summaryrefslogtreecommitdiffstats
path: root/install
Commit message (Collapse)AuthorAgeFilesLines
* Multicolumn association facetEndi S. Dewata2010-11-3020-253/+1168
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The association facet has been modified to support multiple columns. By default the facet will have one column which is the primary key of the associated object (e.g. username of a group member), so the existing code will work like before. Other fields (e.g. user's full name) can be added by subclassing the ipa_association_facet class and specifying the additional columns to display. These additional fields will be retrieved using a batch operation. Previously a single association facet instance will be used for all associations in an entity. Now each association will have its own association facet. This way each association facet can be customized differently as needed. The <entity>-enroll URL parameter has been removed because it's no longer needed. The ipa_entity.create_association_facets() is provided to generate the default association facets with one column for the primary key. The column click handler has been moved out of ipa_column to provide more flexibility for customization. The get_action_panel() and get_client_area() have been modified to search within the entity's container. The group entity has been fully converted to use the new UI framework. Association facets that have been modified to use multiple columns are: - User Group's member_user - HBAC Service Group's member_hbacsvc - SUDO Command Group's member_sudocmd - Service's managedby_host New test data files have been added. Unit tests have been updated.
* Reduce the number of attributes a host is allowed to write.Rob Crittenden2010-11-302-4/+8
| | | | | | | | | | The list of attributes that a host bound as itself could write was overly broad. A host can now only update its description, information about itself such as OS release, etc, its certificate, password and keytab. ticket 416
* Create user private groups with a uniqueid.Rob Crittenden2010-11-301-1/+3
| | | | | | | | | | If we don't then we need to add it when a group is detached causing aci issues. I had to move where we create the UPG template until after the DS restart so the schema is available. ticket 542
* Fixed navigation problem with nested entities.Endi S. Dewata2010-11-295-8/+8
| | | | | Replaced _entity with -entity in IPA.tab_state(). Replaced sudo-entity with sudorule-entity.
* top nav index allows links between differnt top level tabs by calculating ↵Adam Young2010-11-294-21/+66
| | | | the index of the top level tab for the target tab. new version creats third level navigation for nested entities, such as SUDO and HBAC
* build tweaks - use automake's foreign mode, avoid creating empty files to ↵Nalin Dahyabhai2010-11-291-1/+1
| | | | satisfy gnu mode - run autoreconf -f to ensure that everything matches
* quote class memberAdam Young2010-11-291-1/+1
| | | | | the class member variable is a reserved keyword in Javascript. This patch fixes a syntax error.
* navigation format UXD guidance to cleanup navigation. adjusts the tab fontAdam Young2010-11-245-15/+18
|
* action panel formattingAdam Young2010-11-248-24/+51
| | | | | Cleans up the indentation of the action panel Puts the sudo and HBAC entries in a consistent order
* Verify the --ip-address option when setting up DNS.Rob Crittenden2010-11-242-1/+3
| | | | | | | | | There was a corner case where the value of --ip-address was never verified if you were also setting up DNS. Added this bit of information to the man page too. ticket 399
* Display user and host membership in netgroups.Rob Crittenden2010-11-241-0/+6
| | | | | | | This uses an enhanced memberof plugin that allows multiple attributes to be configured to create memberOf attributes. tickets 109 and 110
* SUDO Commands and Command GroupsEndi S. Dewata2010-11-2221-31/+776
| | | | | | | | | | | | The SUDO Commands and Command Groups pages have been added under SUDO Rules tab. Similar to HBAC navigation issue, these entities do not have their own tab, so an exception has been added to the navigation code to read sudo-entity parameter to determine the entity being viewed. Fixing this issue will require framework changes. New test data for these operations have been added.
* Fixed action panel queriesEndi S. Dewata2010-11-2212-98/+215
| | | | | | | | | | | | | | | Previously the queries for action panel were done globally. Since each entity container has its own action panel, the queries will return multiple results. This is fixed by qualifying the query to run within the entity container. The query has also been moved into ipa_facet.get_action_panel(). Entities that do not have their own entity container (e.g. HBAC services and service groups) will need to override this method to get the action panel from the right entity container (e.g. HBAC rules). The facet.setup_views() has been renamed to facet.create_action_panel(). New test data for SUDO rules have been added.
* Autotune directory server to use a greater number of filesSimo Sorce2010-11-222-0/+9
| | | | | | | | This changes the system limits for the dirsrv user as well as configuring DS to allow by default 8192 max files and 64 reserved files (for replication indexes, etc..). Fixes: https://fedorahosted.org/freeipa/ticket/464
* id ranges: change DNA configurationSimo Sorce2010-11-228-55/+49
| | | | | | | | | | | | | Change the way we specify the id ranges to force uid and gid ranges to always be the same. Add option to specify a maximum id. Change DNA configuration to use shared ranges so that masters and replicas can actually share the same overall range in a safe way. Configure replicas so that their default range is depleted. This will force them to fetch a range portion from the master on the first install. fixes: https://fedorahosted.org/freeipa/ticket/198
* Ensure that Apache is running with MPM=PreforkJan Zeleny2010-11-221-1/+5
| | | | | | | Script wsgi.py checks if Apache is compiled with MPM=Prefork and if not, it refuses to run. https://fedorahosted.org/freeipa/ticket/252
* Use sys.exit to quit scriptsJakub Hrozek2010-11-225-48/+27
| | | | | | | Instead of print and return, use sys.exit() to quit scripts with an error message and a non zero return code. https://fedorahosted.org/freeipa/ticket/425
* Multivalued email addressEndi S. Dewata2010-11-202-2/+2
|
* Automatically disable pkinit when not supportedSimo Sorce2010-11-191-0/+4
|
* Log interactive options in install scriptsJakub Hrozek2010-11-192-0/+10
|
* Give a detached group a full set of group objectclasses.Rob Crittenden2010-11-191-1/+1
| | | | | | | The UUID plugin handles adding ipaUniqueId for us as well as the access control for it. ticket 250
* Use radio buttons for HBAC rule typeEndi S. Dewata2010-11-192-3/+35
| | | | | To be consistent with the details page, the rule type in the HBAC add dialog box has been converted into radio buttons.
* Host Enrollment via OTPEndi S. Dewata2010-11-199-114/+421
| | | | | | | | | | | | | The support for host enrollment via one-time-password has been added. When submitted, the OTP will be used to set the host's userpassword. Previously each IPA command can only have one JSON test data file. The ipa_cmd() has been modifies to accept an optional command name. When used with static files, it will pull the test data whose name is the same as the command name. The batch.json has been renamed to ipa_init.json for UI initialization. Some test data have been added for operations against specific hosts.
* Sample data for service provisioningEndi S. Dewata2010-11-191-3/+47
|
* tab widthAdam Young2010-11-191-8/+5
| | | | fixes the spacing and width for the top and second row of tabs
* SUDO Rule Search and Details PagesEndi S. Dewata2010-11-1924-548/+1028
| | | | | | | | | | | | | | | | | | | | The search and details pages for SUDO Rule have been added. Codes that are shared with HBAC have been moved to rule.js. The following methods were renamed for consistency: - ipa_details_load() -> ipa_details_refresh() - ipa_details_display() -> ipa_details_load() The ipa_details_cache has been removed because the cache is now stored in each widget. The index.xhtml has been removed. All references to it has been changed to index.html. The Unselect All checkbox has been fixed. Unnecessary parameter 'container' has been removed. The unit test has been updated and new test data has been added.
* Add managedby to Host entriesRob Crittenden2010-11-191-0/+8
| | | | | | This will allow others to provision on behalf of the host. ticket 280
* Revoke a host's certificate (if any) when it is deleted or disabled.Rob Crittenden2010-11-191-1/+1
| | | | | | | | | Disable any services when its host is disabled. This also adds displaying the certificate attributes (subject, etc) a bit more universal and centralized in a single function. ticket 297
* Fix build error due to rename of index.xhtml to index.htmlRob Crittenden2010-11-191-1/+1
|
* add button the spec had three add buttons: this one is the basic, 'add and ↵Adam Young2010-11-191-0/+15
| | | | then close' https://fedorahosted.org/freeipa/ticket/471
* removed index.xhtmlAdam Young2010-11-192-59/+1
| | | | also removed language on html, as the same page should be used for all languages.
* env init call the json rpc 'env' during ipa init and cache the resultAdam Young2010-11-182-44/+118
|
* pkinit-replica: create certificates for replicas tooSimo Sorce2010-11-182-9/+90
| | | | | altough the kdc certificate name is not tied to the fqdn we create separate certs for each KDC so that renewal of each of them is done separately.
* pkinit: always configure pkinit_anchors in krb5.confSimo Sorce2010-11-181-0/+1
|
* Add support for configuring KDC certs for PKINITSimo Sorce2010-11-185-1/+85
| | | | | This patch adds support only for the selfsign case. Replica support is also still missing at this stage.
* Use Realm as certs subject base nameSimo Sorce2010-11-185-12/+14
| | | | Also use the realm name as nickname for the CA certificate
* batch init this batches together the calls to json_metadata, i18n_messages, ↵Adam Young2010-11-185-529/+4464
| | | | and user-find [whoami] tostreamline the init process, and also allow us to add a call to enumerate the plugins.
* Service and Host ProvisioningEndi S. Dewata2010-11-1811-354/+790
| | | | | | | | | | | | | | | The service and host details pages have been modified to display Kerberos key provisioning status and to provide a way to unprovision. The host enrollment via OTP has not been implemented yet. The ipa_details_field has been modified to remove any old <dd> tags it created in the previous load operation. This is to support other widgets that need to perform load operation without removing <dd> tags. The certificate_status_panel has been converted into a widget. The host entity has been rewritten using the new framework. The unit tests has been updated.
* CSS cleanup post UXD discussionAdam Young2010-11-174-49/+79
|
* action selectAdam Young2010-11-177-39/+208
| | | | | if exactly one entity is selected, it enables the entity-facet links in the action panel, and sets the pkey in bbq to the pkey of the selected
* buttons to action panel puts the buttons as the top li in the action panelAdam Young2010-11-162-3/+3
|
* HBAC css cleanupAdam Young2010-11-163-7/+22
| | | | | | | | | | | The additions to the search widget have to go one level deeper, as 'container' has both the action panel and the client area Conflicts: install/static/hbac.js install/static/hbacsvc.js install/static/hbacsvcgroup.js
* demo deploy Makes it easier to deploy demos. This version will demo cleanly ↵Adam Young2010-11-161-5/+6
| | | | | | | | from html providing you just set that.use_static_files = true; in the IPA definition section
* px to emAdam Young2010-11-161-31/+37
| | | | | | Making all of the page elements based on the font size. Also, set the font to the defauklt for the browser. By default, most brosers have Font set to 16px.
* entity container sizeAdam Young2010-11-151-1/+0
| | | | No longer wastes %20 of the the page in the entity container.
* HBAC details page enhancementEndi S. Dewata2010-11-1522-710/+1360
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The HBAC details page has been enhanced to support Undo and Reset operations. The functionality is implemented in the base widget class so the behavior will be more consistent across widgets. A <span> tag now used to define the field boundary in the HTML doc. The tag contains the visual representation of the field which include the input tag and optionally the undo link. The Update method on HBAC details page has been modified so that it executes several operations using a batch command. The operations being executed depends on the changes made to the fields. These operations may include: - removing access time if access time is changed to any time - removing memberships if member category is changed to all - modifying rule attributes if description or rule type is changed - enabling/disabling the rule if rule status is changed The behavior of the Add & Remove buttons also has been changed such that it adjust the category attribute properly in addition to adding the memberships using batch command. For example, if category is initially set to all, adding a new member will also change the category to empty. The ipa_command have been modified to store the on_success and on_error handlers as properties. When the command is executed as a part of batch operation, the result of each command will be passed to the appropriate handler. The unit tests and test data have been updated as well.
* Fix test.po errors in make testSimo Sorce2010-11-151-0/+1
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/401
* Push associate buttons to the action-panelAdam Young2010-11-151-2/+2
|
* buttons to action panelAdam Young2010-11-145-26/+32
|
* super to superiorAdam Young2010-11-1412-190/+81
|
generated by cgit (git 2.34.1) at 2025-09-07 18:16:05 +0000