summaryrefslogtreecommitdiffstats
path: root/install
Commit message (Collapse)AuthorAgeFilesLines
* Fix test.po errors in make testSimo Sorce2010-11-151-0/+1
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/401
* Push associate buttons to the action-panelAdam Young2010-11-151-2/+2
|
* buttons to action panelAdam Young2010-11-145-26/+32
|
* super to superiorAdam Young2010-11-1412-190/+81
|
* more css cleanup remove quick links css very close to specsAdam Young2010-11-1410-102/+63
|
* layoutAdam Young2010-11-1411-36/+95
| | | | | | Closer to the layout from the spec The facets have been moved to the action panel, to the left of the page the facets are now rendered in an area of the screen with a client class
* Use a different user for dogtag DS instanceRob Crittenden2010-11-121-1/+8
| | | | | | Also shut down all services before starting uninstall. ticket 349
* Increase # of chars in users and groups to 255 and default username to 32.Rob Crittenden2010-11-121-1/+1
| | | | ticket 434
* Added in the effective rightsEndi Sukma Dewata2010-11-114-1/+82
|
* HBAC Service GroupsEndi S. Dewata2010-11-118-105/+285
| | | | | | | | The HBAC Service Groups search, details, and association pages have been added under the HBAC tab. New test data files for HBAC Service Groups have been added. The sample metadata has been updated as well.
* HBAC ServicesEndi S. Dewata2010-11-1118-1012/+1507
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The HBAC Service search and details pages have been added under the HBAC tab. This requires some changes to the framework. Currently the navigation framework doesn't support multiple entities under one tab. As a temporary solution, an 'entity' URL parameter is used to determine the entity to be displayed. This parameter is now only used by HBAC tab, but its use might be expanded later. The navigation framework needs be redesigned to provide more flexibility. The search page in all entities except DNS records have been changed to use the ipa_search_widget. The Select/Unselect All checbox and Delete button now work correctly and consistently. The Add dialog has been enhanced to render and work in a more consistent way while still supporting custom widgets & layouts. For the search page, the Add button will refresh the search results and clear the fields in the dialog box. The framework now provides some extension points which can be overriden by the subclasses: - init(): for initialization and configuration - create(): for creating the layout dynamically or from template - setup(): for setting the look and feel - load(): for loading the data Entity and facet initialization is now done after IPA.init(). This is to ensure the metadata is loaded first so the entities and facets can use localized messages/labels/titles. The group entity has been partially converted to use the new framework. The unit tests have been updated accordingly.
* HBAC Service & Service Group test dataEndi Sukma Dewata2010-11-118-0/+138
|
* Remove some more mod_python referencesJakub Hrozek2010-11-102-22/+1
|
* Label cleanup Also, addeed in the default shell field.Adam Young2010-11-101-13/+13
|
* Use strongest keytype for master keySimo Sorce2010-11-091-1/+1
|
* Fix NotFound exception in ipa-nis-manage.Rob Crittenden2010-11-091-2/+4
| | | | | | | | The signature of ldap2.get_entry() changed so normalize wasn't being handled properly so the basedn was always being appended causing our entry in cn=config to be not found. ticket 414
* Add some examples to ipa-replica-install.1Rob Crittenden2010-11-091-18/+39
| | | | ticket 290
* Rename 60sudo.ldif to 60ipasudo.ldif to not overwrite the 389-ds version.Rob Crittenden2010-11-092-1/+1
| | | | | | This meant that the compat sudo schema was not available. ticket 439
* Log script options to logfileJakub Hrozek2010-11-094-23/+35
| | | | | | | | Uses a new subclass IPAOptionParser in scripts instead of OptionParser from the standard python library. IPAOptionParser uses its own IPAOption class to store options, which adds a new 'sensitive' attribute. https://fedorahosted.org/freeipa/ticket/393
* Rewrite the migration page using WSGIJakub Hrozek2010-11-094-13/+41
|
* Renamed button.delete to button.remove in json_metadata.json.Endi Sukma Dewata2010-11-091-1/+1
|
* Renamed button.deletes to button.remove.Endi Sukma Dewata2010-11-091-1/+1
|
* delete to remove THe keyword delete is reserved in Javascript Using it ↵Adam Young2010-11-093-5/+5
| | | | breaks the WebUI on Chrome. This fixes replaces the word with delete.
* link indications we had removed the decorations from links for previous ui ↵Adam Young2010-11-091-9/+0
| | | | approaches It is not long relevant, and hides the hyperlink underline in places where we want it to show
* Disable Enable userAdam Young2010-11-083-79/+63
| | | | | | | | | | | | | UI updated to use the enable and disable methods, and to correctly report them Implementation has a few shortcomings: 1. Status is displayed in Browser alert dialog, not JQueryUI themed 2. Upon completion of RPC, navigate back to the Search page. Still, this is much less broken than before. With whitespace cleanup, using toLowerCase for testing true and removde dual declaration of variables
* sample data with rights and lock valueAdam Young2010-11-082-18/+357
|
* HBAC Access TimeEndi S. Dewata2010-11-088-264/+575
| | | | | | | | | | | | | | | | | | | | | | | | | | | IPA commands now can be defined in these classes: - ipa_command: a single IPA command - ipa_batch_command: a batch command for executing multiple commands on the server side using the new batch plugin The dialog boxes for adding and removing entries have been refactored: - ipa_dialog: base class for dialog boxes - ipa_adder_dialog: generic adder dialog box - ipa_deleter_dialog: generic deleter dialog box - ipa_association_adder_dialog: adding entity association - ipa_association_deleter_dialog: removing entity association Dialog boxes for adding/deleting HBAC users, hosts, services, and sourcehosts are implemented using the association dialog boxes. The dialog box for adding access time is implemented using ipa_dialog and currently contains only a text field. This will be replaced with a custom dialog box in a separate patch. The dialog box for removing access time is implemented using the generic deleter class because it's not an association. Removing multiple access times is implemented using batch operations. New test data files for access times have been added.
* Remove ipa-fix-CVE-2008-3274, it isn't needed any more.Rob Crittenden2010-11-082-534/+0
| | | | ticket 331
* Add additional default HBAC login servicesRob Crittenden2010-11-081-0/+21
| | | | ticket 307
* Ticket ExpirationAdam Young2010-11-082-12/+21
| | | | | | | | THis patch handles Kerberos ticket expiration in the UI. Additionally it removes the mod_atuh_kerb authorization for elements in the static directory, cutting down on the number of round trips required for initializing the web app Conflicts: install/static/ipa.js
* Clear fields after addAdam Young2010-11-081-4/+7
| | | | | This version corrects an error in the oriogianl patch cause by matching the wrong opening brace
* rights checkAdam Young2010-11-053-23/+99
| | | | | | if the field does not have a 'w' for writable in its rights, disable it. Merged with the HBAC/Widget changes add and remove links are managed via permissions now
* Merge branch 'master' of ssh://rcritten@git.fedorahosted.org/git/freeipaRob Crittenden2010-11-0433-757/+2436
|\
| * HBAC Details PageEndi S. Dewata2010-11-0433-757/+2436
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The UI framework has been extended to include a collection of widgets: - ipa_widget: base class - ipa_text_widget: text field - ipa_radio_widget: radio button - ipa_textarea_widget: textarea - ipa_button_widget: button - ipa_column_widget: column for table - ipa_table_widget: table These widgets can be used to create input controls. They can also be extended to create custom controls. The framework has also been enhanced to support custom layouts. This can be used to change the look of the application without changing the code. Initially this is only available in details section. Layout consists of a collection of HTML templates. Each template is a complete and valid HTML file representing a portion of a page. The template will be loaded and initialized by the code, then filled with the data from the server. The layouts are located in install/static/layouts/<name> folder. By default, if no templates are used, the fields in the details page are rendered vertically using dd/dt/dd tags. For pages that require different layout, a custom UI needs to be developed. There are two ways to do that: - write a custom widget to generate the UI dynamically - create an HTML template and write the initialization code For components that are quite complex or used frequently, it's might be better to use the first method. For simple pages that are used only in one location or need to support customization, the second method might be preferable. Other benefits of templates: - cleaner code and UI separation - more flexibility in customization - new pages can be developed quickly and require less coding - multiple templates can be used with the same initialization code - easier to maintain The HBAC details page has been implemented using both methods. By default it will use custom widgets to generate the page. To use a custom layout, add the following parameter to the URL, then reload the page: &layout=<name> Currently the only available layout is 'default' which produces the same look as the custom widgets. The HBAC details page is usable, but it still needs additional work. The access time is not working yet. There is no undo button, hint, or validation yet. The table in the association facet has also been changed to use ipa_association_widget which is derived from ipa_table_widget. The Makefile has been updated to include the layouts. The unit tests have been updated as well.
* | add support for hostCategory and userCategoryNalin Dahyabhai2010-11-042-2/+2
|/
* Remove hardcoded domain value and replace with $SUFFIXRob Crittenden2010-11-041-3/+3
|
* Use correct attribute name, nshostlocation, not location.Rob Crittenden2010-11-031-1/+1
|
* Merge branch 'master' of ssh://rcritten@git.fedorahosted.org/git/freeipaRob Crittenden2010-11-0316-111/+702
|\
| * jslint cleanupAdam Young2010-11-031-82/+74
| |
| * HBAC test dataEndi S. Dewata2010-11-0315-29/+628
| |
* | Remove reference to ipa_webguiJan Zeleny2010-11-031-1/+1
|/ | | | | Reference was removed from ipa-server-install(1) man page. Ticket: #330
* Use kerberos password policy.Rob Crittenden2010-11-014-8/+23
| | | | | | | | | | | | | | | | | | | | | | | This lets the KDC count password failures and can lock out accounts for a period of time. This only works for KDC >= 1.8. There currently is no way to unlock a locked account across a replica. MIT Kerberos 1.9 is adding support for doing so. Once that is available unlock will be added. The concept of a "global" password policy has changed. When we were managing the policy using the IPA password plugin it was smart enough to search up the tree looking for a policy. The KDC is not so smart and relies on the krbpwdpolicyreference to find the policy. For this reason every user entry requires this attribute. I've created a new global_policy entry to store the default password policy. All users point at this now. The group policy works the same and can override this setting. As a result the special "GLOBAL" name has been replaced with global_policy. This policy works like any other and is the default if a name is not provided on the command-line. ticket 51
* group_remove_memeber.jsonAdam Young2010-10-291-0/+44
| | | | meta data for testing and developmemt
* delete associationsAdam Young2010-10-296-66/+213
| | | | | | | Uses code very similar to the search code for deleting associations Had to modify how we were configuring for bulk so that the logic for delete matched the logic for enroll Fixed unit test and removed the 'new' from the associator call
* Remove group nesting from the HBAC service groupsRob Crittenden2010-10-281-1/+1
| | | | ticket 389
* pwd-plugin: Always use a special salt by default.Simo Sorce2010-10-281-6/+8
| | | | | | | This should make renamed users able to keep using old credentials as the salt is not derived from the principal name but is always a random quantity. https://fedorahosted.org/freeipa/ticket/412
* Dialog boxes for AJAX, HTTP, and IPA errors.Endi S. Dewata2010-10-285-30/+56
| | | | | | | The ipa_cmd() has been modified to identity the type of the error it has received and display the error using the right dialog box. The dialog box can be customized further to display the appropriate amount of information for each type of error.
* Framework for custom UIEndi S. Dewata2010-10-2823-758/+1409
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces a new framework for implementing custom UI. It consists of the following classes: Main: - IPA: global namespace and object repository - ipa_entity: base class for entities - ipa_facet: base class for facets Add dialog: - ipa_add_dialog: default add dialog - ipa_add_field: the fields used in the dialog Search facet: - ipa_search_facet: default search facet - ipa_search_column: the columns in the search result Details facet: - ipa_details_facet: default details facet - ipa_details_section: the sections in the details facet - ipa_details_field: the fields in the details facet Association facet: - ipa_association_facet: default association facet - ipa_association_config: the association configurations To use this framework, create a class extending the ipa_entity (e.g. ipa_hbac). Use the create_* methods to create add dialog, search facet, details facet, and association facet. The fields/columns for the dialog and facets can be specified using the init() function. Custom UI can be defined by overwriting the base methods (e.g. setup, save, load). The entity must be added into the repository using IPA.add_entity(). The original ipa_entity_setup() has been generalized by moving facet- specific codes into the corresponding facet. Some facet names are still hard-coded. This will be fixed in follow-up patches. Some global variables have been removed because their function has been replaced by the object repository: - ipa_entity_add_list - ipa_entity_search_list - ipa_entity_details_list - window_hash_cache Some functions and variables have been moved into IPA namespace: - ipa_json_url -> IPA.json_url - ipa_use_static_files -> IPA.use_static_files - ipa_ajax_options -> IPA.ajax_options - ipa_objs -> IPA.metadata - ipa_messages -> IPA.messages - ipa_dialog -> IPA.error_dialog - ipa_init() -> IPA.init() Initially the HBAC and Service entities have been rewritten to use the new framework. The DNS is partially converted, the ipa_records_facet is used to define custom records facet. Other entities can still work using the old framework. The old framework has been modified to be a wrapper for the new framework. Eventually all entities will be converted to use the new framework. Some unit tests have been modified to use the new framework.
* UUIDs: remove uuid python plugin and let DS always autogenerateSimo Sorce2010-10-284-11/+14
| | | | merge in remove uuid
* ipa-modrdn: Enable plugin to handle krbPrincipalName on renamesSimo Sorce2010-10-282-0/+12
|
generated by cgit (git 2.34.1) at 2025-09-07 21:50:17 +0000