2011-01-14 11:16:25 -06:00
|
|
|
/*jsl:import ipa.js */
|
|
|
|
/*jsl:import certificate.js */
|
|
|
|
|
2010-09-17 18:03:50 -05:00
|
|
|
/* Authors:
|
|
|
|
* Endi Sukma Dewata <edewata@redhat.com>
|
|
|
|
*
|
|
|
|
* Copyright (C) 2010 Red Hat
|
|
|
|
* see file 'COPYING' for use and warranty information
|
|
|
|
*
|
2010-12-09 06:59:11 -06:00
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
2010-09-17 18:03:50 -05:00
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2010-12-09 06:59:11 -06:00
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2010-09-17 18:03:50 -05:00
|
|
|
*/
|
|
|
|
|
2011-11-02 12:21:39 -05:00
|
|
|
/* REQUIRES: ipa.js, details.js, search.js, add.js, facet.js, entity.js */
|
2010-09-17 18:03:50 -05:00
|
|
|
|
2011-11-02 14:07:07 -05:00
|
|
|
IPA.service = {};
|
2010-10-27 22:32:30 -05:00
|
|
|
|
2011-11-02 14:07:07 -05:00
|
|
|
IPA.service.entity = function(spec) {
|
|
|
|
|
|
|
|
var that = IPA.entity(spec);
|
|
|
|
|
2011-11-16 21:07:20 -06:00
|
|
|
that.init = function() {
|
|
|
|
that.entity_init();
|
2011-11-02 14:07:07 -05:00
|
|
|
|
2011-11-16 21:07:20 -06:00
|
|
|
that.builder.search_facet({
|
2011-04-07 16:14:58 -05:00
|
|
|
columns: [ 'krbprincipalname' ]
|
|
|
|
}).
|
2011-10-19 15:11:09 -05:00
|
|
|
details_facet({
|
2012-06-12 07:28:30 -05:00
|
|
|
factory: IPA.service.details_facet,
|
2011-10-19 15:11:09 -05:00
|
|
|
sections: [
|
|
|
|
{
|
|
|
|
name: 'details',
|
|
|
|
fields: [
|
|
|
|
'krbprincipalname',
|
2011-03-18 15:43:54 -05:00
|
|
|
{
|
2011-11-25 05:02:22 -06:00
|
|
|
type: 'service_name',
|
2011-03-18 15:43:54 -05:00
|
|
|
name: 'service',
|
|
|
|
label: IPA.messages.objects.service.service,
|
|
|
|
read_only: true
|
|
|
|
},
|
|
|
|
{
|
2011-11-25 05:02:22 -06:00
|
|
|
type: 'service_host',
|
2011-03-18 15:43:54 -05:00
|
|
|
name: 'host',
|
|
|
|
label: IPA.messages.objects.service.host,
|
|
|
|
read_only: true
|
2012-08-01 10:59:54 -05:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'ipakrbauthzdata',
|
|
|
|
type: 'checkboxes',
|
|
|
|
options: IPA.create_options(['MS-PAC', 'PAD'])
|
2011-10-19 15:11:09 -05:00
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'provisioning',
|
2012-06-07 03:44:34 -05:00
|
|
|
action_panel: {
|
|
|
|
factory: IPA.action_panel,
|
|
|
|
name: 'provisioning_actions',
|
|
|
|
actions: ['unprovision']
|
|
|
|
},
|
2011-10-19 15:11:09 -05:00
|
|
|
fields: [
|
|
|
|
{
|
2011-11-25 05:02:22 -06:00
|
|
|
type: 'service_provisioning_status',
|
2012-06-07 03:44:34 -05:00
|
|
|
name: 'has_keytab',
|
2011-10-19 15:11:09 -05:00
|
|
|
label: IPA.messages.objects.service.status
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'certificate',
|
2012-06-12 07:28:30 -05:00
|
|
|
action_panel: {
|
|
|
|
factory: IPA.action_panel,
|
|
|
|
name: 'cert_actions',
|
|
|
|
actions: [
|
|
|
|
'request_cert', 'view_cert', 'get_cert',
|
|
|
|
'revoke_cert', 'restore_cert'
|
|
|
|
]
|
|
|
|
},
|
2011-10-19 15:11:09 -05:00
|
|
|
fields: [
|
|
|
|
{
|
2012-06-12 07:28:30 -05:00
|
|
|
type: 'certificate_status',
|
2011-10-19 15:11:09 -05:00
|
|
|
name: 'certificate_status',
|
|
|
|
label: IPA.messages.objects.service.status
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
2012-06-07 03:44:34 -05:00
|
|
|
],
|
|
|
|
actions: [
|
2012-06-12 07:28:30 -05:00
|
|
|
IPA.service.unprovision_action,
|
|
|
|
IPA.cert.view_action,
|
|
|
|
IPA.cert.get_action,
|
|
|
|
IPA.cert.request_action,
|
|
|
|
IPA.cert.revoke_action,
|
|
|
|
IPA.cert.restore_action
|
2012-06-07 03:44:34 -05:00
|
|
|
],
|
|
|
|
state: {
|
|
|
|
evaluators: [
|
|
|
|
IPA.service.has_keytab_evaluator,
|
2012-06-12 07:28:30 -05:00
|
|
|
IPA.service.krbprincipalkey_acl_evaluator,
|
|
|
|
IPA.cert.certificate_evaluator
|
2012-06-07 03:44:34 -05:00
|
|
|
]
|
2012-06-12 07:28:30 -05:00
|
|
|
},
|
|
|
|
policies: [
|
|
|
|
IPA.service.certificate_policy()
|
|
|
|
]
|
2011-10-19 15:11:09 -05:00
|
|
|
}).
|
2011-05-13 20:05:35 -05:00
|
|
|
association_facet({
|
2011-04-07 16:14:58 -05:00
|
|
|
name: 'managedby_host',
|
|
|
|
add_method: 'add_host',
|
|
|
|
remove_method: 'remove_host'
|
|
|
|
}).
|
2011-03-31 14:32:29 -05:00
|
|
|
standard_association_facets().
|
2011-04-18 10:59:50 -05:00
|
|
|
adder_dialog({
|
2011-10-24 19:20:14 -05:00
|
|
|
factory: IPA.service_adder_dialog,
|
2011-11-25 05:02:22 -06:00
|
|
|
height: 350,
|
|
|
|
sections: [
|
|
|
|
{
|
|
|
|
fields: [
|
|
|
|
{
|
|
|
|
type: 'combobox',
|
|
|
|
name: 'service',
|
|
|
|
label: IPA.messages.objects.service.service,
|
|
|
|
options: [
|
|
|
|
'cifs',
|
|
|
|
'DNS',
|
|
|
|
'ftp',
|
|
|
|
'HTTP',
|
|
|
|
'imap',
|
|
|
|
'ldap',
|
|
|
|
'libvirt',
|
|
|
|
'nfs',
|
|
|
|
'smtp',
|
|
|
|
'qpidd'
|
|
|
|
],
|
|
|
|
editable: true,
|
|
|
|
size: 10,
|
2012-07-27 10:12:25 -05:00
|
|
|
required: true,
|
|
|
|
z_index: 2
|
2011-11-25 05:02:22 -06:00
|
|
|
},
|
|
|
|
{
|
|
|
|
type: 'entity_select',
|
|
|
|
name: 'host',
|
|
|
|
other_entity: 'host',
|
|
|
|
other_field: 'fqdn',
|
|
|
|
label: IPA.messages.objects.service.host,
|
2012-07-27 10:12:25 -05:00
|
|
|
required: true,
|
|
|
|
z_index: 1
|
2011-11-25 05:02:22 -06:00
|
|
|
},
|
|
|
|
{
|
|
|
|
type: 'checkbox',
|
|
|
|
name: 'force',
|
2011-11-16 15:13:32 -06:00
|
|
|
metadata: IPA.get_command_option('service_add', 'force')
|
2011-11-25 05:02:22 -06:00
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
]
|
2011-11-02 14:07:07 -05:00
|
|
|
});
|
|
|
|
};
|
2010-11-09 14:22:31 -06:00
|
|
|
|
2011-11-02 14:07:07 -05:00
|
|
|
return that;
|
|
|
|
};
|
2011-01-28 12:06:34 -06:00
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
IPA.service.details_facet = function(spec, no_init) {
|
|
|
|
|
|
|
|
var that = IPA.details_facet(spec, true);
|
|
|
|
that.certificate_loaded = IPA.observer();
|
|
|
|
|
|
|
|
if (!no_init) that.init_details_facet();
|
|
|
|
|
|
|
|
return that;
|
|
|
|
};
|
|
|
|
|
2011-10-24 19:20:14 -05:00
|
|
|
IPA.service_adder_dialog = function(spec) {
|
2010-10-27 22:32:30 -05:00
|
|
|
|
2010-11-09 14:22:31 -06:00
|
|
|
spec = spec || {};
|
2010-10-27 22:32:30 -05:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
var that = IPA.entity_adder_dialog(spec);
|
2011-01-18 11:12:47 -06:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
var init = function() {
|
|
|
|
|
|
|
|
//small hack - krbprincipalname should not be displayed. This way
|
|
|
|
//creation of associated widget is skipped.
|
|
|
|
//In future it would be better split section definion into widget and
|
|
|
|
//fields definition and create custom field with two associated
|
|
|
|
//widgets - 'service' and 'host' with this dialog's save logic.
|
|
|
|
that.builder.build_field({
|
|
|
|
type: 'field',
|
|
|
|
name: 'krbprincipalname',
|
|
|
|
required: false
|
|
|
|
});
|
|
|
|
};
|
2010-11-09 14:22:31 -06:00
|
|
|
|
2011-01-28 09:36:25 -06:00
|
|
|
that.save = function(record) {
|
2010-11-09 14:22:31 -06:00
|
|
|
|
2011-11-22 10:33:09 -06:00
|
|
|
var field = that.fields.get_field('service');
|
2010-11-18 20:17:14 -06:00
|
|
|
var service = field.save()[0];
|
2010-11-09 14:22:31 -06:00
|
|
|
|
2011-11-22 10:33:09 -06:00
|
|
|
field = that.fields.get_field('host');
|
2010-11-18 20:17:14 -06:00
|
|
|
var host = field.save()[0];
|
2010-09-17 18:03:50 -05:00
|
|
|
|
2011-09-10 11:54:02 -05:00
|
|
|
record['krbprincipalname'] = [ service+'/'+host ];
|
2010-11-09 14:22:31 -06:00
|
|
|
|
2011-11-22 10:33:09 -06:00
|
|
|
field = that.fields.get_field('force');
|
2011-09-10 11:54:02 -05:00
|
|
|
record['force'] = field.save();
|
2010-11-09 14:22:31 -06:00
|
|
|
};
|
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
init();
|
|
|
|
|
2010-11-09 14:22:31 -06:00
|
|
|
return that;
|
2011-01-14 11:16:25 -06:00
|
|
|
};
|
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
IPA.service_name_field = function(spec) {
|
Certificate management for services.
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.
On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.
On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.
The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.
All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
2010-10-07 14:02:44 -05:00
|
|
|
|
2011-02-03 21:42:50 -06:00
|
|
|
spec = spec || {};
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
var that = IPA.field(spec);
|
2010-11-18 20:17:14 -06:00
|
|
|
|
2011-02-03 21:42:50 -06:00
|
|
|
that.load = function(record) {
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
that.field_load(record);
|
HBAC Details Page
The UI framework has been extended to include a collection of widgets:
- ipa_widget: base class
- ipa_text_widget: text field
- ipa_radio_widget: radio button
- ipa_textarea_widget: textarea
- ipa_button_widget: button
- ipa_column_widget: column for table
- ipa_table_widget: table
These widgets can be used to create input controls. They can also be
extended to create custom controls.
The framework has also been enhanced to support custom layouts. This
can be used to change the look of the application without changing
the code. Initially this is only available in details section.
Layout consists of a collection of HTML templates. Each template is a
complete and valid HTML file representing a portion of a page. The
template will be loaded and initialized by the code, then filled with
the data from the server. The layouts are located in
install/static/layouts/<name> folder.
By default, if no templates are used, the fields in the details page
are rendered vertically using dd/dt/dd tags. For pages that require
different layout, a custom UI needs to be developed. There are two ways
to do that:
- write a custom widget to generate the UI dynamically
- create an HTML template and write the initialization code
For components that are quite complex or used frequently, it's might
be better to use the first method. For simple pages that are used only
in one location or need to support customization, the second method
might be preferable. Other benefits of templates:
- cleaner code and UI separation
- more flexibility in customization
- new pages can be developed quickly and require less coding
- multiple templates can be used with the same initialization code
- easier to maintain
The HBAC details page has been implemented using both methods. By
default it will use custom widgets to generate the page. To use a
custom layout, add the following parameter to the URL, then reload
the page:
&layout=<name>
Currently the only available layout is 'default' which produces the
same look as the custom widgets.
The HBAC details page is usable, but it still needs additional work.
The access time is not working yet. There is no undo button, hint,
or validation yet.
The table in the association facet has also been changed to use
ipa_association_widget which is derived from ipa_table_widget.
The Makefile has been updated to include the layouts. The unit tests
have been updated as well.
2010-11-02 20:16:55 -05:00
|
|
|
|
2012-01-06 01:18:48 -06:00
|
|
|
var krbprincipalname = record.krbprincipalname[0];
|
2011-02-03 21:42:50 -06:00
|
|
|
var value = krbprincipalname.replace(/\/.*$/, '');
|
|
|
|
that.values = [value];
|
Certificate management for services.
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.
On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.
On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.
The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.
All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
2010-10-07 14:02:44 -05:00
|
|
|
|
2011-02-03 21:42:50 -06:00
|
|
|
that.reset();
|
|
|
|
};
|
2010-11-18 20:17:14 -06:00
|
|
|
|
2011-02-03 21:42:50 -06:00
|
|
|
return that;
|
|
|
|
};
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
IPA.field_factories['service_name'] = IPA.service_name_field;
|
|
|
|
IPA.widget_factories['service_name'] = IPA.text_widget;
|
|
|
|
|
|
|
|
|
|
|
|
IPA.service_host_field = function(spec) {
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-02-03 21:42:50 -06:00
|
|
|
spec = spec || {};
|
HBAC Details Page
The UI framework has been extended to include a collection of widgets:
- ipa_widget: base class
- ipa_text_widget: text field
- ipa_radio_widget: radio button
- ipa_textarea_widget: textarea
- ipa_button_widget: button
- ipa_column_widget: column for table
- ipa_table_widget: table
These widgets can be used to create input controls. They can also be
extended to create custom controls.
The framework has also been enhanced to support custom layouts. This
can be used to change the look of the application without changing
the code. Initially this is only available in details section.
Layout consists of a collection of HTML templates. Each template is a
complete and valid HTML file representing a portion of a page. The
template will be loaded and initialized by the code, then filled with
the data from the server. The layouts are located in
install/static/layouts/<name> folder.
By default, if no templates are used, the fields in the details page
are rendered vertically using dd/dt/dd tags. For pages that require
different layout, a custom UI needs to be developed. There are two ways
to do that:
- write a custom widget to generate the UI dynamically
- create an HTML template and write the initialization code
For components that are quite complex or used frequently, it's might
be better to use the first method. For simple pages that are used only
in one location or need to support customization, the second method
might be preferable. Other benefits of templates:
- cleaner code and UI separation
- more flexibility in customization
- new pages can be developed quickly and require less coding
- multiple templates can be used with the same initialization code
- easier to maintain
The HBAC details page has been implemented using both methods. By
default it will use custom widgets to generate the page. To use a
custom layout, add the following parameter to the URL, then reload
the page:
&layout=<name>
Currently the only available layout is 'default' which produces the
same look as the custom widgets.
The HBAC details page is usable, but it still needs additional work.
The access time is not working yet. There is no undo button, hint,
or validation yet.
The table in the association facet has also been changed to use
ipa_association_widget which is derived from ipa_table_widget.
The Makefile has been updated to include the layouts. The unit tests
have been updated as well.
2010-11-02 20:16:55 -05:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
var that = IPA.field(spec);
|
2011-02-03 21:42:50 -06:00
|
|
|
|
|
|
|
that.load = function(record) {
|
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
that.field_load(record);
|
2011-02-03 21:42:50 -06:00
|
|
|
|
2012-01-06 01:18:48 -06:00
|
|
|
var krbprincipalname = record.krbprincipalname[0];
|
2011-02-03 21:42:50 -06:00
|
|
|
var value = krbprincipalname.replace(/^.*\//, '').replace(/@.*$/, '');
|
|
|
|
that.values = [value];
|
|
|
|
|
|
|
|
that.reset();
|
|
|
|
};
|
|
|
|
|
|
|
|
return that;
|
|
|
|
};
|
Certificate management for services.
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.
On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.
On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.
The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.
All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
2010-10-07 14:02:44 -05:00
|
|
|
|
2011-11-25 05:02:22 -06:00
|
|
|
IPA.field_factories['service_host'] = IPA.service_host_field;
|
|
|
|
IPA.widget_factories['service_host'] = IPA.text_widget;
|
2011-01-14 11:16:25 -06:00
|
|
|
|
2011-02-16 07:26:35 -06:00
|
|
|
IPA.service_provisioning_status_widget = function (spec) {
|
2010-11-16 18:10:40 -06:00
|
|
|
|
|
|
|
spec = spec || {};
|
|
|
|
|
2011-11-22 08:41:33 -06:00
|
|
|
var that = IPA.input_widget(spec);
|
2010-11-16 18:10:40 -06:00
|
|
|
|
|
|
|
that.create = function(container) {
|
|
|
|
|
|
|
|
that.widget_create(container);
|
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.status_valid = $('<div/>', {
|
2011-02-07 11:38:06 -06:00
|
|
|
name: 'kerberos-key-valid',
|
|
|
|
style: 'display: none;'
|
2011-02-03 21:42:50 -06:00
|
|
|
}).appendTo(container);
|
2011-01-17 07:43:43 -06:00
|
|
|
|
|
|
|
$('<img/>', {
|
2011-10-26 16:06:17 -05:00
|
|
|
src: 'images/check-icon.png',
|
2011-01-17 07:43:43 -06:00
|
|
|
style: 'float: left;',
|
|
|
|
'class': 'status-icon'
|
2012-06-07 03:44:34 -05:00
|
|
|
}).appendTo(that.status_valid);
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-01-17 07:43:43 -06:00
|
|
|
var content_div = $('<div/>', {
|
|
|
|
style: 'float: left;'
|
2012-06-07 03:44:34 -05:00
|
|
|
}).appendTo(that.status_valid);
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
content_div.append('<b>'+IPA.messages.objects.service.valid+'</b>');
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.status_missing = $('<div/>', {
|
2011-02-07 11:38:06 -06:00
|
|
|
name: 'kerberos-key-missing',
|
|
|
|
style: 'display: none;'
|
2011-02-03 21:42:50 -06:00
|
|
|
}).appendTo(container);
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-01-17 07:43:43 -06:00
|
|
|
$('<img/>', {
|
2011-10-26 16:06:17 -05:00
|
|
|
src: 'images/caution-icon.png',
|
2011-01-17 07:43:43 -06:00
|
|
|
style: 'float: left;',
|
|
|
|
'class': 'status-icon'
|
2012-06-07 03:44:34 -05:00
|
|
|
}).appendTo(that.status_missing);
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2011-01-17 07:43:43 -06:00
|
|
|
content_div = $('<div/>', {
|
|
|
|
style: 'float: left;'
|
2012-06-07 03:44:34 -05:00
|
|
|
}).appendTo(that.status_missing);
|
2011-01-17 07:43:43 -06:00
|
|
|
|
2011-02-16 12:46:59 -06:00
|
|
|
content_div.append('<b>'+IPA.messages.objects.service.missing+'</b>');
|
2012-06-07 03:44:34 -05:00
|
|
|
};
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.update = function(values) {
|
|
|
|
that.status = values && values.length ? values[0] : false;
|
|
|
|
set_status(that.status ? 'valid' : 'missing');
|
|
|
|
};
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.clear = function() {
|
|
|
|
that.status_valid.css('display', 'none');
|
|
|
|
that.status_missing.css('display', 'none');
|
2010-11-16 18:10:40 -06:00
|
|
|
};
|
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
function set_status(status) {
|
|
|
|
that.status_valid.css('display', status == 'valid' ? 'inline' : 'none');
|
|
|
|
that.status_missing.css('display', status == 'missing' ? 'inline' : 'none');
|
|
|
|
}
|
|
|
|
|
|
|
|
return that;
|
|
|
|
};
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
IPA.field_factories['service_provisioning_status'] = IPA.field;
|
|
|
|
IPA.widget_factories['service_provisioning_status'] = IPA.service_provisioning_status_widget;
|
2011-02-16 12:46:59 -06:00
|
|
|
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
IPA.service.unprovision_dialog = function(spec) {
|
|
|
|
|
|
|
|
spec = spec || {};
|
|
|
|
spec.title = spec.title || IPA.messages.objects.service.unprovision_title;
|
|
|
|
|
|
|
|
var that = IPA.dialog(spec);
|
|
|
|
that.facet = spec.facet;
|
|
|
|
|
|
|
|
var entity_singular = that.entity.metadata.label_singular;
|
|
|
|
that.title = that.title.replace('${entity}', entity_singular);
|
|
|
|
|
|
|
|
that.create = function() {
|
|
|
|
that.container.append(IPA.messages.objects.service.unprovision_confirmation);
|
|
|
|
};
|
|
|
|
|
|
|
|
that.create_buttons = function() {
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.create_button({
|
2011-09-28 15:56:25 -05:00
|
|
|
name: 'unprovision',
|
|
|
|
label: IPA.messages.objects.service.unprovision,
|
|
|
|
click: function() {
|
2012-06-07 03:44:34 -05:00
|
|
|
that.unprovision();
|
2011-09-28 15:56:25 -05:00
|
|
|
}
|
2010-11-16 18:10:40 -06:00
|
|
|
});
|
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.create_button({
|
2012-05-14 01:40:41 -05:00
|
|
|
name: 'cancel',
|
|
|
|
label: IPA.messages.buttons.cancel,
|
|
|
|
click: function() {
|
2012-06-07 03:44:34 -05:00
|
|
|
that.close();
|
2012-05-14 01:40:41 -05:00
|
|
|
}
|
|
|
|
});
|
2010-11-16 18:10:40 -06:00
|
|
|
};
|
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.unprovision = function() {
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
var principal_f = that.facet.fields.get_field('krbprincipalname');
|
|
|
|
var pkey = principal_f.values[0];
|
|
|
|
|
|
|
|
IPA.command({
|
|
|
|
entity: that.entity.name,
|
|
|
|
method: 'disable',
|
|
|
|
args: [pkey],
|
|
|
|
on_success: function(data, text_status, xhr) {
|
|
|
|
that.facet.refresh();
|
|
|
|
that.close();
|
2012-08-27 03:57:47 -05:00
|
|
|
IPA.notify_success(IPA.messages.objects.service.unprovisioned);
|
2012-06-07 03:44:34 -05:00
|
|
|
},
|
|
|
|
on_error: function(xhr, text_status, error_thrown) {
|
|
|
|
that.close();
|
|
|
|
}
|
|
|
|
}).execute();
|
2011-10-24 07:53:29 -05:00
|
|
|
};
|
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.create_buttons();
|
2010-11-16 18:10:40 -06:00
|
|
|
|
|
|
|
return that;
|
2011-02-16 07:26:35 -06:00
|
|
|
};
|
2010-10-15 12:22:01 -05:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
IPA.service.unprovision_action = function(spec) {
|
2011-11-25 05:02:22 -06:00
|
|
|
|
|
|
|
spec = spec || {};
|
2012-06-07 03:44:34 -05:00
|
|
|
spec.name = spec.name || 'unprovision';
|
|
|
|
spec.label = spec.label || IPA.messages.objects.service.delete_key_unprovision;
|
|
|
|
spec.enable_cond = spec.enable_cond || ['has_keytab', 'krbprincipalkey_w'];
|
2011-11-25 05:02:22 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
var that = IPA.action(spec);
|
2011-11-25 05:02:22 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
that.execute_action = function(facet) {
|
2011-11-25 05:02:22 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
var dialog = IPA.service.unprovision_dialog({
|
|
|
|
entity: facet.entity,
|
|
|
|
facet: facet
|
|
|
|
});
|
2011-11-25 05:02:22 -06:00
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
dialog.open();
|
2011-11-25 05:02:22 -06:00
|
|
|
};
|
|
|
|
|
|
|
|
return that;
|
|
|
|
};
|
|
|
|
|
2012-06-07 03:44:34 -05:00
|
|
|
IPA.service.krbprincipalkey_acl_evaluator = function(spec) {
|
|
|
|
|
|
|
|
spec.name = spec.name || 'unprovision_acl_evaluator';
|
|
|
|
spec.attribute = spec.attribute || 'krbprincipalkey';
|
|
|
|
|
|
|
|
var that = IPA.acl_state_evaluator(spec);
|
|
|
|
return that;
|
|
|
|
};
|
|
|
|
|
|
|
|
IPA.service.has_keytab_evaluator = function(spec) {
|
|
|
|
|
|
|
|
spec.name = spec.name || 'has_keytab_evaluator';
|
|
|
|
spec.attribute = spec.attribute || 'has_keytab';
|
|
|
|
spec.value = spec.value || [true];
|
|
|
|
spec.representation = spec.representation || 'has_keytab';
|
|
|
|
|
|
|
|
var that = IPA.value_state_evaluator(spec);
|
|
|
|
return that;
|
|
|
|
};
|
2011-11-25 05:02:22 -06:00
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
IPA.service.certificate_policy = function(spec) {
|
2010-11-16 18:10:40 -06:00
|
|
|
|
|
|
|
spec = spec || {};
|
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
function get_pkey(result) {
|
2012-01-06 01:18:48 -06:00
|
|
|
var values = result.krbprincipalname;
|
removing setters setup and init
change widget and widget unit tests to hold on to entity, not entity name.
Replacing entity_name with entity.name in most places.
The one exception is columns for table_widget.
Widgets that refer to other entities have to have late resolution of the entity object, due to circular dependencies.
cleanup entity assignment.
removed template and layout,
merged setup into create
adder dialogs adjust height for external
removed init from widget, isection, association, facet, host and service
Make unit tests use factory.
fix functional tests to click find link correctly.
tweak to activation test, but still broken.
moved initialization code to the end
use --all for hbacrule find, so the type shows up now
fixed dns exception code and exception handling for get_entity
replace metadata look up with value from entity.
fixed author lines
removed duplicate columns in managed by facets.
tweak to nav fix in order to initialize tab.
more defensive code
update metadata for true false
one line init for entity_name in widget
move init code to end of constructor functions
moved constants to start of function for adder_dialog
external fields for dialogs initialized at dialog creation
sudo sections: move add fields and columns to widget definition.
The parameter validation in IPA.column ...This is precondition checking. Note that it merely throws an exception if the entity_name is not set. I want this stuff at the top of the function so that it is obvious to people looking to use them what is required. I added a comment to make this clear, but I'd like to keep precondition checking at the top of the function.
decreased the scope of the pkey_name and moved the initiailzation fof columns into the setup_column function for association_tables
return false at the end of click handler
removed blank labels in sudo command section
fix radio buttons for sudo category
fixed table side for adder dialogs with external fields
comments for future direction with add_columns
https://fedorahosted.org/freeipa/ticket/1451
https://fedorahosted.org/freeipa/ticket/1462
https://fedorahosted.org/freeipa/ticket/1493
https://fedorahosted.org/freeipa/ticket/1497
https://fedorahosted.org/freeipa/ticket/1532
https://fedorahosted.org/freeipa/ticket/1534
2011-07-25 11:15:14 -05:00
|
|
|
return values ? values[0] : null;
|
2012-06-12 07:28:30 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
spec.get_pkey = spec.get_pkey || get_pkey;
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
spec.get_name = spec.get_name || function(result) {
|
|
|
|
var value = get_pkey(result);
|
removing setters setup and init
change widget and widget unit tests to hold on to entity, not entity name.
Replacing entity_name with entity.name in most places.
The one exception is columns for table_widget.
Widgets that refer to other entities have to have late resolution of the entity object, due to circular dependencies.
cleanup entity assignment.
removed template and layout,
merged setup into create
adder dialogs adjust height for external
removed init from widget, isection, association, facet, host and service
Make unit tests use factory.
fix functional tests to click find link correctly.
tweak to activation test, but still broken.
moved initialization code to the end
use --all for hbacrule find, so the type shows up now
fixed dns exception code and exception handling for get_entity
replace metadata look up with value from entity.
fixed author lines
removed duplicate columns in managed by facets.
tweak to nav fix in order to initialize tab.
more defensive code
update metadata for true false
one line init for entity_name in widget
move init code to end of constructor functions
moved constants to start of function for adder_dialog
external fields for dialogs initialized at dialog creation
sudo sections: move add fields and columns to widget definition.
The parameter validation in IPA.column ...This is precondition checking. Note that it merely throws an exception if the entity_name is not set. I want this stuff at the top of the function so that it is obvious to people looking to use them what is required. I added a comment to make this clear, but I'd like to keep precondition checking at the top of the function.
decreased the scope of the pkey_name and moved the initiailzation fof columns into the setup_column function for association_tables
return false at the end of click handler
removed blank labels in sudo command section
fix radio buttons for sudo category
fixed table side for adder dialogs with external fields
comments for future direction with add_columns
https://fedorahosted.org/freeipa/ticket/1451
https://fedorahosted.org/freeipa/ticket/1462
https://fedorahosted.org/freeipa/ticket/1493
https://fedorahosted.org/freeipa/ticket/1497
https://fedorahosted.org/freeipa/ticket/1532
https://fedorahosted.org/freeipa/ticket/1534
2011-07-25 11:15:14 -05:00
|
|
|
return value ? value.replace(/@.*$/, '') : null;
|
|
|
|
};
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
spec.get_principal = spec.get_principal || get_pkey;
|
2010-11-16 18:10:40 -06:00
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
spec.get_hostname = spec.get_hostname || function(result) {
|
|
|
|
var value = get_pkey(result);
|
|
|
|
if (value) {
|
|
|
|
value = value.replace(/@.*$/, '').replace(/^.*\//, '');
|
|
|
|
}
|
|
|
|
return value;
|
2010-11-16 18:10:40 -06:00
|
|
|
};
|
Certificate management for services.
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.
On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.
On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.
The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.
All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
2010-10-07 14:02:44 -05:00
|
|
|
|
2012-06-12 07:28:30 -05:00
|
|
|
var that = IPA.cert.load_policy(spec);
|
2010-11-16 18:10:40 -06:00
|
|
|
return that;
|
2011-02-16 07:26:35 -06:00
|
|
|
};
|
2011-11-02 14:07:07 -05:00
|
|
|
|
|
|
|
IPA.register('service', IPA.service.entity);
|