summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Populate indirect members when showing a group object.Rob Crittenden2010-10-2815-138/+557
| | | | | | | | | | | | | | | This is done by creating a new attribute, memberindirect, to hold this indirect membership. The new function get_members() can return all members or just indirect or direct. We are only using it to retrieve indirect members currently. This also: * Moves all member display attributes into baseldap.py to reduce duplication * Adds netgroup nesting * Use a unique object name in hbacsvc and hbacsvcgroup ticket 296
* Retrieve Get Effective Rights output with LDAPRetrieveRob Crittenden2010-10-281-0/+18
| | | | | | | The output is a pure python dict so is really only useful when used with --all so it is required. Updated to return a string for rights as opposed to a list. Terser, reducing the wire size by a factor of 3.5
* Dialog boxes for AJAX, HTTP, and IPA errors.Endi S. Dewata2010-10-285-30/+56
| | | | | | | The ipa_cmd() has been modified to identity the type of the error it has received and display the error using the right dialog box. The dialog box can be customized further to display the appropriate amount of information for each type of error.
* Framework for custom UIEndi S. Dewata2010-10-2823-758/+1409
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces a new framework for implementing custom UI. It consists of the following classes: Main: - IPA: global namespace and object repository - ipa_entity: base class for entities - ipa_facet: base class for facets Add dialog: - ipa_add_dialog: default add dialog - ipa_add_field: the fields used in the dialog Search facet: - ipa_search_facet: default search facet - ipa_search_column: the columns in the search result Details facet: - ipa_details_facet: default details facet - ipa_details_section: the sections in the details facet - ipa_details_field: the fields in the details facet Association facet: - ipa_association_facet: default association facet - ipa_association_config: the association configurations To use this framework, create a class extending the ipa_entity (e.g. ipa_hbac). Use the create_* methods to create add dialog, search facet, details facet, and association facet. The fields/columns for the dialog and facets can be specified using the init() function. Custom UI can be defined by overwriting the base methods (e.g. setup, save, load). The entity must be added into the repository using IPA.add_entity(). The original ipa_entity_setup() has been generalized by moving facet- specific codes into the corresponding facet. Some facet names are still hard-coded. This will be fixed in follow-up patches. Some global variables have been removed because their function has been replaced by the object repository: - ipa_entity_add_list - ipa_entity_search_list - ipa_entity_details_list - window_hash_cache Some functions and variables have been moved into IPA namespace: - ipa_json_url -> IPA.json_url - ipa_use_static_files -> IPA.use_static_files - ipa_ajax_options -> IPA.ajax_options - ipa_objs -> IPA.metadata - ipa_messages -> IPA.messages - ipa_dialog -> IPA.error_dialog - ipa_init() -> IPA.init() Initially the HBAC and Service entities have been rewritten to use the new framework. The DNS is partially converted, the ipa_records_facet is used to define custom records facet. Other entities can still work using the old framework. The old framework has been modified to be a wrapper for the new framework. Eventually all entities will be converted to use the new framework. Some unit tests have been modified to use the new framework.
* Allow RDN changes for users, groups, rolegroups and taskgroups.Rob Crittenden2010-10-2811-0/+196
| | | | | | | | | | | | To do a change right now you have to perform a setattr like: ipa user-mod --setattr uid=newuser olduser The RDN change is performed before the rest of the mods. If the RDN change is the only change done then the EmptyModlist that update_entry() throws is ignored. ticket 323
* Add LDAPObject setting to handle different attributes for RDN and PKEY.Pavel Zuna2010-10-284-64/+48
|
* UUIDs: remove uuid python plugin and let DS always autogenerateSimo Sorce2010-10-2813-602/+25
| | | | merge in remove uuid
* ipa_uuid: prevent false positives on modifiesSimo Sorce2010-10-281-0/+14
| | | | | | | If a modify operation does not specify our attribute then we need to short circuit the loop, otherwise on enforcing we will return an error by mistake if we are not Directory Manager because generate is false if the attr is not found.
* ipa_uuid: Handle generation of the uuid when it is a RDNSimo Sorce2010-10-281-10/+50
|
* ipa-uuid: Add enforce modeSimo Sorce2010-10-281-0/+23
| | | | | | | By setting the enforce flag in the configuration we prevent anyone from storing arbitrary values and allow only Directory Manager to override the plugin. Users can only set the value to the magic value (usually 0) to have the uuid regenerated, and nothing else.
* ipa-uuid: Code cleanupsSimo Sorce2010-10-281-165/+162
| | | | | | Remove one level of indentation from the main function by jumping to the end immediately if the configuration list is empty. Other minor style cleanups.
* ipa-uuid: safer unlock handlingSimo Sorce2010-10-281-2/+6
| | | | | This allows the code in the for loop to error out without worrying of forgetting to unlock the config entries.
* ipa-uuid: Reset generate flag at every cycleSimo Sorce2010-10-281-1/+3
| | | | | Avoid false positives if more than one uuid attribute is generated in the same entry.
* ipa-uuid: Remove unused functionsSimo Sorce2010-10-281-119/+0
|
* ipa-modrdn: Remove unused functionsSimo Sorce2010-10-281-146/+0
|
* ipa-modrdn: Enable plugin to handle krbPrincipalName on renamesSimo Sorce2010-10-283-0/+17
|
* Add new plugin used to modify related attributes after a modrdn operation.Simo Sorce2010-10-286-0/+1052
|
* Field Errors Uses the pattern field of the metat data to see if the input ↵Adam Young2010-10-282-9/+26
| | | | | | for a given field is valid. If not, displays a red box with the contents of pattern_msg To test this, I artificially modified the meta data for the Group description field
* association headerAdam Young2010-10-261-1/+4
| | | | header was missing on the association pages.
* Error out when configure finds missing dependenciesRob Crittenden2010-10-262-6/+7
| | | | ticket 315
* Change SUDO command attr to be case sensitiveRob Crittenden2010-10-261-4/+6
| | | | | | * Fixed comments * Added attribute * Fixed objectclass
* whoami goodbyeAdam Young2010-10-261-41/+0
| | | | Removing the whoami plugin, as it has been wrapped up into the user plugin
* dns workAdam Young2010-10-252-80/+509
| | | | | | | | without the details change including changes from Reviewboard https://fedorahosted.org/reviewboard/r/96/ Fixed pages that use unspecified (krb ticket policy, config) Facet name comes out of the facet, not hard coded.
* find_entries paramAdam Young2010-10-251-3/+1
| | | | | | Fixes a bug where find_entries was not passed a parameter for filter. Instead of fixing the call point, this patch adds a defaulty value for the parameter, so that they can all be passed by name.
* sample data for DNSAdam Young2010-10-252-201/+448
|
* remove rule for inc files.Adam Young2010-10-251-1/+0
|
* Fix two failing tests.Rob Crittenden2010-10-222-1/+10
| | | | | | The first test is a mismatch in the sample output of an exception. The second test adds certificate information output to the service plugin.
* Grant /usr/sbin/ipa_kpasswd "name_bind" access.Rob Crittenden2010-10-222-1/+11
| | | | | | | Requires selinux-policy-3.6.32-123 on F12 Requires selinux-policy-3.7.19-40 on F13 ticket 73
* Disallow writes on serverHostName and memberOfRob Crittenden2010-10-221-2/+1
| | | | | | | | | | | | | | serverHostName because this is tied to the FQDN so should only be changed on a host rename (which we don't do). memberOf because the plugin should do this. Directly manging this attribute would be pretty dangerous and confusing. Also remove a redundant aci granting the admins group write access to users and groups. They have it with through the "admins can modify any entry" aci. tickets 300, 304
* Set default encoding to utf-8, use unicode when printing output.Rob Crittenden2010-10-221-4/+5
| | | | | | The Gettext() object only does the lookup when you print it as a unicode. ticket 308
* Add default python encoding module to reset default from ascii to utf-8Rob Crittenden2010-10-225-3/+142
| | | | Also clean up some duplicate files in the rpm for the UI.
* Add fail-safe defaults to time and size limits in ldap2 searches.Pavel Zuna2010-10-221-5/+11
|
* Multivalue fixesAdam Young2010-10-221-13/+32
| | | | | Strikethrough is now a toggle undo resets value to blank for new entries.
* ipa-uuid: enable plugin in IPASimo Sorce2010-10-223-0/+16
|
* ipa-uuid: DNA-like plugin that generates uuidsSimo Sorce2010-10-226-0/+1311
|
* Handle cases where ntpd options are scattered on multiple linesSimo Sorce2010-10-221-29/+33
|
* Add flag to group-find to only search on private groups.Pavel Zuna2010-10-203-6/+111
| | | | ticket #251
* password dialogAdam Young2010-10-203-7/+90
| | | | | added a modal dialog for resetting the password. Made the whoami varaible global, as anything dependant on the principal will require access to it.
* Host certificate managementEndi S. Dewata2010-10-2016-286/+549
| | | | | | | | | | | | | | | The service certificate management UI has been generalized and moved into certificate.js. The host details page is now using the same code to manage certificates. The host.py has been modified to return host certificate info. The Get/Revoke/View buttons behavior has been modified such that they are visible only if there is a valid certificate. The Get dialog box has been fixed to show the correct certificate header and footer. The ipa.css has been modified to store the style of the status bullets. New unit tests for certificate has been added. The test data has been modified to include sample host certificate.
* Remove size limits.Adam Young2010-10-192-4/+2
| | | | Now use the system wide settings instead of hardcoded size limits.
* removing iconsAdam Young2010-10-1935-35/+7
| | | | | We'll later replace them with a new scheme. For now, this is the simplest UI The intention is to look unfinished, so people don't comment on how poor it looks.
* Default search limit to 100Adam Young2010-10-191-1/+1
|
* Update Ukrainian (uk.po) translationJohn Dennis2010-10-191-230/+235
|
* Fix _merge_from_file testRob Crittenden2010-10-181-1/+1
|
* Fix problem testing for mutual exclusivity in hbac plugin.Rob Crittenden2010-10-181-8/+16
| | | | This should fix the hbac tests.
* Disallow RDN change and single-value bypass using setattr/addattr.Pavel Zuna2010-10-184-18/+79
| | | | | | | | | | | When setting or adding an attribute wiht setatt/addattr check to see if there is a Param for the attribute and enforce the multi-value. If there is no Param check the LDAP schema for SINGLE-VALUE. Catch RDN mods and try to return a more reasonable error message. Ticket #230 Ticket #246
* Service certificate status.Endi Sukma Dewata2010-10-185-186/+249
| | | | | | | | | | | | | | | The service details page has been modified to show certificate status using bullets. It will also show the revocation reason, and display the restore button only if the certificate is on hold. The buttons action handlers have been moved into service_usercertificate_load() so they can update the bullets. A test data file for cert-show operation has been added. Other test data files containing certificate info has been updated for consistency. The certificate_confirmation_dialog() has been removed because it's no longer used.
* ntpdinstance: Do not replace the config files, just add needed optionsSimo Sorce2010-10-184-79/+86
|
* Ignore useless stuff by defaultSimo Sorce2010-10-181-0/+71
|
* dsinstance: Fix ldappasswd invocation to specify the server nameSimo Sorce2010-10-181-1/+1
| | | | | Apparently on some machines if this is not done SSL validation will fail. Fixes bug #394
generated by cgit (git 2.34.1) at 2024-06-04 10:07:50 +0000