IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Certificate management for services.

Browse Source 
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.

On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.

On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.

The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.

All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
This commit is contained in:
Endi S. Dewata 2010-10-07 14:02:44 -05:00 committed by Adam Young
parent 81fe26bdcf
commit 1dc0a3ab3e
15 changed files with 546 additions and 384 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

348
install/static/details.js
View File

@ -1,6 +1,7 @@
/* Authors:
* Pavel Zuna <pzuna@redhat.com>
* Adam Young <ayoung@redhat.com>
* Endi S. Dewata <edewata@redhat.com>
*
* Copyright (C) 2010 Red Hat
* see file 'COPYING' for use and warranty information
@ -23,35 +24,35 @@
/* REQUIRES: ipa.js */
var IPA_DETAILS_POPULATE = 1;
var IPA_DETAILS_UPDATE = 2;
var ipa_details_cache = {};
function ipa_details_create(obj_name, dls, container)
function ipa_details_create(container, sections)
{
if (!container) {
alert('ERROR: ipa_details_create: Missing container argument!');
return;
}
var obj_name = container.attr('id');
container.attr('title', obj_name);
container.addClass('details-container');
var details = $('<div/>', {
class: 'details'
'class': 'details'
}).appendTo(container);
details.append('<div class="details-buttons"></div>');
var jobj = details.children().last();
jobj.append('<a class="details-reset ui-state-default ui-corner-all input_link " href="jslink"><span class="ui-icon ui-icon-refresh" ></span> Reset</a>');
jobj.append('<a class="details-update ui-state-default ui-corner-all input_link " href="jslink"><span class="ui-icon ui-icon-check" ></span>Update</a>');
var buttons = $('<div/>', {
'class': 'details-buttons'
}).appendTo(details);
buttons.append('<a class="details-reset ui-state-default ui-corner-all input_link " href="jslink"><span class="ui-icon ui-icon-refresh" ></span> Reset</a>');
buttons.append('<a class="details-update ui-state-default ui-corner-all input_link " href="jslink"><span class="ui-icon ui-icon-check" ></span>Update</a>');
details.append('<hr />');
for (var i = 0; i < dls.length; ++i) {
var d = dls[i];
ipa_generate_dl(details.children().last(), d[0], d[1], d[2]);
for (var i = 0; i < sections.length; ++i) {
var section = sections[i];
ipa_details_section_setup(container, details, section);
}
details.append('<div class="details-back"></div>');
@ -60,49 +61,61 @@ function ipa_details_create(obj_name, dls, container)
}
function ipa_generate_dl(jobj, id, name, dts)
function ipa_details_section_setup(container, details, section)
{
if (!dts)
var id = section.name;
var name = section.label;
var fields = section.fields;
if (!fields)
return;
var parent = jobj.parent();
var obj_name = parent.attr('title');
parent.append($("<h2/>",{
details.append($("<h2/>",{
click: function(){_h2_on_click(this)},
html:"&#8722; "+name
}));
var dl = $('<dl></dl>',{
id:id,
"class":"entryattrs"})
"class":"entryattrs"
}).appendTo(details);
for (var i = 0; i < dts.length; ++i) {
var label = '';
var param_info = ipa_get_param_info(obj_name, dts[i][0]);
if (param_info)
label = param_info['label'];
if ((!label) && (dts[i].length > 1))
label = dts[i][1];
for (var i = 0; i < fields.length; ++i) {
var field = fields[i];
var title = dts[i][0];
if (typeof dts[i][2] == 'function')
title = 'call_' + dts[i][2].name;
dl.append(
$('<dt></dt>', {
title: title,
html: label + ':',
})
);
if (field.setup) {
field.setup.call(field, container, dl, section);
} else {
ipa_details_field_setup.call(field, container, dl, section);
}
}
parent.append(dl);
parent.append('<hr/>');
details.append('<hr/>');
}
function ipa_details_load(jobj, pkey, on_win, on_fail)
function ipa_details_field_setup(container, dl, section) {
var obj_name = container.attr('title');
var title = this.name;
var label = '';
var param_info = ipa_get_param_info(obj_name, this.name);
if (param_info)
label = param_info['label'];
if (!label)
label = this.label;
$('<dt></dt>', {
id: this.name,
title: title,
html: label + ':'
}).appendTo(dl);
}
function ipa_details_load(container, pkey, on_win, on_fail)
{
var obj_name = jobj.attr('id');
var obj_name = container.attr('id');
function load_on_win(data, text_status, xhr) {
if (on_win)
@ -112,18 +125,18 @@ function ipa_details_load(jobj, pkey, on_win, on_fail)
var result = data.result.result;
ipa_details_cache[obj_name] = $.extend(true, {}, result);
ipa_details_display(obj_name, result);
};
ipa_details_display(container, result);
}
function load_on_fail(xhr, text_status, error_thrown) {
if (on_fail)
on_fail(xhr, text_status, error_thrown);
var details = $('.details', jobj).empty();
var details = $('.details', container).empty();
details.append('<p>Error: '+error_thrown.name+'</p>');
details.append('<p>URL: '+this.url+'</p>');
details.append('<p>'+error_thrown.message+'</p>');
};
}
var params = [pkey];
if (!pkey){
@ -133,8 +146,10 @@ function ipa_details_load(jobj, pkey, on_win, on_fail)
'show', params, {all: true}, load_on_win, load_on_fail, obj_name
);
}
function ipa_details_update(obj_name, pkey, on_win, on_fail)
function ipa_details_update(container, pkey, on_win, on_fail)
{
var obj_name = container.attr('id');
function update_on_win(data, text_status, xhr) {
if (on_win)
on_win(data, text_status, xhr);
@ -143,79 +158,76 @@ function ipa_details_update(obj_name, pkey, on_win, on_fail)
var result = data.result.result;
ipa_details_cache[obj_name] = $.extend(true, {}, result);
ipa_details_display(obj_name, result);
};
ipa_details_display(container, result);
}
function update_on_fail(xhr, text_status, error_thrown) {
if (on_fail)
on_fail(xhr, text_status, error_thrown);
};
}
if (!pkey)
return;
var selector = '.details-container[title=' + obj_name + ']';
var values;
var modlist = {'all': true, 'setattr': [], 'addattr': []};
var attrs_wo_option = {};
$(selector + ' .entryattrs input').each(function () {
var jobj = $(this);
var sections = ipa_entity_get_details_sections(obj_name);
for (var i=0; i<sections.length; i++) {
var section = sections[i];
var fields = section.fields;
if (!fields) continue;
var dt = jobj.parent().prevAll('dt').slice(0, 1);
if (!dt)
return;
for (var j=0; j<fields.length; j++) {
var field = fields[j];
var attr = dt.attr('title');
if (!attr || attr.indexOf('call_') == 0)
return;
var value = jQuery.trim(jobj.val());
if (field.save) {
values = field.save.call(field, container);
var param_info = ipa_get_param_info(obj_name, attr);
if (param_info) {
modlist[attr] = value;
return;
} else {
values = ipa_details_field_save.call(field, container);
}
var param_info = ipa_get_param_info(obj_name, field.name);
if (param_info) {
if (param_info['primary_key']) continue;
if (values.length) modlist[field.name] = values[0];
} else {
if (values.length) attrs_wo_option[field.name] = values;
}
}
if (!attrs_wo_option[attr])
attrs_wo_option[attr] = [];
attrs_wo_option[attr].push(value);
});
$(selector + ' .entryattrs dt').each(function () {
var jobj = $(this);
var attr = jobj.attr('title');
if (!attr)
return;
if (attr.indexOf('call_') == 0) {
var func = window[attr.substr(5)];
if (func)
func(jobj, modlist, IPA_DETAILS_UPDATE);
return;
}
var param_info = ipa_get_param_info(obj_name, attr);
if (param_info && param_info['primary_key'])
return;
var next = jobj.next('dd');
if ((!next.length) || (!next.children('input').length))
attrs_wo_option[attr] = [''];
});
}
for (attr in attrs_wo_option) {
var values = attrs_wo_option[attr];
values = attrs_wo_option[attr];
modlist['setattr'].push(attr + '=' + values[0]);
for (var i = 1; i < values.length; ++i)
modlist['addattr'].push(attr + '=' + values[i]);
}
ipa_cmd('mod', [pkey], modlist, update_on_win, update_on_fail, obj_name);
}
function ipa_details_field_save(container) {
var field = this;
var values = [];
var dd = $('dd[title='+field.name+']', container);
dd.each(function () {
var input = $('input', dd);
if (!input.length) return;
var value = $.trim(input.val());
if (!value) value = '';
values.push(value);
});
return values;
}
/* HTML templates for ipa_details_display() */
var _ipa_a_add_template =
'<a href="jslink" onclick="return (_ipa_add_on_click(this))" title="A">Add</a>';
@ -237,83 +249,104 @@ var _ipa_span_hint_template = '<span class="attrhint">Hint: D</span>';
* arguments:
* entry_attrs - 'result' field as returned by ipa *-show commnads
* (basically an associative array with attr:value pairs) */
function ipa_details_display(obj_name, entry_attrs)
function ipa_details_display(container, entry_attrs)
{
var selector = '.details-container[title=' + obj_name + ']';
var obj_name = container.attr('id');
/* remove all <dd> tags i.e. all attribute values */
$(selector + ' .entryattrs dd').remove();
$('dd', container).remove();
/* go through all <dt> tags and pair them with newly created <dd>s */
$(selector + ' .entryattrs dt').each(function () {
var jobj = $(this);
var sections = ipa_entity_get_details_sections(obj_name);
for (var i=0; i<sections.length; i++) {
var section = sections[i];
var fields = section.fields;
if (!fields) continue;
var attr = jobj.attr('title');
if (attr.indexOf('call_') == 0) {
/* title contains callback instead of attribute name */
var func = window[attr.substr(5)];
if (func)
func(jobj, entry_attrs, IPA_DETAILS_POPULATE);
else
jobj.after(_ipa_dd_first_template.replace('I', '-'));
} else {
/* title contains attribute name - default behaviour */
var multivalue = false;
var hint_span = null;
for (var j=0; j<fields.length; j++) {
var field = fields[j];
var dt = $('dt[title='+field.name+']', container);
if (!dt.length) continue;
var param_info = ipa_get_param_info(obj_name, attr);
if (param_info) {
if (param_info['multivalue'] || param_info['class'] == 'List')
multivalue = true;
var hint = param_info['hint'];
if (hint){
hint_span = $("<span />",{
"class":"attrhint",
html:"Hint: " + hint});
}
}
if (field.load) {
field.load.call(field, dt, entry_attrs);
var value = entry_attrs[attr];
if (value) {
ipa_insert_first_dd(
jobj, ipa_create_input(obj_name, attr, value[0],hint_span)
);
for (var i = 1; i < value.length; ++i) {
jobj = jobj.next();
ipa_insert_other_dd(
jobj, ipa_create_input(obj_name, attr, value[i],hint_span)
);
}
if (multivalue) {
ipa_insert_other_dd(
jobj.next(), _ipa_a_add_template.replace('A', attr)
);
}
} else {
if (multivalue) {
ipa_insert_first_dd(
jobj, _ipa_a_add_template.replace('A', attr) /*.append( hint_span)*/
);
} else {
ipa_insert_first_dd(
jobj, ipa_create_input(obj_name, attr, '')/*.append( hint_span)*/
);
}
ipa_details_field_load.call(field, container, dt, entry_attrs);
}
}
});
}
}
function ipa_details_field_load(container, dt, entry_attrs) {
var obj_name = container.attr('id');
function ipa_insert_first_dd(jobj, content)
{
jobj.after( $('<dd class="first"></dd>').append(content))
var multivalue = false;
var hint_span = null;
var dd;
var param_info = ipa_get_param_info(obj_name, this.name);
if (param_info) {
if (param_info['multivalue'] || param_info['class'] == 'List')
multivalue = true;
var hint = param_info['hint'];
if (hint){
hint_span = $('<span />',{
'class': 'attrhint',
'html': 'Hint: ' + hint});
}
}
var value = entry_attrs[this.name];
if (value) {
dd = ipa_create_first_dd(
this.name, ipa_create_input(obj_name, this.name, value[0],hint_span)
);
dt.after(dd);
var last_dd = dd;
for (var i = 1; i < value.length; ++i) {
dd = ipa_create_other_dd(
this.name, ipa_create_input(obj_name, this.name, value[i],hint_span)
);
last_dd.after(dd);
last_dd = dd;
}
if (multivalue) {
dd = ipa_create_other_dd(
this.name, _ipa_a_add_template.replace('A', this.name)
);
last_dd.after(dd);
}
} else {
if (multivalue) {
dd = ipa_create_first_dd(
this.name, _ipa_a_add_template.replace('A', this.name) /*.append(hint_span)*/
);
dt.after(dd);
} else {
dd = ipa_create_first_dd(
this.name, ipa_create_input(obj_name, this.name, '') /*.append(hint_span)*/
);
dt.after(dd);
}
}
}
function ipa_insert_other_dd(jobj, content)
function ipa_create_first_dd(field_name, content)
{
jobj.after($('<dd class="other"></dd>').append(content));
return $('<dd/>', {
'class': 'first',
'title': field_name
}).append(content);
}
function ipa_create_other_dd(field_name, content)
{
return $('<dd/>', {
'class': 'other',
'title': field_name
}).append(content);
}
@ -412,15 +445,17 @@ function _ipa_create_text_input(attr, value, param_info)
})).after($("<span/>",{
html:"Does not match pattern",
"class":"ui-state-error ui-corner-all",
style:"display:none",
style:"display:none"
}));
}
function ipa_details_reset(obj_name)
function ipa_details_reset(container)
{
var obj_name = container.attr('id');
if (ipa_details_cache[obj_name]){
ipa_details_display(obj_name, ipa_details_cache[obj_name]);
ipa_details_display(container, ipa_details_cache[obj_name]);
}
}
@ -435,7 +470,8 @@ function _ipa_add_on_click(obj)
var obj_name = jobj.closest('.details-container').attr('title');
par.prepend(ipa_create_input(obj_name, attr, ''));
ipa_insert_other_dd(par, _ipa_a_add_template.replace('A', attr));
var dd = ipa_create_other_dd(field.name, _ipa_a_add_template.replace('A', attr));
par.after(dd);
jobj.next('input').focus();
jobj.remove();
@ -448,7 +484,7 @@ function _ipa_remove_on_click(obj)
var attr = jobj.attr('title');
var par = jobj.parent();
var next = par.next('dd');
var next = par.next('dd[title='+attr+']');
if (next.length) {
if (par.hasClass('first')) {
var hint = par.children('span').detach();

50
install/static/entity.js
View File

@ -44,6 +44,13 @@ function ipa_entity_set_details_definition(obj_name, data)
ipa_entity_details_list[obj_name] = data;
}
function ipa_entity_get_details_sections(obj_name)
{
var sections = ipa_entity_details_list[obj_name];
if (sections) return sections;
return [];
}
function ipa_entity_set_association_definition(obj_name, data)
{
ipa_entity_association_list[obj_name] = data;
@ -95,25 +102,25 @@ function ipa_entity_setup(container, unspecified)
}
}
function _ipa_entity_setup(jobj,unspecified) {
function _ipa_entity_setup(container, unspecified) {
var obj_name = jobj.attr('id');
var obj_name = container.attr('id');
function reset_on_click() {
ipa_details_reset(obj_name);
ipa_details_reset(container);
return (false);
};
}
function update_on_click() {
var pkey_name = ipa_objs[obj_name].primary_key;
ipa_details_update(obj_name, ipa_details_cache[obj_name][pkey_name][0]);
ipa_details_update(container, ipa_details_cache[obj_name][pkey_name][0]);
return (false);
};
}
function new_on_click() {
add_dialog_create(obj_name, ipa_entity_add_list[obj_name]);
return (false);
};
}
function switch_view() {
var enroll_obj_name = $(this).attr('title');
@ -126,11 +133,11 @@ function _ipa_entity_setup(jobj,unspecified) {
state[obj_name + '-enroll'] = '';
}
$.bbq.pushState(state);
};
}
function setup_search_facet() {
var filter = $.bbq.getState(obj_name + '-filter', true) || '';
search_create(obj_name, ipa_entity_search_list[obj_name], jobj);
search_create(obj_name, ipa_entity_search_list[obj_name], container);
$('<input />',{
type:"submit",
@ -138,20 +145,21 @@ function _ipa_entity_setup(jobj,unspecified) {
click:new_on_click
}).appendTo($( "div#" + obj_name + " > div.search-controls"));
search_load(jobj, filter, null, null);
};
search_load(container, filter, null, null);
}
function setup_details_facet(unspecified) {
var pkey = $.bbq.getState(obj_name + '-pkey', true);
ipa_entity_generate_views(obj_name, jobj, switch_view);
ipa_details_create(obj_name, ipa_entity_details_list[obj_name], jobj);
jobj.find('.details-reset').click(reset_on_click);
jobj.find('.details-update').click(update_on_click);
ipa_entity_generate_views(obj_name, container, switch_view);
var sections = ipa_entity_get_details_sections(obj_name);
ipa_details_create(container, sections);
container.find('.details-reset').click(reset_on_click);
container.find('.details-update').click(update_on_click);
if (pkey||unspecified){
ipa_details_load(jobj, pkey, null, null);
ipa_details_load(container, pkey, null, null);
}
};
}
function setup_associate_facet() {
var pkey = $.bbq.getState(obj_name + '-pkey', true) || '';
@ -170,15 +178,15 @@ function _ipa_entity_setup(jobj,unspecified) {
var method = association_config ? association_config.method : null;
var frm = new AssociationList(
obj_name, pkey, enroll_obj_name, columns, jobj,
obj_name, pkey, enroll_obj_name, columns, container,
associator, method
);
ipa_entity_generate_views(obj_name, jobj, switch_view);
ipa_entity_generate_views(obj_name, container, switch_view);
frm.setup();
};
}
jobj.empty();
container.empty();
var facet = $.bbq.getState(obj_name + '-facet', true) ||
unspecified || 'search';

10
install/static/group.js
View File

@ -37,11 +37,11 @@ ipa_entity_set_add_definition('group', [
]);
ipa_entity_set_details_definition('group', [
['identity', 'Group Details', [
['cn', 'Group Name'],
['description', 'Description'],
['gidnumber', 'Group ID']
]]
{name:'identity', label:'Group Details', fields:[
{name:'cn', label:'Group Name'},
{name:'description', label:'Description'},
{name:'gidnumber', label:'Group ID'}
]}
]);
ipa_entity_set_association_definition('group', {

10
install/static/host.js
View File

@ -35,11 +35,11 @@ ipa_entity_set_add_definition('host', [
]);
ipa_entity_set_details_definition('host', [
['host', 'Host Details', [
['fqdn', 'Fully Qualified Domain Name', null],
['krbprincipalname', 'Kerberos Principal', null],
['serverhostname', 'Server Host Name', null]
]]
{name:'host', label:'Host Details', fields:[
{name:'fqdn', label:'Fully Qualified Domain Name'},
{name:'krbprincipalname', label:'Kerberos Principal'},
{name:'serverhostname', label:'Server Host Name'}
]}
]);
ipa_entity_set_association_definition('host', {

8
install/static/hostgroup.js
View File

@ -34,8 +34,8 @@ ipa_entity_set_add_definition('hostgroup', [
]);
ipa_entity_set_details_definition('hostgroup', [
['identity', 'Hostgroup Details', [
['cn', 'Name', null],
['description', 'Description', null]
]]
{name:'identity', label:'Hostgroup Details', fields:[
{name:'cn', label:'Name'},
{name:'description', label:'Description'}
]}
]);

10
install/static/netgroup.js
View File

@ -34,10 +34,10 @@ ipa_entity_set_add_definition('netgroup', [
]);
ipa_entity_set_details_definition('netgroup', [
['identity', 'Netgroup Details', [
['cn', 'Name', null],
['description', 'Description', null],
['nisdomainname', 'NIS Domain', null]
]]
{name:'identity', label:'Netgroup Details', fields:[
{name:'cn', label:'Name'},
{name:'description', label:'Description'},
{name:'nisdomainname', label:'NIS Domain'}
]}
]);

90
install/static/policy.js
View File

@ -28,21 +28,21 @@ ipa_entity_set_search_definition('hbac', [
ipa_entity_set_add_definition('hbac', [
'dialog-add-hbac', 'Add New Zone', [
['cn', 'Name', null],
['cn', 'Name', null]
]
]);
ipa_entity_set_details_definition('hbac', [
['identity', 'HBAC Details', [
['cn', 'HBAC Name'],
["accessruletype", "Rule Type"],
[ "description", "Description"],
["hostcategory", "Host Category"],
["ipaenabledflag", "Enabled"],
["servicecategory", "Service Category"],
["sourcehostcategory", "Source Host Category"],
["usercategory", "User Category"]
]]
{name:'identity', label:'HBAC Details', fields:[
{name:'cn', label:'HBAC Name'},
{name:'accessruletype', label:'Rule Type'},
{name:'description', label:'Description'},
{name:'hostcategory', label:'Host Category'},
{name:'ipaenabledflag', label:'Enabled'},
{name:'servicecategory', label:'Service Category'},
{name:'sourcehostcategory', label:'Source Host Category'},
{name:'usercategory', label:'User Category'}
]}
]);
ipa_entity_set_association_definition('hbac', {
@ -58,26 +58,26 @@ ipa_entity_set_add_definition('dns', [
'dialog-add-dns', 'Add New Zone', [
['idnsname', 'Name', null],
['idnssoamname', 'Authoritative name server'],
['idnssoarname','administrator e-mail address'],
['idnssoarname','administrator e-mail address']
]
]);
ipa_entity_set_details_definition('dns', [
['identity', 'DNS Zone Details', [
['idnsname', 'DNS Name'],
['idnszoneactive', 'Zone Active'],
['idnssoamname', 'Authoritative name server'],
['idnssoarname','administrator e-mail address'],
['idnssoaserial', 'SOA serial'],
['idnssoarefresh', 'SOA refresh'],
['idnssoaretry', 'SOA retry'],
['idnssoaexpire','SOA expire'],
['idnssoaminimum', 'SOA minimum'],
['dnsttl','SOA time to live'],
['dnsclass','SOA class'],
['idnsallowdynupdate','allow dynamic update?'],
['idnsupdatepolicy', 'BIND update policy'],
]]
{name:'identity', label:'DNS Zone Details', fields:[
{name:'idnsname', label:'DNS Name'},
{name:'idnszoneactive', label:'Zone Active'},
{name:'idnssoamname', label:'Authoritative name server'},
{name:'idnssoarname', label:'administrator e-mail address'},
{name:'idnssoaserial', label:'SOA serial'},
{name:'idnssoarefresh', label:'SOA refresh'},
{name:'idnssoaretry', label:'SOA retry'},
{name:'idnssoaexpire',label:'SOA expire'},
{name:'idnssoaminimum', label:'SOA minimum'},
{name:'dnsttl', label:'SOA time to live'},
{name:'dnsclass', label:'SOA class'},
{name:'idnsallowdynupdate', label:'allow dynamic update?'},
{name:'idnsupdatepolicy', label:'BIND update policy'}
]}
]);
ipa_entity_set_association_definition('dns', {
@ -94,14 +94,15 @@ ipa_entity_set_search_definition('automountlocation', [
ipa_entity_set_add_definition('automountlocation', [
'dialog-add-location', 'Add New Location', [
['cn', 'Name', null],
['cn', 'Name', null]
]
]);
ipa_entity_set_details_definition('automountlocation', [
['identity', 'Automount Location Details', [
['cn', 'Automount Location'],]
]]);
{name:'identity', label:'Automount Location Details', fields:[
{name:'cn', label:'Automount Location'}
]}
]);
ipa_entity_set_association_definition('automountlocation', {
});
@ -117,18 +118,18 @@ ipa_entity_set_search_definition('pwpolicy', [
ipa_entity_set_add_definition('pwpolicy', [
'dialog-add-dns', 'Add New Location', [
['cn', 'Name', null],
['cn', 'Name', null]
]
]);
ipa_entity_set_details_definition('pwpolicy', [
['identity', 'Password Policy', [
["krbmaxpwdlife","Max Password Life"],
["krbminpwdlife","Min Password Life"],
["krbpwdhistorylength","Password History Length"],
["krbpwdmindiffchars", "Min Different Characters"],
["krbpwdminlength", "Password Minimum Length"]
]]
{name:'identity', label:'Password Policy', fields:[
{name:'krbmaxpwdlife', label:'Max Password Life'},
{name:'krbminpwdlife', label:'Min Password Life'},
{name:'krbpwdhistorylength', label:'Password History Length'},
{name:'krbpwdmindiffchars', label:'Min Different Characters'},
{name:'krbpwdminlength', label:'Password Minimum Length'}
]}
]);
ipa_entity_set_association_definition('pwpolicy', {
@ -141,11 +142,12 @@ ipa_entity_set_association_definition('pwpolicy', {
*/
ipa_entity_set_details_definition('krbtpolicy', [
['identity', 'Krbtpolicy Location Details', [
['cn', 'Krbtpolicy Location'],
["krbmaxrenewableage", "Max Renewable Age"],
["krbmaxticketlife", "Max Ticket Life"]
]]]);
{name:'identity', label:'Krbtpolicy Location Details', fields:[
{name:'cn', label:'Krbtpolicy Location'},
{name:'krbmaxrenewableage', label:'Max Renewable Age'},
{name:'krbmaxticketlife', label:'Max Ticket Life'}
]}
]);
ipa_entity_set_association_definition('krbtpolicy', {
});

52
install/static/serverconfig.js
View File

@ -37,10 +37,10 @@ ipa_entity_set_add_definition('aci', [
]);
ipa_entity_set_details_definition('aci', [
['ipaserver', 'Aci Details', [
['cn', 'Name', null],
['description', 'Description', null],
]]
{name:'ipaserver', label:'Aci Details', fields:[
{name:'cn', label:'Name'},
{name:'description', label:'Description'}
]}
]);
@ -60,10 +60,10 @@ ipa_entity_set_add_definition('taskgroup', [
]);
ipa_entity_set_details_definition('taskgroup', [
['ipaserver', 'Taskgroup Details', [
['cn', 'Name', null],
['description', 'Description', null],
]]
{name:'ipaserver', label:'Taskgroup Details', fields:[
{name:'cn', label:'Name'},
{name:'description', label:'Description'}
]}
]);
ipa_entity_set_association_definition('rolegroup', {
@ -89,10 +89,10 @@ ipa_entity_set_add_definition('rolegroup', [
]);
ipa_entity_set_details_definition('rolegroup', [
['ipaserver', 'Rolegroup Details', [
['cn', 'Name', null],
['description', 'Description', null],
]]
{name:'ipaserver', label:'Rolegroup Details', fields:[
{name:'cn', label:'Name'},
{name:'description', label:'Description'}
]}
]);
ipa_entity_set_association_definition('rolegroup', {
@ -101,18 +101,18 @@ ipa_entity_set_association_definition('rolegroup', {
/* Configuration */
ipa_entity_set_details_definition('config',[
['ipaserver', 'Configuration', [
['cn', 'Name', null],
['description', 'Description', null],
['ipacertificatesubjectbase', 'Certificat Subject Base',null],
[ 'ipadefaultloginshell', 'Default Login Shell',null],
['ipadefaultprimarygroup', 'Default Primary Group',null],
['ipagroupsearchfields', 'Group Search Fields',null],
['ipahomesrootdir', 'Home Root Dir',null],
['ipamaxusernamelength', 'Max Username Length',null],
['ipamigrationenabled', 'Migration enabled?',null],
['ipasearchrecordslimit', 'Search Record Limit',null],
['ipasearchtimelimit', 'Search Time Limit',null],
['ipausersearchfields', 'User Search Fields',null]
]]
{name:'ipaserver', label:'Configuration', fields:[
{name:'cn', label:'Name'},
{name:'description', label:'Description'},
{name:'ipacertificatesubjectbase', label:'Certificat Subject Base'},
{name:'ipadefaultloginshell', label:'Default Login Shell'},
{name:'ipadefaultprimarygroup', label:'Default Primary Group'},
{name:'ipagroupsearchfields', label:'Group Search Fields'},
{name:'ipahomesrootdir', label:'Home Root Dir'},
{name:'ipamaxusernamelength', label:'Max Username Length'},
{name:'ipamigrationenabled', label:'Migration enabled?'},
{name:'ipasearchrecordslimit', label:'Search Record Limit'},
{name:'ipasearchtimelimit', label:'Search Time Limit'},
{name:'ipausersearchfields', label:'User Search Fields'}
]}
]);

75
install/static/service.js
View File

@ -29,18 +29,21 @@ ipa_entity_set_add_definition('service', [
'dialog-add-service', 'Add New Service', [
['krbprincipalname', 'Principal', service_add_krbprincipalname],
['service', 'Service', null],
['host', 'Host Name', null],
['host', 'Host Name', null]
]
]);
ipa_entity_set_details_definition('service', [
['identity', 'Service Details', [
['krbprincipalname', 'Principal', null],
]]
{name:'identity', label:'Service Details', fields:[
{name:'krbprincipalname', label:'Principal', setup:service_krbprincipalname_setup, load:service_krbprincipalname_load},
{name:'service', label:'Service', load:service_service_load},
{name:'host', label:'Host Name', load:service_host_load},
{name:'usercertificate', label:'Certificate', load:service_usercertificate_load, save:service_usercertificate_save}
]}
]);
function service_add_krbprincipalname(add_dialog, flag) {
if (flag == IPA_ADD_UPDATE) {
function service_add_krbprincipalname(add_dialog, mode) {
if (mode == IPA_ADD_UPDATE) {
var service = add_dialog.find('input[name=service]').val();
var host = add_dialog.find('input[name=host]').val();
return service+'/'+host;
@ -51,3 +54,63 @@ function service_add_krbprincipalname(add_dialog, flag) {
ipa_entity_set_association_definition('service', {
'host': { method: 'add_host' }
});
function service_krbprincipalname_setup(container, dl, section) {
// skip krbprincipalname
}
function service_krbprincipalname_load(dt, result) {
// skip krbprincipalname
}
function service_service_load(dt, result) {
var krbprincipalname = result['krbprincipalname'][0];
var service = krbprincipalname.replace(/\/.*$/, '');
var dd = ipa_create_first_dd(this.name, service);
dt.after(dd);
}
function service_host_load(dt, result) {
var krbprincipalname = result['krbprincipalname'][0];
var host = krbprincipalname.replace(/^.*\//, '');
var dd = ipa_create_first_dd(this.name, host);
dt.after(dd);
}
function service_usercertificate_load(dt, result) {
var textarea = $("<textarea/>", {
title: 'usercertificate',
style: 'width: 300px; height: 200px;'
});
var dd = ipa_create_first_dd(this.name, textarea);
dt.after(dd);
var usercertificate = result['usercertificate'];
if (!usercertificate) return;
var value = usercertificate[0].__base64__;
textarea.val(value);
}
function service_usercertificate_save(container) {
var field = this;
var values = [];
var dd = $('dd[title='+field.name+']', container);
dd.each(function () {
var textarea = $('textarea', dd);
if (!textarea.length) return;
var value = $.trim(textarea.val());
if (value) {
value = {'__base64__': value};
} else {
value = '';
}
values.push(value);
});
return values;
}

25
install/static/test/data/json_metadata.json
View File

@ -2865,6 +2865,31 @@
"query": false,
"required": true,
"type": "unicode"
},
{
"attribute": false,
"autofill": false,
"class": "Bytes",
"cli_name": "certificate",
"cli_short_name": null,
"default": null,
"doc": "Base-64 encoded server certificate",
"exclude": null,
"flags": [],
"hint": null,
"include": null,
"label": "Certificate",
"length": null,
"maxlength": null,
"minlength": null,
"multivalue": false,
"name": "usercertificate",
"pattern": null,
"pattern_errmsg": null,
"primary_key": false,
"query": false,
"required": false,
"type": "str"
}
],
"uuid_attribute": "ipauniqueid"

21
install/static/test/data/service_mod.json Normal file
View File

@ -0,0 +1,21 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"krbprincipalname": [
"test/dev.example.com@DEV.EXAMPLE.COM"
],
"managedby_host": [
"dev.example.com"
],
"usercertificate": [
{
"__base64__": "MIICAjCCAWugAwIBAgICBAswDQYJKoZIhvcNAQEFBQAwKTEnMCUGA1UEAxMeSVBBIFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEwMTAwNzIzMzk0NFoXDTE1MTAwNzIzMzk0NFowKDEMMAoGA1UECgwDSVBBMRgwFgYDVQQDDA9kZXYuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOTXyj8grVB7Rj95RFawgdwn9OYZ03LWHZ+HMYggu2/xCCrUrdThP14YBlVqZumjVJSclj6T4ACjjdPJq9JTTmx7gMizDTReus7IPlS6fCxb5v5whQJZsEksXL04OxUMl25euPRFkYcTK1rdW47+AkG10j1qeNW+B6CpdQGR6eM/AgMBAAGjOjA4MBEGCWCGSAGG+EIBAQQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEASIhq723VL5xP0q51MYXFlGU1boD7pPD1pIQspD/MjCIEupcbH2kAo4wf+EiKsXR0rs+WZkaSgvFqaM4OQ2kWSFTiqmFXFDBEi6EFr68yLg7IpQpNTzVBXERd8B4GwNL9wrRw60jPXlUK29DPBsdGq8fDgX18l39wKkWXv7p1to4="
}
]
},
"summary": "Modified service \"test/dev.example.com@DEV.EXAMPLE.COM\"",
"value": "test/dev.example.com@DEV.EXAMPLE.COM"
}
}

5
install/static/test/data/service_show.json
View File

@ -10,6 +10,11 @@
],
"managedby_host": [
"dev.example.com"
],
"usercertificate": [
{
"__base64__": "MIICAjCCAWugAwIBAgICBAswDQYJKoZIhvcNAQEFBQAwKTEnMCUGA1UEAxMeSVBBIFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEwMTAwNzIzMzk0NFoXDTE1MTAwNzIzMzk0NFowKDEMMAoGA1UECgwDSVBBMRgwFgYDVQQDDA9kZXYuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOTXyj8grVB7Rj95RFawgdwn9OYZ03LWHZ+HMYggu2/xCCrUrdThP14YBlVqZumjVJSclj6T4ACjjdPJq9JTTmx7gMizDTReus7IPlS6fCxb5v5whQJZsEksXL04OxUMl25euPRFkYcTK1rdW47+AkG10j1qeNW+B6CpdQGR6eM/AgMBAAGjOjA4MBEGCWCGSAGG+EIBAQQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEASIhq723VL5xP0q51MYXFlGU1boD7pPD1pIQspD/MjCIEupcbH2kAo4wf+EiKsXR0rs+WZkaSgvFqaM4OQ2kWSFTiqmFXFDBEi6EFr68yLg7IpQpNTzVBXERd8B4GwNL9wrRw60jPXlUK29DPBsdGq8fDgX18l39wKkWXv7p1to4="
}
]
},
"summary": null,

83
install/static/test/details_tests.js
View File

@ -22,26 +22,37 @@
test("Testing ipa_details_create().", function() {
var details = [
['identity', 'Entity Details', [
['cn', 'Entity Name'],
['description', 'Description'],
['number', 'Entity ID']
]]
var fields = [
{name:'cn', label:'Entity Name'},
{name:'description', label:'Description'},
{name:'number', label:'Entity ID'}
];
var identity = details[0];
var attrs=identity[2];
var sections = [
{name:'identity', label:'Entity Details', fields:fields}
];
var identity = sections[0];
var key = 'entity';
var container = $("<div/>",{id: "container"});
ipa_details_create(key, details, container)
var container = $("<div/>",{id: key});
ipa_details_create(container, sections);
same(container[0].title,key);
same(
container[0].title, key,
"Checking container name"
);
var dl = container.find('dl#identity');
ok(dl );
ok(
dl,
"Checking section"
);
same(dl[0].children.length, attrs.length);
same(
dl[0].children.length, fields.length,
"Checking fields"
);
});
@ -60,33 +71,39 @@ test("Testing _ipa_create_text_input().", function(){
test("Testing ipa_generate_dl()",function(){
test("Testing ipa_details_section_setup()",function(){
var details = [
['cn', 'Entity Name'],
['description', 'Description'],
['number', 'Entity ID']
var fields = [
{name:'cn', label:'Entity Name'},
{name:'description', label:'Description'},
{name:'number', label:'Entity ID'}
];
var name = 'NAMENAMENAME';
var identity = 'IDIDID';
var parent = $("<div/>");
var jobj = $("<div title='entity'/>");
parent.append(jobj);
ipa_generate_dl(jobj, identity,name, details);
ok(parent.find('hr'));
var section = {
name: 'IDIDID',
label: 'NAMENAMENAME',
fields: fields
};
var h2= parent.find('h2');
var container = $("<div title='entity'/>");
var details = $("<div/>");
container.append(details);
ipa_details_section_setup(container, details, section);
ok(container.find('hr'));
var h2= container.find('h2');
ok(h2);
ok(h2[0].innerHTML.indexOf(name) > 1,"find name in html");
ok(h2[0].innerHTML.indexOf(section.label) > 1,"find name in html");
var dl = parent.find('dl');
var dl = container.find('dl');
ok(dl);
same(dl[0].children.length,3);
same(dl[0].id, identity);
same(dl[0].children[0].title,details[0][0]);
same(dl[0].children[0].innerHTML,details[0][1]+":");
same(dl[0].children[2].title,details[2][0]);
same(dl[0].children[2].innerHTML,details[2][1]+":");
same(dl[0].id, section.name);
same(dl[0].children[0].title, fields[0].name);
same(dl[0].children[0].innerHTML, fields[0].label+":");
same(dl[0].children[2].title, fields[2].name);
same(dl[0].children[2].innerHTML, fields[2].label+":");
});

104
install/static/user.js
View File

@ -39,39 +39,39 @@ ipa_entity_set_add_definition('user', [
]);
ipa_entity_set_details_definition('user', [
['identity', 'Identity Details', [
['title', 'Title', null],
['givenname', 'First Name', null],
['sn', 'Last Name', null],
['cn', 'Full Name', null],
['displayname', 'Dispaly Name', null],
['initials', 'Initials', null]
]],
['account', 'Account Details', [
['status', 'Account Status', a_status],
['uid', 'Login', null],
['userpassword', 'Password', a_password],
['uidnumber', 'UID', null],
['gidnumber', 'GID', null],
['homedirectory', 'homedirectory', null]
]],
['contact', 'Contact Details', [
['mail', 'E-mail Address', null],
['telephonenumber', 'Numbers', a_numbers]
]],
['address', 'Mailing Address', [
['street', 'Address', null],
['location', 'City', null],
['state', 'State', a_st],
['postalcode', 'ZIP', null]
]],
['employee', 'Employee Information', [
['ou', 'Org. Unit', null],
['manager', 'Manager', a_manager]
]],
['misc', 'Misc. Information', [
['carlicense', 'Car License', null]
]]
{name:'identity', label:'Identity Details', fields:[
{name:'title', label:'Title'},
{name:'givenname', label:'First Name'},
{name:'sn', label:'Last Name'},
{name:'cn', label:'Full Name'},
{name:'displayname', label:'Dispaly Name'},
{name:'initials', label:'Initials'}
]},
{name:'account', label:'Account Details', fields:[
{name:'status', label:'Account Status', load:user_status_load},
{name:'uid', label:'Login'},
{name:'userpassword', label:'Password', load:user_password_load},
{name:'uidnumber', label:'UID'},
{name:'gidnumber', label:'GID'},
{name:'homedirectory', label:'homedirectory'}
]},
{name:'contact', label:'Contact Details', fields:[
{name:'mail', label:'E-mail Address'},
{name:'telephonenumber', label:'Numbers', load:user_telephonenumber_load}
]},
{name:'address', label:'Mailing Address', fields:[
{name:'street', label:'Address'},
{name:'location', label:'City'},
{name:'state', label:'State', load:user_state_load},
{name:'postalcode', label:'ZIP'}
]},
{name:'employee', label:'Employee Information', fields:[
{name:'ou', label:'Org. Unit'},
{name:'manager', label:'Manager', load:user_manager_load}
]},
{name:'misc', label:'Misc. Information', fields:[
{name:'carlicense', label:'Car License'}
]}
]);
ipa_entity_set_association_definition('user', {
@ -151,29 +151,31 @@ function on_lock_win(data, textStatus, xhr)
/* ATTRIBUTE CALLBACKS */
var toggle_temp = 'S <a href="jslink" onclick="return (toggle_on_click(this))" title="S">Toggle</a>';
function a_status(jobj, result, mode)
function user_status_load(dt, result)
{
if (mode != IPA_DETAILS_POPULATE)
return;
var memberof = result['memberof'];
var dd;
if (memberof) {
for (var i = 0; i < memberof.length; ++i) {
if (memberof[i].indexOf('cn=inactivated,cn=account inactivation') != -1) {
var t = toggle_temp.replace(/S/g, 'Inactive');
ipa_insert_first_dd(jobj, t);
dd = ipa_create_first_dd(this.name, t);
dt.after(dd);
return;
}
}
}
ipa_insert_first_dd(jobj, toggle_temp.replace(/S/g, 'Inactive'));
dd = ipa_create_first_dd(this.name, toggle_temp.replace(/S/g, 'Inactive'));
dt.after(dd);
}
var pwd_temp = '<a href="jslink" onclick="return (resetpwd_on_click(this))" title="A">Reset Password</a>';
function a_password(jobj, result, mode)
function user_password_load(dt, result)
{
if (mode == IPA_DETAILS_POPULATE)
ipa_insert_first_dd(jobj, pwd_temp.replace('A', 'userpassword'));
var dd = ipa_create_first_dd(this.name, pwd_temp.replace('A', 'userpassword'));
dt.after(dd);
}
var select_temp = '<select title="st"></select>';
@ -184,20 +186,18 @@ var states = [
'ME', 'MH', 'MD', 'MA', 'MI', 'MN', 'MS', 'MO', 'MT', 'NE', 'NV',
'NH', 'NJ', 'NM', 'NY', 'NC', 'ND', 'MP', 'OH', 'OK', 'OR', 'PW',
'PA', 'PR', 'RI', 'SC', 'SD', 'TN', 'TX', 'UT', 'VT', 'VI', 'VA',
'WA', 'WV', 'WI', 'WY', '',
'WA', 'WV', 'WI', 'WY', ''
];
function a_st(jobj, result, mode)
function user_state_load(dt, result)
{
if (mode != IPA_DETAILS_POPULATE)
return;
var next = jobj.next();
var next = dt.next();
next.css('clear', 'none');
next.css('width', '70px');
ipa_insert_first_dd(jobj, select_temp);
var dd = ipa_create_first_dd(this.name, select_temp);
dt.after(dd);
var sel = jobj.next().children().first();
var sel = dt.next().children().first();
for (var i = 0; i < states.length; ++i)
sel.append(option_temp.replace(/V/g, states[i]));
@ -208,10 +208,10 @@ function a_st(jobj, result, mode)
sel.val('');
}
function a_numbers(jobj, result, mode)
function user_telephonenumber_load(dt, result)
{
}
function a_manager(jobj, result, mode)
function user_manager_load(dt, result)
{
}

39
ipalib/plugins/service.py
View File

@ -131,7 +131,7 @@ def validate_certificate(ugettext, cert):
"""
For now just verify that it is properly base64-encoded.
"""
if util.isvalid_base64(cert):
if cert and util.isvalid_base64(cert):
try:
base64.b64decode(cert)
except Exception, e:
@ -147,6 +147,9 @@ def normalize_certificate(cert):
Note that this can't be a normalizer on the Param because only unicode
variables are normalized.
"""
if not cert:
return cert
if util.isvalid_base64(cert):
try:
cert = base64.b64decode(cert)
@ -196,6 +199,11 @@ class service(LDAPObject):
primary_key=True,
normalizer=lambda value: normalize_principal(value),
),
Bytes('usercertificate?', validate_certificate,
cli_name='certificate',
label=_('Certificate'),
doc=_('Base-64 encoded server certificate'),
),
)
api.register(service)
@ -212,11 +220,6 @@ class service_add(LDAPCreate):
Flag('force',
doc=_('force principal name even if not in DNS'),
),
Bytes('usercertificate?', validate_certificate,
cli_name='certificate',
label=_('Certificate'),
doc=_('Base-64 encoded server certificate'),
),
)
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
(service, hostname, realm) = split_principal(keys[-1])
@ -287,13 +290,7 @@ class service_mod(LDAPUpdate):
Modify an existing IPA service.
"""
msg_summary = _('Modified service "%(value)s"')
takes_options = LDAPUpdate.takes_options + (
Bytes('usercertificate?', validate_certificate,
cli_name='certificate',
label=_('Certificate'),
doc=_('Base-64 encoded server certificate'),
),
)
takes_options = LDAPUpdate.takes_options
has_output_params = LDAPUpdate.has_output_params + output_params
member_attributes = ['managedby']
@ -326,13 +323,7 @@ class service_find(LDAPSearch):
'%(count)d service matched', '%(count)d services matched'
)
member_attributes = ['managedby']
takes_options = LDAPSearch.takes_options + (
Bytes('usercertificate?', validate_certificate,
cli_name='certificate',
label=_('Certificate'),
doc=_('Base-64 encoded server certificate'),
),
)
takes_options = LDAPSearch.takes_options
has_output_params = LDAPSearch.has_output_params + output_params
def pre_callback(self, ldap, filter, attrs_list, base_dn, *args, **options):
# lisp style!
@ -365,13 +356,7 @@ class service_show(LDAPRetrieve):
Display information about an IPA service.
"""
member_attributes = ['managedby']
takes_options = LDAPRetrieve.takes_options + (
Bytes('usercertificate?', validate_certificate,
cli_name='certificate',
label=_('Certificate'),
doc=_('Base-64 encoded server certificate'),
),
)
takes_options = LDAPRetrieve.takes_options
has_output_params = LDAPRetrieve.has_output_params + output_params
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):