summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/sudorule.py
Commit message (Collapse)AuthorAgeFilesLines
* Improve sudorule documentationJr Aquino2011-08-231-0/+11
| | | | | | | | Added brief explanations for the various Sudo components in the top level doc. Added doc entries for RunAs User and RunAs Group. https://fedorahosted.org/freeipa/ticket/1657
* Add missing attribute labels for sudoruleMartin Kosek2011-08-171-0/+8
| | | | https://fedorahosted.org/freeipa/ticket/1571
* Deprecated managing users and runas user/group in sudorule add/modRob Crittenden2011-07-291-6/+18
| | | | | | | | We have helpers to manage these values so they shouldn't be available via add/mod. There is no logic behind them to do the right thing. https://fedorahosted.org/freeipa/ticket/1307 https://fedorahosted.org/freeipa/ticket/1320
* Fix sudorule-remove-userMartin Kosek2011-07-191-2/+2
| | | | | | | Removed sudorule "External User" is displayed in the output when "--all" switch is used. https://fedorahosted.org/freeipa/ticket/1489
* Return correct "RunAs External Group" when removing membersJr Aquino2011-07-181-4/+4
| | | | | | | | | If you used sudorule-remove-runasgroup to remove a member that member still appeared in the command output when --all was included (it isn't a default attribute). This was due to post-processing to evaluate external users/groups, the entry was actually updated properly. https://fedorahosted.org/freeipa/ticket/1348
* In sudo labels we should use RunAs and not Run As.Rob Crittenden2011-07-141-6/+6
| | | | https://fedorahosted.org/freeipa/ticket/1328
* Fixed label capitalizationEndi S. Dewata2011-07-141-1/+1
| | | | | | | | The CSS text-transform sometimes produces incorrect capitalization, so the code has been modified to use translated labels that already contain the correct capitalization. Ticket #1424
* Fixed object_name and object_name_plural internationalizationEndi S. Dewata2011-07-121-2/+2
| | | | | | | | | The object_name, object_name_plural and messages that use these attributes have been converted to support translation. The label attribute in the Param class has been modified to accept unicode string. Ticket #1435
* Fixed object_name usage.Endi S. Dewata2011-07-051-2/+2
| | | | | | | | | | | The object_name attribute was used as both an identifier and a label which sometimes require different values (e.g. hbacrule vs. HBAC rule). The code that uses object_name as an identifier has been changed to use the 'name' attribute instead. The values of the object_name attribute have been fixed to become proper labels. Ticket #1217
* Fixed entity labels.Endi S. Dewata2011-06-271-1/+1
| | | | | | | | | | | | | | | | The entity labels in the following locations have been fixed: - search facet title: plural - details facet title: singular - association facet title: singular - breadcrumb: plural - adder dialog title: singular - deleter dialog title: plural Some entity labels have been changed into the correct plural form. Unused file install/ui/test/data/i18n_messages.json has been removed. Ticket #1249 Ticket #1387
* Added singular entity labels.Endi S. Dewata2011-06-271-0/+1
| | | | | | | | | | | | | | | A new attribute label_singular has been added to all entities which contains the singular form of the entity label in lower cases except for acronyms (e.g. HBAC) or proper nouns (e.g. Kerberos). In the Web UI, this label can be capitalized using CSS text-transform. The existing 'label' attribute is intentionally left unchanged due to inconsistencies in the current values. It contains mostly the plural form of capitalized entity label, but some are singular. Also, it seems currently there is no comparable capitalization method on the server-side. So more work is needed before the label can be changed. Ticket #1249
* oneliner correct typo in ipasudorunas_groupJr Aquino2011-06-261-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/1326
* Don't add empty tuple to entry_attrs['externalhost']Jr Aquino2011-06-161-1/+2
| | | | https://fedorahosted.org/freeipa/ticket/1339
* Raise DuplicateEntry Error when adding a duplicate sudo optionJr Aquino2011-06-161-26/+40
| | | | | | | | | | | | https://fedorahosted.org/freeipa/ticket/1276 https://fedorahosted.org/freeipa/ticket/1277 https://fedorahosted.org/freeipa/ticket/1308 Added new Exception: AttrValueNotFound Fixed XML Test for Sudorule remove_option 1276 (Raise AttrValueNotFound when trying to remove a non-existent option from Sudo rule) 1277 (Raise DuplicateEntry Error when adding a duplicate sudo option) 1308 (Make sudooption a required option for sudorule_remove_option)
* Fix doc for sudorule runasuser commandsMartin Kosek2011-06-171-2/+2
| | | | https://fedorahosted.org/freeipa/ticket/1324
* Add message output summary to sudorule del, mod and find.Rob Crittenden2011-06-151-0/+5
| | | | https://fedorahosted.org/freeipa/ticket/1255
* Display remaining external hosts when removing from sudoruleJr Aquino2011-06-141-2/+2
| | | | | https://fedorahosted.org/freeipa/ticket/1269 https://fedorahosted.org/freeipa/ticket/1270
* Typos in freeIPA messages and man pageYuri Chornoivan2011-05-101-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/1128
* Fixed labels for sudo and hbac rulesAdam Young2011-03-311-1/+1
|
* Fix style and grammatical issues in built-in command help.Rob Crittenden2011-03-041-2/+2
| | | | | | | There is a rather large API.txt change but it is only due to changes in the doc string in parameters. ticket 729
* Use Sudo rather than SUDO as a label.Rob Crittenden2011-03-011-3/+3
| | | | ticket 1005
* Create default disabled sudo bind userJr Aquino2011-02-231-1/+14
| | | | | | | | Read access is denied to the sudo container for unauthenticated users. This shared user can be used to provide authenticated access to the sudo information. https://fedorahosted.org/freeipa/ticket/998
* Add group members to default output of sudorule-showJan Zeleny2011-02-151-0/+4
| | | | https://fedorahosted.org/freeipa/ticket/915
* fix sudorule runas user/groups https://fedorahosted.org/freeipa/ticket/570Jr Aquino2011-01-121-1/+111
|
* Initial grouping of ipalib plugins for ipa helpJan Zeleny2011-01-071-0/+1
| | | | | This patch makes one group for all HBAC plugins and one group for all sudo plugins.
* SUDO plugin support for external hosts and users ↵Jr Aquino2010-12-211-4/+191
| | | | https://fedorahosted.org/freeipa/ticket/570
* Change FreeIPA license to GPLv3+Jakub Hrozek2010-12-201-5/+5
| | | | | | | | | | The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239
* sudo run as user or group https://fedorahosted.org/freeipa/ticket/570Jr Aquino2010-12-131-0/+62
|
* Enable/Disable SudoRule https://fedorahosted.org/freeipa/ticket/570Jr Aquino2010-12-081-2/+60
|
* Adding user/host category and ipaenabledflag ↵Jr Aquino2010-12-081-0/+16
| | | | https://fedorahosted.org/freeipa/ticket/570 This patch Addresses items: 1. The UI needs a rule status with values active & inactive. The CLI doesn't have this attribute. HBAC has ipaenabledflag attribute which can be managed using hbac-enable/disable operations. 2. The UI needs a user category for the "Who" section. The CLI doesn't have this attribute. HBAC has usercategory attribute which can be managed using hbac-add/mod operations. 3. The UI needs a host category for the "Access this host" section. The CLI doesn't have this attribute. HBAC has hostcategory attribute which can be managed using hbac-add/mod operations.
* This is the second half of a patch. Only the part that had to beRob Crittenden2010-12-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | re-based got pushed for some reason. Use better description for group names in help and always prompt for members When running <foo>-[add|remove]-member completely interactively it didn't prompt for managing membership, it just reported that 0 members were handled which was rather confusing. This will work via a shell if you want to echo too: $ echo "" | ipa group-add-member g1 This returns 0 members because nothing is read for users or group members. $ echo -e "g1\nadmin\n" | ipa group-add-member This adds the user admin to the group g1. It adds it as a user because user membership is prompted for first. ticket 415
* action panel sibling added function to get sibling entities from the tab ↵Adam Young2010-12-011-1/+1
| | | | set. remove explicit sibling code from entity pages Modified the Label fields on HBAC and SUDO to make them appear cleaner in the UI
* Added fixes to adjust for sudocmd attribute for sudocmds. Added fix for ↵Jr Aquino2010-11-031-0/+6
| | | | sudorule to allow for cmdCategory all Added fixes for xmlrpc tests to reflect sudocmd changes.
* Add LDAPObject setting to handle different attributes for RDN and PKEY.Pavel Zuna2010-10-281-10/+1
|
* Added modifications to the sudorule plugin to reflect the schema update.Jr Aquino2010-10-051-17/+41
|
* Add plugins for Sudo Commands, Command Groups and RulesJr Aquino2010-09-271-0/+199
generated by cgit (git 2.34.1) at 2024-05-22 15:52:16 +0000