| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
471808
|
| |
|
|
|
|
| |
This should make the User Find results page look nicer.
470428
|
| |
|
|
| |
469256
|
| |
|
|
| |
currently kerberized (and may never be due to their nature).
|
| |
|
|
| |
450613, 457124
|
| |
|
|
|
| |
Use SystemRandom() instead of Random() so that the randomicity
is non-deterministic.
|
| |
|
|
|
|
|
|
| |
This sets the regex to [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
Also change the validators to return True/False
450613, 457124
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We used to manually load the template files for the edit pages using
turbogears.meta.load_kid_template(). Unfortunately this went through
the one code path where encoding was completely ignored. It ended up
defaulting to sys.getdefaultencoding() which is 'ascii'. So even though
most of the templates are loaded as 'utf-8' the few that really mattered
weren't.
The fix is to call kid.load_template() ourselves and set the encoding of
the class we just loaded to either the setting in the app.cfg file or
to the normal default value of 'utf-8'.
454076
|
| |
|
|
| |
453780
|
| |
|
|
|
|
| |
list. This will prevent validation errors when validate.UniqueList() is executed.
449785
|
| |
|
|
|
|
| |
Also fix foreground mode.
450211
|
| |
|
|
|
|
|
|
|
|
|
| |
We open the log in ipa_webgui and this was being inherited by TurboGears
which uses the same log so everything was getting logged twice. Shut down
the log in ipa_webgui at the last possible moment. This will not catch
configuration errors.
Add a Not Found template.
Only print a traceback on 500 errors.
|
| |
|
|
| |
432908
|
| |
|
|
| |
445286
|
| |
|
|
| |
445286
|
| |
|
|
|
|
|
|
|
| |
givenname attribute. The UI is currently hardcoded to require "first name" which renders the admin user uneditable via the UI.
This is a hack that will allow admin to be edited, assuming that one doesn't
try to add a firstname field.
440548
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
UI: /ipa/ui
XML-RPC: /ipa/xml
errors: /ipa/errors
config: /ipa/config
I had to hardcode that URI into the CSS pages but TurboGears handles the
rest of the translations with tg.url().
Added a version to ipa.conf and ipa-rewrite.conf so we can update them
in the future if needed with ipa-upgradeconfig
440443
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
I've changed the variable name searchlimit to sizelimit to match the
name in python-ldap (and hopefully therefore be more readable).
The big change was changing the default value from 0 to -1. As 0 we were
never using the value from cn=ipaconfig
python-ldap expects this to be an int type
In the UI sizelimit was hardcoded at 0 for users
439880
|
| |
|
|
| |
440242
|
| |
|
|
| |
440895
|
| | |
|
| |
|
|
|
|
|
|
| |
since they aren't being displayed anymore. They will just get blanked.
Also add some error handling in ipahelper.fix_incoming_fields()
438256
|
| |
|
|
|
|
| |
Fix the redirection errors, it was going to back to the Add delegation page
438257
|
| |
|
|
|
|
| |
This is done automatically and trying to do so will return an error.
432106
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do account activation by using a Class of Service based on group
membership. A problem can happen if the entry itself has an nsaccountlock
attribute and you try doing Class of Service work as well because the
local attribute has priority. So try to detect that the entry has a local
nsAccountLock attribute and report an appropriate error.
Don't allow the admins or editors groups to be de-activated.
Return a better error message if account [in]activation fails.
Catch errors when doing group [in]activation.
439230
|
| |
|
|
|
|
|
|
|
|
| |
current value to prevent unnecessary LPAP updates (and failed writes)
Don't check against these lists on updates, only add them on new entries.
Disable the ability to configure in the UI these values for now.
438256
|
| |
|
|
|
|
|
|
|
|
| |
The memberOf attribute includes members that are directly in the group
via the "member" attribute and those that are included as a result of
being in a group that is in the group.
The UI needs to be able to distinguish between the two.
438706
|
| |
|
|
|
|
|
|
|
| |
This runs the risk of showing too much and confusing users but on the other
hand it often includes required information detailing why the error
occurred such as what attribute the user lacks write access too and why
changing a password failed.
438057
|
| |
|
|
| |
438222
|
| |
|
|
| |
438021
|
| |
|
|
|
|
|
|
|
|
| |
we do updates, so use the right terminology internally. Also fix the actual
field we update (and grant permission appropriately in delegations).
The DS password handles updating userPassword and any Samba passwords
as necessary.
438256
|
| |
|
|
|
|
| |
Fix for session code so RDN change can succeed
433523
|
| |
|
|
|
| |
Remove the footer. It was a leftover from the original TurboGears-generated
project that Kevin McCarthy had modified.
|
| |
|
|
|
|
|
| |
If they have any delegations at all (are in editors group) they will have
these links.
433387
|
| |
|
|
|
|
|
|
|
|
|
|
| |
edit things. We use the 'editors' group for this. This group itself grants
no permission other than displaying certain things in the UI.
In order to be in the editors group a user must be a member of a group that
is the source group in a delegation. The memberof plugin will do all the
hard work to be sure that a user's memberof contains cn=editors if they
are in a delegated group.
432874
|
| |
|
|
|
|
| |
There is a --force option for those who know what they are doing.
433483
|
| |
|
|
| |
433525
|
| |
|
|
| |
433374
|
| | |
|
| |
|
|
| |
433384
|
| |
|
|
|
|
| |
both Unicode and byte strings.
433651
|
| |
|
|
|
|
| |
Remove stray character and a debug line from the CSS
429984
|
| |
|
|
| |
430954
|
| | |
|
| |
|
|
| |
Resolves 433382
|
| | |
|
| |
|
|
| |
Resolves 433062
|
| | |
|
| | |
|
