Reflects:
- adding of RCUE styles along with Bootstrap 2.0.
- removal of jQuery BBQ plugin
- removal of rhino enviroment for selenium which was used in old UI tests
Reviewed-By: Simo Sorce <ssorce@redhat.com>
UI unit tests were broken since main RCUE work. This patch fixes them
all except aci, which will be fixed along with update of aci UI.
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Update JSON metadata files for static presentation of FreeIPA UI and
some tests. This regeneration did not happen for very long time and
an update is needed for upcoming ACI patch.
prerequisite for:
https://fedorahosted.org/freeipa/ticket/4079
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Old implementation crawled DOM for gathering data from DOM. Such code
is very error prone. Little visual change somewhere else can break it
- as happened in main patch for #4217.
prerequisite for:
https://fedorahosted.org/freeipa/ticket/4217
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
checkboxes and radio buttons:
- do not change color on hover when disabled
- are focusable and checkable be keyboard again. This uses a little
trick where the real checkbox is hidden under the artificial
checkbox. That way it has the same position and therefore it
works even in containers with overflow set.
https://fedorahosted.org/freeipa/ticket/4217
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
When Dogtag 10 based FreeIPA replica is being installed for a Dogtag 9
based master, the PKI database is not updated and miss several ACLs
which prevent some of the PKI functions, e.g. an ability to create
other clones.
Add an update file to do the database update. Content is based on
recommendation from PKI team:
* https://bugzilla.redhat.com/show_bug.cgi?id=1075118#c9
This update file can be removed when Dogtag database upgrades are done
in PKI component. Upstream tickets:
* https://fedorahosted.org/pki/ticket/710 (database upgrade framework)
* https://fedorahosted.org/pki/ticket/906 (checking database version)
Also make sure that PKI service is restarted in the end of the installation
as the other services to make sure it picks changes done during LDAP
updates.
https://fedorahosted.org/freeipa/ticket/4243
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
this patch implements:
- output_formatter in field. It should be used in par with formatter. Formatter serves for datasource->widget conversion, output_formatter for widget->datasource format conversion.
- datetime module which parses/format strings in subset of ISO 8601 and LDAP generalized time format to Date.
- utc formatter replaced with new datetime formatter
- datetime_validator introduced
- new datetime field, extension of text field, which by default uses datetime formatter and validator
Dojo was regenerated to include dojo/string module
https://fedorahosted.org/freeipa/ticket/4194
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
Checkboxes have not used unique ids across the whole UI. It broke checking by clicking on label for later displayed instances. It became serious problem when rcue introduced new checkbox styles with 'label clicking' as default check method.
https://fedorahosted.org/freeipa/ticket/3904
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
This patch adds option to define which item of which array attribute of specification object will be replaced by a new value.
The difference between combination of $add and $del is that it keeps position of that item in the array.
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
Boolean object properties can have different default meaning for not defined
value. This patch allows to defined this meaning to `boolean_formatter` by
introduction of `emty_value` property. `boolean_state_evaluator` was modified
to leverage it as well.
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
When creating replica from a Dogtag 9 based IPA server, the port 7389
which is required for the installation is never checked by
ipa-replica-conncheck even though it knows that it is being installed
from the Dogtag 9 based FreeIPA. If the 7389 port would be blocked by
firewall, installation would stuck with no hint to user.
Make sure that the port configuration parsed from replica info file
is used consistently in the installers.
https://fedorahosted.org/freeipa/ticket/4240
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Fixes issue when:
1. 2 dialogs are opened
2. top dialog's close button is focused
3. user presses enter to execute 'close' action
4. dialog is immediately closed (enter key is still pressed)
5. second dialog automatically receives focus (it's top dialog now)
6. user releases the key
7. second dialog reacts to keyup event - which is by default confirmation mixin's confirm event
8. UNDESIRED behavior occurs
Now confirmation mixin remembers which keys were pressed and released and reacts only to those which originated there.
https://fedorahosted.org/freeipa/ticket/4098
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
Dialog loses focus when the links are clicked making the dialog uncontrollable by keyboard. This patch focuses the link again after expanding/collapsing the error list. Thus keeping the focus in a dialog
https://fedorahosted.org/freeipa/ticket/4097
Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
Originally we made them all optional as a workaround for the lack of SELFDN
support in 389DS. However, with the advent of SELFDN, this hack is no longer
necessary. This patch updates TOTP to match HOTP in this regard.
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
If an error occurs in the start up sequence in ipactl start/restart,
all the services are stopped. Using the --force option prevents
stopping of services that have successfully started, just skips the
services which can not be started.
ipactl status now shows stopped services also, if the directory
server is running.
With the contribution of Ana Krivokapic
https://fedorahosted.org/freeipa/ticket/3509
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Change the target filter to be multivalued.
Make the `type` option on permissions set location and an
(objectclass=...) targetfilter, instead of location and target.
Make changing or unsetting `type` remove existing
(objectclass=...) targetfilters only, and similarly,
changing/unsetting `memberof` to remove (memberof=...) only.
Update tests
Part of the work for: https://fedorahosted.org/freeipa/ticket/4074
Reviewed-By: Martin Kosek <mkosek@redhat.com>
fixed by starting the directory server when restarting if it is not
currently running to enable fetching running services
later restart didn't check that
also added a check, that if the directory server started at the
beginning, there is no need to restart it
https://fedorahosted.org/freeipa/ticket/4050
Reviewed-By: Martin Kosek <mkosek@redhat.com>
This adds support for managed permissions. The attribute list
of these is computed from the "default" (modifiable only internally),
"allowed", and "excluded" lists. This makes it possible to cleanly
merge updated IPA defaults and user changes on upgrades.
The default managed permissions are to be added in a future patch.
For now they can only be created manually (see test_managed_permissions).
Tests included.
Part of the work for: https://fedorahosted.org/freeipa/ticket/4033
Design: http://www.freeipa.org/page/V3/Managed_Read_permissions
Reviewed-By: Martin Kosek <mkosek@redhat.com>
The checks for existing host and existing replication agreement
set a flag that caused an exit() if any of them failed.
Between these checks there was an unrelated check, DNS resolution.
If the host and DNS checks both failed, this made it look like
the DNS check was the cause of failed install. Especially if the user
ignored the DNS check in unattended mode, the output was confusing.
Remove the flag and fail directly.
Do the replication agreement check first; fixing this with
ipa-replica-manage del will also remove the host entry.
Also, use the logger for error messages so they appear in the log
file as well as on the console.
https://fedorahosted.org/freeipa/ticket/3889
Stock httpd no longer uses systemd EnvironmentFile option which is
making FreeIPA's KRB5CCNAME setting ineffective. This can lead in hard
to debug problems during subsequent ipa-server-install's where HTTP
may use a stale CCACHE in the default kernel keyring CCACHE.
Avoid forcing custom CCACHE and switch to system one, just make sure
that it is properly cleaned by kdestroy run as "apache" user during
FreeIPA server installation process.
https://fedorahosted.org/freeipa/ticket/4084
Add Web UI counterpart of following CLI commands:
* trust-fetch-domains Refresh list of the domains associated with the trust
* trustdomain-del Remove infromation about the domain associated with the trust.
* trustdomain-disable Disable use of IPA resources by the domain of the trust
* trustdomain-enable Allow use of IPA resources by the domain of the trust
* trustdomain-find Search domains of the trust
https://fedorahosted.org/freeipa/ticket/4119
This commit changes how fonts are used.
- remove usage of bundled fonts and only system fonts are used instead
- by using alias in httpd conf
- by using local("Font Name") directive in font-face
- removed usage of overpass font
- redefined Open Sans font-face declarations. Note: upstream is doing the
same change so we will be fine on upgrade.
- introduce variable.less for variable definitions and overrides. This file
will be very useful when we upgrade to newer RCUE so we will be able to
redefine their and bootstrap's variables.
Fixes: https://fedorahosted.org/freeipa/ticket/2861
