Added sudo options.

A table has been added into sudo rule details page for managing sudo options. Ticket #1447
2025-02-25 18:55:28 -06:00 · 2011-07-09 03:01:46 -05:00
parent 0475340344
commit 3229eee074
7 changed files with 286 additions and 79 deletions
--- a/install/ui/association.js
+++ b/install/ui/association.js
@@ -355,88 +355,77 @@ IPA.association_table_widget = function (spec) {

        that.table_create(container);

-        var buttons = $('span[name=buttons]', container);
+        var button = IPA.action_button({
+            name: 'remove',
+            label: IPA.messages.buttons.remove,
+            icon: 'remove-icon',
+            click: function() {
+                that.remove_handler();
+                return false;
+            }
+        }).appendTo(that.buttons);

-        $('<input/>', {
-            'type': 'button',
-            'name': 'remove',
-            'value': IPA.messages.buttons.remove
-        }).appendTo(buttons);
-
-        $('<input/>', {
-            'type': 'button',
-            'name': 'add',
-            'value': IPA.messages.buttons.add
-        }).appendTo(buttons);
+        button = IPA.action_button({
+            name: 'add',
+            label: IPA.messages.buttons.add,
+            icon: 'add-icon',
+            click: function() {
+                that.add_handler();
+                return false;
+            }
+        }).appendTo(that.buttons);
    };

-    that.setup = function(container) {
-
-        that.table_setup(container);
+    that.add_handler = function() {
+        if ($(this).hasClass('action-button-disabled')) {
+            return;
+        }

        var entity = IPA.get_entity(that.entity_name);
        var facet_name = IPA.current_facet(entity);
        var facet = entity.get_facet(facet_name);

-        var button = $('input[name=remove]', container);
-        button.replaceWith(IPA.action_button({
-            name: 'remove',
-            'label': button.val(),
-            'icon': 'remove-icon',
-            'click': function() {
-                if ($(this).hasClass('action-button-disabled')) {
-                    return false;
-                }
+        if (facet.is_dirty()) {
+            var dialog = IPA.dirty_dialog({
+                facet: facet
+            });

-                if (facet.is_dirty()) {
-                    var dialog = IPA.dirty_dialog({
-                        facet: facet
-                    });
+            dialog.callback = function() {
+                that.show_add_dialog();
+            };

-                    dialog.callback = function() {
-                        that.show_remove_dialog();
-                    };
+            dialog.init();
+            dialog.open(that.container);

-                    dialog.init();
-                    dialog.open(that.container);
+        } else {
+            that.show_add_dialog();
+        }
+    };

-                } else {
-                    that.show_remove_dialog();
-                }
+    that.remove_handler = function() {
+        if ($(this).hasClass('action-button-disabled')) {
+            return;
+        }

-                return false;
-            }
-        }));
+        var entity = IPA.get_entity(that.entity_name);
+        var facet_name = IPA.current_facet(entity);
+        var facet = entity.get_facet(facet_name);

-        button = $('input[name=add]', container);
-        button.replaceWith(IPA.action_button({
-            name: 'add',
-            'label': button.val(),
-            'icon': 'add-icon',
-            'click': function() {
-                if ($(this).hasClass('action-button-disabled')) {
-                    return false;
-                }
+        if (facet.is_dirty()) {
+            var dialog = IPA.dirty_dialog({
+                facet: facet
+            });

-                if (facet.is_dirty()) {
-                    var dialog = IPA.dirty_dialog({
-                        facet: facet
-                    });
+            dialog.callback = function() {
+                that.show_remove_dialog();
+            };

-                    dialog.callback = function() {
-                        that.show_add_dialog();
-                    };
+            dialog.init();
+            dialog.open(that.container);

-                    dialog.init();
-                    dialog.open(that.container);
-
-                } else {
-                    that.show_add_dialog();
-                }
-
-                return false;
-            }
-        }));
+        } else {
+            that.show_remove_dialog();
+        }
    };

    that.set_enabled = function(enabled) {
--- a/install/ui/dialog.js
+++ b/install/ui/dialog.js
@@ -100,7 +100,7 @@ IPA.dialog = function(spec) {
        if (field.conditional){
            that.conditional_fields.push(field.name);
        }
-
+        return field;
    };

    that.field = function(field) {
--- a/install/ui/sudo.js
+++ b/install/ui/sudo.js
@@ -268,13 +268,13 @@ IPA.sudorule_details_facet = function(spec) {
    if (IPA.layout) {
        section = that.create_section({
            'name': 'general',
-            'label': IPA.messages.dialogs.general,
+            'label': IPA.messages.details.general,
            'template': 'sudorule-details-general.html #contents'
        });
    } else {
        section = IPA.sudo.rule_details_general_section({
            'name': 'general',
-            'label': IPA.messages.dialogs.general
+            'label': IPA.messages.details.general
        });
        that.add_section(section);
    }
@@ -283,9 +283,18 @@ IPA.sudorule_details_facet = function(spec) {
    section.textarea({name: 'description'});
    section.radio({name: 'ipaenabledflag'});

+    section = that.add_section(IPA.sudo.options_section({
+        name: 'options',
+        label: IPA.messages.objects.sudorule.options,
+        facet: that
+    }));
+
+    var param_info = IPA.get_entity_param('sudorule', 'usercategory');
+
    section = IPA.rule_details_section({
        'name': 'user',
        'label': IPA.messages.objects.sudorule.user,
+        text: param_info.doc+':',
        'field_name': 'usercategory',
        'options': [
            { 'value': 'all', 'label': IPA.messages.objects.sudorule.anyone },
@@ -313,9 +322,12 @@ IPA.sudorule_details_facet = function(spec) {
        'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user'
    }));

+    param_info = IPA.get_entity_param('sudorule', 'hostcategory');
+
    section = IPA.rule_details_section({
        'name': 'host',
        'label': IPA.messages.objects.sudorule.host,
+        text: param_info.doc+':',
        'field_name': 'hostcategory',
        'options': [
            { 'value': 'all', 'label': IPA.messages.objects.sudorule.any_host },
@@ -554,6 +566,199 @@ IPA.sudorule_details_facet = function(spec) {
    return that;
 };

+IPA.sudo.options_section = function(spec) {
+
+    spec = spec || {};
+
+    var that = IPA.details_section(spec);
+
+    that.facet = spec.facet;
+
+    that.init = function() {
+
+        that.table = that.add_field(IPA.table_widget({
+            name: 'ipasudoopt',
+            show_buttons: true
+        }));
+
+        that.table.create_column({
+            name: 'ipasudoopt',
+            label: IPA.get_method_option('sudorule_add_option', 'ipasudoopt').label,
+            primary_key: true
+        });
+
+        that.table.create = function(container) {
+
+            that.table.table_create(container);
+
+            var button = IPA.action_button({
+                name: 'remove',
+                label: IPA.messages.buttons.remove,
+                icon: 'remove-icon',
+                click: function() {
+                    that.remove_handler();
+                    return false;
+                }
+            }).appendTo(that.table.buttons);
+
+            button = IPA.action_button({
+                name: 'add',
+                label: IPA.messages.buttons.add,
+                icon: 'add-icon',
+                click: function() {
+                    that.add_handler();
+                    return false;
+                }
+            }).appendTo(that.table.buttons);
+        };
+
+        that.section_init();
+    };
+
+    that.add_handler = function() {
+        if (that.facet.is_dirty()) {
+            var dialog = IPA.dirty_dialog({
+                facet: that.facet
+            });
+
+            dialog.callback = function() {
+                that.show_add_dialog();
+            };
+
+            dialog.init();
+            dialog.open(that.container);
+
+        } else {
+            that.show_add_dialog();
+        }
+    };
+
+    that.remove_handler = function() {
+        if (that.facet.is_dirty()) {
+            var dialog = IPA.dirty_dialog({
+                facet: that.facet
+            });
+
+            dialog.callback = function() {
+                that.show_remove_dialog();
+            };
+
+            dialog.init();
+            dialog.open(that.container);
+
+        } else {
+            that.show_remove_dialog();
+        }
+    };
+
+    that.show_add_dialog = function() {
+
+        var label = IPA.get_method_option('sudorule_add_option', 'ipasudoopt').label;
+
+        var title = IPA.messages.dialogs.add_title;
+        title = title.replace('${entity}', label);
+
+        var dialog = IPA.dialog({
+            title: title
+        });
+
+        var ipasudoopt = dialog.add_field(IPA.text_widget({
+            name: 'ipasudoopt',
+            label: label,
+            undo: false
+        }));
+
+        dialog.add_button(IPA.messages.buttons.add, function() {
+            var value = ipasudoopt.save()[0];
+
+            var pkey = IPA.nav.get_state(that.entity_name+'-pkey');
+
+            var command = IPA.command({
+                entity: 'sudorule',
+                method: 'add_option',
+                args: [pkey],
+                options: {
+                    ipasudoopt: value
+                },
+                on_success: function() {
+                    that.facet.refresh();
+                    dialog.close();
+                },
+                on_error: function() {
+                    that.facet.refresh();
+                    dialog.close();
+                }
+            });
+
+            command.execute();
+        });
+
+        dialog.add_button(IPA.messages.buttons.cancel, function() {
+            dialog.close();
+        });
+
+        dialog.init();
+
+        dialog.open(that.container);
+    };
+
+    that.show_remove_dialog = function() {
+
+        var label = IPA.get_method_option('sudorule_add_option', 'ipasudoopt').label;
+        var values = that.table.get_selected_values();
+
+        if (!values.length) {
+            var message = IPA.messages.dialogs.remove_empty;
+            message = message.replace('${entity}', label);
+            alert(message);
+            return;
+        }
+
+        var pkey = IPA.nav.get_state(that.entity_name+'-pkey');
+
+        var title = IPA.messages.dialogs.remove_title;
+        title = title.replace('${entity}', label);
+
+        var dialog = IPA.deleter_dialog({
+            title: title,
+            values: values
+        });
+
+        dialog.execute = function() {
+
+            var batch = IPA.batch_command({
+                on_success: function() {
+                    that.facet.refresh();
+                    dialog.close();
+                },
+                on_error: function() {
+                    that.facet.refresh();
+                    dialog.close();
+                }
+            });
+
+            for (var i=0; i<values.length; i++) {
+                var command = IPA.command({
+                    entity: 'sudorule',
+                    method: 'remove_option',
+                    args: [pkey]
+                });
+
+                command.set_option('ipasudoopt', values[i]);
+
+                batch.add_command(command);
+            }
+
+            batch.execute();
+        };
+
+        dialog.init();
+
+        dialog.open(that.container);
+    };
+
+    return that;
+};

 IPA.sudo.rule_details_general_section = function(spec) {

@@ -729,7 +934,7 @@ IPA.sudo.rule_details_command_section = function(spec) {

        var span = $('<span/>', {
            name: 'cmdcategory',
-            title: param_info ? param_info.doc : 'cmdcategory'
+            title: param_info.doc
        }).appendTo(container);

        $('<h3/>', {
@@ -737,6 +942,9 @@ IPA.sudo.rule_details_command_section = function(spec) {
            title: IPA.messages.objects.sudorule.allow
        }).appendTo(span);

+        span.append(param_info.doc);
+        span.append(': ');
+
        $('<input/>', {
            type: 'radio',
            name: 'cmdcategory',
@@ -854,29 +1062,27 @@ IPA.sudo.rule_details_runas_section = function(spec) {
    that.init = function() {

        var category = that.add_field(IPA.radio_widget({
-            name: 'ipasudorunasusercategory',
-            label: 'Run as User category'
+            name: 'ipasudorunasusercategory'
        }));

        that.add_field(IPA.sudorule_association_table_widget({
            'id': that.entity_name+'-runasruser_user',
-            'name': 'ipasudorunas_user', 'label': 'Users', 'category': category,
+            'name': 'ipasudorunas_user', 'category': category,
            'other_entity': 'user', 'add_method': 'add_runasuser', 'remove_method': 'remove_runasuser'
        }));
        that.add_field(IPA.sudorule_association_table_widget({
            'id': that.entity_name+'-runasuser_group',
-            'name': 'ipasudorunas_group', 'label': 'Groups', 'category': category,
+            'name': 'ipasudorunas_group', 'category': category,
            'other_entity': 'group', 'add_method': 'add_runasuser', 'remove_method': 'remove_runasuser'
        }));

        category = that.add_field(IPA.radio_widget({
-            name: 'ipasudorunasgroupcategory',
-            label: 'Run as Group category'
+            name: 'ipasudorunasgroupcategory'
        }));

        that.add_field(IPA.sudorule_association_table_widget({
            'id': that.entity_name+'-runasgroup_group',
-            'name': 'ipasudorunasgroup_group', 'label': 'Groups', 'category': category,
+            'name': 'ipasudorunasgroup_group', 'category': category,
            'other_entity': 'group', 'add_method': 'add_runasgroup', 'remove_method': 'remove_runasgroup'
        }));

@@ -892,9 +1098,12 @@ IPA.sudo.rule_details_runas_section = function(spec) {

        var span = $('<span/>', {
            name: 'ipasudorunasusercategory',
-            title: param_info ? param_info.doc : 'ipasudorunasusercategory'
+            title: param_info.doc
        }).appendTo(container);

+        span.append(param_info.doc);
+        span.append(': ');
+
        $('<input/>', {
            'type': 'radio',
            'name': 'ipasudorunasusercategory',
@@ -948,9 +1157,12 @@ IPA.sudo.rule_details_runas_section = function(spec) {

        span = $('<span/>', {
            name: 'ipasudorunasgroupcategory',
-            title: param_info ? param_info.doc : 'ipasudorunasgroupcategory'
+            title: param_info.doc
        }).appendTo(container);

+        span.append(param_info.doc);
+        span.append(': ');
+
        $('<input/>', {
            'type': 'radio',
            'name': 'ipasudorunasgroupcategory',
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -15804,6 +15804,7 @@
                            "host": "Access this host",
                            "inactive": "Inactive",
                            "ipaenabledflag": "Rule status",
+                            "options": "Options",
                            "runas": "As Whom",
                            "specified_commands": "Specified Commands and Groups",
                            "specified_groups": "Specified Groups",
--- a/install/ui/test/data/sudorule_show.json
+++ b/install/ui/test/data/sudorule_show.json
@@ -41,6 +41,10 @@
            "ipaenabledflag": [
                "TRUE"
            ],
+            "ipasudoopt": [
+                "-H",
+                "-b"
+            ],
            "ipasudorunas_user": [
                "admin"
            ],
--- a/install/ui/widget.js
+++ b/install/ui/widget.js
@@ -1325,7 +1325,7 @@ IPA.table_widget = function (spec) {
            }).appendTo(th);

            if (i == columns.length-1) {
-                $('<span/>', {
+                that.buttons = $('<span/>', {
                    'name': 'buttons',
                    'style': 'float: right;'
                }).appendTo(th);
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -292,6 +292,7 @@ class i18n_messages(Command):
                "command":_("Run Commands"),
                "any_command":_("Any Command"),
                "specified_commands":_("Specified Commands and Groups"),
+                "options":_("Options"),
                "runas":_("As Whom"),
                "any_group":_("Any Group"),
                "specified_groups":_("Specified Groups"),