summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* WIP: support idviews in compat treeviewsAlexander Bokovoy2014-09-246-0/+42
|
* idviews: Add ipaOriginalUidTomas Babej2014-09-241-0/+6
|
* idviews: Handle Default Trust View properly in the frameworkTomas Babej2014-09-221-0/+28
|
* idviews: Add Default Trust View as part of adtrustinstallTomas Babej2014-09-223-0/+29
|
* idviews: Make description optional for the ID View objectTomas Babej2014-09-221-1/+1
|
* idviews: Fix casing of ID Views to be consistentTomas Babej2014-09-221-35/+35
|
* baseldap: Properly handle the case of renaming object to the same nameTomas Babej2014-09-221-10/+17
| | | | | | | | When renaming a object to the same name, errors.EmptyModList is raised. This is not properly handled, and can cause other modifications in the LDAPUpdate command to be ignored. https://fedorahosted.org/freeipa/ticket/4548
* idviews: Update the referential plugin config to watch for ipaAssignedIDViewTomas Babej2014-09-222-0/+8
| | | | | | | We need the referential plugin config to watch for changes in the ID view objects, since hosts refer to them in ipaAssignedIDView attribute. Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add ipaOriginalUidTomas Babej2014-09-224-7/+38
|
* ipatests: Add xmlrpc tests for idviews pluginTomas Babej2014-09-172-0/+1345
|
* idviews: Resolve anchors to object names in idview-showTomas Babej2014-09-171-115/+132
|
* idviews: Raise NotFound errors if object to override could not be foundTomas Babej2014-09-171-0/+11
|
* idviews: Change format of IPA anchor to include domainTomas Babej2014-09-171-2/+14
|
* idviews: Alter idoverride methods to work with splitted objectsTomas Babej2014-09-171-40/+28
|
* idviews: Split the idoverride commands into iduseroverride and idgroupoverrideTomas Babej2014-09-173-23/+146
|
* idviews: Split the idoverride object into iduseroverride and idgroupoverrideTomas Babej2014-09-171-54/+103
|
* idviews: Support specifying object names instead of raw anchors onlyTomas Babej2014-09-172-0/+120
|
* trusts: Add conversion from SID to object nameTomas Babej2014-09-171-0/+49
|
* idviews: Extend idview-show command to display assigned idoverrides and hostsTomas Babej2014-09-172-41/+131
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add ipa idview-apply and idview-unapply commandsTomas Babej2014-09-172-3/+195
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* hostgroup: Selected PEP8 fixes for the hostgroup pluginTomas Babej2014-09-171-11/+4
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* hostgroup: Remove redundant and star importsTomas Babej2014-09-171-2/+5
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* hostgroup: Add helper that returns all members of a hostgroupTomas Babej2014-09-171-0/+8
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idvies: Add managed permissions for idview and idoverride objectsTomas Babej2014-09-172-0/+27
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Create basic idview plugin structureTomas Babej2014-09-172-0/+331
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* ipalib: PEP8 fixes for host pluginTomas Babej2014-09-171-18/+22
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* ipalib: Remove redundant and star imports from host pluginTomas Babej2014-09-171-8/+8
| | | | | | Also fixes incorrect error catching for UnicodeDecodeError. Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add ipaAssignedIDVIew reference to the host objectTomas Babej2014-09-173-8/+14
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Create container for ID views under cn=accountsTomas Babej2014-09-173-0/+6
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add necessary schema for the ID viewsTomas Babej2014-09-174-1/+11
|
* baseldap: Fix undefined variable reference in LDAPAddReverseMember and ↵Tomas Babej2014-09-171-26/+18
| | | | LDAPRemoveReverseMember
* ipalib: host_del: Extend LDAPDelete's takes_options instead of overridingTomas Babej2014-09-173-6/+4
| | | | | | | | | | | The host-del command did not accept --continue option, since the takes_options was overriden and did not take the options from LDAPDelete. Fix the behaviour. https://fedorahosted.org/freeipa/ticket/4473 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Re-enable uninstall feature for ipa-kra-installAde Lee2014-09-153-9/+10
| | | | | | | | | | | | | The underlying Dogtag issue (Dogtag ticket 1113) has been fixed. We can therefore re-enable the uninstall option for ipa-kra-install. Also, fixes an incorrect path in the ipa-pki-proxy.conf, and adds a debug statement to provide status to the user when an uninstall is done. Also, re-added the no_host_dns option which is used when unpacking a replica file. Part of the work for: https://fedorahosted.org/freeipa/ticket/3872 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Allow deleting obsolete permissions; remove operational attribute permissionsPetr Viktorin2014-09-122-22/+21
| | | | | | https://fedorahosted.org/freeipa/ticket/4534 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* permission plugin: Auto-add operational atttributes to read permissionsPetr Viktorin2014-09-124-43/+96
| | | | | | | | | | | The attributes entryusn, createtimestamp, and modifytimestamp should be readable whenever thir entry is, i.e. when we allow reading the objectclass. Automatically add them to every read permission that includes objectclass. https://fedorahosted.org/freeipa/ticket/4534 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Update referential integrity config for DS 1.3.3Petr Viktorin2014-09-122-43/+24
| | | | | | | | | | | | | | | | | | | | | | | Hisorically DS provided defaults for the referential integrity plugin in nsslapd-pluginArg*: nsslapd-pluginarg3: member nsslapd-pluginarg4: uniquemember nsslapd-pluginarg5: owner nsslapd-pluginarg6: seeAlso In 389-ds 1.3.3, the multi-valued referint-membership-attr is used instead. The old way still works, but it requires that the values are numbered consecutively, so IPA's defaults that started with 7 were not taken into account. Convert IPA defaults to use referint-membership-attr. https://fedorahosted.org/freeipa/ticket/4537 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Update SSL ciphers configured in 389-ds-baseLudwig Krispenz2014-09-124-8/+12
| | | | | | | | | | use configuration parameters to enable ciphers provided by NSS and not considered weak. This requires 389-ds version 1.3.3.2 or later https://fedorahosted.org/freeipa/ticket/4395 Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* webui: hide otp fields based on token typePetr Vobornik2014-09-111-3/+8
| | | | | | | | - uses hide empty feature https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: hide non-readable fieldsPetr Vobornik2014-09-113-2/+51
| | | | | | | | | | | | hide widgets if associated field had received attribute level rights without 'r' right. Explicit rights are required to avoid hiding of special widgets which are not associated with any LDAP attribute. https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: hide empty fields and sectionsPetr Vobornik2014-09-112-11/+93
| | | | | | | | | | Hide widgets without a value. Must be explicitly turned on. In widget by `hidden_if_empty` flag. Or globally by `hide_empty_widgets` flag. Global hiding can be individually turned off by `ignore_empty_hiding` flag. https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: widget initializationPetr Vobornik2014-09-111-0/+9
| | | | | | | | | | | | - used `ctor_init` instead of `init` to avoid name collision with existing logic - `ctor_init` is called right after widget instantiation. Basically support better inheritance for the old class system which doesn't have proper contructors https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: better value-change reportingPetr Vobornik2014-09-116-29/+25
| | | | | | | | | - widget save() save method should try to always return value even if read only - report value-change event with actual value to allow processing of the value https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: display fields based on otp token typePetr Vobornik2014-09-111-1/+22
| | | | | | | | - in adder dialog https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: add i18n for the rest of QR code stringsPetr Vobornik2014-09-113-8/+15
| | | | | | https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: add token from user pagePetr Vobornik2014-09-113-3/+60
| | | | | | | | | | Add 'Add OTP Token' action to user action menu. This option is disabled in self-service when viewing other users. https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: better otp token type labelPetr Vobornik2014-09-113-6/+10
| | | | | | https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* webui: add measurement unit to otp token time fieldsPetr Vobornik2014-09-111-3/+12
| | | | | | https://fedorahosted.org/freeipa/ticket/4402 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
* Fix typo causing ipa-upgradeconfig to fail.David Kupka2014-09-111-1/+1
| | | | | | | | Replace 'post-certsave-command' by 'cert-postsave-command'. https://fedorahosted.org/freeipa/ticket/4529 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Update qrcode support for newer python-qrcodeNathaniel McCallum2014-09-112-4/+4
| | | | | | | | | This substantially reduces the FreeIPA dependencies and allows QR codes to fit in a standard terminal. https://fedorahosted.org/freeipa/ticket/4430 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* install: create ff krb extension on every install, replica install and upgradePetr Vobornik2014-09-113-19/+2
| | | | | | | | | | We don't want to copy the extension from master to replica because the replica may use newer version of FreeIPA and therefore the extension code might be obsolete. Same reason for upgrades. https://fedorahosted.org/freeipa/ticket/4478 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
generated by cgit (git 2.34.1) at 2024-04-24 10:36:41 +0000