IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

SUDO Commands and Command Groups

Browse Source 
The SUDO Commands and Command Groups pages have been added under
SUDO Rules tab.

Similar to HBAC navigation issue, these entities do not have their
own tab, so an exception has been added to the navigation code
to read sudo-entity parameter to determine the entity being viewed.
Fixing this issue will require framework changes.

New test data for these operations have been added.
This commit is contained in:
Endi S. Dewata
2010-11-19 16:58:55 -06:00
committed by Adam Young
parent 27d8529a84
commit b9f539ba19
21 changed files with 776 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
install/static/Makefile.am
View File

@@ -20,6 +20,8 @@ app_DATA = \
certificate.js \
group.js \
hbac.js \
hbacsvc.js \
hbacsvcgroup.js \
host.js \
hostgroup.js \
index.html \
@@ -29,6 +31,8 @@ app_DATA = \
service.js \
serverconfig.js \
sudorule.js \
sudocmd.js \
sudocmdgroup.js \
policy.js \
search.js \
rule.js \

4
install/static/hbac.js
View File

@@ -152,7 +152,7 @@ function ipa_hbac_search_facet(spec) {
var li = $('li[title=hbacsvc]', action_panel);
li.click(function() {
var state = {};
state['entity'] = 'hbacsvc';
state['hbac-entity'] = 'hbacsvc';
nav_push_state(state);
return false;
});
@@ -160,7 +160,7 @@ function ipa_hbac_search_facet(spec) {
li = $('li[title=hbacsvcgroup]', action_panel);
li.click(function() {
var state = {};
state['entity'] = 'hbacsvcgroup';
state['hbac-entity'] = 'hbacsvcgroup';
nav_push_state(state);
return false;
});

35
install/static/hbacsvc.js
View File

@@ -100,24 +100,12 @@ function ipa_hbacsvc_search_facet(spec) {
$('<li/>', {
title: 'hbac',
text: 'HBAC Rules',
'click': function() {
var state = {};
state['entity'] = 'hbac';
nav_push_state(state);
return false;
}
text: 'HBAC Rules'
}).appendTo(ul);
$('<li/>', {
title: 'hbacsvcgroup',
text: 'HBAC Service Groups',
'click': function() {
var state = {};
state['entity'] = 'hbacsvcgroup';
nav_push_state(state);
return false;
}
text: 'HBAC Service Groups'
}).appendTo(ul);
that.search_facet_create(container);
@@ -126,10 +114,29 @@ function ipa_hbacsvc_search_facet(spec) {
container.children().last().prepend(
$('<h2/>', { 'html': 'HBAC Services' }));
container.children().last().prepend('<br/><br/>');
};
that.setup = function(container) {
that.search_facet_setup(container);
var action_panel = that.get_action_panel();
var li = $('li[title=hbac]', action_panel);
li.click(function() {
var state = {};
state['hbac-entity'] = 'hbac';
nav_push_state(state);
return false;
});
li = $('li[title=hbacsvcgroup]', action_panel);
li.click(function() {
var state = {};
state['hbac-entity'] = 'hbacsvcgroup';
nav_push_state(state);
return false;
});
};
return that;

39
install/static/hbacsvcgroup.js
View File

@@ -111,24 +111,12 @@ function ipa_hbacsvcgroup_search_facet(spec) {
$('<li/>', {
title: 'hbac',
text: 'HBAC Rules',
'click': function() {
var state = {};
state['entity'] = 'hbac';
nav_push_state(state);
return false;
}
text: 'HBAC Rules'
}).appendTo(ul);
$('<li/>', {
title: 'hbacsvc',
text: 'HBAC Services',
'click': function() {
var state = {};
state['entity'] = 'hbacsvc';
nav_push_state(state);
return false;
}
text: 'HBAC Services'
}).appendTo(ul);
that.search_facet_create(container);
@@ -140,6 +128,29 @@ function ipa_hbacsvcgroup_search_facet(spec) {
};
that.setup = function(container) {
that.search_facet_setup(container);
var action_panel = that.get_action_panel();
var li = $('li[title=hbac]', action_panel);
li.click(function() {
var state = {};
state['hbac-entity'] = 'hbac';
nav_push_state(state);
return false;
});
li = $('li[title=hbacsvc]', action_panel);
li.click(function() {
var state = {};
state['hbac-entity'] = 'hbacsvc';
nav_push_state(state);
return false;
});
};
return that;
}

2
install/static/index.html
View File

@@ -32,6 +32,8 @@
<script type="text/javascript" src="service.js"></script>
<script type="text/javascript" src="serverconfig.js"></script>
<script type="text/javascript" src="sudorule.js"></script>
<script type="text/javascript" src="sudocmd.js"></script>
<script type="text/javascript" src="sudocmdgroup.js"></script>
<script type="text/javascript" src="policy.js"></script>

3
install/static/navigation.js
View File

@@ -137,7 +137,8 @@ function _nav_update_tabs(nls, container)
var entity_name = tab.name;
// TODO: do not hard-code
if (entity_name == 'hbac' && nav_get_state('entity')) entity_name = nav_get_state('entity');
if (entity_name == 'hbac' && nav_get_state('hbac-entity')) entity_name = nav_get_state('hbac-entity');
if (entity_name == 'sudorule' && nav_get_state('sudo-entity')) entity_name = nav_get_state('sudo-entity');
var entity = IPA.get_entity(entity_name);
entity.setup(container2);

175
install/static/sudocmd.js Executable file
View File

@@ -0,0 +1,175 @@
/* Authors:
* Endi Sukma Dewata <edewata@redhat.com>
*
* Copyright (C) 2010 Red Hat
* see file 'COPYING' for use and warranty information
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; version 2 only
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */
function ipa_sudocmd() {
var that = ipa_entity({
'name': 'sudocmd'
});
that.init = function() {
var dialog = ipa_sudocmd_add_dialog({
'name': 'add',
'title': 'Add New SUDO Command'
});
that.add_dialog(dialog);
dialog.init();
var facet = ipa_sudocmd_search_facet({
'name': 'search',
'label': 'Search'
});
that.add_facet(facet);
facet = ipa_sudocmd_details_facet({
'name': 'details',
'label': 'Details'
});
that.add_facet(facet);
that.entity_init();
};
return that;
}
IPA.add_entity(ipa_sudocmd());
function ipa_sudocmd_add_dialog(spec) {
spec = spec || {};
var that = ipa_add_dialog(spec);
that.superior_init = that.superior('init');
that.init = function() {
this.superior_init();
this.add_field(ipa_text_widget({name:'sudocmd', label:'Command', undo: false}));
this.add_field(ipa_text_widget({name:'description', label:'Description', undo: false}));
};
return that;
}
function ipa_sudocmd_search_facet(spec) {
spec = spec || {};
var that = ipa_search_facet(spec);
that.get_action_panel = function() {
return $('#sudorule .action-panel');
};
that.init = function() {
that.create_column({name:'sudocmd', label:'Command', primary_key: true});
that.create_column({name:'description', label:'Description'});
that.search_facet_init();
};
that.create = function(container) {
var action_panel = that.get_action_panel();
var ul = $('ul', action_panel);
$('<li/>', {
title: 'sudorule',
text: 'SUDO Rules'
}).appendTo(ul);
$('<li/>', {
title: 'sudocmdgroup',
text: 'SUDO Command Groups'
}).appendTo(ul);
that.search_facet_create(container);
// TODO: replace with IPA.metadata[that.entity_name].label
container.children().last().prepend(
$('<h2/>', { 'html': 'SUDO Commands' }));
container.children().last().prepend('<br/><br/>');
};
that.setup = function(container) {
that.search_facet_setup(container);
var action_panel = that.get_action_panel();
var li = $('li[title=sudorule]', action_panel);
li.click(function() {
var state = {};
state['sudo-entity'] = 'sudorule';
nav_push_state(state);
return false;
});
li = $('li[title=sudocmdgroup]', action_panel);
li.click(function() {
var state = {};
state['sudo-entity'] = 'sudocmdgroup';
nav_push_state(state);
return false;
});
};
return that;
}
function ipa_sudocmd_details_facet(spec) {
spec = spec || {};
var that = ipa_details_facet(spec);
that.superior_init = that.superior('init');
that.superior_create = that.superior('create');
that.superior_setup = that.superior('setup');
that.get_action_panel = function() {
return $('#sudorule .action-panel');
};
that.init = function() {
var section = ipa_details_list_section({
'name': 'general',
'label': 'General'
});
that.add_section(section);
section.create_field({ 'name': 'sudocmd', 'label': 'Command' });
section.create_field({ 'name': 'description', 'label': 'Description' });
that.superior_init();
};
return that;
}

196
install/static/sudocmdgroup.js Executable file
View File

@@ -0,0 +1,196 @@
/* Authors:
* Endi Sukma Dewata <edewata@redhat.com>
*
* Copyright (C) 2010 Red Hat
* see file 'COPYING' for use and warranty information
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; version 2 only
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */
function ipa_sudocmdgroup() {
var that = ipa_entity({
'name': 'sudocmdgroup'
});
that.init = function() {
that.create_association({
'name': 'sudocmd',
'add_method': 'add_member',
'delete_method': 'remove_member'
});
var dialog = ipa_sudocmdgroup_add_dialog({
'name': 'add',
'title': 'Add New SUDO Command Group'
});
that.add_dialog(dialog);
dialog.init();
var facet = ipa_sudocmdgroup_search_facet({
'name': 'search',
'label': 'Search'
});
that.add_facet(facet);
facet = ipa_sudocmdgroup_details_facet({
'name': 'details',
'label': 'Details'
});
that.add_facet(facet);
facet = ipa_sudocmdgroup_association_facet({
'name': 'associate'
});
that.add_facet(facet);
that.entity_init();
};
return that;
}
IPA.add_entity(ipa_sudocmdgroup());
function ipa_sudocmdgroup_add_dialog(spec) {
spec = spec || {};
var that = ipa_add_dialog(spec);
that.superior_init = that.superior('init');
that.init = function() {
this.superior_init();
this.add_field(ipa_text_widget({name:'cn', label:'Name', undo: false}));
this.add_field(ipa_text_widget({name:'description', label:'Description', undo: false}));
};
return that;
}
function ipa_sudocmdgroup_search_facet(spec) {
spec = spec || {};
var that = ipa_search_facet(spec);
that.get_action_panel = function() {
return $('#sudorule .action-panel');
};
that.init = function() {
that.create_column({name:'cn', label:'Group', primary_key: true});
that.create_column({name:'description', label:'Description'});
that.search_facet_init();
};
that.create = function(container) {
var action_panel = that.get_action_panel();
var ul = $('ul', action_panel);
$('<li/>', {
title: 'sudorule',
text: 'SUDO Rules'
}).appendTo(ul);
$('<li/>', {
title: 'sudocmd',
text: 'SUDO Command'
}).appendTo(ul);
that.search_facet_create(container);
// TODO: replace with IPA.metadata[that.entity_name].label
container.children().last().prepend(
$('<h2/>', { 'html': 'SUDO Command Groups' }));
container.children().last().prepend('<br/><br/>');
};
that.setup = function(container) {
that.search_facet_setup(container);
var action_panel = that.get_action_panel();
var li = $('li[title=sudorule]', action_panel);
li.click(function() {
var state = {};
state['sudo-entity'] = 'sudorule';
nav_push_state(state);
return false;
});
li = $('li[title=sudocmd]', action_panel);
li.click(function() {
var state = {};
state['sudo-entity'] = 'sudocmd';
nav_push_state(state);
return false;
});
};
return that;
}
function ipa_sudocmdgroup_details_facet(spec) {
spec = spec || {};
var that = ipa_details_facet(spec);
that.get_action_panel = function() {
return $('#sudorule .action-panel');
};
that.init = function() {
var section = ipa_details_list_section({
'name': 'general',
'label': 'General'
});
that.add_section(section);
section.create_field({ 'name': 'cn', 'label': 'Name' });
section.create_field({ 'name': 'description', 'label': 'Description' });
that.details_facet_init();
};
return that;
}
function ipa_sudocmdgroup_association_facet(spec) {
spec = spec || {};
var that = ipa_association_facet(spec);
that.get_action_panel = function() {
return $('#sudorule .action-panel');
};
return that;
}

37
install/static/sudorule.js
View File

@@ -92,6 +92,20 @@ function ipa_sudorule_search_facet(spec) {
that.create = function(container) {
var action_panel = that.get_action_panel();
var ul = $('ul', action_panel);
$('<li/>', {
title: 'sudocmd',
text: 'SUDO Commands'
}).appendTo(ul);
$('<li/>', {
title: 'sudocmdgroup',
text: 'SUDO Command Groups'
}).appendTo(ul);
that.search_facet_create(container);
// TODO: replace with IPA.metadata[that.entity_name].label
@@ -101,6 +115,29 @@ function ipa_sudorule_search_facet(spec) {
};
that.setup = function(container) {
that.search_facet_setup(container);
var action_panel = that.get_action_panel();
var li = $('li[title=sudocmd]', action_panel);
li.click(function() {
var state = {};
state['sudo-entity'] = 'sudocmd';
nav_push_state(state);
return false;
});
li = $('li[title=sudocmdgroup]', action_panel);
li.click(function() {
var state = {};
state['sudo-entity'] = 'sudocmdgroup';
nav_push_state(state);
return false;
});
};
return that;
}

21
install/static/test/data/sudocmd_add.json Normal file
View File

@@ -0,0 +1,21 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"dn": "sudocmd=/usr/bin/less,cn=sudocmds,cn=accounts,dc=dev,dc=example,dc=com",
"ipauniqueid": [
"09e4ab26-f456-11df-bb95-00163e72f2d9"
],
"objectclass": [
"ipaobject",
"ipasudocmd"
],
"sudocmd": [
"/usr/bin/less"
]
},
"summary": "Added sudo command \"/usr/bin/less\"",
"value": "/usr/bin/less"
}
}

9
install/static/test/data/sudocmd_del.json Normal file
View File

@@ -0,0 +1,9 @@
{
"error": null,
"id": 0,
"result": {
"result": true,
"summary": "Deleted sudo command \"/usr/bin/less\"",
"value": "/usr/bin/less"
}
}

23
install/static/test/data/sudocmd_find.json Normal file
View File

@@ -0,0 +1,23 @@
{
"error": null,
"id": 0,
"result": {
"count": 2,
"result": [
{
"dn": "sudocmd=/usr/bin/more,cn=sudocmds,cn=accounts,dc=dev,dc=example,dc=com",
"sudocmd": [
"/usr/bin/more"
]
},
{
"dn": "sudocmd=/usr/bin/less,cn=sudocmds,cn=accounts,dc=dev,dc=example,dc=com",
"sudocmd": [
"/usr/bin/less"
]
}
],
"summary": "2 sudo command matched",
"truncated": false
}
}

31
install/static/test/data/sudocmd_mod.json Normal file
View File

@@ -0,0 +1,31 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"attributelevelrights": {
"aci": "rscwo",
"description": "rscwo",
"ipauniqueid": "rsc",
"memberof": "rsc",
"nsaccountlock": "rscwo",
"sudocmd": "rscwo"
},
"description": [
"opposite of more"
],
"ipauniqueid": [
"06708d0e-f454-11df-9273-00163e72f2d9"
],
"objectclass": [
"ipaobject",
"ipasudocmd"
],
"sudocmd": [
"/usr/bin/less"
]
},
"summary": "Modified sudo command \"/usr/bin/less\"",
"value": "/usr/bin/less"
}
}

29
install/static/test/data/sudocmd_show.json Normal file
View File

@@ -0,0 +1,29 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"attributelevelrights": {
"aci": "rscwo",
"description": "rscwo",
"ipauniqueid": "rsc",
"memberof": "rsc",
"nsaccountlock": "rscwo",
"sudocmd": "rscwo"
},
"dn": "sudocmd=/usr/bin/less,cn=sudocmds,cn=accounts,dc=dev,dc=example,dc=com",
"ipauniqueid": [
"06708d0e-f454-11df-9273-00163e72f2d9"
],
"objectclass": [
"ipaobject",
"ipasudocmd"
],
"sudocmd": [
"/usr/bin/less"
]
},
"summary": null,
"value": "/usr/bin/less"
}
}

26
install/static/test/data/sudocmdgroup_add.json Normal file
View File

@@ -0,0 +1,26 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"cn": [
"group1"
],
"description": [
"Group 1"
],
"dn": "cn=group1,cn=sudocmdgroups,cn=accounts,dc=dev,dc=example,dc=com",
"ipauniqueid": [
"1a8f4852-f459-11df-815c-00163e72f2d9"
],
"objectclass": [
"ipaobject",
"ipasudocmdgrp",
"groupOfNames",
"top"
]
},
"summary": "Added sudo command group \"group1\"",
"value": "group1"
}
}

26
install/static/test/data/sudocmdgroup_add_member.json Normal file
View File

@@ -0,0 +1,26 @@
{
"error": null,
"id": 0,
"result": {
"completed": 2,
"failed": {
"member": {
"sudocmd": [],
"sudocmdgroup": []
}
},
"result": {
"cn": [
"group1"
],
"description": [
"SUDO Group 1"
],
"dn": "cn=group1,cn=sudocmdgroups,cn=accounts,dc=dev,dc=example,dc=com",
"member_sudocmd": [
"/usr/bin/more",
"/usr/bin/less"
]
}
}
}

9
install/static/test/data/sudocmdgroup_del.json Normal file
View File

@@ -0,0 +1,9 @@
{
"error": null,
"id": 0,
"result": {
"result": true,
"summary": "Deleted sudo command group \"group1\"",
"value": "group1"
}
}

33
install/static/test/data/sudocmdgroup_find.json Normal file
View File

@@ -0,0 +1,33 @@
{
"error": null,
"id": 0,
"result": {
"count": 2,
"result": [
{
"cn": [
"group1"
],
"description": [
"Group 1"
],
"dn": "cn=group1,cn=sudocmdgroups,cn=accounts,dc=dev,dc=example,dc=com",
"member_sudocmd": [
"/usr/bin/more",
"/usr/bin/less"
]
},
{
"cn": [
"group2"
],
"description": [
"Group 2"
],
"dn": "cn=group2,cn=sudocmdgroups,cn=accounts,dc=dev,dc=example,dc=com"
}
],
"summary": "2 sudo command groups matched",
"truncated": false
}
}

39
install/static/test/data/sudocmdgroup_mod.json Normal file
View File

@@ -0,0 +1,39 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"attributelevelrights": {
"aci": "rscwo",
"businesscategory": "rscwo",
"cn": "rscwo",
"description": "rscwo",
"ipauniqueid": "rsc",
"member": "rscwo",
"nsaccountlock": "rscwo",
"o": "rscwo",
"objectclass": "rscwo",
"ou": "rscwo",
"owner": "rscwo",
"seealso": "rscwo"
},
"cn": [
"group1"
],
"description": [
"SUDO Group 1"
],
"ipauniqueid": [
"1a8f4852-f459-11df-815c-00163e72f2d9"
],
"objectclass": [
"ipaobject",
"ipasudocmdgrp",
"groupOfNames",
"top"
]
},
"summary": "Modified sudo command group \"group1\"",
"value": "group1"
}
}

22
install/static/test/data/sudocmdgroup_remove_member.json Normal file
View File

@@ -0,0 +1,22 @@
{
"error": null,
"id": 0,
"result": {
"completed": 2,
"failed": {
"member": {
"sudocmd": [],
"sudocmdgroup": []
}
},
"result": {
"cn": [
"group1"
],
"description": [
"SUDO Group 1"
],
"dn": "cn=group1,cn=sudocmdgroups,cn=accounts,dc=dev,dc=example,dc=com"
}
}
}

44
install/static/test/data/sudocmdgroup_show.json Normal file
View File

@@ -0,0 +1,44 @@
{
"error": null,
"id": 0,
"result": {
"result": {
"attributelevelrights": {
"aci": "rscwo",
"businesscategory": "rscwo",
"cn": "rscwo",
"description": "rscwo",
"ipauniqueid": "rsc",
"member": "rscwo",
"nsaccountlock": "rscwo",
"o": "rscwo",
"objectclass": "rscwo",
"ou": "rscwo",
"owner": "rscwo",
"seealso": "rscwo"
},
"cn": [
"group1"
],
"description": [
"Group 1"
],
"dn": "cn=group1,cn=sudocmdgroups,cn=accounts,dc=dev,dc=example,dc=com",
"ipauniqueid": [
"d99989a6-f459-11df-9273-00163e72f2d9"
],
"member_sudocmd": [
"/usr/bin/more",
"/usr/bin/less"
],
"objectclass": [
"ipaobject",
"ipasudocmdgrp",
"groupOfNames",
"top"
]
},
"summary": null,
"value": "group1"
}
}