| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
The output is a pure python dict so is really only useful when used with
--all so it is required.
Updated to return a string for rights as opposed to a list. Terser, reducing the wire size by a factor of 3.5
|
|
|
|
|
|
|
| |
The ipa_cmd() has been modified to identity the type of the error
it has received and display the error using the right dialog box.
The dialog box can be customized further to display the appropriate
amount of information for each type of error.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces a new framework for implementing custom UI.
It consists of the following classes:
Main:
- IPA: global namespace and object repository
- ipa_entity: base class for entities
- ipa_facet: base class for facets
Add dialog:
- ipa_add_dialog: default add dialog
- ipa_add_field: the fields used in the dialog
Search facet:
- ipa_search_facet: default search facet
- ipa_search_column: the columns in the search result
Details facet:
- ipa_details_facet: default details facet
- ipa_details_section: the sections in the details facet
- ipa_details_field: the fields in the details facet
Association facet:
- ipa_association_facet: default association facet
- ipa_association_config: the association configurations
To use this framework, create a class extending the ipa_entity (e.g.
ipa_hbac). Use the create_* methods to create add dialog, search facet,
details facet, and association facet. The fields/columns for the dialog
and facets can be specified using the init() function. Custom UI can be
defined by overwriting the base methods (e.g. setup, save, load).
The entity must be added into the repository using IPA.add_entity().
The original ipa_entity_setup() has been generalized by moving facet-
specific codes into the corresponding facet. Some facet names are still
hard-coded. This will be fixed in follow-up patches.
Some global variables have been removed because their function has been
replaced by the object repository:
- ipa_entity_add_list
- ipa_entity_search_list
- ipa_entity_details_list
- window_hash_cache
Some functions and variables have been moved into IPA namespace:
- ipa_json_url -> IPA.json_url
- ipa_use_static_files -> IPA.use_static_files
- ipa_ajax_options -> IPA.ajax_options
- ipa_objs -> IPA.metadata
- ipa_messages -> IPA.messages
- ipa_dialog -> IPA.error_dialog
- ipa_init() -> IPA.init()
Initially the HBAC and Service entities have been rewritten to use the
new framework. The DNS is partially converted, the ipa_records_facet
is used to define custom records facet.
Other entities can still work using the old framework. The old framework
has been modified to be a wrapper for the new framework. Eventually all
entities will be converted to use the new framework.
Some unit tests have been modified to use the new framework.
|
|
|
|
|
|
|
|
|
|
|
|
| |
To do a change right now you have to perform a setattr like:
ipa user-mod --setattr uid=newuser olduser
The RDN change is performed before the rest of the mods. If the RDN
change is the only change done then the EmptyModlist that update_entry()
throws is ignored.
ticket 323
|
| |
|
|
|
|
| |
merge in remove uuid
|
|
|
|
|
|
|
| |
If a modify operation does not specify our attribute then we need to short
circuit the loop, otherwise on enforcing we will return an error by mistake if
we are not Directory Manager because generate is false if the attr is not
found.
|
| |
|
|
|
|
|
|
|
| |
By setting the enforce flag in the configuration we prevent anyone from storing
arbitrary values and allow only Directory Manager to override the plugin.
Users can only set the value to the magic value (usually 0) to have the uuid
regenerated, and nothing else.
|
|
|
|
|
|
| |
Remove one level of indentation from the main function by jumping
to the end immediately if the configuration list is empty.
Other minor style cleanups.
|
|
|
|
|
| |
This allows the code in the for loop to error out without worrying of
forgetting to unlock the config entries.
|
|
|
|
|
| |
Avoid false positives if more than one uuid attribute is generated
in the same entry.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
for a given field is valid. If not, displays a red box with the contents of pattern_msg
To test this, I artificially modified the meta data for the Group description field
|
|
|
|
| |
header was missing on the association pages.
|
|
|
|
| |
ticket 315
|
|
|
|
|
|
| |
* Fixed comments
* Added attribute
* Fixed objectclass
|
|
|
|
| |
Removing the whoami plugin, as it has been wrapped up into the user plugin
|
|
|
|
|
|
|
|
| |
without the details change
including changes from Reviewboard https://fedorahosted.org/reviewboard/r/96/
Fixed pages that use unspecified (krb ticket policy, config)
Facet name comes out of the facet, not hard coded.
|
|
|
|
|
|
| |
Fixes a bug where find_entries was not passed a parameter for filter.
Instead of fixing the call point, this patch adds a defaulty value for the parameter,
so that they can all be passed by name.
|
| |
|
| |
|
|
|
|
|
|
| |
The first test is a mismatch in the sample output of an exception.
The second test adds certificate information output to the service plugin.
|
|
|
|
|
|
|
| |
Requires selinux-policy-3.6.32-123 on F12
Requires selinux-policy-3.7.19-40 on F13
ticket 73
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
serverHostName because this is tied to the FQDN so should only be changed
on a host rename (which we don't do).
memberOf because the plugin should do this. Directly manging this attribute
would be pretty dangerous and confusing.
Also remove a redundant aci granting the admins group write access to
users and groups. They have it with through the "admins can modify any
entry" aci.
tickets 300, 304
|
|
|
|
|
|
| |
The Gettext() object only does the lookup when you print it as a unicode.
ticket 308
|
|
|
|
| |
Also clean up some duplicate files in the rpm for the UI.
|
| |
|
|
|
|
|
| |
Strikethrough is now a toggle
undo resets value to blank for new entries.
|
| |
|
| |
|
| |
|
|
|
|
| |
ticket #251
|
|
|
|
|
| |
added a modal dialog for resetting the password.
Made the whoami varaible global, as anything dependant on the principal will require access to it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The service certificate management UI has been generalized and moved
into certificate.js. The host details page is now using the same code
to manage certificates. The host.py has been modified to return host
certificate info.
The Get/Revoke/View buttons behavior has been modified such that they
are visible only if there is a valid certificate. The Get dialog box
has been fixed to show the correct certificate header and footer.
The ipa.css has been modified to store the style of the status bullets.
New unit tests for certificate has been added. The test data has been
modified to include sample host certificate.
|
|
|
|
| |
Now use the system wide settings instead of hardcoded size limits.
|
|
|
|
|
| |
We'll later replace them with a new scheme. For now, this is the simplest UI
The intention is to look unfinished, so people don't comment on how poor it looks.
|
| |
|
| |
|
| |
|
|
|
|
| |
This should fix the hbac tests.
|
|
|
|
|
|
|
|
|
|
|
| |
When setting or adding an attribute wiht setatt/addattr check to
see if there is a Param for the attribute and enforce the multi-value.
If there is no Param check the LDAP schema for SINGLE-VALUE.
Catch RDN mods and try to return a more reasonable error message.
Ticket #230
Ticket #246
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The service details page has been modified to show certificate
status using bullets. It will also show the revocation reason,
and display the restore button only if the certificate is on
hold. The buttons action handlers have been moved into
service_usercertificate_load() so they can update the bullets.
A test data file for cert-show operation has been added. Other
test data files containing certificate info has been updated for
consistency.
The certificate_confirmation_dialog() has been removed because
it's no longer used.
|
| |
|
| |
|
|
|
|
|
| |
Apparently on some machines if this is not done SSL validation will fail.
Fixes bug #394
|
| |
|