summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Modify the default attributes shown in user-find to match the UI design.Rob Crittenden2011-04-222-2/+12
| | | | | | | | | | | | | | | This change means the UI can stop using the --all option and have to retrieve significantly less information from the server. It also speeds up user-find as it doesn't have to calculate membership. This adds a new baseclass parameter, search_display_attributes, which can provide a separate list from default_attributes just for find commands. The UI will need to be changed to switch from using cn to using givenname and sn. ticket 1136
* Convert manager from userid to dn for storage and back for displaying.Rob Crittenden2011-04-221-0/+43
| | | | ticket 1151
* Need force option in DNS zone adder dialogMartin Kosek2011-04-211-0/+2
| | | | | | | | | | | When adding a new DNS zone in the WebUI, IPA server will verify whether the nameserver is in DNS. Sometimes it is necessary to skip the verification. This patch adds a --force option already available in CLI which can skip this the verification. https://fedorahosted.org/freeipa/ticket/1105
* Provide attributelevelrights for the aci components in permission_show.Rob Crittenden2011-04-211-1/+6
| | | | | | | Since the broken-out components are just part of the aci just copy right access rights for aci. ticket 943
* Always ask members in LDAP*ReverseMember commands.Rob Crittenden2011-04-151-1/+1
| | | | | | | This changes the API but alwaysask is enforced on the client only so doesn't change the wire API so I'm not updating the API version. ticket 1081
* Entitlement registration.Endi S. Dewata2011-04-141-1/+21
| | | | | | The entitlement facet will show buttons according to the entitlement status. If it's unregistered, the facet will show a Register button. If it's registered, the facet will show a Consume button.
* Sort entries returned by *-find by the primary key (if any).Rob Crittenden2011-04-131-0/+4
| | | | | | | | Do a server-side sort if there is a primary key. Fix a couple of tests that were failing due to the new sorting. ticket 794
* Fix lint false positives.Jan Cholasta2011-04-132-1/+6
|
* Entitlements.Endi S. Dewata2011-04-111-0/+2
|
* Improve DNS PTR record validationMartin Kosek2011-04-111-11/+30
| | | | | | | | | | | | | Current PTR validation is unclear and may misled the user. This patch improves the validation process so that the eventual exception is clearer. New check that the PTR record is fully qualified has been added to ensure that the reverse zone resolution behaves as expected. Additionally, several strings in the DNS plugin were prepared for localization. https://fedorahosted.org/freeipa/ticket/1129
* Password policy commands do not include cospriorityMartin Kosek2011-04-111-32/+24
| | | | | | | | | Most of the pwpolicy_* commands do include cospriority in the result and potentially in the attribute rights (--all --rights). Especially when --raw output is requested. This patch fixes it for all pwpolicy commands. https://fedorahosted.org/freeipa/ticket/1103
* postalCode should be a string not an integer.Rob Crittenden2011-04-051-1/+1
| | | | | | | | | | | | postalCode is defined as an Int. This means you can't define one that has a leading zero nor can you have dashes, letters, etc. This changes the data type on the server. It will still accept an int value if provided and convert it into a string. Bump the API version to 2.1. ticket 1150
* Change default gecos from uid to first and last name.Rob Crittenden2011-04-051-1/+1
| | | | ticket 1146
* Fixed labels for sudo and hbac rulesAdam Young2011-03-312-2/+2
|
* Inconsistent error message for duplicate userMartin Kosek2011-03-291-1/+1
| | | | | | | | When duplicate user is added an inconsistent error message to the rest of the framework is printed. This patch changes this to standard duplicate error message. https://fedorahosted.org/freeipa/ticket/1116
* Fix gidnumber option of user-add command.Pavel Zuna2011-03-291-14/+16
| | | | Ticket #1127
* Prevent stacktrace when DNS AAAA record is addedMartin Kosek2011-03-221-1/+1
| | | | | | | | | This patch fixes a stacktrace that is printed out when a IPv6 AAAA record with subnet prefix length (e.g. /64) is added. The same error message as when IPv4 record with subnet prefix length is used. https://fedorahosted.org/freeipa/ticket/1115
* Removed nested role from UI.Endi S. Dewata2011-03-181-2/+1
| | | | | | | | | Nested role is not supported in 2.0.x, so the association facet for it should be removed from the UI. The attribute_members in role.py needs to be fixed because it is used to generate the association facet automatically. Ticket 1092.
* Fix style and grammatical issues in built-in command help.Rob Crittenden2011-03-0420-134/+161
| | | | | | | There is a rather large API.txt change but it is only due to changes in the doc string in parameters. ticket 729
* Better truncated messageAdam Young2011-03-031-1/+1
|
* Fix error in user plugin email normalizer for empty --setattr=email=.Pavel Zuna2011-03-031-1/+1
| | | | ticket 1048
* typo in truncation messageAdam Young2011-03-031-1/+1
|
* Save changes before modifying association.Endi S. Dewata2011-03-021-3/+4
| | | | | | | | | | | In a details page, usually any changes done to the fields will not be applied until the user clicks the Update button. However, if the page contains an association table, any addition/deletion to the table will be applied immediately. To avoid any confusion, the user is now required to save or reset all changes to the page before modifying the association. A dialog box will appear if the page contains any unsaved changes.
* Revert "Set hard limit on number of commands in batch request to 256."Adam Young2011-03-011-2/+0
| | | | This reverts commit 79d22f8341026450ba7ca564e24812c9351c7e70.
* Use Sudo rather than SUDO as a label.Rob Crittenden2011-03-015-10/+10
| | | | ticket 1005
* Use pygettext to generate translatable strings from plugin files.Pavel Zuna2011-03-011-7/+3
| | | | | | | | | | | | This patch replaces xgettext with a custom pygettext to generate translatable strings from plugin files in ipalib/plugins. pygettext was modified to handle plural forms (credit goes to Jan Hendrik Goellner) and had some bugs fixed by myself. We only use it for plugins, because it's the only place where we need to extract docstrings for the built-in help system. I also had to make some changes to the way the built-in documentation systems gets docstrings from modules for this to work.
* Fix translatable strings in ipalib plugins.Pavel Zuna2011-03-0118-33/+47
| | | | Needed for xgettext/pygettext processing.
* Sudo command groups are not supposed to allow nesting.Rob Crittenden2011-02-232-14/+3
| | | | | | | It was a design decision to not allow nesting sudo command groups, remove it. ticket 1004
* Collect memberof information for sudo commands.Rob Crittenden2011-02-232-1/+7
| | | | | | | | | | | | We weren't searching the cn=sudo container so all members of a sudocmdgroup looked indirect. Add a label for sudo command groups. Update the tests to include verifying that membership is done properly. ticket 1003
* Create default disabled sudo bind userJr Aquino2011-02-231-1/+14
| | | | | | | | Read access is denied to the sudo container for unauthenticated users. This shared user can be used to provide authenticated access to the sudo information. https://fedorahosted.org/freeipa/ticket/998
* Fix typo, add example for when user krbtpolicy takes effect.Rob Crittenden2011-02-231-2/+2
| | | | ticket 594
* Make permission and privilege help text clearerRob Crittenden2011-02-232-8/+18
| | | | ticket 996
* Net group to NetgroupAdam Young2011-02-221-1/+1
|
* I18n update for dialog box buttons.Endi S. Dewata2011-02-221-5/+10
| | | | https://fedorahosted.org/freeipa/ticket/899
* Set hard limit on number of commands in batch request to 256.Rob Crittenden2011-02-221-0/+2
| | | | ticket 984
* Validate NAPTR recordsJakub Hrozek2011-02-221-0/+26
| | | | https://fedorahosted.org/freeipa/ticket/840
* Fixed error message for invalid Kerberos ticket.Endi S. Dewata2011-02-211-6/+7
| | | | https://fedorahosted.org/freeipa/ticket/490
* Add handling for indirect memberof other entries.Rob Crittenden2011-02-217-7/+31
| | | | | | | | | | | | | | | This creates a new custom attribute, memberofindirect_[plugin]. Using this you can tell the difference between being an actual memberof another entry and being a memberof as the result if inheritence. This is particularly useful when trying to remove members of an entry, you can only remove direct members. I had to add a couple of short sleep calls to make things work a little better. The memberof plugin runs as a postop and we have no way of knowing when it has done its work. If we don't pause we may show some stale data that memberof hasn't updated yet. .3 seconds is an arbitrary choice. ticket 966
* Better doc for idnssoaminimumJakub Hrozek2011-02-181-1/+7
|
* Cleanup for netgroup search https://fedorahosted.org/freeipa/ticket/963Jr Aquino2011-02-181-4/+6
|
* Updated json_metadata and i18n_messages.Endi S. Dewata2011-02-185-21/+293
| | | | | | The json_metadata() has been updated to return ipa.Objects and ipa.Methods. The i18n_messages() has been updated to include other messages that are not available from the metadata.
* Fixed parameter for user city.Endi S. Dewata2011-02-181-2/+2
| | | | | | | Previously the user's city parameter is defined to use the 'locality' attribute. This was a problem because the attribute would be returned as 'l' by the directory server causing a mismatch. Now the parameter has been changed to use the 'l' attribute.
* Special handling for nsaccountlock attribute in user.Rob Crittenden2011-02-171-0/+8
| | | | | | | | nsaccountlock doesn't have a visible Param but we want do so some basic validation to be sure garbage doesn't get in there so do it in the pre_callback of add and mod. ticket 968
* Validate that the reverse DNS record is correctJan Zeleny2011-02-171-0/+16
| | | | | | | This patch ensures that PTR records added by FreeIPA are compliant with RFC. https://fedorahosted.org/freeipa/ticket/839
* Document the --rights output formatJan Zeleny2011-02-171-2/+2
| | | | | https://fedorahosted.org/freeipa/ticket/563 https://fedorahosted.org/freeipa/ticket/588
* Fixed user-add helpJan Zeleny2011-02-171-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/735
* Don't allow host cn to be changed (it isn't used anyway).Rob Crittenden2011-02-161-0/+2
| | | | | | | We are required by LDAP schema to have a cn value. Don't let users change it thinking they are actually doing something. tickets 706 and 707
* Service/Host disable command output clarificationMartin Kosek2011-02-162-6/+6
| | | | | | | | | | | | | | When a service/host is disabled, the resulting summary message states that a Kerberos key was disabled. However, Kerberos key may not have been enabled before this command at all, which makes this information confusing for some users. Also, the summary message didn't state that an SSL certificate was disabled too. This patch rather changes the summary message to a standard phrase known from other plugins disable command and states all disable command steps in a respective command help. https://fedorahosted.org/freeipa/ticket/872
* Validate and convert certificate SNJakub Hrozek2011-02-161-0/+28
| | | | | | | | | | | | | The cert plugin only worked OK with decimal certificate serial numbers. This patch allows specifying the serial number in hexadecimal, too. The conversion now works such that: * with no explicit radix, a best-effort conversion is done using int(str, 0) in python. If the format is ambiguous, decimal takes precedence. * a hexadecimal radix can be specified explicitly with the traditional 0x prefix https://fedorahosted.org/freeipa/ticket/958 https://fedorahosted.org/freeipa/ticket/953
* 17-2 Managed netgroups should be invisible ↵Jr Aquino2011-02-161-0/+18
| | | | https://fedorahosted.org/freeipa/ticket/963
generated by cgit (git 2.34.1) at 2024-05-21 13:23:43 +0000