From 9d0dc89b03d4e3f50d54d1189a119016b2c805c3 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Tue, 11 Jan 2011 20:31:09 +0700 Subject: Renamed hbac to hbacrule. All references to hbac in the UI have been replaced with hbacrule. This is to match the hbacrule plugin. The test data and templates have been renamed as well. --- install/static/hbacrule.js | 984 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 984 insertions(+) create mode 100755 install/static/hbacrule.js (limited to 'install/static/hbacrule.js') diff --git a/install/static/hbacrule.js b/install/static/hbacrule.js new file mode 100755 index 00000000..0e6d82cc --- /dev/null +++ b/install/static/hbacrule.js @@ -0,0 +1,984 @@ +/* Authors: + * Endi Sukma Dewata + * + * Copyright (C) 2010 Red Hat + * see file 'COPYING' for use and warranty information + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */ + +function ipa_hbacrule() { + + var that = ipa_entity({ + 'name': 'hbacrule' + }); + + that.init = function() { + + var dialog = ipa_hbacrule_add_dialog({ + 'name': 'add', + 'title': 'Add New Rule' + }); + that.add_dialog(dialog); + dialog.init(); + + var facet = ipa_hbacrule_search_facet({ + 'name': 'search', + 'label': 'Search' + }); + that.add_facet(facet); + + facet = ipa_hbacrule_details_facet({ + 'name': 'details', + 'label': 'Details' + }); + that.add_facet(facet); + + that.entity_init(); + }; + + return that; +} + +IPA.add_entity(ipa_hbacrule()); + +function ipa_hbacrule_add_dialog(spec) { + + spec = spec || {}; + + var that = ipa_add_dialog(spec); + + that.init = function() { + + that.add_field(ipa_text_widget({ + 'name': 'cn', + 'undo': false + })); + + that.add_field(ipa_radio_widget({ + 'name': 'accessruletype', + 'options': [ + { 'value': 'allow', 'label': 'Allow' }, + { 'value': 'deny', 'label': 'Deny' } + ], + 'undo': false + })); + + that.add_dialog_init(); + }; + + return that; +} + +function ipa_hbacrule_search_facet(spec) { + + spec = spec || {}; + + var that = ipa_search_facet(spec); + + that.init = function() { + + that.create_column({name:'cn'}); + that.create_column({name:'usercategory'}); + that.create_column({name:'hostcategory'}); + that.create_column({name:'ipaenabledflag'}); + that.create_column({name:'servicecategory'}); + that.create_column({name:'sourcehostcategory'}); + + that.search_facet_init(); + }; + + that.create = function(container) { + +/* + // Not yet implemented + + var left_buttons = $('', { + 'style': 'float: left;' + }).appendTo(container); + + left_buttons.append(ipa_button({ + 'label': 'Troubleshoot Rules' + })); + + left_buttons.append(ipa_button({ + 'label': 'Cull Disabled Rules' + })); +*/ + + that.search_facet_create(container); + + }; + + return that; +} + +function ipa_hbacrule_details_facet(spec) { + + spec = spec || {}; + + var that = ipa_details_facet(spec); + + that.init = function() { + + var section; + + if (IPA.layout) { + section = that.create_section({ + 'name': 'general', + 'label': 'General', + 'template': 'hbacrule-details-general.html #contents' + }); + + } else { + section = ipa_hbacrule_details_general_section({ + 'name': 'general', + 'label': 'General' + }); + that.add_section(section); + } + + section.create_text({ 'name': 'cn', 'label': 'Name', 'read_only': true }); + section.create_radio({ 'name': 'accessruletype', 'label': 'Rule Type' }); + section.create_textarea({ 'name': 'description', 'label': 'Description' }); + section.create_radio({ 'name': 'ipaenabledflag', 'label': 'Enabled' }); + + if (IPA.layout) { + section = that.create_section({ + 'name': 'user', + 'label': 'Who', + 'template': 'hbacrule-details-user.html #contents' + }); + + } else { + section = ipa_rule_details_section({ + 'name': 'user', + 'label': 'Who', + 'text': 'Rule applies when access is requested by:', + 'field_name': 'usercategory', + 'options': [ + { 'value': 'all', 'label': 'Anyone' }, + { 'value': '', 'label': 'Specified Users and Groups' } + ], + 'tables': [ + { 'field_name': 'memberuser_user' }, + { 'field_name': 'memberuser_group' } + ] + }); + that.add_section(section); + } + + var category = section.create_radio({ name: 'usercategory', label: 'User category' }); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-memberuser_user', + 'name': 'memberuser_user', 'label': 'Users', 'category': category, + 'other_entity': 'user', 'add_method': 'add_user', 'remove_method': 'remove_user' + })); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-memberuser_group', + 'name': 'memberuser_group', 'label': 'Groups', 'category': category, + 'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user' + })); + + if (IPA.layout) { + section = that.create_section({ + 'name': 'host', + 'label': 'Accessing', + 'template': 'hbacrule-details-host.html #contents' + }); + + } else { + section = ipa_rule_details_section({ + 'name': 'host', + 'label': 'Accessing', + 'text': 'Rule applies when access is requested to:', + 'field_name': 'hostcategory', + 'options': [ + { 'value': 'all', 'label': 'Any Host' }, + { 'value': '', 'label': 'Specified Hosts and Groups' } + ], + 'tables': [ + { 'field_name': 'memberhost_host' }, + { 'field_name': 'memberhost_hostgroup' } + ] + }); + that.add_section(section); + } + + category = section.create_radio({ 'name': 'hostcategory', 'label': 'Host category' }); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-memberhost_host', + 'name': 'memberhost_host', 'label': 'Hosts', 'category': category, + 'other_entity': 'host', 'add_method': 'add_host', 'remove_method': 'remove_host' + })); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-memberhost_hostgroup', + 'name': 'memberhost_hostgroup', 'label': 'Host Groups', 'category': category, + 'other_entity': 'hostgroup', 'add_method': 'add_host', 'remove_method': 'remove_host' + })); + + if (IPA.layout) { + section = that.create_section({ + 'name': 'service', + 'label': 'Via Service', + 'template': 'hbacrule-details-service.html #contents' + }); + + } else { + section = ipa_rule_details_section({ + 'name': 'service', + 'label': 'Via Service', + 'text': 'Rule applies when access is requested via:', + 'field_name': 'servicecategory', + 'options': [ + { 'value': 'all', 'label': 'Any Service' }, + { 'value': '', 'label': 'Specified Services and Groups' } + ], + 'tables': [ + { 'field_name': 'memberservice_hbacsvc' }, + { 'field_name': 'memberservice_hbacsvcgroup' } + ] + }); + that.add_section(section); + } + + category = section.create_radio({ 'name': 'servicecategory', 'label': 'Service category' }); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-memberservice_hbacsvc', + 'name': 'memberservice_hbacsvc', 'label': 'Services', 'category': category, + 'other_entity': 'hbacsvc', 'add_method': 'add_service', 'remove_method': 'remove_service' + })); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-memberservice_hbacsvcgroup', + 'name': 'memberservice_hbacsvcgroup', 'label': 'Service Groups', 'category': category, + 'other_entity': 'hbacsvcgroup', 'add_method': 'add_service', 'remove_method': 'remove_service' + })); + + if (IPA.layout) { + section = that.create_section({ + 'name': 'sourcehost', + 'label': 'From', + 'template': 'hbacrule-details-sourcehost.html #contents' + }); + + } else { + section = ipa_rule_details_section({ + 'name': 'sourcehost', + 'label': 'From', + 'text': 'Rule applies when access is being initiated from:', + 'field_name': 'sourcehostcategory', + 'options': [ + { 'value': 'all', 'label': 'Any Host' }, + { 'value': '', 'label': 'Specified Hosts and Groups' } + ], + 'tables': [ + { 'field_name': 'sourcehost_host' }, + { 'field_name': 'sourcehost_hostgroup' } + ] + }); + that.add_section(section); + } + + category = section.create_radio({ 'name': 'sourcehostcategory', 'label': 'Source host category' }); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-sourcehost_host', + 'name': 'sourcehost_host', 'label': 'Host', 'category': category, + 'other_entity': 'host', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost' + })); + section.add_field(ipa_rule_association_table_widget({ + 'id': that.entity_name+'-sourcehost_hostgroup', + 'name': 'sourcehost_hostgroup', 'label': 'Host Groups', 'category': category, + 'other_entity': 'hostgroup', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost' + })); +/* + if (IPA.layout) { + section = that.create_section({ + 'name': 'accesstime', + 'label': 'When', + 'template': 'hbacrule-details-accesstime.html #contents' + }); + + } else { + section = that.create_section({ + 'name': 'accesstime', + 'label': 'When' + }); + } + + section.add_field(ipa_hbacrule_accesstime_widget({ + 'id': 'accesstime', + 'name': 'accesstime', 'label': 'Access Time', + 'text': 'Rule applies when access is being requested at:', + 'options': [ + { 'value': 'all', 'label': 'Any Time' }, + { 'value': '', 'label': 'Specified Times' } + ] + })); +*/ + that.details_facet_init(); + }; + + that.update = function() { + + var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || ''; + + var modify_operation = { + 'execute': false, + 'command': ipa_command({ + 'method': that.entity_name+'_mod', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }) + }; + + var remove_accesstime = { + 'template': ipa_command({ + 'method': that.entity_name+'_remove_accesstime', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }), + 'commands': [] + }; + + var categories = { + 'usercategory': { + 'remove_values': false + }, + 'hostcategory': { + 'remove_values': false + }, + 'servicecategory': { + 'remove_values': false + }, + 'sourcehostcategory': { + 'remove_values': false + } + }; + + var member_operations = { + 'memberuser': { + 'category': 'usercategory', + 'has_values': false, + 'command': ipa_command({ + 'method': that.entity_name+'_remove_user', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }) + }, + 'memberhost': { + 'category': 'hostcategory', + 'has_values': false, + 'command': ipa_command({ + 'method': that.entity_name+'_remove_host', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }) + }, + 'memberservice': { + 'category': 'servicecategory', + 'has_values': false, + 'command': ipa_command({ + 'method': that.entity_name+'_remove_service', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }) + }, + 'sourcehost': { + 'category': 'sourcehostcategory', + 'has_values': false, + 'command': ipa_command({ + 'method': that.entity_name+'_remove_sourcehost', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }) + } + }; + + var enable_operation = { + 'execute': false, + 'command': ipa_command({ + 'method': that.entity_name+'_enable', + 'args': [pkey], + 'options': {'all': true, 'rights': true} + }) + }; + + for (var i=0; i= 0) { + // prepare command to remove members if needed + var attribute = field.name.substring(0, p); + var other_entity = field.name.substring(p+1); + + if (values.length) { + member_operations[attribute].command.set_option(other_entity, values.join(',')); + member_operations[attribute].has_values = true; + } + continue; + } + + // skip unchanged field + if (!field.is_dirty(span)) continue; + + // check enable/disable + if (field.name == 'ipaenabledflag') { + if (values[0] == 'FALSE') enable_operation.command.method = that.entity_name+'_disable'; + enable_operation.execute = true; + continue; + } + + if (field.name == 'accesstime') { + // if accesstime is dirty, it means 'Any Time' is selected, + // so existing values have to be removed + for (var k=0; k', { + 'style': 'width: 100%;' + }).appendTo(container); + + var tr = $('').appendTo(table); + + var td = $('', { + 'style': 'width: 100px; text-align: right;', + 'html': 'Name:' + }).appendTo(tr); + + td = $('').appendTo(tr); + + var span = $('', { 'name': 'cn' }).appendTo(td); + + $('', { + 'type': 'text', + 'name': 'cn', + 'size': 30 + }).appendTo(span); + + span.append(' '); + + $('', { + 'name': 'undo', + 'class': 'ui-state-highlight ui-corner-all', + 'style': 'display: none;', + 'html': 'undo' + }).appendTo(span); + + td = $('', { + 'style': 'text-align: right;' + }).appendTo(tr); + + td.append('Rule type:'); + + span = $('', { 'name': 'accessruletype' }).appendTo(td); + + $('', { + 'type': 'radio', + 'name': 'accessruletype', + 'value': 'allow' + }).appendTo(span); + + span.append('Allow'); + + $('', { + 'type': 'radio', + 'name': 'accessruletype', + 'value': 'deny' + }).appendTo(span); + + span.append('Deny'); + + span.append(' '); + + $('', { + 'name': 'undo', + 'class': 'ui-state-highlight ui-corner-all', + 'style': 'display: none;', + 'html': 'undo' + }).appendTo(span); + + tr = $('').appendTo(table); + + td = $('', { + 'style': 'text-align: right; vertical-align: top;', + 'html': 'Description:' + }).appendTo(tr); + + td = $('', { + 'colspan': 2 + }).appendTo(tr); + + span = $('', { 'name': 'description' }).appendTo(td); + + $('