From 9d0dc89b03d4e3f50d54d1189a119016b2c805c3 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Tue, 11 Jan 2011 20:31:09 +0700
Subject: Renamed hbac to hbacrule.
All references to hbac in the UI have been replaced with hbacrule.
This is to match the hbacrule plugin. The test data and templates
have been renamed as well.
---
install/static/Makefile.am | 2 +-
install/static/hbac.js | 984 ---------------------
install/static/hbacrule.js | 984 +++++++++++++++++++++
install/static/index.html | 2 +-
install/static/layouts/default/Makefile.am | 12 +-
.../layouts/default/hbac-details-accesstime.html | 49 -
.../layouts/default/hbac-details-general.html | 57 --
.../static/layouts/default/hbac-details-host.html | 78 --
.../layouts/default/hbac-details-service.html | 78 --
.../layouts/default/hbac-details-sourcehost.html | 78 --
.../static/layouts/default/hbac-details-user.html | 78 --
.../default/hbacrule-details-accesstime.html | 49 +
.../layouts/default/hbacrule-details-general.html | 57 ++
.../layouts/default/hbacrule-details-host.html | 78 ++
.../layouts/default/hbacrule-details-service.html | 78 ++
.../default/hbacrule-details-sourcehost.html | 78 ++
.../layouts/default/hbacrule-details-user.html | 78 ++
install/static/test/data/hbac_add.json | 27 -
install/static/test/data/hbac_add_accesstime.json | 7 -
install/static/test/data/hbac_add_host.json | 56 --
install/static/test/data/hbac_add_service.json | 56 --
install/static/test/data/hbac_add_sourcehost.json | 56 --
install/static/test/data/hbac_add_user.json | 56 --
install/static/test/data/hbac_del.json | 9 -
install/static/test/data/hbac_find.json | 54 --
install/static/test/data/hbac_mod.json | 60 --
.../static/test/data/hbac_remove_accesstime.json | 7 -
install/static/test/data/hbac_remove_host.json | 50 --
install/static/test/data/hbac_remove_service.json | 49 -
.../static/test/data/hbac_remove_sourcehost.json | 50 --
install/static/test/data/hbac_remove_user.json | 48 -
install/static/test/data/hbac_show.json | 76 --
install/static/test/data/hbacrule_add.json | 27 +
.../static/test/data/hbacrule_add_accesstime.json | 7 +
install/static/test/data/hbacrule_add_host.json | 56 ++
install/static/test/data/hbacrule_add_service.json | 56 ++
.../static/test/data/hbacrule_add_sourcehost.json | 56 ++
install/static/test/data/hbacrule_add_user.json | 56 ++
install/static/test/data/hbacrule_del.json | 9 +
install/static/test/data/hbacrule_find.json | 54 ++
install/static/test/data/hbacrule_mod.json | 60 ++
.../test/data/hbacrule_remove_accesstime.json | 7 +
install/static/test/data/hbacrule_remove_host.json | 50 ++
.../static/test/data/hbacrule_remove_service.json | 49 +
.../test/data/hbacrule_remove_sourcehost.json | 50 ++
install/static/test/data/hbacrule_remove_user.json | 48 +
install/static/test/data/hbacrule_show.json | 76 ++
install/static/test/data/ipa_init.json | 8 +-
install/static/webui.js | 2 +-
49 files changed, 2076 insertions(+), 2076 deletions(-)
delete mode 100755 install/static/hbac.js
create mode 100755 install/static/hbacrule.js
delete mode 100755 install/static/layouts/default/hbac-details-accesstime.html
delete mode 100755 install/static/layouts/default/hbac-details-general.html
delete mode 100755 install/static/layouts/default/hbac-details-host.html
delete mode 100755 install/static/layouts/default/hbac-details-service.html
delete mode 100755 install/static/layouts/default/hbac-details-sourcehost.html
delete mode 100755 install/static/layouts/default/hbac-details-user.html
create mode 100755 install/static/layouts/default/hbacrule-details-accesstime.html
create mode 100755 install/static/layouts/default/hbacrule-details-general.html
create mode 100755 install/static/layouts/default/hbacrule-details-host.html
create mode 100755 install/static/layouts/default/hbacrule-details-service.html
create mode 100755 install/static/layouts/default/hbacrule-details-sourcehost.html
create mode 100755 install/static/layouts/default/hbacrule-details-user.html
delete mode 100644 install/static/test/data/hbac_add.json
delete mode 100644 install/static/test/data/hbac_add_accesstime.json
delete mode 100644 install/static/test/data/hbac_add_host.json
delete mode 100644 install/static/test/data/hbac_add_service.json
delete mode 100644 install/static/test/data/hbac_add_sourcehost.json
delete mode 100644 install/static/test/data/hbac_add_user.json
delete mode 100644 install/static/test/data/hbac_del.json
delete mode 100644 install/static/test/data/hbac_find.json
delete mode 100644 install/static/test/data/hbac_mod.json
delete mode 100644 install/static/test/data/hbac_remove_accesstime.json
delete mode 100644 install/static/test/data/hbac_remove_host.json
delete mode 100644 install/static/test/data/hbac_remove_service.json
delete mode 100644 install/static/test/data/hbac_remove_sourcehost.json
delete mode 100644 install/static/test/data/hbac_remove_user.json
delete mode 100644 install/static/test/data/hbac_show.json
create mode 100644 install/static/test/data/hbacrule_add.json
create mode 100644 install/static/test/data/hbacrule_add_accesstime.json
create mode 100644 install/static/test/data/hbacrule_add_host.json
create mode 100644 install/static/test/data/hbacrule_add_service.json
create mode 100644 install/static/test/data/hbacrule_add_sourcehost.json
create mode 100644 install/static/test/data/hbacrule_add_user.json
create mode 100644 install/static/test/data/hbacrule_del.json
create mode 100644 install/static/test/data/hbacrule_find.json
create mode 100644 install/static/test/data/hbacrule_mod.json
create mode 100644 install/static/test/data/hbacrule_remove_accesstime.json
create mode 100644 install/static/test/data/hbacrule_remove_host.json
create mode 100644 install/static/test/data/hbacrule_remove_service.json
create mode 100644 install/static/test/data/hbacrule_remove_sourcehost.json
create mode 100644 install/static/test/data/hbacrule_remove_user.json
create mode 100644 install/static/test/data/hbacrule_show.json
diff --git a/install/static/Makefile.am b/install/static/Makefile.am
index 5c88d7800..a539eb8bc 100644
--- a/install/static/Makefile.am
+++ b/install/static/Makefile.am
@@ -21,7 +21,7 @@ app_DATA = \
jquery-ui.css \
certificate.js \
group.js \
- hbac.js \
+ hbacrule.js \
hbacsvc.js \
hbacsvcgroup.js \
host.js \
diff --git a/install/static/hbac.js b/install/static/hbac.js
deleted file mode 100755
index 264b7c5ae..000000000
--- a/install/static/hbac.js
+++ /dev/null
@@ -1,984 +0,0 @@
-/* Authors:
- * Endi Sukma Dewata
- *
- * Copyright (C) 2010 Red Hat
- * see file 'COPYING' for use and warranty information
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
- */
-
-/* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */
-
-function ipa_hbac() {
-
- var that = ipa_entity({
- 'name': 'hbac'
- });
-
- that.init = function() {
-
- var dialog = ipa_hbac_add_dialog({
- 'name': 'add',
- 'title': 'Add New Rule'
- });
- that.add_dialog(dialog);
- dialog.init();
-
- var facet = ipa_hbac_search_facet({
- 'name': 'search',
- 'label': 'Search'
- });
- that.add_facet(facet);
-
- facet = ipa_hbac_details_facet({
- 'name': 'details',
- 'label': 'Details'
- });
- that.add_facet(facet);
-
- that.entity_init();
- };
-
- return that;
-}
-
-IPA.add_entity(ipa_hbac());
-
-function ipa_hbac_add_dialog(spec) {
-
- spec = spec || {};
-
- var that = ipa_add_dialog(spec);
-
- that.init = function() {
-
- that.add_field(ipa_text_widget({
- 'name': 'cn',
- 'undo': false
- }));
-
- that.add_field(ipa_radio_widget({
- 'name': 'accessruletype',
- 'options': [
- { 'value': 'allow', 'label': 'Allow' },
- { 'value': 'deny', 'label': 'Deny' }
- ],
- 'undo': false
- }));
-
- that.add_dialog_init();
- };
-
- return that;
-}
-
-function ipa_hbac_search_facet(spec) {
-
- spec = spec || {};
-
- var that = ipa_search_facet(spec);
-
- that.init = function() {
-
- that.create_column({name:'cn'});
- that.create_column({name:'usercategory'});
- that.create_column({name:'hostcategory'});
- that.create_column({name:'ipaenabledflag'});
- that.create_column({name:'servicecategory'});
- that.create_column({name:'sourcehostcategory'});
-
- that.search_facet_init();
- };
-
- that.create = function(container) {
-
-/*
- // Not yet implemented
-
- var left_buttons = $(' ', {
- 'style': 'float: left;'
- }).appendTo(container);
-
- left_buttons.append(ipa_button({
- 'label': 'Troubleshoot Rules'
- }));
-
- left_buttons.append(ipa_button({
- 'label': 'Cull Disabled Rules'
- }));
-*/
-
- that.search_facet_create(container);
-
- };
-
- return that;
-}
-
-function ipa_hbac_details_facet(spec) {
-
- spec = spec || {};
-
- var that = ipa_details_facet(spec);
-
- that.init = function() {
-
- var section;
-
- if (IPA.layout) {
- section = that.create_section({
- 'name': 'general',
- 'label': 'General',
- 'template': 'hbac-details-general.html #contents'
- });
-
- } else {
- section = ipa_hbac_details_general_section({
- 'name': 'general',
- 'label': 'General'
- });
- that.add_section(section);
- }
-
- section.create_text({ 'name': 'cn', 'label': 'Name', 'read_only': true });
- section.create_radio({ 'name': 'accessruletype', 'label': 'Rule Type' });
- section.create_textarea({ 'name': 'description', 'label': 'Description' });
- section.create_radio({ 'name': 'ipaenabledflag', 'label': 'Enabled' });
-
- if (IPA.layout) {
- section = that.create_section({
- 'name': 'user',
- 'label': 'Who',
- 'template': 'hbac-details-user.html #contents'
- });
-
- } else {
- section = ipa_rule_details_section({
- 'name': 'user',
- 'label': 'Who',
- 'text': 'Rule applies when access is requested by:',
- 'field_name': 'usercategory',
- 'options': [
- { 'value': 'all', 'label': 'Anyone' },
- { 'value': '', 'label': 'Specified Users and Groups' }
- ],
- 'tables': [
- { 'field_name': 'memberuser_user' },
- { 'field_name': 'memberuser_group' }
- ]
- });
- that.add_section(section);
- }
-
- var category = section.create_radio({ name: 'usercategory', label: 'User category' });
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-memberuser_user',
- 'name': 'memberuser_user', 'label': 'Users', 'category': category,
- 'other_entity': 'user', 'add_method': 'add_user', 'remove_method': 'remove_user'
- }));
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-memberuser_group',
- 'name': 'memberuser_group', 'label': 'Groups', 'category': category,
- 'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user'
- }));
-
- if (IPA.layout) {
- section = that.create_section({
- 'name': 'host',
- 'label': 'Accessing',
- 'template': 'hbac-details-host.html #contents'
- });
-
- } else {
- section = ipa_rule_details_section({
- 'name': 'host',
- 'label': 'Accessing',
- 'text': 'Rule applies when access is requested to:',
- 'field_name': 'hostcategory',
- 'options': [
- { 'value': 'all', 'label': 'Any Host' },
- { 'value': '', 'label': 'Specified Hosts and Groups' }
- ],
- 'tables': [
- { 'field_name': 'memberhost_host' },
- { 'field_name': 'memberhost_hostgroup' }
- ]
- });
- that.add_section(section);
- }
-
- category = section.create_radio({ 'name': 'hostcategory', 'label': 'Host category' });
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-memberhost_host',
- 'name': 'memberhost_host', 'label': 'Hosts', 'category': category,
- 'other_entity': 'host', 'add_method': 'add_host', 'remove_method': 'remove_host'
- }));
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-memberhost_hostgroup',
- 'name': 'memberhost_hostgroup', 'label': 'Host Groups', 'category': category,
- 'other_entity': 'hostgroup', 'add_method': 'add_host', 'remove_method': 'remove_host'
- }));
-
- if (IPA.layout) {
- section = that.create_section({
- 'name': 'service',
- 'label': 'Via Service',
- 'template': 'hbac-details-service.html #contents'
- });
-
- } else {
- section = ipa_rule_details_section({
- 'name': 'service',
- 'label': 'Via Service',
- 'text': 'Rule applies when access is requested via:',
- 'field_name': 'servicecategory',
- 'options': [
- { 'value': 'all', 'label': 'Any Service' },
- { 'value': '', 'label': 'Specified Services and Groups' }
- ],
- 'tables': [
- { 'field_name': 'memberservice_hbacsvc' },
- { 'field_name': 'memberservice_hbacsvcgroup' }
- ]
- });
- that.add_section(section);
- }
-
- category = section.create_radio({ 'name': 'servicecategory', 'label': 'Service category' });
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-memberservice_hbacsvc',
- 'name': 'memberservice_hbacsvc', 'label': 'Services', 'category': category,
- 'other_entity': 'hbacsvc', 'add_method': 'add_service', 'remove_method': 'remove_service'
- }));
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-memberservice_hbacsvcgroup',
- 'name': 'memberservice_hbacsvcgroup', 'label': 'Service Groups', 'category': category,
- 'other_entity': 'hbacsvcgroup', 'add_method': 'add_service', 'remove_method': 'remove_service'
- }));
-
- if (IPA.layout) {
- section = that.create_section({
- 'name': 'sourcehost',
- 'label': 'From',
- 'template': 'hbac-details-sourcehost.html #contents'
- });
-
- } else {
- section = ipa_rule_details_section({
- 'name': 'sourcehost',
- 'label': 'From',
- 'text': 'Rule applies when access is being initiated from:',
- 'field_name': 'sourcehostcategory',
- 'options': [
- { 'value': 'all', 'label': 'Any Host' },
- { 'value': '', 'label': 'Specified Hosts and Groups' }
- ],
- 'tables': [
- { 'field_name': 'sourcehost_host' },
- { 'field_name': 'sourcehost_hostgroup' }
- ]
- });
- that.add_section(section);
- }
-
- category = section.create_radio({ 'name': 'sourcehostcategory', 'label': 'Source host category' });
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-sourcehost_host',
- 'name': 'sourcehost_host', 'label': 'Host', 'category': category,
- 'other_entity': 'host', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost'
- }));
- section.add_field(ipa_rule_association_table_widget({
- 'id': that.entity_name+'-sourcehost_hostgroup',
- 'name': 'sourcehost_hostgroup', 'label': 'Host Groups', 'category': category,
- 'other_entity': 'hostgroup', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost'
- }));
-/*
- if (IPA.layout) {
- section = that.create_section({
- 'name': 'accesstime',
- 'label': 'When',
- 'template': 'hbac-details-accesstime.html #contents'
- });
-
- } else {
- section = that.create_section({
- 'name': 'accesstime',
- 'label': 'When'
- });
- }
-
- section.add_field(ipa_hbac_accesstime_widget({
- 'id': 'accesstime',
- 'name': 'accesstime', 'label': 'Access Time',
- 'text': 'Rule applies when access is being requested at:',
- 'options': [
- { 'value': 'all', 'label': 'Any Time' },
- { 'value': '', 'label': 'Specified Times' }
- ]
- }));
-*/
- that.details_facet_init();
- };
-
- that.update = function() {
-
- var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || '';
-
- var modify_operation = {
- 'execute': false,
- 'command': ipa_command({
- 'method': that.entity_name+'_mod',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- })
- };
-
- var remove_accesstime = {
- 'template': ipa_command({
- 'method': that.entity_name+'_remove_accesstime',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- }),
- 'commands': []
- };
-
- var categories = {
- 'usercategory': {
- 'remove_values': false
- },
- 'hostcategory': {
- 'remove_values': false
- },
- 'servicecategory': {
- 'remove_values': false
- },
- 'sourcehostcategory': {
- 'remove_values': false
- }
- };
-
- var member_operations = {
- 'memberuser': {
- 'category': 'usercategory',
- 'has_values': false,
- 'command': ipa_command({
- 'method': that.entity_name+'_remove_user',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- })
- },
- 'memberhost': {
- 'category': 'hostcategory',
- 'has_values': false,
- 'command': ipa_command({
- 'method': that.entity_name+'_remove_host',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- })
- },
- 'memberservice': {
- 'category': 'servicecategory',
- 'has_values': false,
- 'command': ipa_command({
- 'method': that.entity_name+'_remove_service',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- })
- },
- 'sourcehost': {
- 'category': 'sourcehostcategory',
- 'has_values': false,
- 'command': ipa_command({
- 'method': that.entity_name+'_remove_sourcehost',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- })
- }
- };
-
- var enable_operation = {
- 'execute': false,
- 'command': ipa_command({
- 'method': that.entity_name+'_enable',
- 'args': [pkey],
- 'options': {'all': true, 'rights': true}
- })
- };
-
- for (var i=0; i= 0) {
- // prepare command to remove members if needed
- var attribute = field.name.substring(0, p);
- var other_entity = field.name.substring(p+1);
-
- if (values.length) {
- member_operations[attribute].command.set_option(other_entity, values.join(','));
- member_operations[attribute].has_values = true;
- }
- continue;
- }
-
- // skip unchanged field
- if (!field.is_dirty(span)) continue;
-
- // check enable/disable
- if (field.name == 'ipaenabledflag') {
- if (values[0] == 'FALSE') enable_operation.command.method = that.entity_name+'_disable';
- enable_operation.execute = true;
- continue;
- }
-
- if (field.name == 'accesstime') {
- // if accesstime is dirty, it means 'Any Time' is selected,
- // so existing values have to be removed
- for (var k=0; k', {
- 'style': 'width: 100%;'
- }).appendTo(container);
-
- var tr = $(' ').appendTo(table);
-
- var td = $(' ', {
- 'style': 'width: 100px; text-align: right;',
- 'html': 'Name:'
- }).appendTo(tr);
-
- td = $(' ').appendTo(tr);
-
- var span = $(' ', { 'name': 'cn' }).appendTo(td);
-
- $(' ', {
- 'type': 'text',
- 'name': 'cn',
- 'size': 30
- }).appendTo(span);
-
- span.append(' ');
-
- $(' ', {
- 'name': 'undo',
- 'class': 'ui-state-highlight ui-corner-all',
- 'style': 'display: none;',
- 'html': 'undo'
- }).appendTo(span);
-
- td = $(' ', {
- 'style': 'text-align: right;'
- }).appendTo(tr);
-
- td.append('Rule type:');
-
- span = $(' ', { 'name': 'accessruletype' }).appendTo(td);
-
- $(' ', {
- 'type': 'radio',
- 'name': 'accessruletype',
- 'value': 'allow'
- }).appendTo(span);
-
- span.append('Allow');
-
- $(' ', {
- 'type': 'radio',
- 'name': 'accessruletype',
- 'value': 'deny'
- }).appendTo(span);
-
- span.append('Deny');
-
- span.append(' ');
-
- $(' ', {
- 'name': 'undo',
- 'class': 'ui-state-highlight ui-corner-all',
- 'style': 'display: none;',
- 'html': 'undo'
- }).appendTo(span);
-
- tr = $(' ').appendTo(table);
-
- td = $(' ', {
- 'style': 'text-align: right; vertical-align: top;',
- 'html': 'Description:'
- }).appendTo(tr);
-
- td = $(' ', {
- 'colspan': 2
- }).appendTo(tr);
-
- span = $(' ', { 'name': 'description' }).appendTo(td);
-
- $('', {
- 'name': 'description',
- 'rows': 5,
- 'style': 'width: 100%'
- }).appendTo(span);
-
- span.append(' ');
-
- $(' ', {
- 'name': 'undo',
- 'class': 'ui-state-highlight ui-corner-all',
- 'style': 'display: none;',
- 'html': 'undo'
- }).appendTo(span);
-
- tr = $(' ').appendTo(table);
-
- td = $(' ', {
- 'style': 'text-align: right; vertical-align: top;',
- 'html': 'Rule status:'
- }).appendTo(tr);
-
- td = $(' ', {
- 'colspan': 2
- }).appendTo(tr);
-
- span = $(' ', { 'name': 'ipaenabledflag' }).appendTo(td);
-
- $(' ', {
- 'type': 'radio',
- 'name': 'ipaenabledflag',
- 'value': 'TRUE'
- }).appendTo(span);
-
- span.append('Active');
-
- $(' ', {
- 'type': 'radio',
- 'name': 'ipaenabledflag',
- 'value': 'FALSE'
- }).appendTo(span);
-
- span.append('Inactive');
-
- span.append(' ');
-
- $(' ', {
- 'name': 'undo',
- 'class': 'ui-state-highlight ui-corner-all',
- 'style': 'display: none;',
- 'html': 'undo'
- }).appendTo(span);
- };
-
- return that;
-}
-
-function ipa_hbac_accesstime_widget(spec) {
-
- spec = spec || {};
-
- var that = ipa_widget(spec);
-
- that.text = spec.text;
- that.options = spec.options || [];
-
- that.init = function() {
-
- that.widget_init();
-
- that.table = ipa_table_widget({
- 'id': 'accesstime-table',
- 'name': 'table', 'label': that.label
- });
-
- that.table.create_column({
- 'name': that.name,
- 'label': that.label,
- 'primary_key': true
- });
-
- that.table.init();
- };
-
- that.create = function(container) {
-
- that.widget_create(container);
-
- var span = $(' ', { 'name': 'text' }).appendTo(container);
-
- span.append(that.text);
-
- for (var i=0; i ', {
- 'type': 'radio',
- 'name': that.name,
- 'value': option.value
- }).appendTo(container);
-
- container.append(option.label);
- }
-
- container.append(' ');
-
- $(' ', {
- 'name': 'undo',
- 'class': 'ui-state-highlight ui-corner-all',
- 'style': 'display: none;',
- 'html': 'undo'
- }).appendTo(container);
-
- container.append(' ');
-
- span = $(' ', { 'name': 'table' }).appendTo(container);
-
- that.table.create(span);
-
- var buttons = $('span[name=buttons]', span);
-
- $(' ', {
- 'type': 'button',
- 'name': 'remove',
- 'value': 'Remove '+that.label
- }).appendTo(buttons);
-
- $(' ', {
- 'type': 'button',
- 'name': 'add',
- 'value': 'Add '+that.label
- }).appendTo(buttons);
- };
-
- that.setup = function(container) {
-
- that.widget_setup(container);
-
- var span = $('span[name="table"]', that.container);
- that.table.setup(span);
-
- var button = $('input[name=remove]', span);
- button.replaceWith(ipa_button({
- 'label': button.val(),
- 'icon': 'ui-icon-trash',
- 'click': function() { that.remove(that.container); }
- }));
-
- button = $('input[name=add]', span);
- button.replaceWith(ipa_button({
- 'label': button.val(),
- 'icon': 'ui-icon-plus',
- 'click': function() { that.add(that.container) }
- }));
-
- var input = $('input[name="'+that.name+'"]', that.container);
- input.change(function() {
- that.show_undo();
- });
-
- var undo = that.get_undo();
- undo.click(function() {
- that.reset();
- });
- };
-
- that.save = function() {
- var value = $('input[name="'+that.name+'"]:checked', that.container).val();
- if (value == '') {
- return that.table.save();
- } else {
- return [];
- }
- };
-
- that.load = function(record) {
-
- that.values = record[that.name] || [];
- that.reset();
- };
-
- that.update = function() {
-
- that.set_category(that.container, that.values && that.values.length ? '' : 'all');
-
- that.table.tbody.empty();
- for (var i=0; that.values && i').appendTo(dialog.container);
-
- var tr = $(' ').appendTo(table);
-
- var td = $(' ', {
- 'style': 'vertical-align: top;'
- }).appendTo(tr);
- td.append(that.label+': ');
-
- td = $(' ').appendTo(tr);
-
- var span = $(' ', { 'name': that.name }).appendTo(td);
-
- $(' ', {
- 'type': 'text',
- 'name': that.name,
- 'size': 40
- }).appendTo(span);
-
- tr = $(' ').appendTo(table);
-
- td = $(' ', {
- 'style': 'vertical-align: top;'
- }).appendTo(tr);
- td.append('Example:');
-
- td = $(' ').appendTo(tr);
-
- td.append('Every day between 0800 and 1400: ');
- td.append('periodic daily 0800-1400 ');
-
- td.append('December 16, 2010 from 10:32 until 10:33: ');
- td.append('absolute 201012161032 ~ 201012161033 ');
- };
-
- function add(on_success, on_error) {
-
- var field = dialog.get_field(that.name);
- var value = field.save()[0];
-
- var command = ipa_command({
- 'method': that.entity_name+'_add_'+that.name,
- 'args': [pkey],
- 'on_success': function() {
- that.refresh();
- if (on_success) on_success();
- },
- 'on_error': function() {
- that.refresh();
- if (on_error) on_error();
- }
- });
-
- command.set_option(that.name, value);
-
- command.execute();
- }
-
- dialog.add_button('Add', function() {
- add(
- function() { dialog.reset(); }
- );
- });
-
- dialog.add_button('Add and Close', function() {
- add(
- function() { dialog.close(); },
- function() { dialog.close(); }
- );
- });
-
- dialog.add_button('Cancel', function() {
- dialog.close();
- });
-
- dialog.init();
-
- dialog.open(that.container);
- };
-
- that.remove = function() {
-
- var values = that.table.get_selected_values();
-
- if (!values.length) {
- alert('Select '+that.label+' to be removed.');
- return;
- }
-
- var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || '';
- var title = 'Remove '+that.label+' from '+that.entity_name+' '+pkey;
-
- var dialog = ipa_deleter_dialog({
- 'title': title,
- 'values': values
- });
-
- dialog.remove = function() {
-
- var batch = ipa_batch_command({
- 'on_success': function() {
- that.refresh();
- dialog.close();
- },
- 'on_error': function() {
- that.refresh();
- dialog.close();
- }
- });
-
- for (var i=0; iError: '+error_thrown.name+'
');
- summary.append(''+error_thrown.title+'
');
- summary.append(''+error_thrown.message+'
');
- }
-
- var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || '';
- ipa_cmd('show', [pkey], {'rights': true}, on_success, on_error, that.entity_name);
- };
-
- return that;
-}
diff --git a/install/static/hbacrule.js b/install/static/hbacrule.js
new file mode 100755
index 000000000..0e6d82ccd
--- /dev/null
+++ b/install/static/hbacrule.js
@@ -0,0 +1,984 @@
+/* Authors:
+ * Endi Sukma Dewata
+ *
+ * Copyright (C) 2010 Red Hat
+ * see file 'COPYING' for use and warranty information
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+/* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */
+
+function ipa_hbacrule() {
+
+ var that = ipa_entity({
+ 'name': 'hbacrule'
+ });
+
+ that.init = function() {
+
+ var dialog = ipa_hbacrule_add_dialog({
+ 'name': 'add',
+ 'title': 'Add New Rule'
+ });
+ that.add_dialog(dialog);
+ dialog.init();
+
+ var facet = ipa_hbacrule_search_facet({
+ 'name': 'search',
+ 'label': 'Search'
+ });
+ that.add_facet(facet);
+
+ facet = ipa_hbacrule_details_facet({
+ 'name': 'details',
+ 'label': 'Details'
+ });
+ that.add_facet(facet);
+
+ that.entity_init();
+ };
+
+ return that;
+}
+
+IPA.add_entity(ipa_hbacrule());
+
+function ipa_hbacrule_add_dialog(spec) {
+
+ spec = spec || {};
+
+ var that = ipa_add_dialog(spec);
+
+ that.init = function() {
+
+ that.add_field(ipa_text_widget({
+ 'name': 'cn',
+ 'undo': false
+ }));
+
+ that.add_field(ipa_radio_widget({
+ 'name': 'accessruletype',
+ 'options': [
+ { 'value': 'allow', 'label': 'Allow' },
+ { 'value': 'deny', 'label': 'Deny' }
+ ],
+ 'undo': false
+ }));
+
+ that.add_dialog_init();
+ };
+
+ return that;
+}
+
+function ipa_hbacrule_search_facet(spec) {
+
+ spec = spec || {};
+
+ var that = ipa_search_facet(spec);
+
+ that.init = function() {
+
+ that.create_column({name:'cn'});
+ that.create_column({name:'usercategory'});
+ that.create_column({name:'hostcategory'});
+ that.create_column({name:'ipaenabledflag'});
+ that.create_column({name:'servicecategory'});
+ that.create_column({name:'sourcehostcategory'});
+
+ that.search_facet_init();
+ };
+
+ that.create = function(container) {
+
+/*
+ // Not yet implemented
+
+ var left_buttons = $(' ', {
+ 'style': 'float: left;'
+ }).appendTo(container);
+
+ left_buttons.append(ipa_button({
+ 'label': 'Troubleshoot Rules'
+ }));
+
+ left_buttons.append(ipa_button({
+ 'label': 'Cull Disabled Rules'
+ }));
+*/
+
+ that.search_facet_create(container);
+
+ };
+
+ return that;
+}
+
+function ipa_hbacrule_details_facet(spec) {
+
+ spec = spec || {};
+
+ var that = ipa_details_facet(spec);
+
+ that.init = function() {
+
+ var section;
+
+ if (IPA.layout) {
+ section = that.create_section({
+ 'name': 'general',
+ 'label': 'General',
+ 'template': 'hbacrule-details-general.html #contents'
+ });
+
+ } else {
+ section = ipa_hbacrule_details_general_section({
+ 'name': 'general',
+ 'label': 'General'
+ });
+ that.add_section(section);
+ }
+
+ section.create_text({ 'name': 'cn', 'label': 'Name', 'read_only': true });
+ section.create_radio({ 'name': 'accessruletype', 'label': 'Rule Type' });
+ section.create_textarea({ 'name': 'description', 'label': 'Description' });
+ section.create_radio({ 'name': 'ipaenabledflag', 'label': 'Enabled' });
+
+ if (IPA.layout) {
+ section = that.create_section({
+ 'name': 'user',
+ 'label': 'Who',
+ 'template': 'hbacrule-details-user.html #contents'
+ });
+
+ } else {
+ section = ipa_rule_details_section({
+ 'name': 'user',
+ 'label': 'Who',
+ 'text': 'Rule applies when access is requested by:',
+ 'field_name': 'usercategory',
+ 'options': [
+ { 'value': 'all', 'label': 'Anyone' },
+ { 'value': '', 'label': 'Specified Users and Groups' }
+ ],
+ 'tables': [
+ { 'field_name': 'memberuser_user' },
+ { 'field_name': 'memberuser_group' }
+ ]
+ });
+ that.add_section(section);
+ }
+
+ var category = section.create_radio({ name: 'usercategory', label: 'User category' });
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-memberuser_user',
+ 'name': 'memberuser_user', 'label': 'Users', 'category': category,
+ 'other_entity': 'user', 'add_method': 'add_user', 'remove_method': 'remove_user'
+ }));
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-memberuser_group',
+ 'name': 'memberuser_group', 'label': 'Groups', 'category': category,
+ 'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user'
+ }));
+
+ if (IPA.layout) {
+ section = that.create_section({
+ 'name': 'host',
+ 'label': 'Accessing',
+ 'template': 'hbacrule-details-host.html #contents'
+ });
+
+ } else {
+ section = ipa_rule_details_section({
+ 'name': 'host',
+ 'label': 'Accessing',
+ 'text': 'Rule applies when access is requested to:',
+ 'field_name': 'hostcategory',
+ 'options': [
+ { 'value': 'all', 'label': 'Any Host' },
+ { 'value': '', 'label': 'Specified Hosts and Groups' }
+ ],
+ 'tables': [
+ { 'field_name': 'memberhost_host' },
+ { 'field_name': 'memberhost_hostgroup' }
+ ]
+ });
+ that.add_section(section);
+ }
+
+ category = section.create_radio({ 'name': 'hostcategory', 'label': 'Host category' });
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-memberhost_host',
+ 'name': 'memberhost_host', 'label': 'Hosts', 'category': category,
+ 'other_entity': 'host', 'add_method': 'add_host', 'remove_method': 'remove_host'
+ }));
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-memberhost_hostgroup',
+ 'name': 'memberhost_hostgroup', 'label': 'Host Groups', 'category': category,
+ 'other_entity': 'hostgroup', 'add_method': 'add_host', 'remove_method': 'remove_host'
+ }));
+
+ if (IPA.layout) {
+ section = that.create_section({
+ 'name': 'service',
+ 'label': 'Via Service',
+ 'template': 'hbacrule-details-service.html #contents'
+ });
+
+ } else {
+ section = ipa_rule_details_section({
+ 'name': 'service',
+ 'label': 'Via Service',
+ 'text': 'Rule applies when access is requested via:',
+ 'field_name': 'servicecategory',
+ 'options': [
+ { 'value': 'all', 'label': 'Any Service' },
+ { 'value': '', 'label': 'Specified Services and Groups' }
+ ],
+ 'tables': [
+ { 'field_name': 'memberservice_hbacsvc' },
+ { 'field_name': 'memberservice_hbacsvcgroup' }
+ ]
+ });
+ that.add_section(section);
+ }
+
+ category = section.create_radio({ 'name': 'servicecategory', 'label': 'Service category' });
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-memberservice_hbacsvc',
+ 'name': 'memberservice_hbacsvc', 'label': 'Services', 'category': category,
+ 'other_entity': 'hbacsvc', 'add_method': 'add_service', 'remove_method': 'remove_service'
+ }));
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-memberservice_hbacsvcgroup',
+ 'name': 'memberservice_hbacsvcgroup', 'label': 'Service Groups', 'category': category,
+ 'other_entity': 'hbacsvcgroup', 'add_method': 'add_service', 'remove_method': 'remove_service'
+ }));
+
+ if (IPA.layout) {
+ section = that.create_section({
+ 'name': 'sourcehost',
+ 'label': 'From',
+ 'template': 'hbacrule-details-sourcehost.html #contents'
+ });
+
+ } else {
+ section = ipa_rule_details_section({
+ 'name': 'sourcehost',
+ 'label': 'From',
+ 'text': 'Rule applies when access is being initiated from:',
+ 'field_name': 'sourcehostcategory',
+ 'options': [
+ { 'value': 'all', 'label': 'Any Host' },
+ { 'value': '', 'label': 'Specified Hosts and Groups' }
+ ],
+ 'tables': [
+ { 'field_name': 'sourcehost_host' },
+ { 'field_name': 'sourcehost_hostgroup' }
+ ]
+ });
+ that.add_section(section);
+ }
+
+ category = section.create_radio({ 'name': 'sourcehostcategory', 'label': 'Source host category' });
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-sourcehost_host',
+ 'name': 'sourcehost_host', 'label': 'Host', 'category': category,
+ 'other_entity': 'host', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost'
+ }));
+ section.add_field(ipa_rule_association_table_widget({
+ 'id': that.entity_name+'-sourcehost_hostgroup',
+ 'name': 'sourcehost_hostgroup', 'label': 'Host Groups', 'category': category,
+ 'other_entity': 'hostgroup', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost'
+ }));
+/*
+ if (IPA.layout) {
+ section = that.create_section({
+ 'name': 'accesstime',
+ 'label': 'When',
+ 'template': 'hbacrule-details-accesstime.html #contents'
+ });
+
+ } else {
+ section = that.create_section({
+ 'name': 'accesstime',
+ 'label': 'When'
+ });
+ }
+
+ section.add_field(ipa_hbacrule_accesstime_widget({
+ 'id': 'accesstime',
+ 'name': 'accesstime', 'label': 'Access Time',
+ 'text': 'Rule applies when access is being requested at:',
+ 'options': [
+ { 'value': 'all', 'label': 'Any Time' },
+ { 'value': '', 'label': 'Specified Times' }
+ ]
+ }));
+*/
+ that.details_facet_init();
+ };
+
+ that.update = function() {
+
+ var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || '';
+
+ var modify_operation = {
+ 'execute': false,
+ 'command': ipa_command({
+ 'method': that.entity_name+'_mod',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ })
+ };
+
+ var remove_accesstime = {
+ 'template': ipa_command({
+ 'method': that.entity_name+'_remove_accesstime',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ }),
+ 'commands': []
+ };
+
+ var categories = {
+ 'usercategory': {
+ 'remove_values': false
+ },
+ 'hostcategory': {
+ 'remove_values': false
+ },
+ 'servicecategory': {
+ 'remove_values': false
+ },
+ 'sourcehostcategory': {
+ 'remove_values': false
+ }
+ };
+
+ var member_operations = {
+ 'memberuser': {
+ 'category': 'usercategory',
+ 'has_values': false,
+ 'command': ipa_command({
+ 'method': that.entity_name+'_remove_user',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ })
+ },
+ 'memberhost': {
+ 'category': 'hostcategory',
+ 'has_values': false,
+ 'command': ipa_command({
+ 'method': that.entity_name+'_remove_host',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ })
+ },
+ 'memberservice': {
+ 'category': 'servicecategory',
+ 'has_values': false,
+ 'command': ipa_command({
+ 'method': that.entity_name+'_remove_service',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ })
+ },
+ 'sourcehost': {
+ 'category': 'sourcehostcategory',
+ 'has_values': false,
+ 'command': ipa_command({
+ 'method': that.entity_name+'_remove_sourcehost',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ })
+ }
+ };
+
+ var enable_operation = {
+ 'execute': false,
+ 'command': ipa_command({
+ 'method': that.entity_name+'_enable',
+ 'args': [pkey],
+ 'options': {'all': true, 'rights': true}
+ })
+ };
+
+ for (var i=0; i= 0) {
+ // prepare command to remove members if needed
+ var attribute = field.name.substring(0, p);
+ var other_entity = field.name.substring(p+1);
+
+ if (values.length) {
+ member_operations[attribute].command.set_option(other_entity, values.join(','));
+ member_operations[attribute].has_values = true;
+ }
+ continue;
+ }
+
+ // skip unchanged field
+ if (!field.is_dirty(span)) continue;
+
+ // check enable/disable
+ if (field.name == 'ipaenabledflag') {
+ if (values[0] == 'FALSE') enable_operation.command.method = that.entity_name+'_disable';
+ enable_operation.execute = true;
+ continue;
+ }
+
+ if (field.name == 'accesstime') {
+ // if accesstime is dirty, it means 'Any Time' is selected,
+ // so existing values have to be removed
+ for (var k=0; k', {
+ 'style': 'width: 100%;'
+ }).appendTo(container);
+
+ var tr = $(' ').appendTo(table);
+
+ var td = $(' ', {
+ 'style': 'width: 100px; text-align: right;',
+ 'html': 'Name:'
+ }).appendTo(tr);
+
+ td = $(' ').appendTo(tr);
+
+ var span = $(' ', { 'name': 'cn' }).appendTo(td);
+
+ $(' ', {
+ 'type': 'text',
+ 'name': 'cn',
+ 'size': 30
+ }).appendTo(span);
+
+ span.append(' ');
+
+ $(' ', {
+ 'name': 'undo',
+ 'class': 'ui-state-highlight ui-corner-all',
+ 'style': 'display: none;',
+ 'html': 'undo'
+ }).appendTo(span);
+
+ td = $(' ', {
+ 'style': 'text-align: right;'
+ }).appendTo(tr);
+
+ td.append('Rule type:');
+
+ span = $(' ', { 'name': 'accessruletype' }).appendTo(td);
+
+ $(' ', {
+ 'type': 'radio',
+ 'name': 'accessruletype',
+ 'value': 'allow'
+ }).appendTo(span);
+
+ span.append('Allow');
+
+ $(' ', {
+ 'type': 'radio',
+ 'name': 'accessruletype',
+ 'value': 'deny'
+ }).appendTo(span);
+
+ span.append('Deny');
+
+ span.append(' ');
+
+ $(' ', {
+ 'name': 'undo',
+ 'class': 'ui-state-highlight ui-corner-all',
+ 'style': 'display: none;',
+ 'html': 'undo'
+ }).appendTo(span);
+
+ tr = $(' ').appendTo(table);
+
+ td = $(' ', {
+ 'style': 'text-align: right; vertical-align: top;',
+ 'html': 'Description:'
+ }).appendTo(tr);
+
+ td = $(' ', {
+ 'colspan': 2
+ }).appendTo(tr);
+
+ span = $(' ', { 'name': 'description' }).appendTo(td);
+
+ $('', {
+ 'name': 'description',
+ 'rows': 5,
+ 'style': 'width: 100%'
+ }).appendTo(span);
+
+ span.append(' ');
+
+ $(' ', {
+ 'name': 'undo',
+ 'class': 'ui-state-highlight ui-corner-all',
+ 'style': 'display: none;',
+ 'html': 'undo'
+ }).appendTo(span);
+
+ tr = $(' ').appendTo(table);
+
+ td = $(' ', {
+ 'style': 'text-align: right; vertical-align: top;',
+ 'html': 'Rule status:'
+ }).appendTo(tr);
+
+ td = $(' ', {
+ 'colspan': 2
+ }).appendTo(tr);
+
+ span = $(' ', { 'name': 'ipaenabledflag' }).appendTo(td);
+
+ $(' ', {
+ 'type': 'radio',
+ 'name': 'ipaenabledflag',
+ 'value': 'TRUE'
+ }).appendTo(span);
+
+ span.append('Active');
+
+ $(' ', {
+ 'type': 'radio',
+ 'name': 'ipaenabledflag',
+ 'value': 'FALSE'
+ }).appendTo(span);
+
+ span.append('Inactive');
+
+ span.append(' ');
+
+ $(' ', {
+ 'name': 'undo',
+ 'class': 'ui-state-highlight ui-corner-all',
+ 'style': 'display: none;',
+ 'html': 'undo'
+ }).appendTo(span);
+ };
+
+ return that;
+}
+
+function ipa_hbacrule_accesstime_widget(spec) {
+
+ spec = spec || {};
+
+ var that = ipa_widget(spec);
+
+ that.text = spec.text;
+ that.options = spec.options || [];
+
+ that.init = function() {
+
+ that.widget_init();
+
+ that.table = ipa_table_widget({
+ 'id': 'accesstime-table',
+ 'name': 'table', 'label': that.label
+ });
+
+ that.table.create_column({
+ 'name': that.name,
+ 'label': that.label,
+ 'primary_key': true
+ });
+
+ that.table.init();
+ };
+
+ that.create = function(container) {
+
+ that.widget_create(container);
+
+ var span = $(' ', { 'name': 'text' }).appendTo(container);
+
+ span.append(that.text);
+
+ for (var i=0; i ', {
+ 'type': 'radio',
+ 'name': that.name,
+ 'value': option.value
+ }).appendTo(container);
+
+ container.append(option.label);
+ }
+
+ container.append(' ');
+
+ $(' ', {
+ 'name': 'undo',
+ 'class': 'ui-state-highlight ui-corner-all',
+ 'style': 'display: none;',
+ 'html': 'undo'
+ }).appendTo(container);
+
+ container.append(' ');
+
+ span = $(' ', { 'name': 'table' }).appendTo(container);
+
+ that.table.create(span);
+
+ var buttons = $('span[name=buttons]', span);
+
+ $(' ', {
+ 'type': 'button',
+ 'name': 'remove',
+ 'value': 'Remove '+that.label
+ }).appendTo(buttons);
+
+ $(' ', {
+ 'type': 'button',
+ 'name': 'add',
+ 'value': 'Add '+that.label
+ }).appendTo(buttons);
+ };
+
+ that.setup = function(container) {
+
+ that.widget_setup(container);
+
+ var span = $('span[name="table"]', that.container);
+ that.table.setup(span);
+
+ var button = $('input[name=remove]', span);
+ button.replaceWith(ipa_button({
+ 'label': button.val(),
+ 'icon': 'ui-icon-trash',
+ 'click': function() { that.remove(that.container); }
+ }));
+
+ button = $('input[name=add]', span);
+ button.replaceWith(ipa_button({
+ 'label': button.val(),
+ 'icon': 'ui-icon-plus',
+ 'click': function() { that.add(that.container) }
+ }));
+
+ var input = $('input[name="'+that.name+'"]', that.container);
+ input.change(function() {
+ that.show_undo();
+ });
+
+ var undo = that.get_undo();
+ undo.click(function() {
+ that.reset();
+ });
+ };
+
+ that.save = function() {
+ var value = $('input[name="'+that.name+'"]:checked', that.container).val();
+ if (value == '') {
+ return that.table.save();
+ } else {
+ return [];
+ }
+ };
+
+ that.load = function(record) {
+
+ that.values = record[that.name] || [];
+ that.reset();
+ };
+
+ that.update = function() {
+
+ that.set_category(that.container, that.values && that.values.length ? '' : 'all');
+
+ that.table.tbody.empty();
+ for (var i=0; that.values && i').appendTo(dialog.container);
+
+ var tr = $(' ').appendTo(table);
+
+ var td = $(' ', {
+ 'style': 'vertical-align: top;'
+ }).appendTo(tr);
+ td.append(that.label+': ');
+
+ td = $(' ').appendTo(tr);
+
+ var span = $(' ', { 'name': that.name }).appendTo(td);
+
+ $(' ', {
+ 'type': 'text',
+ 'name': that.name,
+ 'size': 40
+ }).appendTo(span);
+
+ tr = $(' ').appendTo(table);
+
+ td = $(' ', {
+ 'style': 'vertical-align: top;'
+ }).appendTo(tr);
+ td.append('Example:');
+
+ td = $(' ').appendTo(tr);
+
+ td.append('Every day between 0800 and 1400: ');
+ td.append('periodic daily 0800-1400 ');
+
+ td.append('December 16, 2010 from 10:32 until 10:33: ');
+ td.append('absolute 201012161032 ~ 201012161033 ');
+ };
+
+ function add(on_success, on_error) {
+
+ var field = dialog.get_field(that.name);
+ var value = field.save()[0];
+
+ var command = ipa_command({
+ 'method': that.entity_name+'_add_'+that.name,
+ 'args': [pkey],
+ 'on_success': function() {
+ that.refresh();
+ if (on_success) on_success();
+ },
+ 'on_error': function() {
+ that.refresh();
+ if (on_error) on_error();
+ }
+ });
+
+ command.set_option(that.name, value);
+
+ command.execute();
+ }
+
+ dialog.add_button('Add', function() {
+ add(
+ function() { dialog.reset(); }
+ );
+ });
+
+ dialog.add_button('Add and Close', function() {
+ add(
+ function() { dialog.close(); },
+ function() { dialog.close(); }
+ );
+ });
+
+ dialog.add_button('Cancel', function() {
+ dialog.close();
+ });
+
+ dialog.init();
+
+ dialog.open(that.container);
+ };
+
+ that.remove = function() {
+
+ var values = that.table.get_selected_values();
+
+ if (!values.length) {
+ alert('Select '+that.label+' to be removed.');
+ return;
+ }
+
+ var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || '';
+ var title = 'Remove '+that.label+' from '+that.entity_name+' '+pkey;
+
+ var dialog = ipa_deleter_dialog({
+ 'title': title,
+ 'values': values
+ });
+
+ dialog.remove = function() {
+
+ var batch = ipa_batch_command({
+ 'on_success': function() {
+ that.refresh();
+ dialog.close();
+ },
+ 'on_error': function() {
+ that.refresh();
+ dialog.close();
+ }
+ });
+
+ for (var i=0; iError: '+error_thrown.name+'');
+ summary.append(''+error_thrown.title+'
');
+ summary.append(''+error_thrown.message+'
');
+ }
+
+ var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || '';
+ ipa_cmd('show', [pkey], {'rights': true}, on_success, on_error, that.entity_name);
+ };
+
+ return that;
+}
diff --git a/install/static/index.html b/install/static/index.html
index 9a62470f9..d63bfc106 100644
--- a/install/static/index.html
+++ b/install/static/index.html
@@ -23,7 +23,7 @@
-
+
diff --git a/install/static/layouts/default/Makefile.am b/install/static/layouts/default/Makefile.am
index ca57a6539..b02c1c504 100644
--- a/install/static/layouts/default/Makefile.am
+++ b/install/static/layouts/default/Makefile.am
@@ -7,12 +7,12 @@ SUBDIRS = \
appdir = $(IPA_DATA_DIR)/static/layouts/default
app_DATA = \
- hbac-details-accesstime.html \
- hbac-details-general.html \
- hbac-details-host.html \
- hbac-details-service.html \
- hbac-details-sourcehost.html \
- hbac-details-user.html \
+ hbacrule-details-accesstime.html \
+ hbacrule-details-general.html \
+ hbacrule-details-host.html \
+ hbacrule-details-service.html \
+ hbacrule-details-sourcehost.html \
+ hbacrule-details-user.html \
sudorule-details-general.html \
sudorule-group-dialog.html \
sudorule-host-dialog.html \
diff --git a/install/static/layouts/default/hbac-details-accesstime.html b/install/static/layouts/default/hbac-details-accesstime.html
deleted file mode 100755
index 8d5e258b3..000000000
--- a/install/static/layouts/default/hbac-details-accesstime.html
+++ /dev/null
@@ -1,49 +0,0 @@
-
-
-
- When
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/install/static/layouts/default/hbac-details-general.html b/install/static/layouts/default/hbac-details-general.html
deleted file mode 100755
index 978369090..000000000
--- a/install/static/layouts/default/hbac-details-general.html
+++ /dev/null
@@ -1,57 +0,0 @@
-
-
-
- General
-
-
-
-
-
-
-
-
diff --git a/install/static/layouts/default/hbac-details-host.html b/install/static/layouts/default/hbac-details-host.html
deleted file mode 100755
index 1ba386dab..000000000
--- a/install/static/layouts/default/hbac-details-host.html
+++ /dev/null
@@ -1,78 +0,0 @@
-
-
-
- Accessing
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/install/static/layouts/default/hbac-details-service.html b/install/static/layouts/default/hbac-details-service.html
deleted file mode 100755
index 77e8420d3..000000000
--- a/install/static/layouts/default/hbac-details-service.html
+++ /dev/null
@@ -1,78 +0,0 @@
-
-
-
- Via Service
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/install/static/layouts/default/hbac-details-sourcehost.html b/install/static/layouts/default/hbac-details-sourcehost.html
deleted file mode 100755
index aae1ef380..000000000
--- a/install/static/layouts/default/hbac-details-sourcehost.html
+++ /dev/null
@@ -1,78 +0,0 @@
-
-
-
- From
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/install/static/layouts/default/hbac-details-user.html b/install/static/layouts/default/hbac-details-user.html
deleted file mode 100755
index 1b58848fe..000000000
--- a/install/static/layouts/default/hbac-details-user.html
+++ /dev/null
@@ -1,78 +0,0 @@
-
-
-
- Who
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/install/static/layouts/default/hbacrule-details-accesstime.html b/install/static/layouts/default/hbacrule-details-accesstime.html
new file mode 100755
index 000000000..8d5e258b3
--- /dev/null
+++ b/install/static/layouts/default/hbacrule-details-accesstime.html
@@ -0,0 +1,49 @@
+
+
+
+ When
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/install/static/layouts/default/hbacrule-details-general.html b/install/static/layouts/default/hbacrule-details-general.html
new file mode 100755
index 000000000..978369090
--- /dev/null
+++ b/install/static/layouts/default/hbacrule-details-general.html
@@ -0,0 +1,57 @@
+
+
+
+ General
+
+
+
+
+
+
+
+
diff --git a/install/static/layouts/default/hbacrule-details-host.html b/install/static/layouts/default/hbacrule-details-host.html
new file mode 100755
index 000000000..1ba386dab
--- /dev/null
+++ b/install/static/layouts/default/hbacrule-details-host.html
@@ -0,0 +1,78 @@
+
+
+
+ Accessing
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/install/static/layouts/default/hbacrule-details-service.html b/install/static/layouts/default/hbacrule-details-service.html
new file mode 100755
index 000000000..77e8420d3
--- /dev/null
+++ b/install/static/layouts/default/hbacrule-details-service.html
@@ -0,0 +1,78 @@
+
+
+
+ Via Service
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/install/static/layouts/default/hbacrule-details-sourcehost.html b/install/static/layouts/default/hbacrule-details-sourcehost.html
new file mode 100755
index 000000000..aae1ef380
--- /dev/null
+++ b/install/static/layouts/default/hbacrule-details-sourcehost.html
@@ -0,0 +1,78 @@
+
+
+
+ From
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/install/static/layouts/default/hbacrule-details-user.html b/install/static/layouts/default/hbacrule-details-user.html
new file mode 100755
index 000000000..1b58848fe
--- /dev/null
+++ b/install/static/layouts/default/hbacrule-details-user.html
@@ -0,0 +1,78 @@
+
+
+
+ Who
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/install/static/test/data/hbac_add.json b/install/static/test/data/hbac_add.json
deleted file mode 100644
index 2a5d251bf..000000000
--- a/install/static/test/data/hbac_add.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "result": {
- "accessruletype": [
- "allow"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=f3e69e82-e3b411df-bfde9b13-2b28c216,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "ipauniqueid": [
- "f3e69e82-e3b411df-bfde9b13-2b28c216"
- ],
- "objectclass": [
- "ipaassociation",
- "ipahbacrule"
- ]
- },
- "summary": null,
- "value": "test"
- }
-}
\ No newline at end of file
diff --git a/install/static/test/data/hbac_add_accesstime.json b/install/static/test/data/hbac_add_accesstime.json
deleted file mode 100644
index 3c631155b..000000000
--- a/install/static/test/data/hbac_add_accesstime.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "result": true
- }
-}
diff --git a/install/static/test/data/hbac_add_host.json b/install/static/test/data/hbac_add_host.json
deleted file mode 100644
index 038d6aea4..000000000
--- a/install/static/test/data/hbac_add_host.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 2,
- "failed": {
- "memberhost": {
- "host": [],
- "hostgroup": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_add_service.json b/install/static/test/data/hbac_add_service.json
deleted file mode 100644
index c658fe8b5..000000000
--- a/install/static/test/data/hbac_add_service.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 3,
- "failed": {
- "memberservice": {
- "hbacsvc": [],
- "hbacsvcgroup": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_add_sourcehost.json b/install/static/test/data/hbac_add_sourcehost.json
deleted file mode 100644
index a657207f5..000000000
--- a/install/static/test/data/hbac_add_sourcehost.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 2,
- "failed": {
- "sourcehost": {
- "host": [],
- "hostgroup": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_add_user.json b/install/static/test/data/hbac_add_user.json
deleted file mode 100644
index 0c4c976e4..000000000
--- a/install/static/test/data/hbac_add_user.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 3,
- "failed": {
- "memberuser": {
- "group": [],
- "user": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_del.json b/install/static/test/data/hbac_del.json
deleted file mode 100644
index 2197a12c2..000000000
--- a/install/static/test/data/hbac_del.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "result": true,
- "summary": null,
- "value": "test"
- }
-}
\ No newline at end of file
diff --git a/install/static/test/data/hbac_find.json b/install/static/test/data/hbac_find.json
deleted file mode 100644
index fd95d9f57..000000000
--- a/install/static/test/data/hbac_find.json
+++ /dev/null
@@ -1,54 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "count": 2,
- "result": [
- {
- "accessruletype": [
- "allow"
- ],
- "cn": [
- "allow_all"
- ],
- "description": [
- "Allow all users to access any host from any host"
- ],
- "dn": "ipauniqueid=b7567b5a-e39311df-bfde9b13-2b28c216,cn=hbac,dc=dev,dc=example,dc=com",
- "hostcategory": [
- "all"
- ],
- "ipaenabledflag": [
- "TRUE"
- ],
- "servicecategory": [
- "all"
- ],
- "sourcehostcategory": [
- "all"
- ],
- "usercategory": [
- "all"
- ]
- },
- {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=3b6d2a82-e3b511df-bfde9b13-2b28c216,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ]
- }
- ],
- "summary": null,
- "truncated": false
- }
-}
diff --git a/install/static/test/data/hbac_mod.json b/install/static/test/data/hbac_mod.json
deleted file mode 100644
index ea2b4d1e8..000000000
--- a/install/static/test/data/hbac_mod.json
+++ /dev/null
@@ -1,60 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "result": {
- "accessruletype": [
- "allow"
- ],
- "attributelevelrights": {
- "accessruletype": "rscwo",
- "accesstime": "rscwo",
- "aci": "rscwo",
- "cn": "rscwo",
- "description": "rscwo",
- "externalhost": "rscwo",
- "hostcategory": "rscwo",
- "ipaenabledflag": "rscwo",
- "ipauniqueid": "rsc",
- "memberhost": "rscwo",
- "memberservice": "rscwo",
- "memberuser": "rscwo",
- "nsaccountlock": "rscwo",
- "servicecategory": "rscwo",
- "sourcehost": "rscwo",
- "sourcehostcategory": "rscwo",
- "usercategory": "rscwo"
- },
- "cn": [
- "test"
- ],
- "description": [
- "Test HBAC rule."
- ],
- "hostcategory": [
- "all"
- ],
- "ipaenabledflag": [
- "TRUE"
- ],
- "ipauniqueid": [
- "4ed8b682-edf511df-b3f78f4b-11cc007b"
- ],
- "objectclass": [
- "ipaassociation",
- "ipahbacrule"
- ],
- "servicecategory": [
- "all"
- ],
- "sourcehostcategory": [
- "all"
- ],
- "usercategory": [
- "all"
- ]
- },
- "summary": null,
- "value": "test"
- }
-}
diff --git a/install/static/test/data/hbac_remove_accesstime.json b/install/static/test/data/hbac_remove_accesstime.json
deleted file mode 100644
index 3c631155b..000000000
--- a/install/static/test/data/hbac_remove_accesstime.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "result": true
- }
-}
diff --git a/install/static/test/data/hbac_remove_host.json b/install/static/test/data/hbac_remove_host.json
deleted file mode 100644
index 02f56ecd6..000000000
--- a/install/static/test/data/hbac_remove_host.json
+++ /dev/null
@@ -1,50 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 2,
- "failed": {
- "memberhost": {
- "host": [],
- "hostgroup": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_remove_service.json b/install/static/test/data/hbac_remove_service.json
deleted file mode 100644
index f8b6b51a5..000000000
--- a/install/static/test/data/hbac_remove_service.json
+++ /dev/null
@@ -1,49 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 3,
- "failed": {
- "memberservice": {
- "hbacsvc": [],
- "hbacsvcgroup": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_remove_sourcehost.json b/install/static/test/data/hbac_remove_sourcehost.json
deleted file mode 100644
index da32f76e0..000000000
--- a/install/static/test/data/hbac_remove_sourcehost.json
+++ /dev/null
@@ -1,50 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 2,
- "failed": {
- "sourcehost": {
- "host": [],
- "hostgroup": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "admins",
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_remove_user.json b/install/static/test/data/hbac_remove_user.json
deleted file mode 100644
index f25317e83..000000000
--- a/install/static/test/data/hbac_remove_user.json
+++ /dev/null
@@ -1,48 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "completed": 3,
- "failed": {
- "memberuser": {
- "group": [],
- "user": []
- }
- },
- "result": {
- "accessruletype": [
- "allow"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- }
- }
-}
diff --git a/install/static/test/data/hbac_show.json b/install/static/test/data/hbac_show.json
deleted file mode 100644
index 2c0b64b39..000000000
--- a/install/static/test/data/hbac_show.json
+++ /dev/null
@@ -1,76 +0,0 @@
-{
- "error": null,
- "id": 0,
- "result": {
- "result": {
- "accessruletype": [
- "deny"
- ],
- "accesstime": [
- "periodic daily 0800-1400",
- "absolute 201012161032 ~ 201012161033"
- ],
- "attributelevelrights": {
- "accessruletype": "rscwo",
- "accesstime": "rscwo",
- "aci": "rscwo",
- "cn": "rscwo",
- "description": "rscwo",
- "externalhost": "rscwo",
- "hostcategory": "rscwo",
- "ipaenabledflag": "rscwo",
- "ipauniqueid": "rsc",
- "memberhost": "rscwo",
- "memberservice": "rscwo",
- "memberuser": "rscwo",
- "nsaccountlock": "rscwo",
- "servicecategory": "rscwo",
- "sourcehost": "rscwo",
- "sourcehostcategory": "rscwo",
- "usercategory": "rscwo"
- },
- "cn": [
- "test"
- ],
- "dn": "ipauniqueid=4ed8b682-edf511df-b3f78f4b-11cc007b,cn=hbac,dc=dev,dc=example,dc=com",
- "ipaenabledflag": [
- "TRUE"
- ],
- "ipauniqueid": [
- "4ed8b682-edf511df-b3f78f4b-11cc007b"
- ],
- "memberhost_host": [
- "dev.example.com"
- ],
- "memberhost_hostgroup": [
- "production"
- ],
- "memberservice_hbacsvc": [
- "ftp",
- "sshd"
- ],
- "memberservice_hbacsvcgroup": [
- "sudo"
- ],
- "memberuser_group": [
- "editors"
- ],
- "memberuser_user": [
- "admin",
- "test"
- ],
- "objectclass": [
- "ipaassociation",
- "ipahbacrule"
- ],
- "sourcehost_host": [
- "dev.example.com"
- ],
- "sourcehost_hostgroup": [
- "staging"
- ]
- },
- "summary": null,
- "value": "test"
- }
-}
diff --git a/install/static/test/data/hbacrule_add.json b/install/static/test/data/hbacrule_add.json
new file mode 100644
index 000000000..2a5d251bf
--- /dev/null
+++ b/install/static/test/data/hbacrule_add.json
@@ -0,0 +1,27 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=f3e69e82-e3b411df-bfde9b13-2b28c216,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "ipauniqueid": [
+ "f3e69e82-e3b411df-bfde9b13-2b28c216"
+ ],
+ "objectclass": [
+ "ipaassociation",
+ "ipahbacrule"
+ ]
+ },
+ "summary": null,
+ "value": "test"
+ }
+}
\ No newline at end of file
diff --git a/install/static/test/data/hbacrule_add_accesstime.json b/install/static/test/data/hbacrule_add_accesstime.json
new file mode 100644
index 000000000..3c631155b
--- /dev/null
+++ b/install/static/test/data/hbacrule_add_accesstime.json
@@ -0,0 +1,7 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "result": true
+ }
+}
diff --git a/install/static/test/data/hbacrule_add_host.json b/install/static/test/data/hbacrule_add_host.json
new file mode 100644
index 000000000..038d6aea4
--- /dev/null
+++ b/install/static/test/data/hbacrule_add_host.json
@@ -0,0 +1,56 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 2,
+ "failed": {
+ "memberhost": {
+ "host": [],
+ "hostgroup": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_add_service.json b/install/static/test/data/hbacrule_add_service.json
new file mode 100644
index 000000000..c658fe8b5
--- /dev/null
+++ b/install/static/test/data/hbacrule_add_service.json
@@ -0,0 +1,56 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 3,
+ "failed": {
+ "memberservice": {
+ "hbacsvc": [],
+ "hbacsvcgroup": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_add_sourcehost.json b/install/static/test/data/hbacrule_add_sourcehost.json
new file mode 100644
index 000000000..a657207f5
--- /dev/null
+++ b/install/static/test/data/hbacrule_add_sourcehost.json
@@ -0,0 +1,56 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 2,
+ "failed": {
+ "sourcehost": {
+ "host": [],
+ "hostgroup": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_add_user.json b/install/static/test/data/hbacrule_add_user.json
new file mode 100644
index 000000000..0c4c976e4
--- /dev/null
+++ b/install/static/test/data/hbacrule_add_user.json
@@ -0,0 +1,56 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 3,
+ "failed": {
+ "memberuser": {
+ "group": [],
+ "user": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_del.json b/install/static/test/data/hbacrule_del.json
new file mode 100644
index 000000000..2197a12c2
--- /dev/null
+++ b/install/static/test/data/hbacrule_del.json
@@ -0,0 +1,9 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "result": true,
+ "summary": null,
+ "value": "test"
+ }
+}
\ No newline at end of file
diff --git a/install/static/test/data/hbacrule_find.json b/install/static/test/data/hbacrule_find.json
new file mode 100644
index 000000000..fd95d9f57
--- /dev/null
+++ b/install/static/test/data/hbacrule_find.json
@@ -0,0 +1,54 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "count": 2,
+ "result": [
+ {
+ "accessruletype": [
+ "allow"
+ ],
+ "cn": [
+ "allow_all"
+ ],
+ "description": [
+ "Allow all users to access any host from any host"
+ ],
+ "dn": "ipauniqueid=b7567b5a-e39311df-bfde9b13-2b28c216,cn=hbac,dc=dev,dc=example,dc=com",
+ "hostcategory": [
+ "all"
+ ],
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "servicecategory": [
+ "all"
+ ],
+ "sourcehostcategory": [
+ "all"
+ ],
+ "usercategory": [
+ "all"
+ ]
+ },
+ {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=3b6d2a82-e3b511df-bfde9b13-2b28c216,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ]
+ }
+ ],
+ "summary": null,
+ "truncated": false
+ }
+}
diff --git a/install/static/test/data/hbacrule_mod.json b/install/static/test/data/hbacrule_mod.json
new file mode 100644
index 000000000..ea2b4d1e8
--- /dev/null
+++ b/install/static/test/data/hbacrule_mod.json
@@ -0,0 +1,60 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "attributelevelrights": {
+ "accessruletype": "rscwo",
+ "accesstime": "rscwo",
+ "aci": "rscwo",
+ "cn": "rscwo",
+ "description": "rscwo",
+ "externalhost": "rscwo",
+ "hostcategory": "rscwo",
+ "ipaenabledflag": "rscwo",
+ "ipauniqueid": "rsc",
+ "memberhost": "rscwo",
+ "memberservice": "rscwo",
+ "memberuser": "rscwo",
+ "nsaccountlock": "rscwo",
+ "servicecategory": "rscwo",
+ "sourcehost": "rscwo",
+ "sourcehostcategory": "rscwo",
+ "usercategory": "rscwo"
+ },
+ "cn": [
+ "test"
+ ],
+ "description": [
+ "Test HBAC rule."
+ ],
+ "hostcategory": [
+ "all"
+ ],
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "ipauniqueid": [
+ "4ed8b682-edf511df-b3f78f4b-11cc007b"
+ ],
+ "objectclass": [
+ "ipaassociation",
+ "ipahbacrule"
+ ],
+ "servicecategory": [
+ "all"
+ ],
+ "sourcehostcategory": [
+ "all"
+ ],
+ "usercategory": [
+ "all"
+ ]
+ },
+ "summary": null,
+ "value": "test"
+ }
+}
diff --git a/install/static/test/data/hbacrule_remove_accesstime.json b/install/static/test/data/hbacrule_remove_accesstime.json
new file mode 100644
index 000000000..3c631155b
--- /dev/null
+++ b/install/static/test/data/hbacrule_remove_accesstime.json
@@ -0,0 +1,7 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "result": true
+ }
+}
diff --git a/install/static/test/data/hbacrule_remove_host.json b/install/static/test/data/hbacrule_remove_host.json
new file mode 100644
index 000000000..02f56ecd6
--- /dev/null
+++ b/install/static/test/data/hbacrule_remove_host.json
@@ -0,0 +1,50 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 2,
+ "failed": {
+ "memberhost": {
+ "host": [],
+ "hostgroup": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_remove_service.json b/install/static/test/data/hbacrule_remove_service.json
new file mode 100644
index 000000000..f8b6b51a5
--- /dev/null
+++ b/install/static/test/data/hbacrule_remove_service.json
@@ -0,0 +1,49 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 3,
+ "failed": {
+ "memberservice": {
+ "hbacsvc": [],
+ "hbacsvcgroup": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_remove_sourcehost.json b/install/static/test/data/hbacrule_remove_sourcehost.json
new file mode 100644
index 000000000..da32f76e0
--- /dev/null
+++ b/install/static/test/data/hbacrule_remove_sourcehost.json
@@ -0,0 +1,50 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 2,
+ "failed": {
+ "sourcehost": {
+ "host": [],
+ "hostgroup": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "admins",
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_remove_user.json b/install/static/test/data/hbacrule_remove_user.json
new file mode 100644
index 000000000..f25317e83
--- /dev/null
+++ b/install/static/test/data/hbacrule_remove_user.json
@@ -0,0 +1,48 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "completed": 3,
+ "failed": {
+ "memberuser": {
+ "group": [],
+ "user": []
+ }
+ },
+ "result": {
+ "accessruletype": [
+ "allow"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=e8aca082-e64a11df-9864f2e0-e0578392,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ }
+ }
+}
diff --git a/install/static/test/data/hbacrule_show.json b/install/static/test/data/hbacrule_show.json
new file mode 100644
index 000000000..2c0b64b39
--- /dev/null
+++ b/install/static/test/data/hbacrule_show.json
@@ -0,0 +1,76 @@
+{
+ "error": null,
+ "id": 0,
+ "result": {
+ "result": {
+ "accessruletype": [
+ "deny"
+ ],
+ "accesstime": [
+ "periodic daily 0800-1400",
+ "absolute 201012161032 ~ 201012161033"
+ ],
+ "attributelevelrights": {
+ "accessruletype": "rscwo",
+ "accesstime": "rscwo",
+ "aci": "rscwo",
+ "cn": "rscwo",
+ "description": "rscwo",
+ "externalhost": "rscwo",
+ "hostcategory": "rscwo",
+ "ipaenabledflag": "rscwo",
+ "ipauniqueid": "rsc",
+ "memberhost": "rscwo",
+ "memberservice": "rscwo",
+ "memberuser": "rscwo",
+ "nsaccountlock": "rscwo",
+ "servicecategory": "rscwo",
+ "sourcehost": "rscwo",
+ "sourcehostcategory": "rscwo",
+ "usercategory": "rscwo"
+ },
+ "cn": [
+ "test"
+ ],
+ "dn": "ipauniqueid=4ed8b682-edf511df-b3f78f4b-11cc007b,cn=hbac,dc=dev,dc=example,dc=com",
+ "ipaenabledflag": [
+ "TRUE"
+ ],
+ "ipauniqueid": [
+ "4ed8b682-edf511df-b3f78f4b-11cc007b"
+ ],
+ "memberhost_host": [
+ "dev.example.com"
+ ],
+ "memberhost_hostgroup": [
+ "production"
+ ],
+ "memberservice_hbacsvc": [
+ "ftp",
+ "sshd"
+ ],
+ "memberservice_hbacsvcgroup": [
+ "sudo"
+ ],
+ "memberuser_group": [
+ "editors"
+ ],
+ "memberuser_user": [
+ "admin",
+ "test"
+ ],
+ "objectclass": [
+ "ipaassociation",
+ "ipahbacrule"
+ ],
+ "sourcehost_host": [
+ "dev.example.com"
+ ],
+ "sourcehost_hostgroup": [
+ "staging"
+ ]
+ },
+ "summary": null,
+ "value": "test"
+ }
+}
diff --git a/install/static/test/data/ipa_init.json b/install/static/test/data/ipa_init.json
index e399d8081..3b3f2db7d 100644
--- a/install/static/test/data/ipa_init.json
+++ b/install/static/test/data/ipa_init.json
@@ -3132,7 +3132,7 @@
],
"uuid_attribute": "ipauniqueid"
},
- "hbac": {
+ "hbacrule": {
"aciattrs": [
"accessruletype",
"accesstime",
@@ -3169,7 +3169,7 @@
]
},
"bindable": false,
- "container_dn": "cn=hbac",
+ "container_dn": "cn=hbacrules",
"default_attributes": [
"cn",
"accessruletype",
@@ -3208,7 +3208,7 @@
"remove_user",
"show"
],
- "name": "hbac",
+ "name": "hbacrule",
"object_class": [
"ipaassociation",
"ipahbacrule"
@@ -7833,7 +7833,7 @@
"container_configs": "cn=configs,cn=policies",
"container_dns": "cn=dns",
"container_group": "cn=groups,cn=accounts",
- "container_hbac": "cn=hbac",
+ "container_hbacrule": "cn=hbacrules",
"container_hbacservice": "cn=hbacservices,cn=accounts",
"container_hbacservicegroup": "cn=hbacservicegroups,cn=accounts",
"container_host": "cn=computers,cn=accounts",
diff --git a/install/static/webui.js b/install/static/webui.js
index f17db8bc9..964c8cf79 100644
--- a/install/static/webui.js
+++ b/install/static/webui.js
@@ -34,7 +34,7 @@ var admin_tab_set = [
]},
{name:'policy', children:[
{name:'dnszone', entity:'dnszone'},
- {name:'hbac', entity:'hbac', children:[
+ {name:'hbacrule', entity:'hbacrule', children:[
{name:'hbacsvc', entity:'hbacsvc'},
{name:'hbacsvcgroup', entity:'hbacsvcgroup'}
]},
--
cgit