| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Pull new translations from Transifex
Thanks to all translators!
|
|
|
|
|
|
|
|
| |
API responses can contain warnings in "messages" array. This patch
also adds support for displaying multiple notifications at the same
time in order to show the message and a status of finished operation.
Reviewed-By: Petr Spacek <pspacek@redhat.com>
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4418
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Reviewed-By: Petr Spacek <pspacek@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4425
Reviewed-By: Martin Kosek <mkosek@redhat.com>
|
|
|
|
| |
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/3369
Reviewed-By: Martin Kosek <mkosek@redhat.com>
|
|
|
|
|
|
|
|
|
| |
/usr/share/java/rhino.jar is a Fedora's symlink to /usr/share/java/js.jar
Debian doesn't have it. Direct usage of upstream /usr/share/java/js.jar should
work on both systems.
Reviewed-By: Timo Aaltonen <tjaalton@ubuntu.com>
|
|
|
|
|
| |
Ticket: https://fedorahosted.org/freeipa/ticket/4408
Reviewed-By: Petr Spacek <pspacek@redhat.com>
|
|
|
|
|
| |
Ticket: https://fedorahosted.org/freeipa/ticket/4413
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
|
|
|
|
|
|
|
| |
Revert 5b95be802c6aa12b9464813441f85eaee3e3e82b
Ticket: https://fedorahosted.org/freeipa/ticket/4413
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
|
|
|
|
|
|
|
|
| |
It was decided not to change the OID space for FreeIPA 4.0+ objectclasses.
However, we should still at least properly mark the X-ORIGIN to make
analyzing schema easier.
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
|
| |
Added ACI for idnssecinlinesigning, dlvrecord, nsec3paramrecord,
tlsarecord
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
| |
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
|
|
|
|
|
| |
Ticket: https://fedorahosted.org/freeipa/ticket/4328
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
|
|
|
|
|
| |
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
| |
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
| |
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
| |
Without write access to this attribute, admins could not unlock users.
https://fedorahosted.org/freeipa/ticket/4409
Reviewed-By: Martin Kosek <mkosek@redhat.com>
|
|
|
|
|
|
|
|
| |
The make-ui.sh script builds both app.js and core.js,
but only one was specified in the Makefile.
Correct the mistake.
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Call user-unlock command from Web UI.
It will unlock displayed user on current master.
https://fedorahosted.org/freeipa/ticket/4407
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
| |
standalone page for OTP token synchronization. It reuses SyncOTPScreen
widget instead of reimplementing the logic as in other standalone pages.
https://fedorahosted.org/freeipa/ticket/4218
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Current compiled Web UI layer (app.js) contains every FreeIPA plugin and
not just the UI framework. It's not possible to start just a simple facet.
This commit creates a basis for a layer (core.js) which contains only
framework code and not entity related code.
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
| |
Current check is not enough.
https://fedorahosted.org/freeipa/ticket/4098
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Simple plugin which handles transition from login facet to OTP sync facet
and vice versa.
https://fedorahosted.org/freeipa/ticket/4218
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
| |
Global notifications were limited to "main" container. Now they have their
own container which is displayed over other ones. It makes them usable
everywhere.
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4218
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
| |
New SyncOTPScreen widget and related facet.
https://fedorahosted.org/freeipa/ticket/4218
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
| |
LoginScreen has layout which can be reused for other facets/widgets,
e.g. for Sync OTP facet
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
| |
Pull fresh translations from Transifex.
Update the POT file.
Thanks to all translators!
|
|
|
|
|
|
|
|
|
| |
When a new objectclass was defined as "objectclass" and not
"objectClass", it made the schema updater skip some objectclasses.
https://fedorahosted.org/freeipa/ticket/4405
Reviewed-By: Rich Megginson <rmeggins@redhat.com>
|
|
|
|
|
|
|
|
| |
adapt Web UI to a newer style of encapsulation object data
https://fedorahosted.org/freeipa/ticket/4394
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently there is an incorrect behavior that server doesn't send datetime
and dnsname data in new format.
This patch adds the version to each RPC request making the UI look as the
latest client. Server then sends data in correct format. It also removes
the "unknown version" warning from each RPC response.
https://fedorahosted.org/freeipa/ticket/4394
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
| |
old detection did not work with the static version used for test and
demonstration purposes.
https://fedorahosted.org/freeipa/ticket/4357
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Fake API results for testing and presentation purposes of DNS Forward
Zones.
https://fedorahosted.org/freeipa/ticket/4357
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Regular update of static metadata for testing and presentation purposes.
It should also contain new DNS Forward Zones metadata.
https://fedorahosted.org/freeipa/ticket/4357
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Add DNS Forward Zones Web UI.
- pages under: Identity/DNS/DNS Forward Zones
https://fedorahosted.org/freeipa/ticket/4357
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
| |
All header actions should require confirmation.
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This HTTP call takes the following parameters:
* user
* password
* first_code
* second_code
* token (optional)
Using this information, the server will perform token synchronization.
If the token is not specified, all tokens will be searched for synchronization.
Otherwise, only the token specified will be searched.
https://fedorahosted.org/freeipa/ticket/4218
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4262
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4262
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
| |
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
| |
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4262
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This new extended operation allow to create new keys or retrieve
existing ones. The new set of keys is returned as a ASN.1 structure
similar to the one that is passed in by the 'set keytab' extended
operation.
Access to the operation is regulated through a new special ACI that
allows 'retrieval' only if the user has access to an attribute named
ipaProtectedOperation postfixed by the subtypes 'read_keys' and
'write_keys' to distinguish between creation and retrieval operation.
For example for allowing retrieval by a specific user the following ACI
is set on cn=accounts:
(targetattr="ipaProtectedOperation;read_keys") ...
... userattr=ipaAllowedToPerform;read_keys#USERDN)
This ACI matches only if the service object hosts a new attribute named
ipaAllowedToPerform that holds the DN of the user attempting the
operation.
Resolves:
https://fedorahosted.org/freeipa/ticket/3859
Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
|
|
|
|
|
|
| |
Part of: https://fedorahosted.org/freeipa/ticket/4052
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/4341
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Makes sure we dereference the correct attribute. Also adds object class
checking.
https://fedorahosted.org/freeipa/ticket/4324
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a new attribute ipaSudoRunAsExtUserGroup and corresponding hooks
sudorule plugin.
https://fedorahosted.org/freeipa/ticket/4263
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Adds a new --hostmasks option to sudorule-add-host and sudorule-remove-host
commands, which allows setting a range of hosts specified by a hostmask.
https://fedorahosted.org/freeipa/ticket/4274
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Search for privileges was limited to bindruletype==permission. There
was no reason to do that.
This patch removes the restriction.
Related to:
https://fedorahosted.org/freeipa/ticket/4079
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
|