| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Created format method for getting translated messages for boolean values - IPA.boolean_format.
Used in hosts, sudo rules, hbac rules and hbac test.
https://fedorahosted.org/freeipa/ticket/2027
|
|
|
|
|
|
|
| |
Hard-coded labels in HBAC Test have been moved into internal.py to
allow translation.
Ticket #388
|
|
|
|
|
|
|
| |
The tables in HBAC Test have been modified to expand according to
window size. Hard-coded CSS codes have been moved into ipa.css.
Ticket #388
|
|
|
|
|
|
|
| |
A text field has been added for specifying external user, host, and
service for HBAC testing.
Ticket #388
|
|
|
|
|
|
| |
The search filter in HBAC Test has been fixed to work properly.
Ticket #388.
|
|
|
|
|
|
|
| |
The Back, Next, and New Test buttons in HBAC Test have been fixed
to work properly.
Ticket #388
|
|
|
|
|
|
|
|
|
|
| |
Summarize entered IPA server configuration so that user can examine
it and stop the installation process in case of error. Before this
patch, user had to know which question is the last one and check
the values he entered in various places during the interactive
wizard.
https://fedorahosted.org/freeipa/ticket/1083
|
|
|
|
|
|
|
|
|
|
| |
This is the initial implementation of HBAC Test page. Currently it
can select user, source/target group, service, rules, and execute
the test. Other functionalities to be implemented include the search
filter, external users/hosts, back/next buttons, validation, styling,
and internalization.
Ticket #388
|
|
|
|
|
|
|
|
|
| |
The load() in IPA.facet has been modified to accept the complete
data returned by the server instead of just the result. This is
needed by HBAC Test to access other attributes returned in the
test result.
Ticket #388
|
|
|
|
|
|
|
|
|
|
|
| |
The current code assumes that an entity will always have a corresponding
LDAPObject on the server, so it looks for the metadata in a fixed location.
This assumption doesn't work for HBAC Test since it is a Command, not an
LDAPObject, so the metadata has to be obtained from a different location.
A new method get_default_metadata() has been added to allow each entity
to find the metadata from the correct location.
Ticket #388
|
|
|
|
|
|
|
|
|
| |
The table widget has been modified to support single-valued attribute
using radio buttons needed by some facets in HBAC Test. The widget now
uses 'pagination' flag to determine whether to show the pagination
control. The test data has also been updated.
Ticket #388
|
|
|
|
|
|
|
|
|
| |
The json_metadata command has been modified to accept some new
options and return the commands metadata. The API.txt has been
updated as well. The UI has been modified to use commands metadata
instead of methods metadata.
Ticket #388
|
| |
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/1874
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
JavaScript &= and |= are bitwise operators. They are shortened version of:
foo = foo & bar
foo = foo | bar
In some places they were used as shortened version of logical operation and assignment.
foo = foo && bar
It lead to type conversion to Number which is wrong (0 !== false).
This patch replaces such occurances with full version of logical operation and asignment.
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/1515
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
|
|
|
|
|
|
| |
After deleting section as a special type of object a new way of defining inter-field logic is needed.
For this purpose a facet_policy was created. It is a simple object with init() method. Init method should contain logic for attaching to fields' or widgets' events.
When a policy is added to facet or dialog its container property should be set to that facet or dialog. It gives the policy an access to fields and widgets.
Init method should be called after widgets creation.
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
|
|
|
|
|
|
| |
Sections are changed into pure widget objects. Introduced IPA.composite_widget, basic widget for widget nesting (it's using IPA.widget_container). It's base class for section widgets.
TODO: change old custom sections into custom fields and widgets.
Note: usage of section in HBAC and SUDO is kept - whole logic will be removed in #1515 patch.
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
|
|
|
|
|
|
|
| |
Introduced IPA.field_container and IPA.widget_container.
IPA.field_container: collection for fields. Can set logical container (facet, dialog...) to fields.
IPA.widget_container: collection for widgets. Has basic searching capability withing widget tree.
Introduced field_builder, widget_builder, section_builder, details_builder. All are used for building fields and widgets. Field_builder and widget_builder have the main building logic. Section_builder can create content based on current section spec. Details builder defines a strategy for building content.
https://fedorahosted.org/freeipa/ticket/2040
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
|
|
| |
Splitting IPA.widget into IPA.field (logical part) and IPA.widget, IPA.input_widget (visual part).
https://fedorahosted.org/freeipa/ticket/2040
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/2151
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/1939
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ipa-server-install may create some files in the first phase of
installation before the actual installation and configuring of
services starts. If the installation is interrupted, these files
may prevent installing the server again until IPA server is
uninstalled. This may be confusing and annoying for the user.
This patch safely recovers all known files that could be created
in the first phase of the installation. No clean up is done if
the actual installation has not started yet or the installation
returned success.
https://fedorahosted.org/freeipa/ticket/1980
|
|
|
|
|
|
|
|
|
| |
automember functionality is depends on predefined data is in LDAP.
Since we add it for fresh installs only, automember cannot be used
for upgraded servers. Make sure that automember LDAP data is added
during upgrade too.
https://fedorahosted.org/freeipa/ticket/1992
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are two reasons for the plugin framework:
1. To provide a way of doing manual/complex LDAP changes without having
to keep extending ldapupdate.py (like we did with managed entries).
2. Allows for better control of restarts.
There are two types of plugins, preop and postop. A preop plugin runs
before any file-based updates are loaded. A postop plugin runs after
all file-based updates are applied.
A preop plugin may update LDAP directly or craft update entries to be
applied with the file-based updates.
Either a preop or postop plugin may attempt to restart the dirsrv instance.
The instance is only restartable if ipa-ldap-updater is being executed
as root. A warning is printed if a restart is requested for a non-root
user.
Plugins are not executed by default. This is so we can use ldapupdate
to apply simple updates in commands like ipa-nis-manage.
https://fedorahosted.org/freeipa/ticket/1789
https://fedorahosted.org/freeipa/ticket/1790
https://fedorahosted.org/freeipa/ticket/2032
|
|
|
|
|
|
|
|
|
|
|
|
| |
change default_logger_level to debug in configure_standard_logging
add new ipa_log_manager module, move log_mgr there, also export
root_logger from log_mgr.
change all log_manager imports to ipa_log_manager and change
log_manager.root_logger to root_logger.
add missing import for parse_log_level()
|
|
|
|
|
| |
We need this to be able to re-set it, as ipaUniqueID cannot be arbitraily set
to a value. Only needed for the domain object.
|
|
|
|
|
|
|
| |
The test cases have been updated to use the new extensible mechanism
for defining and registering entities.
Ticket #2043
|
|
|
|
|
|
|
|
|
|
| |
We no longer need to enforce that no 389-ds instances exist on an IPA
server. Checking that the ports exist should be enough.
This used to be one mechanism we used to check to see if IPA was already
installed. We have a better mechanism now.
https://fedorahosted.org/freeipa/ticket/1735
|
|
|
|
|
|
|
|
|
| |
Make sure that when Directory Manager password is entered,
we directly do a simple bind instead of trying binding via GSSAPI.
Also capture ldap.INVALID_CREDENTIALS exception and provide nice
error message than crash.
https://fedorahosted.org/freeipa/ticket/1927
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
computations
https://fedorahosted.org/freeipa/ticket/1794
If the master does not yet support the total update list feature we still
run the memberof fixup task and not fail to replicate due to the new
attribute not being settable.
Jointly-developed-with: Simo Sorce <ssorce@redhat.com>
Jointly-developed-with: Nathank Kinder <nkinder@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The develop.js is no longer necessary because the code in it has
been merged into the main code.
An empty extension.js has been added to provide a place for UI
customization.
Ticket #2099
|
|
|
|
|
|
|
| |
The permission target section has been modified to use widgets
to create the target selection and handle multiple fields.
Ticket #2098
|
|
|
|
|
|
|
|
|
|
|
| |
When an IPA server with unresolvable hostname is being installed,
a hostname record must be inserted to /etc/hosts or the
installation will fail. However, it is not inserted when IP
address is passed as an option (--ip-address) and not
interactively. This patch fixes this so that /etc/hosts
record is inserted in both cases.
https://fedorahosted.org/freeipa/ticket/2074
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The search facet has been modified to support paging on most entities
using the --pkey-only option to get the primary keys and a batch command
to get the complete records.
Paging on DNS records is not supported because a record may appear as
multiple rows. The following entities do not have --pkey-only option:
Automount Key, Self-Service Permissions, Delegation.
The search and association facet have been refactored to reuse the
common code from the table facet base class.
Ticket #981
|