so we'll - # walk the list of cns and skip the obviously bad ones: - for c in oldentry.get('dn').split("cn="): - if c and c != "groups" and not c.startswith("accounts"): - newdn = newdn.replace("cn=%s" % c, "cn=%s," % newcn[0]) - break - - # Now fix up the dns and cns so they aren't seen as having - # changed. - oldentry['dn'] = newdn - newentry['dn'] = newdn - oldentry['cn'] = newentry.get('cn') - newrdn = 1 - finally: - self.releaseConnection(conn) - - # Get our configuration - config = self.get_ipa_config(opts) - - # Make sure we have the latest object classes - # newentry['objectclass'] = uniq_list(newentry.get('objectclass') + config.get('ipagroupobjectclasses')) - - try: - rv = self.update_entry(oldentry, newentry, opts) - return rv - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - if newrdn == 1: - # This means that there was just the rdn change, no other - # attributes - return "Success" - else: - raise - - def delete_group (self, group_dn, opts=None): - """Delete a group - group_dn is the DN of the group to delete - - The memberOf plugin handles removing the group from any other - groups. - """ - if not isinstance(group_dn,basestring) or len(group_dn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - group = self.get_entry_by_dn(group_dn, ['dn', 'cn'], opts) - if group is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - logging.info("IPA: delete_group '%s'" % group_dn) - - # We have 2 special groups, don't allow them to be removed - if "admins" in group.get('cn') or "editors" in group.get('cn'): - raise ipaerror.gen_exception(ipaerror.CONFIG_REQUIRED_GROUPS) - - # Don't allow the default user group to be removed - config=self.get_ipa_config(opts) - default_group = self.get_entry_by_cn(config.get('ipadefaultprimarygroup'), None, opts) - if group_dn == default_group.get('dn'): - raise ipaerror.gen_exception(ipaerror.CONFIG_DEFAULT_GROUP) - - conn = self.getConnection(opts) - try: - res = conn.deleteEntry(group_dn) - finally: - self.releaseConnection(conn) - return res - - def add_group_to_group(self, group, tgroup, opts=None): - """Add a group to an existing group. - group is a DN of the group to add - tgroup is the DN of the target group to be added to - """ - if not isinstance(group,basestring) or len(group) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(tgroup,basestring) or len(tgroup) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if group.lower() == tgroup.lower(): - raise ipaerror.gen_exception(ipaerror.INPUT_SAME_GROUP) - old_group = self.get_entry_by_dn(tgroup, None, opts) - if old_group is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - logging.info("IPA: add_group_to_group '%s' to '%s'" % (group, tgroup)) - new_group = copy.deepcopy(old_group) - - group_dn = self.get_entry_by_dn(group, ['dn', 'cn', 'objectclass'], opts) - if group_dn is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - if new_group.get('member') is not None: - if isinstance(new_group.get('member'),basestring): - new_group['member'] = [new_group['member']] - new_group['member'].append(group_dn['dn']) - else: - new_group['member'] = group_dn['dn'] - - try: - ret = self.__update_entry(old_group, new_group, opts) - except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST): - raise - return ret - - def attrs_to_labels(self, attr_list, opts=None): - """Take a list of LDAP attributes and convert them to more friendly - labels.""" - if not (isinstance(attr_list,list)): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: attrs_to_labels") - - label_list = {} - - for a in attr_list: - label_list[a] = attrs.attr_label_list.get(a,a) - - return label_list - - def get_all_attrs(self, opts=None): - """We have a list of hardcoded attributes -> readable labels. Return - that complete list if someone wants it. - """ - logging.info("IPA: get_all_attrs") - - return attrs.attr_label_list - - def group_members(self, groupdn, attr_list, membertype, opts=None): - """Do a memberOf search of groupdn and return the attributes in - attr_list (an empty list returns all attributes). - - membertype = 0 all members returned - membertype = 1 only direct members are returned - membertype = 2 only inherited members are returned - - Members may be included in a group as a result of being a member - of a group that is a member of the group being queried. - """ - - if not isinstance(groupdn,basestring) or len(groupdn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if attr_list is not None and not isinstance(attr_list,list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if membertype is not None and not isinstance(membertype,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if membertype is None: - membertype = 0 - if membertype < 0 or membertype > 3: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: group_members '%s' %d" % (groupdn, membertype)) - config = self.get_ipa_config(opts) - timelimit = float(config.get('ipasearchtimelimit')) - - sizelimit = int(config.get('ipasearchrecordslimit')) - - groupdn = self.__safe_filter(groupdn) - searchfilter = "(memberOf=%s)" % groupdn - - if attr_list is None: - attr_list = [] - attr_list.append("member") - - conn = self.getConnection(opts) - try: - try: - results = conn.getListAsync(self.accountsdn, self.scope, - searchfilter, attr_list, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - results = [0] - finally: - self.releaseConnection(conn) - - counter = results[0] - results = results[1:] - - if membertype == 0: - entries = [counter] - for e in results: - entries.append(self.convert_entry(e)) - - return entries - - group = self.get_entry_by_dn(groupdn, ['dn', 'member'], opts) - real_members = group.get('member') - if isinstance(real_members, basestring): - real_members = [real_members] - if real_members is None: - real_members = [] - - # Normalize all the dns - for i in range(len(real_members)): - real_members[i] = ipaserver.ipaldap.IPAdmin.normalizeDN(real_members[i]) - - entries = [0] - for e in results: - if ipaserver.ipaldap.IPAdmin.normalizeDN(e.dn) not in real_members: - if membertype == 2: - entries.append(self.convert_entry(e)) - else: - if membertype == 1: - entries.append(self.convert_entry(e)) - - if len(entries) > 1: - entries[0] = len(entries) - 1 - - return entries - - def mark_group_active(self, cn, opts=None): - """Mark a group as active""" - - if not isinstance(cn,basestring) or len(cn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - logging.info("IPA: mark_group_active '%s'" % cn) - group = self.get_entry_by_cn(cn, ['dn', 'cn'], opts) - return self.mark_entry_active(group.get('dn')) - - def mark_group_inactive(self, cn, opts=None): - """Mark a group as inactive""" - - if not isinstance(cn,basestring) or len(cn) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if cn == "admins" or cn == "editors": - raise ipaerror.gen_exception(ipaerror.INPUT_CANT_INACTIVATE) - logging.info("IPA: mark_group_inactive '%s'" % cn) - group = self.get_entry_by_cn(cn, ['dn', 'uid'], opts) - return self.mark_entry_inactive(group.get('dn')) - - def __is_service_unique(self, name, opts): - """Return True if the uid is unique in the tree, False otherwise.""" - name = self.__safe_filter(name) - searchfilter = "(&(krbprincipalname=%s)(objectclass=krbPrincipal))" % name - - try: - entry = self.__get_sub_entry(self.accountsdn, searchfilter, ['dn','krbprincipalname'], opts) - return False - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return True - - def add_service_principal(self, name, force, opts=None): - """Given a name of the form: service/FQDN create a service - principal for it in the default realm. - - Ensure that the principal points at a DNS A record so it will - work with Kerberos unless force is set to 1""" - if not name: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - try: - f = int(force) - except ValueError: - f = 1 - logging.info("IPA: add_service_principal '%s' (%d)" % (name, f)) - - # Break down the principal into its component parts, which may or - # may not include the realm. - sp = name.split('/') - if len(sp) != 2: - raise ipaerror.gen_exception(ipaerror.INPUT_MALFORMED_SERVICE_PRINCIPAL) - service = sp[0] - - sr = sp[1].split('@') - if len(sr) == 1: - hostname = sr[0].lower() - realm = self.realm - elif len(sr) == 2: - hostname = sr[0].lower() - realm = sr[1] - else: - raise ipaerror.gen_exception(ipaerror.INPUT_MALFORMED_SERVICE_PRINCIPAL) - - if not f: - fqdn = hostname + "." - rs = dnsclient.query(fqdn, dnsclient.DNS_C_IN, dnsclient.DNS_T_A) - if len(rs) == 0: - logging.debug("IPA: DNS A record lookup failed for '%s'" % hostname) - raise ipaerror.gen_exception(ipaerror.INPUT_NOT_DNS_A_RECORD) - else: - logging.debug("IPA: found %d records for '%s'" % (len(rs), hostname)) - - service_container = DefaultServiceContainer - - # At some point we'll support multiple realms - if (realm != self.realm): - raise ipaerror.gen_exception(ipaerror.INPUT_REALM_MISMATCH) - - # Put the principal back together again - princ_name = service + "/" + hostname + "@" + realm - - conn = self.getConnection(opts) - if not self.__is_service_unique(princ_name, opts): - raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE) - - dn = "krbprincipalname=%s,%s,%s" % (ldap.dn.escape_dn_chars(princ_name), - service_container,self.basedn) - entry = ipaserver.ipaldap.Entry(dn) - - entry.setValues('objectclass', 'krbPrincipal', 'krbPrincipalAux', 'krbTicketPolicyAux') - entry.setValues('krbprincipalname', princ_name) - - try: - res = conn.addEntry(entry) - finally: - self.releaseConnection(conn) - return res - - def delete_service_principal (self, principal, opts=None): - """Delete a service principal. - - principal is the full DN of the entry to delete. - - This should be called with much care. - """ - if not isinstance(principal,basestring) or len(principal) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - entry = self.get_entry_by_dn(principal, ['dn', 'objectclass'], opts) - if entry is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - dn_list = ldap.explode_dn(entry['dn'].lower()) - if "cn=kerberos" in dn_list: - raise ipaerror.gen_exception(ipaerror.INPUT_SERVICE_PRINCIPAL_REQUIRED) - logging.info("IPA: delete_service_principal '%s'" % principal) - - conn = self.getConnection(opts) - try: - res = conn.deleteEntry(entry['dn']) - finally: - self.releaseConnection(conn) - return res - - def find_service_principal(self, criteria, sattrs, sizelimit=-1, - timelimit=-1, opts=None): - """Returns a list: counter followed by the results. - If the results are truncated, counter will be set to -1.""" - if not isinstance(criteria,basestring) or len(criteria) == 0: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if sattrs is not None and not isinstance(sattrs, list): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(sizelimit,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not isinstance(timelimit,int): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - config = self.get_ipa_config(opts) - if timelimit < 0: - timelimit = float(config.get('ipasearchtimelimit')) - if sizelimit < 0: - sizelimit = int(config.get('ipasearchrecordslimit')) - - search_fields = ["krbprincipalname"] - logging.info("IPA: find_service_principal '%s'" % criteria) - - criteria = self.__safe_filter(criteria) - criteria_words = re.split(r'\s+', criteria) - criteria_words = filter(lambda value:value!="", criteria_words) - if len(criteria_words) == 0: - return [0] - - (exact_match_filter, partial_match_filter) = self.__generate_match_filters( - search_fields, criteria_words) - - # - # further constrain search to just the objectClass - # TODO - need to parameterize this into generate_match_filters, - # and work it into the field-specification search feature - # - exact_match_filter = "(&(objectclass=krbPrincipalAux)(!(objectClass=person))(!(|(krbprincipalname=kadmin/*)(krbprincipalname=K/M@*)(krbprincipalname=krbtgt/*)))%s)" % exact_match_filter - partial_match_filter = "(&(objectclass=krbPrincipalAux)(!(objectClass=person))(!(|(krbprincipalname=kadmin/*)(krbprincipalname=K/M@*)(krbprincipalname=krbtgt/*)))%s)" % partial_match_filter - - - conn = self.getConnection(opts) - try: - try: - exact_results = conn.getListAsync(self.basedn, self.scope, - exact_match_filter, sattrs, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - exact_results = [0] - - try: - partial_results = conn.getListAsync(self.basedn, self.scope, - partial_match_filter, sattrs, 0, None, None, timelimit, - sizelimit) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - partial_results = [0] - finally: - self.releaseConnection(conn) - - exact_counter = exact_results[0] - partial_counter = partial_results[0] - - exact_results = exact_results[1:] - partial_results = partial_results[1:] - - # Remove exact matches from the partial_match list - exact_dns = set(map(lambda e: e.dn, exact_results)) - partial_results = filter(lambda e: e.dn not in exact_dns, - partial_results) - - if (exact_counter == -1) or (partial_counter == -1): - counter = -1 - else: - counter = len(exact_results) + len(partial_results) - - entries = [counter] - for e in exact_results + partial_results: - entries.append(self.convert_entry(e)) - - return entries - - -# Configuration support - def get_ipa_config(self, opts=None): - """Retrieve the IPA configuration""" - searchfilter = "cn=ipaconfig" - try: - config = self.__get_sub_entry("cn=etc," + self.basedn, searchfilter, None, opts) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - raise ipaerror.gen_exception(ipaerror.LDAP_NO_CONFIG) - - return config - - def update_ipa_config(self, oldconfig, newconfig, opts=None): - """Update the IPA configuration. - - oldconfig and newconfig are XML-RPC structs. - - If oldconfig is not empty then it is used when determine what - has changed. - - If oldconfig is empty then the value of newconfig is compared - to the current value of oldconfig. - - """ - if not isinstance(newconfig,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if oldconfig and not isinstance(oldconfig,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not oldconfig: - oldconfig = self.get_entry_by_dn(newconfig.get('dn'), None, opts) - if oldconfig is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - # The LDAP routines want strings, not ints, so convert a few - # things. Otherwise it sees a string -> int conversion as a change. - try: - newconfig['ipapwdexpadvnotify'] = str(newconfig.get('ipapwdexpadvnotify')) - newconfig['ipasearchtimelimit'] = str(newconfig.get('ipasearchtimelimit')) - newconfig['ipasearchrecordslimit'] = str(newconfig.get('ipasearchrecordslimit')) - newconfig['ipamaxusernamelength'] = str(newconfig.get('ipamaxusernamelength')) - except KeyError: - # These should all be there but if not, let things proceed - pass - - # Ensure that the default group for users exists - try: - group = self.get_entry_by_cn(newconfig.get('ipadefaultprimarygroup'), None, opts) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - raise - except: - raise - - # Run through the list of User and Group object classes to make - # sure they are all valid. This doesn't handle dependencies but it - # will at least catch typos. - classes = self.__get_objectclasses(opts) - oc = newconfig['ipauserobjectclasses'] - for i in range(len(oc)): - if not oc[i].lower() in classes: - raise ipaerror.gen_exception(ipaerror.CONFIG_INVALID_OC) - oc = newconfig['ipagroupobjectclasses'] - for i in range(len(oc)): - if not oc[i].lower() in classes: - raise ipaerror.gen_exception(ipaerror.CONFIG_INVALID_OC) - - return self.update_entry(oldconfig, newconfig, opts) - - def get_password_policy(self, opts=None): - """Retrieve the IPA password policy""" - try: - policy = self.get_entry_by_cn("accounts", None, opts) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - raise ipaerror.gen_exception(ipaerror.LDAP_NO_CONFIG) - - # convert some values for display purposes - policy['krbmaxpwdlife'] = str(int(policy.get('krbmaxpwdlife')) / 86400) - policy['krbminpwdlife'] = str(int(policy.get('krbminpwdlife')) / 3600) - - return policy - - def update_password_policy(self, oldpolicy, newpolicy, opts=None): - """Update the IPA configuration - - oldpolicy and newpolicy are XML-RPC structs. - - If oldpolicy is not empty then it is used when determine what - has changed. - - If oldpolicy is empty then the value of newpolicy is compared - to the current value of oldpolicy. - - """ - if not isinstance(newpolicy,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if oldpolicy and not isinstance(oldpolicy,dict): - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - if not oldpolicy: - oldpolicy = self.get_entry_by_dn(newpolicy.get('dn'), None, opts) - if oldpolicy is None: - raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) - - - # The LDAP routines want strings, not ints, so convert a few - # things. Otherwise it sees a string -> int conversion as a change. - try: - for k in oldpolicy.iterkeys(): - if k.startswith("krb", 0, 3): - oldpolicy[k] = str(oldpolicy[k]) - for k in newpolicy.iterkeys(): - if k.startswith("krb", 0, 3): - newpolicy[k] = str(newpolicy[k]) - - # Convert hours and days to seconds - oldpolicy['krbmaxpwdlife'] = str(int(oldpolicy.get('krbmaxpwdlife')) * 86400) - oldpolicy['krbminpwdlife'] = str(int(oldpolicy.get('krbminpwdlife')) * 3600) - newpolicy['krbmaxpwdlife'] = str(int(newpolicy.get('krbmaxpwdlife')) * 86400) - newpolicy['krbminpwdlife'] = str(int(newpolicy.get('krbminpwdlife')) * 3600) - except KeyError: - # These should all be there but if not, let things proceed - pass - except: - # Anything else raise an error - raise - - return self.update_entry(oldpolicy, newpolicy, opts) - -def ldap_search_escape(match): - """Escapes out nasty characters from the ldap search. - See RFC 2254.""" - value = match.group() - if (len(value) != 1): - return "" - - if value == "(": - return "\\28" - elif value == ")": - return "\\29" - elif value == "\\": - return "\\5c" - elif value == "*": - # drop '*' from input. search performs its own wildcarding - return "" - elif value =='\x00': - return r'\00' - else: - return value - -def uniq_list(x): - """Return a unique list, preserving order and ignoring case""" - set = {} - return [set.setdefault(e.lower(),e) for e in x if e.lower() not in set] diff --git a/ipa-server/xmlrpc-server/ipaxmlrpc.py b/ipa-server/xmlrpc-server/ipaxmlrpc.py deleted file mode 100644 index 5e13611aa..000000000 --- a/ipa-server/xmlrpc-server/ipaxmlrpc.py +++ /dev/null @@ -1,394 +0,0 @@ -# mod_python script - -# ipaxmlrpc - an XMLRPC interface for ipa. -# Copyright (c) 2007 Red Hat -# -# IPA is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; -# version 2.1 of the License. -# -# This software is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this software; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -# -# Based on kojixmlrpc - an XMLRPC interface for koji by -# Mike McLean <mikem@redhat.com> -# -# Authors: -# Rob Crittenden <rcritten@redhat.com> - -import sys - - -import time -import traceback -import pprint -from xmlrpclib import Marshaller,loads,dumps,Fault -from mod_python import apache -import logging - -from ipaserver import funcs -from ipa import ipaerror, ipautil -import ldap - -import string -import base64 - -# -# An override so we can base64 encode all outgoing values. -# This is set by calling: Marshaller._Marshaller__dump = xmlrpclib_dump -# -# Not currently used. -# -def xmlrpclib_escape(s, replace = string.replace): - """ - xmlrpclib only handles certain characters. Lets encode the whole - blob - """ - - return base64.encodestring(s) - -def xmlrpclib_dump(self, value, write): - """ - xmlrpclib cannot marshal instances of subclasses of built-in - types. This function overrides xmlrpclib.Marshaller.__dump so that - any value that is an instance of one of its acceptable types is - marshalled as that type. - - xmlrpclib also cannot handle invalid 7-bit control characters. See - above. - """ - - # Use our escape function - args = [self, value, write] - if isinstance(value, (str, unicode)): - args.append(xmlrpclib_escape) - - try: - # Try for an exact match first - f = self.dispatch[type(value)] - except KeyError: - # Try for an isinstance() match - for Type, f in self.dispatch.iteritems(): - if isinstance(value, Type): - f(*args) - return - raise TypeError, "cannot marshal %s objects" % type(value) - else: - f(*args) - - -class ModXMLRPCRequestHandler(object): - """Simple XML-RPC handler for mod_python environment""" - - def __init__(self): - self.funcs = {} - self.traceback = False - #introspection functions - self.register_function(self.ping, name="ping") - self.register_function(self.list_api, name="_listapi") - self.register_function(self.system_listMethods, name="system.listMethods") - self.register_function(self.system_methodSignature, name="system.methodSignature") - self.register_function(self.system_methodHelp, name="system.methodHelp") - self.register_function(self.multiCall) - - def register_function(self, function, name = None): - if name is None: - name = function.__name__ - self.funcs[name] = function - - def register_module(self, instance, prefix=None): - """Register all the public functions in an instance with prefix prepended - - For example - h.register_module(exports,"pub.sys") - will register the methods of exports with names like - pub.sys.method1 - pub.sys.method2 - ...etc - """ - for name in dir(instance): - if name.startswith('_'): - continue - function = getattr(instance, name) - if not callable(function): - continue - if prefix is not None: - name = "%s.%s" %(prefix,name) - self.register_function(function, name=name) - - def register_instance(self,instance): - self.register_module(instance) - - def _marshaled_dispatch(self, data, req): - """Dispatches an XML-RPC method from marshalled (XML) data.""" - - params, method = loads(data) - pythonopts = req.get_options() - - # Populate the Apache environment variables - req.add_common_vars() - - opts={} - opts['remoteuser'] = req.user - - if req.subprocess_env.get("KRB5CCNAME") is not None: - opts['krbccache'] = req.subprocess_env.get("KRB5CCNAME") - else: - response = dumps(Fault(5, "Did not receive Kerberos credentials.")) - return response - - debuglevel = logging.INFO - if pythonopts.get("IPADebug"): - opts['ipadebug'] = pythonopts.get("IPADebug").lower() - - if opts['ipadebug'] == "on": - debuglevel = logging.DEBUG - - if not opts.get('ipadebug'): - opts['ipadebug'] = "off" - - logging.basicConfig(level=debuglevel, - format='[%(asctime)s] [%(levelname)s] %(message)s', - datefmt='%a %b %d %H:%M:%S %Y', - stream=sys.stderr) - -# if opts['ipadebug'] == "on": -# for o in opts: -# logging.debug("IPA: setting option %s: %s" % (o, opts[o])) -# for e in req.subprocess_env: -# logging.debug("IPA: environment %s: %s" % (e, req.subprocess_env[e])) - - # Tack onto the end of the passed-in arguments any options we also - # need - params = params + (opts,) - - # special case -# if method == "get_user": -# Marshaller._Marshaller__dump = xmlrpclib_dump - - start = time.time() - # generate response - try: - response = self._dispatch(method, params) - # wrap response in a singleton tuple - response = (response,) - response = dumps(response, methodresponse=1, allow_none=1) - except ipaerror.IPAError, e: - self.traceback = True - - if (isinstance(e.detail, ldap.LDAPError) and len(e.detail[0].get('desc')) > 1): - err = ": %s: %s" % (e.detail[0].get('desc'), e.detail[0].get('info','')) - response = dumps(Fault(e.code, str(e) + err)) - else: - response = dumps(Fault(e.code, str(e))) - except: - self.traceback = True - # report exception back to server - e_class, e = sys.exc_info()[:2] - faultCode = getattr(e_class,'faultCode',1) - tb_str = ''.join(traceback.format_exception(*sys.exc_info())) - faultString = tb_str - response = dumps(Fault(faultCode, faultString)) - - return response - - def _dispatch(self,method,params): - func = self.funcs.get(method,None) - if func is None: - raise Fault(1, "Invalid method: %s" % method) - - args = list(ipautil.unwrap_binary_data(params)) - for i in range(len(args)): - if args[i] == '__NONE__': - args[i] = None - - ret = func(*args) - - return ipautil.wrap_binary_data(ret) - - def multiCall(self, calls): - """Execute a multicall. Execute each method call in the calls list, collecting - results and errors, and return those as a list.""" - results = [] - for call in calls: - try: - result = self._dispatch(call['methodName'], call['params']) - except Fault, fault: - results.append({'faultCode': fault.faultCode, 'faultString': fault.faultString}) - except: - # transform unknown exceptions into XML-RPC Faults - # don't create a reference to full traceback since this creates - # a circular reference. - exc_type, exc_value = sys.exc_info()[:2] - faultCode = getattr(exc_type, 'faultCode', 1) - faultString = ', '.join(exc_value.args) - trace = traceback.format_exception(*sys.exc_info()) - # traceback is not part of the multicall spec, but we include it for debugging purposes - results.append({'faultCode': faultCode, 'faultString': faultString, 'traceback': trace}) - else: - results.append([result]) - - return results - - def list_api(self,opts): - funcs = [] - for name,func in self.funcs.items(): - #the keys in self.funcs determine the name of the method as seen over xmlrpc - #func.__name__ might differ (e.g. for dotted method names) - args = self._getFuncArgs(func) - funcs.append({'name': name, - 'doc': func.__doc__, - 'args': args}) - return funcs - - def ping(self,opts): - """Simple test to see if the XML-RPC is up and active.""" - return "pong" - - def _getFuncArgs(self, func): - args = [] - for x in range(0, func.func_code.co_argcount): - if x == 0 and func.func_code.co_varnames[x] == "self": - continue - # opts is a name we tack on internally. Don't publish it. - if func.func_code.co_varnames[x] == "opts": - continue - if func.func_defaults and func.func_code.co_argcount - x <= len(func.func_defaults): - args.append((func.func_code.co_varnames[x], func.func_defaults[x - func.func_code.co_argcount + len(func.func_defaults)])) - else: - args.append(func.func_code.co_varnames[x]) - return args - - def system_listMethods(self, opts): - return self.funcs.keys() - - def system_methodSignature(self, method, opts): - #it is not possible to autogenerate this data - return 'signatures not supported' - - def system_methodHelp(self, method, opts): - func = self.funcs.get(method) - if func is None: - return "" - arglist = [] - for arg in self._getFuncArgs(func): - if isinstance(arg,str): - arglist.append(arg) - else: - arglist.append('%s=%s' % (arg[0], arg[1])) - ret = '%s(%s)' % (method, ", ".join(arglist)) - if func.__doc__: - ret += "\ndescription: %s" % func.__doc__ - return ret - - def handle_request(self,req): - """Handle a single XML-RPC request""" - - # XMLRPC uses POST only. Reject anything else - if req.method != 'POST': - req.allow_methods(['POST'],1) - raise apache.SERVER_RETURN, apache.HTTP_METHOD_NOT_ALLOWED - - # The LDAP connection pool is not thread-safe. Avoid problems and - # force the forked model for now. - if apache.mpm_query(apache.AP_MPMQ_IS_THREADED): - response = dumps(Fault(3, "Apache must use the forked model")) - else: - response = self._marshaled_dispatch(req.read(), req) - - req.content_type = "text/xml" - req.set_content_length(len(response)) - req.write(response) - - -# -# mod_python handler -# - -def handler(req, profiling=False): - if profiling: - import profile, pstats, StringIO, tempfile - global _profiling_req - _profiling_req = req - temp = tempfile.NamedTemporaryFile() - profile.run("import ipxmlrpc; ipaxmlrpc.handler(ipaxmlrpc._profiling_req, False)", temp.name) - stats = pstats.Stats(temp.name) - strstream = StringIO.StringIO() - sys.stdout = strstream - stats.sort_stats("time") - stats.print_stats() - req.write("<pre>" + strstream.getvalue() + "</pre>") - _profiling_req = None - else: - opts = req.get_options() - try: - f = funcs.IPAServer() - h = ModXMLRPCRequestHandler() - h.register_function(f.version) - h.register_function(f.get_aci_entry) - h.register_function(f.get_entry_by_dn) - h.register_function(f.get_entry_by_cn) - h.register_function(f.update_entry) - h.register_function(f.get_user_by_uid) - h.register_function(f.get_user_by_principal) - h.register_function(f.get_user_by_email) - h.register_function(f.get_users_by_manager) - h.register_function(f.add_user) - h.register_function(f.get_custom_fields) - h.register_function(f.set_custom_fields) - h.register_function(f.get_all_users) - h.register_function(f.find_users) - h.register_function(f.update_user) - h.register_function(f.delete_user) - h.register_function(f.mark_user_active) - h.register_function(f.mark_user_inactive) - h.register_function(f.mark_group_active) - h.register_function(f.mark_group_inactive) - h.register_function(f.modifyPassword) - h.register_function(f.get_groups_by_member) - h.register_function(f.add_group) - h.register_function(f.find_groups) - h.register_function(f.add_member_to_group) - h.register_function(f.add_members_to_group) - h.register_function(f.remove_member_from_group) - h.register_function(f.remove_members_from_group) - h.register_function(f.add_user_to_group) - h.register_function(f.add_users_to_group) - h.register_function(f.add_group_to_group) - h.register_function(f.remove_user_from_group) - h.register_function(f.remove_users_from_group) - h.register_function(f.add_groups_to_user) - h.register_function(f.remove_groups_from_user) - h.register_function(f.update_group) - h.register_function(f.delete_group) - h.register_function(f.attrs_to_labels) - h.register_function(f.get_all_attrs) - h.register_function(f.group_members) - h.register_function(f.get_ipa_config) - h.register_function(f.update_ipa_config) - h.register_function(f.get_password_policy) - h.register_function(f.update_password_policy) - h.register_function(f.add_service_principal) - h.register_function(f.delete_service_principal) - h.register_function(f.find_service_principal) - h.register_function(f.get_radius_client_by_ip_addr) - h.register_function(f.add_radius_client) - h.register_function(f.update_radius_client) - h.register_function(f.delete_radius_client) - h.register_function(f.find_radius_clients) - h.register_function(f.get_radius_profile_by_uid) - h.register_function(f.add_radius_profile) - h.register_function(f.update_radius_profile) - h.register_function(f.delete_radius_profile) - h.register_function(f.find_radius_profiles) - h.handle_request(req) - finally: - pass - return apache.OK diff --git a/ipa-server/xmlrpc-server/test/Makefile.am b/ipa-server/xmlrpc-server/test/Makefile.am deleted file mode 100644 index 310d9d472..000000000 --- a/ipa-server/xmlrpc-server/test/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -NULL = - -EXTRA_DIST = \ - README \ - test_methods.py \ - test_mod_python.py \ - test.py \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - Makefile.in diff --git a/ipa-server/xmlrpc-server/test/README b/ipa-server/xmlrpc-server/test/README deleted file mode 100644 index 544efa526..000000000 --- a/ipa-server/xmlrpc-server/test/README +++ /dev/null @@ -1,60 +0,0 @@ -Diagnosing Kerberos credentials cache problems is difficult. - -The first thing to try is to set LogLevel to debug in -/etc/httpd/conf/httpd.conf and restart Apache. - -Look in /var/log/httpd/error_log for any problems. - -Also check out /var/log/krb5kdc.log - -To simplify things and test just Kerberos ticket forwarding: - -The first test is with a CGI: - -- copy test.py /var/www/cgi-bin -- chmod +x /var/www/cgi-bin/test.py -- kinit admin (or some other existing user) -- curl -u : --negotiate http://yourhost.fqdn/cgi-bin/test.py - -For yourhost.fqdn use the fully-qualified hostname of your webserver. - -The output should look something like: - -KRB5CCNAME is FILE:/tmp/krb5cc_apache_TiMAbq -Sucessfully bound to LDAP using SASL mechanism GSSAPI - -This CGI uses the forwarded credentials to make an authenticated LDAP -connection. If this fails it means that Apache is not properly storing -the kerberos credentials. - -If that works, the second test more closely models the way that IPA works. - -- mkdir /usr/share/ipa/ipatest -- cp test_mod_python.py /usr/share/ipa/ipatest -- uncomment the entries for ipatest in /etc/httpd/conf.d/ipa.conf. There are - entries for ProxyPass and ProxyReversePass, an Alias and a Directory -- restart Apache -- curl -u : --negotiate http://yourhost.fqdn/ipatest/ - -For yourhost.fqdn use the fully-qualified hostname of your webserver. - -The output should look something like: - -KRB5CCNAME: FILE:/tmp/krb5cc_apache_c0MU9o<br> -GATEWAY_INTERFACE: CGI/1.1<br> -... -SCRIPT_FILENAME: /usr/share/ipa/ipaserver/<br> -REMOTE_PORT: 45691<br> -REMOTE_USER: rcrit@GREYOAK.COM<br> -AUTH_TYPE: Negotiate<br> -KRB5CCNAME is FILE:/tmp/krb5cc_apache_c0MU9o<br> -Sucessfully bound to LDAP using SASL mechanism GSSAPI<br> - -It should print all of the environment variables available to mod_python -and do a GSSAPI LDAP connection. - -A final test, which lists the capabilities of the XML-RPC server is -test_methods.py. This is more a sanity check that new functions added -to the server work as expected. - -Note that opts is added by the server itself and is not passed in by the user. diff --git a/ipa-server/xmlrpc-server/test/test.py b/ipa-server/xmlrpc-server/test/test.py deleted file mode 100644 index 7c05f8d29..000000000 --- a/ipa-server/xmlrpc-server/test/test.py +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/python - -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -# A test CGI that tests that the Kerberos credentials cache was created -# properly in Apache. - -import ldap -import ldap.sasl -import os - -sasl_auth = ldap.sasl.sasl({}, "GSSAPI") -conn = ldap.initialize("ldap://localhost:389/") -conn.protocol_version = 3 - -print "Content-type: text/plain" -print "" - -try: - print "KRB5CCNAME is", os.environ["KRB5CCNAME"] - - try: - conn.sasl_interactive_bind_s("", sasl_auth) - except ldap.LDAPError,e: - print "Error using SASL mechanism", sasl_auth.mech, str(e) - else: - print "Sucessfully bound to LDAP using SASL mechanism", sasl_auth.mech - conn.unbind() -except KeyError,e: - print "not set." diff --git a/ipa-server/xmlrpc-server/test/test_methods.py b/ipa-server/xmlrpc-server/test/test_methods.py deleted file mode 100644 index 88fcd9339..000000000 --- a/ipa-server/xmlrpc-server/test/test_methods.py +++ /dev/null @@ -1,57 +0,0 @@ -#!/usr/bin/python - -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -# Simple program to interrogate the XML-RPC server for information on what -# it can do. - -import sys -import xmlrpclib -from ipa.krbtransport import KerbTransport -import ipa -from ipa import config - -ipa.config.init_config() - -serverlist = config.config.get_server() -url = "http://" + serverlist[0] + "/ipa" -s = xmlrpclib.Server(url, KerbTransport()) - -print "A list of all methods available on the server." -print "system.listMethods: ", s.system.listMethods() -print "" - -print "Signatures are not supported." -print "system.methodSignature: ", s.system.methodSignature("get_user_by_uid") -print "" - -print "Help on a specific method" -print "system.methodHelp: ", s.system.methodHelp("get_user_by_uid") - -print "The entire API:" -result = s._listapi() -for item in result: - print item['name'], - print "(", - i = len(item['args']) - p = 0 - for a in item['args']: - if isinstance(a, list): - print "%s=%s" % (a[0], a[1]), - else: - print a, - if p < i - 1: - print ",", - p = p + 1 - print ")" diff --git a/ipa-server/xmlrpc-server/test/test_mod_python.py b/ipa-server/xmlrpc-server/test/test_mod_python.py deleted file mode 100644 index 6136b5416..000000000 --- a/ipa-server/xmlrpc-server/test/test_mod_python.py +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/python - -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -# A test CGI that tests that the Kerberos credentials cache was created -# properly in Apache. - -import ldap -import ldap.sasl -import os -from mod_python import apache - -def handler(req): - req.content_type = "text/plain" - req.send_http_header() - do_request(req) - return apache.OK - -def do_request(req): - sasl_auth = ldap.sasl.sasl({}, "GSSAPI") - conn = ldap.initialize("ldap://localhost:389/") - conn.protocol_version = 3 - - req.add_common_vars() - - for e in req.subprocess_env: - req.write("%s: %s<br>\n" % (e, req.subprocess_env[e])) - - try: - req.write("KRB5CCNAME is %s<br>\n" % req.subprocess_env["KRB5CCNAME"]) - os.environ["KRB5CCNAME"] = req.subprocess_env["KRB5CCNAME"] - - try: - conn.sasl_interactive_bind_s("", sasl_auth) - except ldap.LDAPError,e: - req.write("Error using SASL mechanism %s %s<br>\n" % (sasl_auth.mech, str(e))) - else: - req.write("Sucessfully bound to LDAP using SASL mechanism %s<br>\n" % sasl_auth.mech) - conn.unbind() - except KeyError,e: - req.write("KRB5CCNAME is not set.") |
