summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* idviews uiviews_uiPetr Vobornik2014-09-154-2/+439
|
* webui: allow to skip link widget link validationPetr Vobornik2014-09-121-3/+16
|
* webui: do not show internal facet name to userPetr Vobornik2014-09-121-1/+0
|
* webui: link to an host from a servicePetr Vobornik2014-09-121-1/+2
|
* webui: treat value as pkey in link widgetPetr Vobornik2014-09-121-3/+5
| | | | | | | | Current default mechanism of a link widget assumes that pkeys of a current facet are pkeys for the link. It works for the only usage - in password policy. It's rather inflexible since it can't be used if the keys are in other attribute. This behavior is also bad in nested entities - creates a link to itself which is pointless. This patch changes the default behavior to assume that the supplied value are the pkeys and that the last pkey is the value to display. It also keeps the old method of overriding `other_pkeys` method so if the last and only pkey is the actual value to display then the method can tranform it into the pkeys which keeps compatibility with descendant widgets (`host_dnsrecord_entity_link_widget`, `dnsrecord_host_link_widget`).
* webui: improve breadcrumb navigationPetr Vobornik2014-09-121-15/+29
| | | | | | | | | | | Fixes issue when: - user navigates to a nested facet - refreshes browser - uses breadcrumb navigation to go to parent entity page which requires a pkey. E.g. from automount keys to maps. The old code relies on the facet, that user visited the parent facet before and therefore the facet has pkey stored. It fails after the browser reload. Allows to specify a containing_facet. It allows breadcrumb navigation to return to a different facet than the 'default'.
* idviews: Resolve anchors to object names in idview-showTomas Babej2014-09-111-115/+132
|
* idviews: Do not set ipaanchoruuid from when modifyingTomas Babej2014-09-111-5/+0
|
* idviews: Raise NotFound errors if object to override could not be foundTomas Babej2014-09-111-0/+11
|
* idviews: Change format of IPA anchor to include domainTomas Babej2014-09-111-2/+14
|
* idviews: Update xmlrpc tests for idviews pluginTomas Babej2014-09-112-353/+366
|
* idviews: Update API.txt and ACI.txtTomas Babej2014-09-112-14/+82
|
* idviews: Alter idoverride methods to work with splitted objectsTomas Babej2014-09-111-39/+27
|
* idviews: Do not set idoverride objectclass dynamicallyTomas Babej2014-09-111-89/+0
|
* idviews: Split the idoverride commands into iduseroverride and idgroupoverrideTomas Babej2014-09-111-10/+65
|
* idviews: Split the idoverride object into iduseroverride and idgroupoverrideTomas Babej2014-09-111-54/+102
|
* idviews: Support specifying object names instead of raw anchors onlyTomas Babej2014-09-112-0/+123
|
* trusts: Add conversion from SID to object nameTomas Babej2014-09-041-0/+49
|
* idviews: Enforce overriding of at least one attribute in idoverrideTomas Babej2014-09-041-0/+11
|
* ipatests: Add xmlrpc tests for idviews pluginTomas Babej2014-09-042-0/+1229
|
* ipalib: host_del: Extend LDAPDelete's takes_options instead of overridingTomas Babej2014-09-042-5/+2
| | | | | | | | | The host-del command did not accept --continue option, since the takes_options was overriden and did not take the options from LDAPDelete. Fix the behaviour. https://fedorahosted.org/freeipa/ticket/4473
* idviews: Extend idview-show command to display assigned idoverrides and hostsTomas Babej2014-09-042-2/+87
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add ipa idview-apply and idview-unapply commandsTomas Babej2014-09-042-3/+198
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* hostgroup: Selected PEP8 fixes for the hostgroup pluginTomas Babej2014-09-041-11/+4
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* hostgroup: Remove redundant and star importsTomas Babej2014-09-041-2/+5
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* hostgroup: Add helper that returns all members of a hostgroupTomas Babej2014-09-041-0/+8
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Set proper objectclass for the ID override objectsTomas Babej2014-09-041-1/+88
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idvies: Add managed permissions for idview and idoverride objectsTomas Babej2014-09-042-0/+27
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Create basic idview plugin structureTomas Babej2014-09-042-0/+331
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* ipalib: PEP8 fixes for host pluginTomas Babej2014-09-041-16/+21
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* ipalib: Remove redundant and star imports from host pluginTomas Babej2014-09-041-8/+8
| | | | | | Also fixes incorrect error catching for UnicodeDecodeError. Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add ipaAssignedIDVIew reference to the host objectTomas Babej2014-09-043-8/+14
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Create container for ID views under cn=accountsTomas Babej2014-09-043-0/+6
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3979
* idviews: Add necessary schema for the ID viewsTomas Babej2014-09-045-1/+11
|
* baseldap: Fix undefined variable reference in LDAPAddReverseMember and ↵Tomas Babej2014-09-041-26/+18
| | | | LDAPRemoveReverseMember
* Normalize external CA cert before passing it to pkispawnJan Cholasta2014-09-041-2/+12
| | | | | | https://fedorahosted.org/freeipa/ticket/4019 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Add record(s) to /etc/host when IPA is configured as DNS server.David Kupka2014-09-031-1/+1
| | | | | | | | | | This is to avoid chicken-egg problem when directory server fails to start without resolvable hostname and named fails to provide hostname without directory server. https://fedorahosted.org/freeipa/ticket/4220 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Ensure ipaUserAuthTypeClass when needed on user creationNathaniel McCallum2014-09-031-13/+11
| | | | | | | | | Also, remove the attempt to load the objectClasses when absent. This never makes sense during an add operation. https://fedorahosted.org/freeipa/ticket/4455 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* permission plugin: Improve description of the target optionPetr Viktorin2014-09-031-1/+3
| | | | | | https://fedorahosted.org/freeipa/ticket/4521 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* permission plugin: Make --target available in the CLIPetr Viktorin2014-09-031-1/+0
| | | | | | | This was left out by mistake when permissions were refactored. The API is already tested. https://fedorahosted.org/freeipa/ticket/4522
* freeipa.spec.in: Add python-backports-ssl_match_hostname to BuildRequiresPetr Viktorin2014-09-021-0/+1
| | | | | | | | | | This patch adds an explicit build dependency to python-backports-ssl_match_hostname. Without it, the build-time lint would fail. https://fedorahosted.org/freeipa/ticket/4515 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* CLIENT: Explicitly require python-backports-ssl_match_hostnameJakub Hrozek2014-09-021-0/+1
| | | | | | | | | | | | | | Without python-backports-ssl_match_hostname installed, an ipa-client installation could have failed with: from backports.ssl_match_hostname import match_hostname ImportError: No module named ssl_match_hostname This patch adds an explicit dependency to python-backports-ssl_match_hostname. https://fedorahosted.org/freeipa/ticket/4515 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Allow changing CA renewal master in ipa-csreplica-manage.Jan Cholasta2014-09-022-9/+33
| | | | | | https://fedorahosted.org/freeipa/ticket/4039 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* pwpolicy-add: Added better error handlingThorsten Scherf2014-09-021-1/+6
| | | | | | | | | Make error message more meaningful when a password policy is added for a non existing group. https://fedorahosted.org/freeipa/ticket/4334 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* ipaserver/dcerpc.py: Make sure trust is established only to forest root domainAlexander Bokovoy2014-09-012-0/+22
| | | | | | Part of https://fedorahosted.org/freeipa/ticket/4463 Reviewed-By: Sumit Bose <sbose@redhat.com>
* ipaserver/dcerpc.py: be more open to what domains can be seen through the ↵Alexander Bokovoy2014-09-011-1/+1
| | | | | | | | forest trust https://fedorahosted.org/freeipa/ticket/4463 Reviewed-By: Sumit Bose <sbose@redhat.com>
* ipaserver/dcerpc.py: Avoid hitting issue with transitive trusts on Windows ↵Alexander Bokovoy2014-09-011-3/+10
| | | | | | | | Server prior to 2012 http://msdn.microsoft.com/en-us/library/2a769a08-e023-459f-aebe-4fb3f595c0b7#id83 Reviewed-By: Sumit Bose <sbose@redhat.com>
* ipaserver/dcerpc.py: make PDC discovery more robustAlexander Bokovoy2014-09-011-5/+16
| | | | | | | | | | Certain operations against AD domain controller can only be done if its FSMO role is primary domain controller. We need to use writable DC and PDC when creating trust and updating name suffix routing information. https://fedorahosted.org/freeipa/ticket/4479 Reviewed-By: Sumit Bose <sbose@redhat.com>
* ipaserver/dcerpc.py: if search of a closest GC failed, try to find any GCAlexander Bokovoy2014-09-011-1/+5
| | | | | | https://fedorahosted.org/freeipa/ticket/4458 Reviewed-By: Sumit Bose <sbose@redhat.com>
* User Life Cycle: DNA scopes full SUFFIXThierry bordaz (tbordaz)2014-09-011-3/+1
| | | | | | | | | | | In patch 0001-3, the DNA plugins configuration was changed to scope only 'cn=accounts,SUFFIX' This part of the fix was invalid as trust domain object (that need uid/gid allocation) are under 'cn=trust,SUFFIX'. Revert that part of the fix. Waiting on https://fedorahosted.org/389/ticket/47828, to exclude provisioning contains https://fedorahosted.org/freeipa/ticket/3813 Reviewed-By: Martin Kosek <mkosek@redhat.com>
generated by cgit (git 2.34.1) at 2025-08-31 11:45:12 +0000