/*jsl:import ipa.js */ /* Authors: * Endi Sukma Dewata * * Copyright (C) 2010 Red Hat * see file 'COPYING' for use and warranty information * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */ IPA.hbacrule = function () { var that = IPA.entity({ 'name': 'hbacrule' }); that.init = function() { var dialog = IPA.hbacrule_add_dialog({ 'name': 'add', 'title': 'Add New Rule' }); that.add_dialog(dialog); dialog.init(); var facet = IPA.hbacrule_search_facet({ 'name': 'search', 'label': 'Search' }); that.add_facet(facet); facet = IPA.hbacrule_details_facet({ 'name': 'details' }); that.add_facet(facet); that.entity_init(); }; return that; }; IPA.add_entity(IPA.hbacrule()); IPA.hbacrule_add_dialog = function (spec) { spec = spec || {}; var that = IPA.add_dialog(spec); that.init = function() { that.add_field(IPA.text_widget({ 'name': 'cn', 'undo': false })); that.add_field(IPA.radio_widget({ 'name': 'accessruletype', 'options': [ { 'value': 'allow', 'label': 'Allow' }, { 'value': 'deny', 'label': 'Deny' } ], 'undo': false })); that.add_dialog_init(); }; return that; }; IPA.hbacrule_search_facet = function (spec) { spec = spec || {}; var that = IPA.search_facet(spec); that.init = function() { that.create_column({name:'cn'}); that.create_column({name:'usercategory'}); that.create_column({name:'hostcategory'}); that.create_column({name:'ipaenabledflag'}); that.create_column({name:'servicecategory'}); that.create_column({name:'sourcehostcategory'}); that.search_facet_init(); }; that.create = function(container) { /* // Not yet implemented var left_buttons = $('', { 'style': 'float: left;' }).appendTo(container); left_buttons.append(IPA.button({ 'label': 'Troubleshoot Rules' })); left_buttons.append(IPA.button({ 'label': 'Cull Disabled Rules' })); */ that.search_facet_create(container); }; return that; }; IPA.hbacrule_details_facet = function (spec) { spec = spec || {}; var that = IPA.details_facet(spec); that.init = function() { var section; if (IPA.layout) { section = that.create_section({ 'name': 'general', 'label': 'General', 'template': 'hbacrule-details-general.html #contents' }); } else { section = IPA.hbacrule_details_general_section({ 'name': 'general', 'label': 'General' }); that.add_section(section); } section.create_text({ 'name': 'cn', 'label': 'Name', 'read_only': true }); section.create_radio({ 'name': 'accessruletype', 'label': 'Rule Type' }); section.create_textarea({ 'name': 'description', 'label': 'Description' }); section.create_radio({ 'name': 'ipaenabledflag', 'label': 'Enabled' }); if (IPA.layout) { section = that.create_section({ 'name': 'user', 'label': 'Who', 'template': 'hbacrule-details-user.html #contents' }); } else { section = IPA.rule_details_section({ 'name': 'user', 'label': 'Who', 'text': 'Rule applies when access is requested by:', 'field_name': 'usercategory', 'options': [ { 'value': 'all', 'label': 'Anyone' }, { 'value': '', 'label': 'Specified Users and Groups' } ], 'tables': [ { 'field_name': 'memberuser_user' }, { 'field_name': 'memberuser_group' } ] }); that.add_section(section); } var category = section.create_radio({ name: 'usercategory', label: 'User category' }); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-memberuser_user', 'name': 'memberuser_user', 'label': 'Users', 'category': category, 'other_entity': 'user', 'add_method': 'add_user', 'remove_method': 'remove_user' })); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-memberuser_group', 'name': 'memberuser_group', 'label': 'Groups', 'category': category, 'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user' })); if (IPA.layout) { section = that.create_section({ 'name': 'host', 'label': 'Accessing', 'template': 'hbacrule-details-host.html #contents' }); } else { section = IPA.rule_details_section({ 'name': 'host', 'label': 'Accessing', 'text': 'Rule applies when access is requested to:', 'field_name': 'hostcategory', 'options': [ { 'value': 'all', 'label': 'Any Host' }, { 'value': '', 'label': 'Specified Hosts and Groups' } ], 'tables': [ { 'field_name': 'memberhost_host' }, { 'field_name': 'memberhost_hostgroup' } ] }); that.add_section(section); } category = section.create_radio({ 'name': 'hostcategory', 'label': 'Host category' }); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-memberhost_host', 'name': 'memberhost_host', 'label': 'Hosts', 'category': category, 'other_entity': 'host', 'add_method': 'add_host', 'remove_method': 'remove_host' })); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-memberhost_hostgroup', 'name': 'memberhost_hostgroup', 'label': 'Host Groups', 'category': category, 'other_entity': 'hostgroup', 'add_method': 'add_host', 'remove_method': 'remove_host' })); if (IPA.layout) { section = that.create_section({ 'name': 'service', 'label': 'Via Service', 'template': 'hbacrule-details-service.html #contents' }); } else { section = IPA.rule_details_section({ 'name': 'service', 'label': 'Via Service', 'text': 'Rule applies when access is requested via:', 'field_name': 'servicecategory', 'options': [ { 'value': 'all', 'label': 'Any Service' }, { 'value': '', 'label': 'Specified Services and Groups' } ], 'tables': [ { 'field_name': 'memberservice_hbacsvc' }, { 'field_name': 'memberservice_hbacsvcgroup' } ] }); that.add_section(section); } category = section.create_radio({ 'name': 'servicecategory', 'label': 'Service category' }); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-memberservice_hbacsvc', 'name': 'memberservice_hbacsvc', 'label': 'Services', 'category': category, 'other_entity': 'hbacsvc', 'add_method': 'add_service', 'remove_method': 'remove_service' })); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-memberservice_hbacsvcgroup', 'name': 'memberservice_hbacsvcgroup', 'label': 'Service Groups', 'category': category, 'other_entity': 'hbacsvcgroup', 'add_method': 'add_service', 'remove_method': 'remove_service' })); if (IPA.layout) { section = that.create_section({ 'name': 'sourcehost', 'label': 'From', 'template': 'hbacrule-details-sourcehost.html #contents' }); } else { section = IPA.rule_details_section({ 'name': 'sourcehost', 'label': 'From', 'text': 'Rule applies when access is being initiated from:', 'field_name': 'sourcehostcategory', 'options': [ { 'value': 'all', 'label': 'Any Host' }, { 'value': '', 'label': 'Specified Hosts and Groups' } ], 'tables': [ { 'field_name': 'sourcehost_host' }, { 'field_name': 'sourcehost_hostgroup' } ] }); that.add_section(section); } category = section.create_radio({ 'name': 'sourcehostcategory', 'label': 'Source host category' }); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-sourcehost_host', 'name': 'sourcehost_host', 'label': 'Host', 'category': category, 'other_entity': 'host', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost' })); section.add_field(IPA.rule_association_table_widget({ 'id': that.entity_name+'-sourcehost_hostgroup', 'name': 'sourcehost_hostgroup', 'label': 'Host Groups', 'category': category, 'other_entity': 'hostgroup', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost' })); /* if (IPA.layout) { section = that.create_section({ 'name': 'accesstime', 'label': 'When', 'template': 'hbacrule-details-accesstime.html #contents' }); } else { section = that.create_section({ 'name': 'accesstime', 'label': 'When' }); } section.add_field(ipa_hbacrule_accesstime_widget({ 'id': 'accesstime', 'name': 'accesstime', 'label': 'Access Time', 'text': 'Rule applies when access is being requested at:', 'options': [ { 'value': 'all', 'label': 'Any Time' }, { 'value': '', 'label': 'Specified Times' } ] })); */ that.details_facet_init(); }; that.update = function() { var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || ''; var modify_operation = { 'execute': false, 'command': IPA.command({ 'method': that.entity_name+'_mod', 'args': [pkey], 'options': {'all': true, 'rights': true} }) }; var remove_accesstime = { 'template': IPA.command({ 'method': that.entity_name+'_remove_accesstime', 'args': [pkey], 'options': {'all': true, 'rights': true} }), 'commands': [] }; var categories = { 'usercategory': { 'remove_values': false }, 'hostcategory': { 'remove_values': false }, 'servicecategory': { 'remove_values': false }, 'sourcehostcategory': { 'remove_values': false } }; var member_operations = { 'memberuser': { 'category': 'usercategory', 'has_values': false, 'command': IPA.command({ 'method': that.entity_name+'_remove_user', 'args': [pkey], 'options': {'all': true, 'rights': true} }) }, 'memberhost': { 'category': 'hostcategory', 'has_values': false, 'command': IPA.command({ 'method': that.entity_name+'_remove_host', 'args': [pkey], 'options': {'all': true, 'rights': true} }) }, 'memberservice': { 'category': 'servicecategory', 'has_values': false, 'command': IPA.command({ 'method': that.entity_name+'_remove_service', 'args': [pkey], 'options': {'all': true, 'rights': true} }) }, 'sourcehost': { 'category': 'sourcehostcategory', 'has_values': false, 'command': IPA.command({ 'method': that.entity_name+'_remove_sourcehost', 'args': [pkey], 'options': {'all': true, 'rights': true} }) } }; var enable_operation = { 'execute': false, 'command': IPA.command({ 'method': that.entity_name+'_enable', 'args': [pkey], 'options': {'all': true, 'rights': true} }) }; for (var i=0; i= 0) { // prepare command to remove members if needed var attribute = field.name.substring(0, p); var other_entity = field.name.substring(p+1); if (values.length) { member_operations[attribute].command.set_option(other_entity, values.join(',')); member_operations[attribute].has_values = true; } continue; } // skip unchanged field if (!field.is_dirty(span)) continue; // check enable/disable if (field.name == 'ipaenabledflag') { if (values[0] == 'FALSE') enable_operation.command.method = that.entity_name+'_disable'; enable_operation.execute = true; continue; } if (field.name == 'accesstime') { // if accesstime is dirty, it means 'Any Time' is selected, // so existing values have to be removed for (var k=0; k', { 'style': 'width: 100%;' }).appendTo(container); var tr = $('').appendTo(table); var td = $('', { 'style': 'width: 100px; text-align: right;', 'html': 'Name:' }).appendTo(tr); td = $('').appendTo(tr); var span = $('', { 'name': 'cn' }).appendTo(td); $('', { 'type': 'text', 'name': 'cn', 'size': 30 }).appendTo(span); span.append(' '); $('', { 'name': 'undo', 'class': 'ui-state-highlight ui-corner-all', 'style': 'display: none;', 'html': 'undo' }).appendTo(span); td = $('', { 'style': 'text-align: right;' }).appendTo(tr); td.append('Rule type:'); span = $('', { 'name': 'accessruletype' }).appendTo(td); $('', { 'type': 'radio', 'name': 'accessruletype', 'value': 'allow' }).appendTo(span); span.append('Allow'); $('', { 'type': 'radio', 'name': 'accessruletype', 'value': 'deny' }).appendTo(span); span.append('Deny'); span.append(' '); $('', { 'name': 'undo', 'class': 'ui-state-highlight ui-corner-all', 'style': 'display: none;', 'html': 'undo' }).appendTo(span); tr = $('').appendTo(table); td = $('', { 'style': 'text-align: right; vertical-align: top;', 'html': 'Description:' }).appendTo(tr); td = $('', { 'colspan': 2 }).appendTo(tr); span = $('', { 'name': 'description' }).appendTo(td); $('