summaryrefslogtreecommitdiffstats
path: root/ipalib
Commit message (Collapse)AuthorAgeFilesLines
* Revert WebUI changeswebui-detailsStephen Gallagher2010-08-026-128/+27
| | | | | | | | | Reverted with: % git diff --binary HEAD..d4adbc8052faf18fb31e7b1865037aa107067d4b > revert.patch % git apply revert.patch % git commit -a
* Merge of webui work.Adam Young2010-07-296-27/+128
|\
| * Removing stray arg, causing ipa whoami to fail.Adam Young2010-07-231-1/+1
| |
| * Corrected call for exectue.Adam Young2010-07-232-6/+3
| |
| * Report number of row returned, as well as if results were truncated.Adam Young2010-07-231-1/+1
| |
| * Revert "Make the execute command forgiving of plugins that have no parameters."Adam Young2010-07-231-3/+3
| | | | | | | | | | | | This reverts commit b6aefd3ae588a90c5df4f68efab6ee3ace67ea08. There is a better way...writing the execute method correclty wityh only one param
| * Implement new params for LDAPSearch to allow more control over results.Pavel Zuna2010-07-231-2/+23
| | | | | | | | | | --timelimit Time limit in seconds. --sizelimit Maximum number of entries returned.
| * Make the execute command forgiving of plugins that have no parameters.Adam Young2010-07-221-3/+3
| |
| * Arrows for moving betweens lists are enabled.Adam Young2010-07-222-47/+7
| |
| * Minor tweak of whoami.Adam Young2010-07-201-24/+3
| |
| * Added pluging to reflect user info, needed for web ui.Adam Young2010-07-201-0/+105
| |
| * Merge branch 'pzuna-master' into pzuna-mergeAdam Young2010-07-161-1/+1
| |\
| | * Fix bug in baseldap.py when using addattr without setattr.Pavel Zuna2010-07-161-1/+1
| | | | | | | | | | | | | | | When the addattr argument was present, the code was assuming that setattr is present as well, which doesn't have to be the case.
| * | Merged wsgi, based on pavels changes.Adam Young2010-07-1512-379/+343
| |\ \
| * \ \ Merge branch 'pzuna-master' into pzuna-mergeAdam Young2010-07-091-21/+20
| |\ \ \ | | | |/ | | |/|
| | * | Change the way setattr/addattr are processed in baseldap.py.Pavel Zuna2010-07-091-21/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | After this patch setattr and addattr can work togheter. You can use setattr to reset an attribute and use addattr to populate it with new values at the same time. We need this to save a few roundtrips in the webUI.
| * | | Merge branch 'master' of git://git.fedorahosted.org/freeipa into admiyo-masterAdam Young2010-07-083-16/+24
| |\ \ \
| * \ \ \ Merge branch 'admiyo-master' into origin-mergeAdam Young2010-07-084-3/+43
| |\ \ \ \ | | | |/ / | | |/| |
| | * | | A somewhat scruffy commit of work in progress. but it should install.Pavel Zuna2010-07-011-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Pushing just to sync with Adam. We might want to break this down into smaller commits or merge with other commits before we go master.
| | * | | Add methods for exporting Param and LDAPObject classes into JSON.Pavel Zuna2010-06-223-2/+40
| | | | |
| | * | | Merge from Jason's repository + initial work on new layout.Pavel Zuna2010-06-221-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This adds the first user page I did. Before the second pass of mockups. It's just for reference and won't make it into master.
* | | | | Drop our own PKCS#10 ASN.1 decoder and use the one from python-nssRob Crittenden2010-07-292-411/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch: - bumps up the minimum version of python-nss - will initialize NSS with nodb if a CSR is loaded and it isn't already init'd - will shutdown NSS if initialized in the RPC subsystem so we use right db - updated and added a few more tests Relying more on NSS introduces a bit of a problem. For NSS to work you need to have initialized a database (either a real one or no_db). But once you've initialized one and want to use another you have to close down the first one. I've added some code to nsslib.py to do just that. This could potentially have some bad side-effects at some point, it works ok now.
* | | | | This patch removes the existing UI functionality, as a prep for adding the ↵Adam Young2010-07-291-2/+0
| |_|_|/ |/| | | | | | | | | | | Javascript based ui.
* | | | Fix netgroup plugin to use correct member attribute names.Rob Crittenden2010-07-151-31/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the netgroup plugin was rebased it ended up using the member attribute for its memberships and not memberuser/memberhost. I also fixed this same attribute problem in the tests and tried to beef them up a little. If nis/schema compat are enabled it will try to compare the generated triplets with a known-good value.
* | | | Use newer API in ipalib/x509 and add missing import.Rob Crittenden2010-07-151-0/+1
| | | | | | | | | | | | | | | | The import was only used when running the in-tree lite-server
* | | | Clean up crypto code, take advantage of new nss-python capabilitiesRob Crittenden2010-07-154-337/+147
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch does the following: - drops our in-tree x509v3 parser to use the python-nss one - return more information on certificates - make an API change, renaming cert-get to cert-show - Drop a lot of duplicated code
* | | | Add API to delete a service principal key, service-disable.Rob Crittenden2010-07-132-7/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I have to do some pretty low-level LDAP work to achieve this. Since we can't read the key using our modlist generator won't work and lots of tricks would be needed to use the LDAPUpdate object in any case. I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable. This also adds a new variable, has_keytab, to service/host_show output. This flag tells us whether there is a krbprincipalkey.
* | | | Include contents of has_output_params in get_output_paramsRob Crittenden2010-07-131-0/+2
| | | |
* | | | Add separate var for search attributes and config attribute for search fieldsRob Crittenden2010-07-133-1/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an optional search_attributes variable in case the attributes you want to display by default aren't what you want to search on. Also link in any cn=ipaconfig attributes that contain a comma-separated list of attributes to search on.
* | | | Handle errors raised by plugins more gracefully in mod_wsgi.Rob Crittenden2010-07-123-3/+8
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This started as an effort to display a more useful error message in the Apache error log if retrieving the schema failed. I broadened the scope a little to include limiting the output in the Apache error log so errors are easier to find. This adds a new configuration option, startup_traceback. Outside of lite-server.py it is False by default so does not display the traceback that lead to the StandardError being raised. This makes the mod_wsgi error much easier to follow.
* | | Clean up imports of hbacsvc pluginRob Crittenden2010-07-061-6/+4
| | | | | | | | | | | | I used pylint to identify a bunch of unnecessary and too-broad imports
* | | Add support for User-Private GroupsRob Crittenden2010-07-062-10/+20
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | This uses a new 389-ds plugin, Managed Entries, to automatically create a group entry when a user is created. The DNA plugin ensures that the group has a gidNumber that matches the users uidNumber. When the user is removed the group is automatically removed as well. If the managed entries plugin is not available or if a specific, separate range for gidNumber is passed in at install time then User-Private Groups will not be configured. The code checking for the Managed Entries plugin may be removed at some point. This is there because this plugin is only available in a 389-ds alpha release currently (1.2.6-a4).
* | Fix aci_mod command. It should handle more complex operations now.Rob Crittenden2010-06-241-12/+64
| | | | | | | | | | | | | | | | | | | | | | The problem was trying to operate directly on the ACI itself. I introduced a new function, _aci_to_kw(), that converts an ACI into a set of keywords. We can take these keywords, like those passed in when an ACI is created, to merge in any changes and then re-create the ACI. I also switched the ACI tests to be declarative and added a lot more cases around the modify operation.
* | First pass at per-command documentationRob Crittenden2010-06-2217-7/+432
|/
* use NSS for SSL operationsJohn Dennis2010-06-151-126/+7
|
* Connect the -v cli argument to the verbose flag in xmlrpclibRob Crittenden2010-06-034-7/+7
| | | | | | If you pass two -v to the ipa command you'll get the XML-RPC data in the output. This can be handy so you know exactly what went out over the wire.
* Increase supported weeks per month from 4 to 6 in AccessTime() typeRob Crittenden2010-06-031-1/+1
|
* Add ipaUniqueID to HBAC services and service groupsRob Crittenden2010-05-272-4/+4
| | | | Also fix the memberOf attribute for the HBAC services
* Remove local get_dn() from hbacsvcgroup and add tests for hbacsvcgroupRob Crittenden2010-05-201-18/+6
|
* Try to clear up that uid is a number, not the login nameRob Crittenden2010-05-171-1/+1
|
* Enforce that max password lifetime is greater than the min lifetimeRob Crittenden2010-05-171-3/+28
| | | | 461325
* Replace old pwpolicy plugin with new one using baseldap, fix tests.Rob Crittenden2010-05-173-718/+230
| | | | Fix deletion of policy when a group is removed.
* Add groups of services to HBACRob Crittenden2010-05-174-9/+305
| | | | | | | Replace serviceName with memberService so we can assign individual services or groups of services to an HBAC rule. 588574
* Remove left-over debugging statementRob Crittenden2010-05-141-2/+0
|
* Correctly handle EmptyModlist exception in pwpolicy2-mod.Pavel Zuna2010-05-141-7/+15
| | | | | | | | | | | EmptyModlist exception was generated by pwpolicy2-mod when modifying policy priority only. It was because the priority attribute is stored outside of the policy entry (in a CoS entry) and there was nothing left to be changed in the policy entry. This patch uses the new exception callbacks in baseldap.py classes to catch the EmptyModlist exception and checks if there was really nothing to be modified before reraising the exception.
* Add exception callback (exc_callback) to baseldap.py classes.Pavel Zuna2010-05-141-33/+150
| | | | | | It enables plugin authors to supply their own handlers for ExecutionError exceptions generated by calls to ldap2 made from the execute method of baseldap.py classes that extend CallbackInterface.
* Add new password policy plugin based on baseldap.py classes.root2010-05-051-0/+351
|
* Increase the attributes we display by default and fix up some labels.Rob Crittenden2010-05-051-2/+8
|
* Add weekly periodic schedule to AccessTime param type.root2010-05-041-0/+2
| | | | Fix bug #588414
* Handle CSRs whether they have NEW in the header or notRob Crittenden2010-05-031-1/+3
| | | | Also consolidate some duplicate code
generated by cgit (git 2.34.1) at 2025-09-01 13:28:24 +0000