The service certificate management UI has been generalized and moved
into certificate.js. The host details page is now using the same code
to manage certificates. The host.py has been modified to return host
certificate info.
The Get/Revoke/View buttons behavior has been modified such that they
are visible only if there is a valid certificate. The Get dialog box
has been fixed to show the correct certificate header and footer.
The ipa.css has been modified to store the style of the status bullets.
New unit tests for certificate has been added. The test data has been
modified to include sample host certificate.
We'll later replace them with a new scheme. For now, this is the simplest UI
The intention is to look unfinished, so people don't comment on how poor it looks.
When setting or adding an attribute wiht setatt/addattr check to
see if there is a Param for the attribute and enforce the multi-value.
If there is no Param check the LDAP schema for SINGLE-VALUE.
Catch RDN mods and try to return a more reasonable error message.
Ticket #230
Ticket #246
The service details page has been modified to show certificate
status using bullets. It will also show the revocation reason,
and display the restore button only if the certificate is on
hold. The buttons action handlers have been moved into
service_usercertificate_load() so they can update the bullets.
A test data file for cert-show operation has been added. Other
test data files containing certificate info has been updated for
consistency.
The certificate_confirmation_dialog() has been removed because
it's no longer used.
It makes little sense to install ipa-admintools without ipa-client, require it.
Also see if the client has been configured. This is a bit tricky since we
have a full set of defaults. Add a new env option that gets set if at least
one configuration file is loaded.
ticket 213
We check the resolver against the resolver and DNS against DNS but not
the resolver against DNS so if something is wrong in /etc/hosts we don't
catch it and nasty connection messages occur.
Also fix a problem where a bogus error message was being displayed because
we were trying to close an unconnected LDAP connection.
ticket 327
The service.py has been modified to include certificate info in
the service-show result if the service contains usercertificate.
A new file certificate.js has been added to store codes related
to certificates (e.g. revocation reasons, dialog boxes). The
service.js has been modified to provide the UI for certificate
management. The certificate.js can also be used for host
certificate management.
The Makefile.am and index.xhtml has been modified to include
certificate.js. New test data files have been added for certificate
operations.
To test revoke and restore operations the server needs to be
installed with dogtag CA instead of self-signed CA.
The certificate status and revocation reason in the details page
will be implemented in subsequent patches. Unit tests will also
be added in subsequent patches.
metadata for phone numbers
test date for users
Undo works for multivalue
JQuery UI buttons have custom classes
inputs/fields are now managed inside of objects
removed the use of .call. as it was confusing the issue of
mismatched parameter lists.
Fixed the parameter lists, too.
It would be nicer if we disabled the command altogether but this would require
checking the server to see every time the ipa command is executed (which would
be bad). We can't store this in a configuration file because it is possible
to add a DNS post-install (and it would require adding this to every single
client install).
ticket 147
Support is fairly basic right now and will only work on the CLI. All
the work is done on the client side.
To continue past errors use the --continue option.
Fixed a bug where direct mounts weren't always added properly.
Added real user documentation to the plugin.
ticket 78
Add automatic creation of python an C file lists for potfiles
Deletes useless copy of Makefile in install/po
Remove duplicate maintainer-clean target
Add debug target that prints file lists
Unbreak update-po target, merges in patch from John
This is a little bit of a copy and paste approach, as the code for__json__
was copied from baseldap. Long term, we want to rewrite this plugin as
an extension of baseldap anyway.
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.
On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.
On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.
The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.
All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
The plugin required a base64-encoded certificate and always decoded it
before processing. This doesn't work with the UI because the json module
decodes binary values already.
Try to detect if the incoming value is base64-encoded and decode if
necessary. Finally, try to pull the cert apart to validate it. This will
tell us for sure that the data is a certificate, regardless of the format
it came in as.
ticket 348
There is no point (and it is confusing) to print an empty list when
modifying group membership fails, so suppress it.
If any membership change fails we should return non-zero.
tickets 271, 273, 274
