summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* ipa-kdb: add PAC only if requestedSumit Bose2013-03-081-2/+140
| | | | | | | | Instead of always adding a PAC to the Kerberos ticket the global default for the authorization data and the authorization data of the service entry is evaluated and the PAC is added accordingly. https://fedorahosted.org/freeipa/ticket/2960
* ipa-kdb: Read ipaKrbAuthzData with other principal dataSumit Bose2013-03-082-0/+18
| | | | | | | | The ipaKrbAuthzData LDAP attribute is read together with the other data of the requestedprincipal and the read value(s) are stored in the e-data of the entry for later use. https://fedorahosted.org/freeipa/ticket/2960
* ipa-kdb: Read global defaul ipaKrbAuthzDataSumit Bose2013-03-082-1/+29
| | | | | | | The ipaKrbAuthzData LDAP attribute is read from the ipaConfig object and the read value(s) are stored in the ipadb context. https://fedorahosted.org/freeipa/ticket/2960
* Add NFS specific default for authorization data typeSumit Bose2013-03-081-0/+5
| | | | | | | Since the hardcoded default fpr the NFS service was removed the default authorization data type is now set in the global server configuration. https://fedorahosted.org/freeipa/ticket/2960
* Revert "MS-PAC: Special case NFS services"Sumit Bose2013-03-081-35/+1
| | | | | | | | This reverts commit 5269458f552380759c86018cd1f30b64761be92e. With the implementation of https://fedorahosted.org/freeipa/ticket/2960 a special hardcoded handling of NFS service tickets is not needed anymore.
* Don't base64-encode the CA cert when uploading it during an upgrade.Rob Crittenden2013-03-071-2/+1
| | | | | | | | We want to store the raw value. Tools like ldapsearch will automatically base64 encode the value because it's binary so we don't want to duplicate that. https://fedorahosted.org/freeipa/ticket/3477
* ipa-replica-manage: migrate to single_value after LDAPEntry updatesAlexander Bokovoy2013-03-061-2/+2
|
* Fix internal error in output_for_cli method of sudorule_{enable,disable}.Jan Cholasta2013-03-061-4/+4
| | | | | | | Also fix incorrect super method call in output_for_cli method of sudorule_{add,remove}_option. https://fedorahosted.org/freeipa/ticket/3489
* Remove disabled entries from sudoers compat tree.Jan Cholasta2013-03-062-1/+3
| | | | | | | The removal is triggered by generating an invalid RDN when ipaEnabledFlag of the original entry is FALSE. https://fedorahosted.org/freeipa/ticket/3437
* ipaserver/dcerpc: enforce search_s without schema checks for GC searchingAlexander Bokovoy2013-03-061-1/+1
|
* Fix remove while iterating in suppress_netgroup_memberof.Jan Cholasta2013-03-063-3/+2
| | | | https://fedorahosted.org/freeipa/ticket/3464
* Web UI: configurable SID blacklistsPetr Vobornik2013-03-063-0/+16
| | | | | | | Added blacklists section, with ipantsidblacklistincoming and ipantsidblacklistoutgoing multivalued textbox fields, into trust details page. https://fedorahosted.org/freeipa/ticket/3289
* Fix handling of no_update flag in Web UIPetr Vobornik2013-03-061-2/+2
| | | | | | There was an incorrect check for no_update flag. Check was performed as if the flag was an attribute of object not an item of array. Hence, the flag never caused any effect.
* Fix dirty state update of editable comboboxPetr Vobornik2013-03-062-25/+3
| | | | | | Editable combobox didn't update it's dirty state correctly. CB had it's own internal value changed event, which was incorrectly used. It was removed and widget's value_changed event was used instead.
* Combobox keyboard supportPetr Vobornik2013-03-061-27/+186
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Combobox can be controlled just by using keyboard. When value list is closed, user can: * use UP and DOWN error to open list, it will focus the list and select previous/next value * when CB is non-editable, user can start typing, first character will open list, second will be entered into search input. Note: I wanted to copy the first char to the search box as well, but I did not figure out reliable method for converting keycode to char for non ASCII keyboard layouts * ESCAPE, ENTER, TAB keys are handled to allow keyboard operations in a container When value list is opened: * CB tries to keep focus on either search input or a select * when focus is lost, the value list is closed. So user can click anywhere on a page to close it - two comboboxes can't be opened on the same time * hitting TAB key switches between search and select * if CB is not searchable, hitting TAB will close the value list and select input textbox * hitting ESCAPE on will close the value list * hitting ENTER on search input will invoke search operation * hitting ENTER on select will close the value list * hitting UP/DOWN arrows will select previous/next values Additional modifications: * opening arrow and search button were made non-focusable. It fixes the 'wrong focus area' bug and simplifies keyboard usage. It doesn't affect mouse usage. https://fedorahosted.org/freeipa/ticket/3324
* Improve LDAPEntry testsPetr Viktorin2013-03-011-18/+86
|
* Remove support for DN normalization from LDAPClient.Jan Cholasta2013-03-019-85/+41
|
* Remove DN normalization from the baseldap plugin.Jan Cholasta2013-03-017-56/+27
|
* Use full DNs in plugin code.Jan Cholasta2013-03-0115-42/+59
|
* Support attributes with multiple names in LDAPEntry.Jan Cholasta2013-03-013-4/+20
|
* Aggregate IPASimpleLDAPObject in LDAPEntry.Jan Cholasta2013-03-013-14/+57
|
* Preserve case of attribute names in LDAPEntry.Jan Cholasta2013-03-015-35/+97
|
* Use the dn attribute of LDAPEntry to set/get DNs of entries.Jan Cholasta2013-03-0111-43/+73
| | | | | Convert all code that uses the 'dn' key of LDAPEntry for this to use the dn attribute instead.
* Remove some uses of raw python-ldapPetr Viktorin2013-03-019-201/+142
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Use IPAdmin rather than raw python-ldap in ipactlPetr Viktorin2013-03-012-44/+35
| | | | | | Add a new init argument, ldap_uri, to IPAdmin to make this possible. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Use IPAdmin rather than raw python-ldap in migration.bindPetr Viktorin2013-03-011-8/+11
| | | | | | | | The get_base_dn function still uses python-ldap because get_ipa_basedn is shared with client code, which doesn't have access to uor LDAP wrappers. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Do not use global variables in migration.pyPetr Viktorin2013-03-011-18/+18
|
* Use ldap instead of _ldap in ipaldapPetr Viktorin2013-03-011-47/+47
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove IPAdmin.unbind_s(), keep unbind()Petr Viktorin2013-03-016-16/+7
| | | | | | | | The unbind and unbind_s functions do the same thing (both are synchronous). In the low-level IPASimpleLDAPObject, unbind_s rather than unbind is kept. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove IPAdmin.simple_bind_sPetr Viktorin2013-03-013-9/+6
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove IPAdmin.sasl_interactive_bind_sPetr Viktorin2013-03-013-13/+6
| | | | | | | Also, rename remaining uses of SASL_AUTH to SASL_GSSAPI to better reflect what it is. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Replace IPAdmin.start_tls_s by an __init__ argumentPetr Viktorin2013-03-012-11/+11
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove search_s and search_ext_s from IPAdminPetr Viktorin2013-03-017-31/+29
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Proxy LDAP methods explicitly rather than using __getattr__Petr Viktorin2013-03-011-3/+38
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Inline waitForEntry in its only callerPetr Viktorin2013-03-012-43/+40
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Inline inactivateEntry in its only callerPetr Viktorin2013-03-012-20/+3
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* replace getEntry with get_entry (or get_entries if scope != SCOPE_BASE)Petr Viktorin2013-03-0110-66/+56
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Fix typo and traceback suppression in replication.pyPetr Viktorin2013-03-011-3/+4
|
* Replace deleteEntry with delete_entryPetr Viktorin2013-03-016-18/+13
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Replace addEntry with add_entryPetr Viktorin2013-03-018-28/+23
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Rename LDAPConnection to LDAPClientPetr Viktorin2013-03-012-7/+7
| | | | | | | It does more than just connecting, so it should have more suitable name. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove toTupleList and attrList from LDAPEntryPetr Viktorin2013-03-012-19/+2
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Replace getList by a get_entries methodPetr Viktorin2013-03-018-60/+91
| | | | | | | | | | | The find_entries method is cumbersome to use: it requires keyword arguments for simple uses, and callers are tempted to ignore the 'truncated' flag it returns. Introduce a simpler method, get_entries, that returns the found list directly, and raises an errors if the list is truncated. Replace the getList method by get_entries. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Replace entry.getValue by entry.single_valuePetr Viktorin2013-03-0111-88/+94
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove special-casing for missing and single-valued attributes in ↵Petr Viktorin2013-03-011-6/+0
| | | | LDAPUpdate._entry_to_entity
* Introduce LDAPEntry.single_value for getting single-valued attributesPetr Viktorin2013-03-011-0/+23
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Replace IPAdmin.checkTask by replication.wait_for_taskPetr Viktorin2013-03-013-27/+24
| | | | | | The method was only used for waiting, not actual checking. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove IPAdmin.get_dns_sorted_by_lengthPetr Viktorin2013-03-013-54/+12
| | | | | | | A simple sort(key=len) is simpler both implementation-wise and semantics-wise. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove IPAdmin.updateEntry calls from fix_replica_agreementsPetr Viktorin2013-03-011-4/+2
| | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
* Remove dbdir, binddn, bindpwd from IPAdminPetr Viktorin2013-03-012-23/+15
| | | | | | | The dbdir logic was moved to replication.py, the only caller. The binddn and bindpwd attributes were unused. Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
generated by cgit (git 2.34.1) at 2024-05-07 09:35:26 +0000