Change event of combobox is not triggered when there is only one value. Calling it's handler even for option's 'click' event makes sure that value of input gets always updated.
https://fedorahosted.org/freeipa/ticket/4655
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
Fixes issues when dialog is not removed from `IPA.opened_dialogs` registry when dialog.close() is called while the dialog is not shown, i.e., while other dialog is shown. Without it, the dialog is could be incorrectly displayed.
New dialog's property `opened` handles whether dialog is intended to be opened.
How to test:
Add new host with IP address outside of managed reverse zones to get error 4304.
https://fedorahosted.org/freeipa/ticket/4656
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
Applied to hosts facet should not be default because, e.g., for Default Trust View it shouldn't be even visible(o use).
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
1. All framework objects to use event interface
2. Framework objects can be part of specification objects but they are not deep-cloned as the rest of specification objects - usually it would cause infinite loop. This make easier to add context as a $pre-op object without a need for $pre-op function.
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
Allow to use --force when changing authoritative nameserver address in DNS zone.
Same for dnsrecord-add for NS record.
https://fedorahosted.org/freeipa/ticket/4573
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
This plugin ensures that all counter/watermark operations are atomic
and never decrement. Also, deletion is not permitted.
Because this plugin also ensures internal operations behave properly,
this also gives ipa-pwd-extop the appropriate behavior for OTP
authentication.
https://fedorahosted.org/freeipa/ticket/4493https://fedorahosted.org/freeipa/ticket/4494
Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Add missing developers contributing to project git. Cancel "Past and
Occcasional" section and merge the people in the right categories.
Update .mailmap so that the Developer list can be easily re-generated.
Reviewed-By: Gabe Alford <redhatrises@gmail.com>
- display info message which points user to FreeOTP project page
- the link or the text can be easily changed by a plugin if needed
https://fedorahosted.org/freeipa/ticket/4469
Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>
Adds new API:
ipa host-allow-retrieve-keytab HOSTNAME --users=STR --groups STR
ipa host-disallow-retrieve-keytab HOSTNAME --users=STR --groups STR
ipa host-allow-create-keytab HOSTNAME --users=STR --groups STR
ipa host-disallow-create-keytab HOSTNAME --users=STR --groups STR
ipa service-allow-retrieve-keytab PRINCIPAL --users=STR --groups STR
ipa service-disallow-retrieve-keytab PRINCIPAL --users=STR --groups STR
ipa service-allow-create-keytab PRINCIPAL --users=STR --groups STR
ipa service-disallow-create-keytab PRINCIPAL --users=STR --groups STR
these methods add or remove user or group DNs in `ipaallowedtoperform` attr with
`read_keys` and `write_keys` subtypes.
service|host-mod|show outputs these attrs only with --all option as:
Users allowed to retrieve keytab: user1
Groups allowed to retrieve keytab: group1
Users allowed to create keytab: user1
Groups allowed to create keytab: group1
Adding of object class is implemented as a reusable method since this code is
used on many places and most likely will be also used in new features. Older
code may be refactored later.
https://fedorahosted.org/freeipa/ticket/4419
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Permissions with member attrs pointing to privileges are created before the privileges.
Run memberof plugin task to fix other ends of the relationships.
https://fedorahosted.org/freeipa/ticket/4637
Reviewed-By: Martin Kosek <mkosek@redhat.com>
It is necessary to fix trust flags only in the HTTP NSS DB, as it is used as
a source in the upload_cacrt update plugin.
https://fedorahosted.org/freeipa/ticket/4621
Reviewed-By: David Kupka <dkupka@redhat.com>
These defaults are pretty useless and cause more confusion than
they are worth. The serial default never worked anyway. And now
that we are displaying the token type separately, there is no
reason to doubly record these data points.
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
