summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix typo in ipa-replica-prepareMartin Kosek2011-07-181-1/+0
| | | | | https://fedorahosted.org/freeipa/ticket/1327 https://fedorahosted.org/freeipa/ticket/1347
* Add new dnszone-find testMartin Kosek2011-07-182-1/+83
| | | | | | | | Implement a test for new dnszone-find option --forward-only. Fix example for reverse zone (zone was not fully qualified and DNS plugin would forbid adding PTR records). https://fedorahosted.org/freeipa/ticket/1473
* Check IPA configuration in install toolsMartin Kosek2011-07-188-11/+58
| | | | | | | | | Install tools may fail with unexpected error when IPA server is not installed on a system. Improve user experience by implementing a check to affected tools. https://fedorahosted.org/freeipa/ticket/1327 https://fedorahosted.org/freeipa/ticket/1347
* Fix exit status of ipa-nis-manage enable.Jan Cholasta2011-07-151-8/+5
| | | | ticket 1247
* Add ability to specify DNS reverse zone name by IP network address.Jan Cholasta2011-07-155-12/+76
| | | | | | | In order for this to work, chaining of parameters through default_from is made possible. ticket 1474
* Fix self-signed replica installationMartin Kosek2011-07-142-2/+6
| | | | | | | | | When a replica for self-signed server is being installed, the installer crashes with "Not a dogtag CA installation". Make sure that installation is handled correctly for both dogtag and self-signed replicas. https://fedorahosted.org/freeipa/ticket/1479
* Fix ipa-dns-installMartin Kosek2011-07-151-19/+13
| | | | | | | | | | | | | When DNS plugin is installed via ipa-dns-install and user has a valid Kerberos ticket at the time, the DNS installation is corrupt and named won't start, reporting Preauthentication error. When the non-DM identity is used for authentication, krbprincipalkey attribute in DNS service LDAP record is not created, thus leading to the error. This patch makes sure that authentication with Directory Manager password is used every time. https://fedorahosted.org/freeipa/ticket/1483
* Fix creation of reverse DNS zones.Jan Cholasta2011-07-159-124/+196
| | | | | | | | | | | | | Create reverse DNS zone for /24 IPv4 subnet and /64 IPv6 subnet by default instead of using the netmask from the --ip-address option. Custom reverse DNS zone can be specified using new --reverse-zone option, which replaces the old --ip-address netmask way of creating reverse zones. The reverse DNS zone name is printed to the user during the install. ticket 1398
* Configure SSSD to store user password if offline.Jan Cholasta2011-07-142-0/+7
| | | | ticket 1359
* Remove the ability to create new HBAC deny rules.Rob Crittenden2011-07-143-5/+36
| | | | | | | | | | New rules will all be allow type. Existing rules cannot be changed to deny. The type attribute now defaults to allow with autofill so it won't be prompted in interactive mode in the cli. https://fedorahosted.org/freeipa/ticket/1432
* In sudo labels we should use RunAs and not Run As.Rob Crittenden2011-07-142-12/+12
| | | | https://fedorahosted.org/freeipa/ticket/1328
* Document registering to an entitlement server with a UUID as not implemented.Rob Crittenden2011-07-141-1/+4
| | | | | | | | It was my understanding that we would be able to pass in an existing UUID when registering to connect to an existing registration (for the case where IPA is re-installed). This is supported in the REST API but not python-rhsm. https://fedorahosted.org/freeipa/ticket/1216
* Disallow direct modifications to enrolledBy.Rob Crittenden2011-07-146-27/+33
| | | | | | | | | | This fixes a regression. We don't need to allow enrolledBy to be modified because it gets written in the ipa_enrollment plugin which does internal operations so bypasses acis. https://fedorahosted.org/freeipa/ticket/302
* Fixed label capitalizationEndi S. Dewata2011-07-1433-87/+333
| | | | | | | | The CSS text-transform sometimes produces incorrect capitalization, so the code has been modified to use translated labels that already contain the correct capitalization. Ticket #1424
* dnsrecord-mod uiAdam Young2011-07-1314-497/+498
| | | | | | | | | | | | | | | | | | | | | | | | | | Brings the DNS record infrastructure in line with the other entities. Uses widgets, nested search, and a littel bit of overloading for dns specific behavior The records now have their own page. simplified link widget and use for dns links work for nested entities. change the field in the link widget to other_entity to avoid name collision. unit test for entity link. fixed reference to entity for getting pkeys work around lack of setattr for dns record mod. update wasn't deducing locked_field type correctly. don't overwrite param_info in init data is required on adder dialog delete works for multiple records use show instead of find for entity_link_widget. https://fedorahosted.org/freeipa/ticket/1038 https://fedorahosted.org/freeipa/ticket/1448 https://fedorahosted.org/freeipa/ticket/577 https://fedorahosted.org/freeipa/ticket/1460
* remove HBAC warning from static UIAdam Young2011-07-131-44/+47
|
* Remove sensitive information from logsMartin Kosek2011-07-132-11/+11
| | | | | | | | When -w/--password option is passed to ipa-replica-install it is printed to ipareplica-install.log. Make sure that the value of this option is hidden. https://fedorahosted.org/freeipa/ticket/1378
* Filter reverse zones in dnszone-findMartin Kosek2011-07-134-13/+50
| | | | | | | | | Implements a new option to filter out reverse zones. This patch also do some clean up in dns plugin - debug prints were accidentally left here in the last dns patch. https://fedorahosted.org/freeipa/ticket/1471
* Convert nsaccountlock to always work as bool towards Python codeAlexander Bokovoy2011-07-137-40/+52
| | | | | | | | https://fedorahosted.org/freeipa/ticket/1259 Python code will see nsaccountlock as bool. JavaScript code will also see it as bool. This allows native boolean operations with the lock field. Passes both CLI and WebUI tests.
* Reset failed login count to 0 when admin resets password.Rob Crittenden2011-07-131-0/+6
| | | | https://fedorahosted.org/freeipa/ticket/1441
* Fixed object_name and object_name_plural internationalizationEndi S. Dewata2011-07-1228-206/+206
| | | | | | | | | The object_name, object_name_plural and messages that use these attributes have been converted to support translation. The label attribute in the Param class has been modified to accept unicode string. Ticket #1435
* Add DNS record modification commandMartin Kosek2011-07-124-45/+176
| | | | | | | | | | | | | | | | | The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command "dnsrecord-mod" which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137
* Fixed collapsed table in Chrome.Endi S. Dewata2011-07-121-5/+3
| | | | | | | The .content-table class has been modified to expand properly in Firefox and Chrome. Ticket #1450
* entity_select namingAdam Young2011-07-121-0/+1
| | | | http://fedorahosted.org/freeipa/ticket/1467
* Fix test failure in updater when adding values to a single-value attrRob Crittenden2011-07-112-1/+2
| | | | | | | The ipaldap.py code was updated to consider the schema when making changes and does a REPLACE on single-value attributes. So when you do an add in an update it will effectively replace the value instead of ignoring it.
* Fix error in AttrValueNotFound exception exampleRob Crittenden2011-07-111-2/+2
|
* find_entry_by_attr() should fail if multiple entries are foundRob Crittenden2011-07-113-1/+58
| | | | | | | | | | It will only ever return one entry so if more than one are found then we raise an exception. This is most easily seen in the host plugin where we search on the server shortname which can be the same across sub-domains (e.g. foo.example.com & foo.lab.example.com). https://fedorahosted.org/freeipa/ticket/1388
* Enforce class rules when query=True, continue to not run validators.ticket-hbac-testRob Crittenden2011-07-113-28/+43
| | | | | | | | | | | | | | | This started as a problem in allowing leading/trailing whitespaces on primary keys. In nearly every command other than add query is True so all rules were ignored on the primary key. This meant that to enforce whitespace we would need to define a validator for each one. I decided instead to set self.all_rules to just the class rules if query == True. So the minimum set of validators will be executed against each type but param-specific validators will only run on add. https://fedorahosted.org/freeipa/ticket/1285 https://fedorahosted.org/freeipa/ticket/1286 https://fedorahosted.org/freeipa/ticket/1287
* Added sudo options.Endi S. Dewata2011-07-117-80/+287
| | | | | | | A table has been added into sudo rule details page for managing sudo options. Ticket #1447
* indirect adminsAdam Young2011-07-111-3/+5
| | | | https://fedorahosted.org/freeipa/ticket/1465
* clear errors on resetAdam Young2011-07-083-4/+10
| | | | https://fedorahosted.org/freeipa/ticket/1446
* Fixed missing entitlement import button labelEndi S. Dewata2011-07-081-1/+1
| | | | Ticket #1456
* check required on addAdam Young2011-07-083-37/+46
| | | | | | | | | previsouly was checked on key down, but that does the check too soon. Next attempt was on blur, but that had numerous problems. This now checkes when the add button is clicked. works for entity_select widget, too Checks upon form submission https://fedorahosted.org/freeipa/ticket/1437
* Fixed test fixture file name.Endi S. Dewata2011-07-071-0/+0
|
* Fixed dirty dialog problems in HBAC/Sudo rules.Endi S. Dewata2011-07-075-110/+83
| | | | | | | The update() in HBAC/Sudo details facet has been fixed to call the callback function which will show the dirty dialog properly. Ticket #1439
* Fixed blank self-service page.Endi S. Dewata2011-07-061-0/+2
| | | | | | | The self-service navigation has been fixed to include the root of the navigation path. Ticket #1445
* HBAC deny warningAdam Young2011-07-0611-31/+261
| | | | | | | | shows dialog if there are any HBAC deny rules. Dialog provides option to navigate to the HBAC page. Deny rules have their rule type value show up in red. Only shows up fro administrators, not for self service users. https://fedorahosted.org/freeipa/ticket/1421
* Fixed HBAC/Sudo rules associations.Endi S. Dewata2011-07-064-0/+50
| | | | | | | | The HBAC/Sudo rules associations in users, groups, hosts and host groups have been fixed to use the correct associator and method names. Ticket #1438
* password expiration labelAdam Young2011-07-053-12/+12
|
* validate intsAdam Young2011-07-051-33/+40
| | | | | | validate integers whether meta comes from metadata or param_info https://fedorahosted.org/freeipa/ticket/1415
* Fixed object_name usage.Endi S. Dewata2011-07-0510-85/+79
| | | | | | | | | | | The object_name attribute was used as both an identifier and a label which sometimes require different values (e.g. hbacrule vs. HBAC rule). The code that uses object_name as an identifier has been changed to use the 'name' attribute instead. The values of the object_name attribute have been fixed to become proper labels. Ticket #1217
* Add pwd expiration notif (ipapwdexpadvnotify) to config plugin def attr listRob Crittenden2011-07-051-0/+1
| | | | https://fedorahosted.org/freeipa/ticket/1416
* Set the client auth callback after creating the SSL connection.Rob Crittenden2011-07-011-2/+2
| | | | | | | | | | If we set the callback before calling connect() then if the connection tries a network family type and fails, it will try other family types. If this happens then the callback set on the first socket will be lost when a new socket is created. There is no way to query for the callback in an existing socket. https://fedorahosted.org/freeipa/ticket/1349
* Added arrow icons for details sections.Endi S. Dewata2011-07-014-25/+20
| | | | | | | New arrow icons have been added to replace the plus/minus sign icons for expanding/collapsing details sections. Ticket #1422
* entity link for password policyAdam Young2011-07-012-2/+65
| | | | | | | https://fedorahosted.org/freeipa/ticket/1111 reset() now hides both the link and the label calucalating should_link is now a function that can be overloaded.
* Removed invalid associations.Endi S. Dewata2011-07-012-2/+2
| | | | | | | | | The following invalid associations have been removed: - group's memberindirect netgroup and role - hostgroup's memberofindirect host Ticket #1366 Ticket #1367
* Fixed button style in EntitlementsEndi S. Dewata2011-07-011-1/+1
| | | | | | | | The entitlement buttons are located serveral levels underneath facet-controls, so the CSS selector has been fixed to extend beyond facet-controls' immediate children. Ticket #1419
* Added confirmation dialog for user activation.Endi S. Dewata2011-07-013-59/+131
| | | | | | | | | The IPA.user_status_widget has been modified such that it checks the facet dirty status and asks the admin to either Update or Reset the changes. Then the widget shows a dialog to confirm whether the admin wants to activate/deactivate the user. Ticket #1395
* config widgets entity select default group checkbox for migrationAdam Young2011-06-305-14/+31
|
* Fixed hard-coded messages.Endi S. Dewata2011-06-309-116/+228
| | | | | | Hard-coded messages in the UI have been replaced with I18n messages. Ticket #1396
generated by cgit (git 2.34.1) at 2024-06-08 09:03:58 +0000