summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Display the entries that failed when deleting with --continue.Rob Crittenden2011-01-1024-49/+73
| | | | | | | | | | | | We collected the failures but didn't report it back. This changes the API of most delete commands so rather than returning a boolean it returns a dict with the only current key as failed. This also adds a new parameter flag, suppress_empty. This will try to not print values that are empty if included. This makes the output of the delete commands a bit prettier. ticket 687
* Setting an empty set of target attributes should raise an exception.Rob Crittenden2011-01-104-31/+40
| | | | | | | | | | | It is possible to create an ACI with attributes and then try to set that to None via a mod command later. We need to catch this and raise an exception. If all attributes are set to None in an aci then the attr target is removed from the ACI. This could result in an illegal ACI if there are no other targets. Having no targets is a legal state, just not a legal final state. ticket 647
* center pageAdam Young2011-01-103-17/+28
| | | | | fixes issues from https://fedorahosted.org/freeipa/ticket/507
* action-panel adjustmentsAdam Young2011-01-101-5/+4
| | | | tweak the tabs padding
* Fixed command category value.Endi S. Dewata2011-01-101-1/+1
|
* remove permissions checkboxAdam Young2011-01-081-2/+0
| | | | | self service defaults to write permission, the only acceptable one. By removing the checkbox, we stop sending invalid permissions
* fix entity unit tests unit tests updated to accoount for the facet_group titleAdam Young2011-01-081-2/+4
|
* Validate add-dialog text fieldsAdam Young2011-01-081-9/+62
|
* Temporarily work around SSL connection issue causing installation to fail.Rob Crittenden2011-01-071-1/+2
| | | | | Not sure if this is an openldap-client, pem-nss or python-ldap problem yet but the installation is failing.
* Fix 'ipa help permissions'; add 'dns' in allowed types.Pavel Zuna2011-01-071-1/+1
|
* Allow the kdc to write krbExtraDataRob Crittenden2011-01-071-1/+1
|
* Initial grouping of ipalib plugins for ipa helpJan Zeleny2011-01-076-0/+7
| | | | | This patch makes one group for all HBAC plugins and one group for all sudo plugins.
* Changed concept of ipa helpJan Zeleny2011-01-071-20/+97
| | | | | | | | | | | | | | | | | | | | | | | | The concept is now following: topic: either a module or a group of modules containing registered commands. All these commands will usually handle common entity type (e.g. hbac rules) subtopic: each topic can have a number of subtopics. In this case topic is a group of modules and each module represents a subtopic. grouping modules to topics is possible by assigning a 2-tuple to module variable: topic = ('topic-name','topic description') The topic description has to be the same in all modules in the topic. These are examples of commands now available in IPA help: ipa help - display a list of all topics ipa help hbac - display help for hbac topic ipa help hbacrule - display help for a subtopic of hbac ipa help hbacrule-add - display help for a particular command https://fedorahosted.org/freeipa/ticket/410
* Rename hbac module to hbacruleJan Zeleny2011-01-073-143/+143
| | | | | | The renaming follows previous discussion on mailing list and it leads to name compatibility with other plugins (e.g. sudorule). It is also necessary for following changes in ipa help.
* Better detection when not working with a real keytab in ipa-rmkeytab.Rob Crittenden2011-01-071-1/+11
| | | | | | | Resolving the keytab isn't enough, this just creates a name. Try to create a cursor into the keytab to see if it is a valid keytab. ticket 654
* Rename --ipaddr option of host-add commandJan Zeleny2011-01-071-1/+1
| | | | | | | The option is renamed to --ip-address to be consistent with ipa-replica-prepare. https://fedorahosted.org/freeipa/ticket/655
* Create the reverse zone by defaultJakub Hrozek2011-01-074-9/+36
| | | | | | A new option to specify reverse zone creation for unattended installs https://fedorahosted.org/freeipa/ticket/678
* Do not use LDAP_DEPRECATED in pluginsJakub Hrozek2011-01-078-29/+106
| | | | | | | | | Remove the LDAP_DEPRECATED constant and do not use functions that are marked as deprecated in recent OpenLDAP releases. Also always define WITH_{MOZLDAP,OPENLDAP} since there are conditional header includes that depend on that constant. https://fedorahosted.org/freeipa/ticket/576
* Allow ipa-dns-install to install with just admin credentialsSimo Sorce2011-01-076-89/+81
| | | | | | | Do this by creating a common way to attach to the ldap server for each instance. Fixes: https://fedorahosted.org/freeipa/ticket/686
* Allow ipa-dns-install to configure DNS on a replica.Simo Sorce2011-01-074-8/+35
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/645
* bad request workaround not a permanent fix, but makes the web server accept ↵Adam Young2011-01-071-0/+3
| | | | valied request. https://fedorahosted.org/freeipa/ticket/691
* metatdata for facet_groupsAdam Young2011-01-071-32/+31
| | | | THis patch updates the metadata with the changes for the facet groups names. It is a large patch only in that the metadata is huge, but the change is trivial
* facet nestingAdam Young2011-01-075-9/+37
| | | | | correctly nest the facet groups change 'parent' to 'member of' for facet group
* dns record styleAdam Young2011-01-071-0/+3
| | | | THe client aread class is added after the create call. THe logic assumes that there are two divs under the tabs. THe records facet broke that assumption. THis fixes it
* Move undo button next to selected radio button.Endi S. Dewata2011-01-061-15/+40
|
* Fixed tooltips in SUDO details page.Endi S. Dewata2011-01-063-27/+123
| | | | | | The title attribute in various HTML elements in SUDO details page has been set to show the proper tooltips. Most of the values are taken from the 'doc' attribute of sudorule parameters.
* remove list headerAdam Young2011-01-061-4/+0
|
* action panel styleAdam Young2011-01-062-99/+110
| | | | | | | | make clickable links blue change spacing to keep headers from wrapping convert most px values to em, to support scaling indent action controls and place them under the active facet set default font size to 11px
* fixed typo for description usage example ↵Jr Aquino2011-01-061-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/704
* Handle error messages during Host operationsMartin Kosek2011-01-061-2/+9
| | | | | | | | | | Only a generic error message were displayed when a non-existing host was passed to host-del or host-disable operations. This patch adds catching these generic exceptions and raising new exceptions with the correct error message. https://fedorahosted.org/freeipa/ticket/303
* Include some directories in spec fileJan Zeleny2011-01-061-0/+2
| | | | | | | | Two directories were left out from package file list: ..../site-packages/ipalib ..../site-packages/ipaserver http://fedorahosted.org/freeipa/ticket/688
* Use AJAX status text as default error message.Endi S. Dewata2011-01-051-11/+15
| | | | | The ipa_cmd() error handler has been updated to use AJAX status text as the default error message.
* Translate IA5Str paramaters the editable text fields in the webUI.Pavel Zuna2011-01-051-0/+1
| | | | Fix #684
* add missing files in rpmAdam Young2011-01-055-2/+8
| | | | Fonts, header images, and json.js
* remove UID fieldAdam Young2011-01-051-1/+1
| | | | we are only doing global policy on the krbtpolicy page
* Make it impossible to add an object as a member of itself in webUI.Pavel Zuna2011-01-051-1/+4
| | | | Ticket #700
* fix krbtpolicy updateAdam Young2011-01-052-4/+8
| | | | krbtpolicy requires null pkey, and without it, update breaks.
* fixes CA install problem in trac ticket 682John Dennis2011-01-051-18/+24
| | | | | | Do not call status after pkisilent, it will return non-zero. Instead restart server after pkisilent so configuration changes take effect, the check the status.
* Support for external SUDO users and hosts.Endi S. Dewata2011-01-052-26/+54
| | | | | | | | | | | The SUDO details page has been modified to support external users and hosts. In the backend, the internal and external users are kept in separate attributes, but in the UI they will be displayed as a single list. The same thing is done for hosts. The ipa_sudorule_association_adder_dialog() has been modified such that it only displays the external field if there is an external attribute for that field.
* SUDO run-as adjustments.Endi S. Dewata2011-01-052-25/+31
| | | | | The SUDO details page has been modified to match the attribute names for run-as attributes.
* Fixed SUDO dialog boxes.Endi Sukma Dewata2011-01-053-3/+100
| | | | | The dialog boxes for SUDO details page have been modified to generate the HTML code by default.
* posix checked check box for posix groups selected by defaultAdam Young2011-01-052-4/+9
|
* metadata updateAdam Young2011-01-055-1230/+2024
|
* user associationsAdam Young2011-01-041-1/+1
| | | | user assocaitions had been removed. This adds them back in.
* Improvements to enrollments in the webUI.Pavel Zuna2011-01-045-33/+124
| | | | | | | | | | | | TAKE 1 - Enrollement links in the action panel are now sorted by relationships. - You can only enroll members. (The webUI made the impression you can enroll parents as well, but it was broken.) - When enrolling new members, you can choose not to display already enrolled ones. (On by default.) - Couple cosmetic changes.
* Improve filtering of enrollments search results.Pavel Zuna2011-01-046-13/+68
| | | | | | | | | | | | | | | | | | | | | | This is required for effective filtering of enrollments search results in the webUI and also gives an edge to the CLI. After this patch, each LDAPObject can define its relationships to other LDAPObjects. For now, this is used only for filtering search results by enrollments, but there are probably more benefits to come. You can do this for example: # search for all users not enrolled in group admins ipa user-find --not-in-groups=admins # search for all groups not enrolled in group global with user Pavel ipa group-find --users=Pavel --not-in-groups=global # more examples: ipa group-find --users=Pavel,Jakub --no-users=Honza ipa hostgroup-find --hosts=webui.pzuna
* Don't use Class of Service for account activation, use attribute.Rob Crittenden2011-01-043-86/+5
| | | | | | | | | | To support group-based account disablement we created a Class of Service where group membership controlled whether an account was active or not. Since we aren't doing group-based account locking drop that and use nsaccountlock directly. ticket 568
* Make sure that the messagebus service is started.Rob Crittenden2011-01-041-0/+2
| | | | | | | This will prevent certmonger failures. On very minimal installs it seems that messagebus is not always started. ticket 528
* Remove unnecessary options from host-del.Rob Crittenden2011-01-041-1/+1
| | | | | | For some reason it was inheriting LDAPCreate.options... ticket 652
* Don't allow a user's uid to be set to 0.Rob Crittenden2011-01-041-0/+1
| | | | ticket 578
generated by cgit (git 2.34.1) at 2024-07-01 05:19:23 +0000