There is no point (and it is confusing) to print an empty list when
modifying group membership fails, so suppress it.
If any membership change fails we should return non-zero.
tickets 271, 273, 274
Basically, make 'all' mutually exclusive. This makes debugging lots easier.
If say usercat='all' there is no point adding specific users to the rule
because it will always apply to everyone.
ticket 164
Population of the policy and entites tabs.
DNS and ACI are broken due to PLugin issues
Fix for entities without search
Added new files to Makefile.am
used rolegroup.js file as the start point, renamed to serverconfig.js
When we uninstall we wipe out the entire LDAP database, so it doesn't really
make mush sense to try to also remove single entries from it.
This avoids the --uninstall procedure to fail because the DM password is not
available or the LDAP server is down, and we are just trying to cleanup
everything.
This attribute is required for samba to properly identify a user has changed
it's password and doesn't need to change it again at next login.
At the same time, if we are forcing a pssword reset we also need to let samba
know the user must change its password.
Slapi plugins must use mozldap because 389 ds is compiled against that.
ipa_kpasswd, instead, should be linked against openldap.
So always make sure both are available.
The ipa_error_handler() has been modified to display the AJAX URL
that is having a problem. The ipa_cmd() error handler is now invoked
using call() to pass 'this' object which contains the URL.
We were mistakenly removeing the latest password from the passwordHistory
once the max history values were reached. Make sure we remove the oldest one
instead.
Helps when you need to add random snippets of config that really do not deserve
a full atttribute, but are still something you want to put in LDAP and have
replicated.
Use __func__ in log functions instead of the explicit function name
so that if the function need to be renamed later logs reflect the
change automatically w/o the need to change all occurrences.
Also makes a grep for the function name less noisy avoiding tons of
false positives.
1) Added new attribute memberDenyCommand
2) Renamed memberCmd to memberAllowCmd
3) Changed the object class:
* removed type
* reflected the rename change
* added the new attribute
4) Renumbered the attributes (while we still can) for consistency.
The ipa_entity_set_association_definition() has been added to configure
the association between 2 entitites. By default the associator is
BulkAssociator and the method is add_member. The entities have been
updated to use the right configurations.
The ipa_cmd() has been modified to detect IPA errors and invoke the
error handler.
A bug in refresh_on_success() has been fixed as well.
ipa_entity_quick_links() has been added to generate quick links
automatically from object's attribute_members, the same logic used
for generating facet list. The search definition for each entity
has been updated to use the new function. A unit test has been
added for this function.
The plugin was getting difficult to read and maintain.
Split it (and apply cosmetic cleanups to some functions) in smaller
pieces that perform specific tasks.
The navigation.js has been modified to make it more abstract, i.e.
unaware of entity facets. The nav_update_tabs() has been modified
such that it activates and updates the tabs based on the current
state stored in the URL.
The facets are now handled in entity.js. The ipa_entity_setup() has
been modified to update the facets based on the current state and
cached state.
The navigation.js also has been modified to be more class-like. The
nav_create() has been modified to store the tab configuration and
the tab container in internal variables nav_tabs_lists and
nav_container. The nav_update_tabs() now can be called without any
parameters.
Functions nav_push_state(), nav_get_state(), and nav_remove_state()
have been added to wrap BBQ API. This is to allow unit tests to
replace them with mockup functions to remove dependency on BBQ.
Some errors (e.g. server down) are reported as AJAX success with
empty data. The ipa_cmd() has been modified so that it will detect
such errors and invoke the error handler.
