IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-26 16:16:31 -06:00
Code Issues Packages Projects Releases Wiki Activity
447 Commits 11 Branches 59 Tags 60 MiB
c397041bfa
Commit Graph

17 Commits

Author SHA1 Message Date
Rob Crittenden
f42f1f44c8 Enable group inactivation by using the Class of Service plugin. 
This adds 2 new groups: activated and inactivated.

If you, or a group you are a member of, is in inactivated then you are too.

If you, or a group you are a member of, is in the activated group, then you
are too.

In a fight between activated and inactivated, activated wins.

The DNs for doing this matching is case and white space sensitive.

The goal is to never have to actually set nsAccountLock in a user directly
but move them between these groups.

We need to decide where in the CLI this will happen. Right it is split
between ipa-deluser and ipa-usermod. To inactivate groups for now just
add the group to inactivate or active.
 2007-11-20 22:45:29 -05:00
Rob Crittenden
cb0476f223 Make the group cn an editable field though protected by default. 
Fix some issues with the multi-value to single-value reversion.
 2007-11-14 23:33:49 -05:00
Rob Crittenden
83dd42797e Include multi-value fields on the Add Person page 
Remove multi-valued cn from groups
 2007-11-14 17:50:46 -05:00
Rob Crittenden
3e715a04cf Add an editors group. This is used to generally grant access for users 
to edit other users (the Edit link won't appear otherwise). Additional
delegation is need to grant permission to individual attributes.
Update the failed login page to indicate that it is a permission issue.
Don't allow access to policy at all for non-admins.
By default users can only edit themselves.
 2007-11-14 10:49:03 -05:00
Rob Crittenden
5011f64243 Restrict access to some parts of the UI to those in the admins group 2007-11-13 11:15:07 -05:00
Rob Crittenden
b7506a5ea6 Fix editing groups when cn is a single-valued field 
Fix some error messages that were printing the entire detail message
 2007-11-09 14:01:28 -05:00
Rob Crittenden
e9dfbfa773 Enable multi-value field support for some attributes on the edit pages 
Better error reporting in the GUI
Include a document describing how multi-valued fields work
 2007-11-08 22:12:42 -05:00
Rob Crittenden
dc01ea0fe6 groups come back as a list where the first element is the number of 
groups returned. Skip that element.
 2007-11-02 11:35:50 -04:00
Karl MacMillan
27f0aab667 Rename memberOf to group_members in xml-rpc interface. 0001-01-01 00:00:00 +00:00
Rob Crittenden
303d5ebad9 Have the GUI use memberOf() instead of looping through the member DNs 
Fix a bug in the local transport version of memberOf()
 2007-10-31 10:08:16 -04:00
Kevin McCarthy
859291a706 Add delete user and group to webgui. 
NOTE: this doesn't handle referential integrity.
 2007-10-23 16:46:50 -07:00
Kevin McCarthy
fd8690dd63 Add a flash message to the top of the page when there are validation errors. 2007-10-19 08:59:40 -07:00
Kevin McCarthy
6249f20526 Add logger objects to each controller. 
Fix up the config settings for logging.
 2007-10-17 16:45:20 -07:00
Kevin McCarthy
2b38769b50 Combine get_user/group by dn/cn into get_entry_by_cn/dn. 
Also a couple double-escaping fixes I missed in the last patch.
 2007-10-09 09:26:16 -07:00
Kevin McCarthy
aaa992b744 Fix the webgui to allocate a new IPAClient for each request. 2007-10-08 09:54:13 -07:00
Kevin McCarthy
9987e0e807 Small group fixes: remove index, change to use hidden_fields (like UserFields) 2007-10-08 09:22:03 -07:00
Kevin McCarthy
d5fedb5f97 Split the controllers out into separate user and group controllers. 2007-10-04 17:10:18 -07:00