Implements the role, privilege, permission, delegation and selfservice entities ui.
Targetgroup has been added to the object types.
The groups lists need to be filter. The filter is currently hidden, with a
hyperlink that reads 'filter' to unhide it. Each keystroke in this filter
performs an AJAX request to the server.
There are bugs on the server side that block some of the functionality from
completing
Creating a Permission requires one of 4 target types. The add dialog in this
version assumes the user will want to create a filter type. They can change
this on the edit page.
Most search results come back with the values as arrays, but ACIs seem not to.
Search and details both required special code to handle non-arrays.
The unit tests now make use of the 'module' aspect of QUnit. This means that
future unit test will also need to specify the module. The advantage is that
multiple tests can share a common setup and teardown.
Bugs that need to be fixed before this works 100% are
https://fedorahosted.org/freeipa/ticket/634https://fedorahosted.org/freeipa/ticket/633
The changes include:
* Change license blobs in source files to mention GPLv3+ not GPLv2 only
* Add GPLv3+ license text
* Package COPYING not LICENSE as the license blobs (even the old ones)
mention COPYING specifically, it is also more common, I think
https://fedorahosted.org/freeipa/ticket/239
The SUDO rule details facet has been updated to support the latest UI
spec. The facet consists of 5 sections: general, users, hosts, commands,
and run-as.
The general section contains the SUDO rule description and status. If
the status is changed, the sudorule-enable/disable will be invoked.
The other sections contain radio buttons for the association category
and tables for the members. When a member is added or removed, the
category will be adjusted appropriately. If the category is changed to
'all', 'allow', or 'deny', all members will be removed.
The last section is currently not working because backend support is
not yet available.
The adder dialog boxes for users, groups, and hosts has been modified
to accept external identities. The layout for the base adder dialog
was updated. The base dialog class was updated to support templates.
The SUDO dialog boxes were implemented using templates. New CSS
classes were added to ipa.css.
The HBAC rule details facet has been updated as well.
The ipa_add_dialog has been fixed to initialize the fields which
will get the labels from metadata. Hard-coded labels have been
removed from field declarations.
The superior() method has been removed because it doesn't work with
multi-level inheritance. Superclass method for now is called using
<class name>_<method> (e.g. widget_init).
The ipa_column has been modified to get the label from metadata
during initialization. The ipa_table_widget has been modified to
initialize the columns. Hard-coded labels have been removed from
column declarations.
The ipa_adder_dialog has been modified to execute a search at the
end of setup.
The association facet for HBAC Service Groups has been removed
and replaced with an association table in the details page.
The ipa_association_table_widget has been modified to support
multiple columns in the table itself and in the adder dialog.
The ipa_association_adder_dialog and ipa_association_facet have
been refactored.
The ipa_sudorule_association_widget and ipa_rule_association_widget
has been removed because their functionalities have been merged into
ipa_association_table_widget.
The create_association_facets() has been modified such that it
does not generate duplicate links. This is done by assigning the
proper labels and hiding non-assignable associations.
Each association will get a label based on the attribute used:
- memberof: Membership in <entity name>
- member.*: <entity name> Members
- managedby: Managed by <entity name>
The following associations will be hidden:
- memberindirect
- enrolledby
The internal.py was modified to return localized labels.
The test data has been updated.
The enrollment dialog has been modified to use scrollable tables that
supports multiple columns to display the search results and selected
entries. The columns are specified by calling create_adder_column()
on the association facet. By default the tables will use only one
column which is to display the primary keys.
The following enrollment dialogs have been modified to use multiple
columns:
- Group's member_user
- Service's managedby_host
- HBAC Service Group's member_hbacsvc
- SUDO Command Group's member_sudocmd
The ipa_association_table_widget's add() and remove() have been moved
into ipa_association_facet so they can be customized by facet's
subclass. The ipa_table's add_row() has been renamed to add_record().
Some old code has been removed from ipa_facet_create_action_panel().
The code was used to generate association links from a single facet.
It's no longer needed because now each association has its own facet.
The test data has been updated. The IPA.nested_tabs() has been fixed
to return the entity itself if IPA.tab_set is not defined. This is
needed to pass unit test.
The association facet has been modified to support multiple columns.
By default the facet will have one column which is the primary key of
the associated object (e.g. username of a group member), so the
existing code will work like before. Other fields (e.g. user's full
name) can be added by subclassing the ipa_association_facet class and
specifying the additional columns to display. These additional fields
will be retrieved using a batch operation.
Previously a single association facet instance will be used for all
associations in an entity. Now each association will have its own
association facet. This way each association facet can be customized
differently as needed. The <entity>-enroll URL parameter has been
removed because it's no longer needed.
The ipa_entity.create_association_facets() is provided to generate
the default association facets with one column for the primary key.
The column click handler has been moved out of ipa_column to provide
more flexibility for customization.
The get_action_panel() and get_client_area() have been modified to
search within the entity's container.
The group entity has been fully converted to use the new UI framework.
Association facets that have been modified to use multiple columns are:
- User Group's member_user
- HBAC Service Group's member_hbacsvc
- SUDO Command Group's member_sudocmd
- Service's managedby_host
New test data files have been added. Unit tests have been updated.
The SUDO Commands and Command Groups pages have been added under
SUDO Rules tab.
Similar to HBAC navigation issue, these entities do not have their
own tab, so an exception has been added to the navigation code
to read sudo-entity parameter to determine the entity being viewed.
Fixing this issue will require framework changes.
New test data for these operations have been added.
