The labels for the following fields in Host details page have been
changed:
- fqdn: Fully Qualified Host Name
- serverhostname: Host Name
The ipa_details_field_create_input() and _ipa_create_text_input()
has been converted into methods in ipa_details_field class. The code
has been modified to display read-only fields as labels instead
of disabled text fields.
The attributelevelrights in host test data files have been updated.
The table widget now can be enabled/disabled. When disabled, the
checkboxes and links/buttons are grayed out and non functional.
The radio buttons in HBAC and SUDO details page have been modified
to enable/disable the corresponding tables.
TAKE 1
- Enrollement links in the action panel are now sorted by relationships.
- You can only enroll members.
(The webUI made the impression you can enroll parents as well, but it was
broken.)
- When enrolling new members, you can choose not to display already enrolled
ones. (On by default.)
- Couple cosmetic changes.
Implements the role, privilege, permission, delegation and selfservice entities ui.
Targetgroup has been added to the object types.
The groups lists need to be filter. The filter is currently hidden, with a
hyperlink that reads 'filter' to unhide it. Each keystroke in this filter
performs an AJAX request to the server.
There are bugs on the server side that block some of the functionality from
completing
Creating a Permission requires one of 4 target types. The add dialog in this
version assumes the user will want to create a filter type. They can change
this on the edit page.
Most search results come back with the values as arrays, but ACIs seem not to.
Search and details both required special code to handle non-arrays.
The unit tests now make use of the 'module' aspect of QUnit. This means that
future unit test will also need to specify the module. The advantage is that
multiple tests can share a common setup and teardown.
Bugs that need to be fixed before this works 100% are
https://fedorahosted.org/freeipa/ticket/634https://fedorahosted.org/freeipa/ticket/633
The changes include:
* Change license blobs in source files to mention GPLv3+ not GPLv2 only
* Add GPLv3+ license text
* Package COPYING not LICENSE as the license blobs (even the old ones)
mention COPYING specifically, it is also more common, I think
https://fedorahosted.org/freeipa/ticket/239
The user details facet has been modified such that when the account
is activated/deactivated the page will be reloaded.
Some methods in the framework have been changed:
- The ipa_widget.clear() has been removed because it can be replaced
by existing reset().
- The ipa_widget.set_values() has been renamed into update().
The SUDO rule details facet has been updated to support the latest UI
spec. The facet consists of 5 sections: general, users, hosts, commands,
and run-as.
The general section contains the SUDO rule description and status. If
the status is changed, the sudorule-enable/disable will be invoked.
The other sections contain radio buttons for the association category
and tables for the members. When a member is added or removed, the
category will be adjusted appropriately. If the category is changed to
'all', 'allow', or 'deny', all members will be removed.
The last section is currently not working because backend support is
not yet available.
The adder dialog boxes for users, groups, and hosts has been modified
to accept external identities. The layout for the base adder dialog
was updated. The base dialog class was updated to support templates.
The SUDO dialog boxes were implemented using templates. New CSS
classes were added to ipa.css.
The HBAC rule details facet has been updated as well.
The ipa_add_dialog has been fixed to initialize the fields which
will get the labels from metadata. Hard-coded labels have been
removed from field declarations.
The superior() method has been removed because it doesn't work with
multi-level inheritance. Superclass method for now is called using
<class name>_<method> (e.g. widget_init).
The ipa_column has been modified to get the label from metadata
during initialization. The ipa_table_widget has been modified to
initialize the columns. Hard-coded labels have been removed from
column declarations.
The ipa_adder_dialog has been modified to execute a search at the
end of setup.
The association facet for HBAC Service Groups has been removed
and replaced with an association table in the details page.
The ipa_association_table_widget has been modified to support
multiple columns in the table itself and in the adder dialog.
The ipa_association_adder_dialog and ipa_association_facet have
been refactored.
The ipa_sudorule_association_widget and ipa_rule_association_widget
has been removed because their functionalities have been merged into
ipa_association_table_widget.
Updated the user,group,host, hostgroup, netgroup, service, and all policy
entities to use the newer framework functions, in order to
replaced the old array style definitions which did not support i18n.
update a few of the newer framerwork functions to get the lables from the
meta data.
Fixed the unit tests which were expecting a details facet for users,
no longer automatically created
The enrollment dialog has been modified to use scrollable tables that
supports multiple columns to display the search results and selected
entries. The columns are specified by calling create_adder_column()
on the association facet. By default the tables will use only one
column which is to display the primary keys.
The following enrollment dialogs have been modified to use multiple
columns:
- Group's member_user
- Service's managedby_host
- HBAC Service Group's member_hbacsvc
- SUDO Command Group's member_sudocmd
The ipa_association_table_widget's add() and remove() have been moved
into ipa_association_facet so they can be customized by facet's
subclass. The ipa_table's add_row() has been renamed to add_record().
Some old code has been removed from ipa_facet_create_action_panel().
The code was used to generate association links from a single facet.
It's no longer needed because now each association has its own facet.
The test data has been updated. The IPA.nested_tabs() has been fixed
to return the entity itself if IPA.tab_set is not defined. This is
needed to pass unit test.
The association facet has been modified to support multiple columns.
By default the facet will have one column which is the primary key of
the associated object (e.g. username of a group member), so the
existing code will work like before. Other fields (e.g. user's full
name) can be added by subclassing the ipa_association_facet class and
specifying the additional columns to display. These additional fields
will be retrieved using a batch operation.
Previously a single association facet instance will be used for all
associations in an entity. Now each association will have its own
association facet. This way each association facet can be customized
differently as needed. The <entity>-enroll URL parameter has been
removed because it's no longer needed.
The ipa_entity.create_association_facets() is provided to generate
the default association facets with one column for the primary key.
The column click handler has been moved out of ipa_column to provide
more flexibility for customization.
The get_action_panel() and get_client_area() have been modified to
search within the entity's container.
The group entity has been fully converted to use the new UI framework.
Association facets that have been modified to use multiple columns are:
- User Group's member_user
- HBAC Service Group's member_hbacsvc
- SUDO Command Group's member_sudocmd
- Service's managedby_host
New test data files have been added. Unit tests have been updated.
The search and details pages for SUDO Rule have been added. Codes
that are shared with HBAC have been moved to rule.js.
The following methods were renamed for consistency:
- ipa_details_load() -> ipa_details_refresh()
- ipa_details_display() -> ipa_details_load()
The ipa_details_cache has been removed because the cache is now
stored in each widget.
The index.xhtml has been removed. All references to it has been
changed to index.html.
The Unselect All checkbox has been fixed. Unnecessary parameter
'container' has been removed.
The unit test has been updated and new test data has been added.
The service and host details pages have been modified to display Kerberos
key provisioning status and to provide a way to unprovision. The host
enrollment via OTP has not been implemented yet.
The ipa_details_field has been modified to remove any old <dd> tags it
created in the previous load operation. This is to support other widgets
that need to perform load operation without removing <dd> tags.
The certificate_status_panel has been converted into a widget. The host
entity has been rewritten using the new framework.
The unit tests has been updated.
The HBAC details page has been enhanced to support Undo and Reset operations.
The functionality is implemented in the base widget class so the behavior
will be more consistent across widgets. A <span> tag now used to define the
field boundary in the HTML doc. The tag contains the visual representation
of the field which include the input tag and optionally the undo link.
The Update method on HBAC details page has been modified so that it executes
several operations using a batch command. The operations being executed
depends on the changes made to the fields. These operations may include:
- removing access time if access time is changed to any time
- removing memberships if member category is changed to all
- modifying rule attributes if description or rule type is changed
- enabling/disabling the rule if rule status is changed
The behavior of the Add & Remove buttons also has been changed such that
it adjust the category attribute properly in addition to adding the
memberships using batch command. For example, if category is initially
set to all, adding a new member will also change the category to empty.
The ipa_command have been modified to store the on_success and on_error
handlers as properties. When the command is executed as a part of batch
operation, the result of each command will be passed to the appropriate
handler.
The unit tests and test data have been updated as well.
The HBAC Service search and details pages have been added under the HBAC
tab. This requires some changes to the framework.
Currently the navigation framework doesn't support multiple entities under
one tab. As a temporary solution, an 'entity' URL parameter is used to
determine the entity to be displayed. This parameter is now only used by
HBAC tab, but its use might be expanded later. The navigation framework
needs be redesigned to provide more flexibility.
The search page in all entities except DNS records have been changed to
use the ipa_search_widget. The Select/Unselect All checbox and Delete
button now work correctly and consistently.
The Add dialog has been enhanced to render and work in a more consistent
way while still supporting custom widgets & layouts. For the search page,
the Add button will refresh the search results and clear the fields in
the dialog box.
The framework now provides some extension points which can be overriden
by the subclasses:
- init(): for initialization and configuration
- create(): for creating the layout dynamically or from template
- setup(): for setting the look and feel
- load(): for loading the data
Entity and facet initialization is now done after IPA.init(). This is to
ensure the metadata is loaded first so the entities and facets can use
localized messages/labels/titles.
The group entity has been partially converted to use the new framework.
The unit tests have been updated accordingly.
IPA commands now can be defined in these classes:
- ipa_command: a single IPA command
- ipa_batch_command: a batch command for executing multiple commands
on the server side using the new batch plugin
The dialog boxes for adding and removing entries have been refactored:
- ipa_dialog: base class for dialog boxes
- ipa_adder_dialog: generic adder dialog box
- ipa_deleter_dialog: generic deleter dialog box
- ipa_association_adder_dialog: adding entity association
- ipa_association_deleter_dialog: removing entity association
Dialog boxes for adding/deleting HBAC users, hosts, services, and
sourcehosts are implemented using the association dialog boxes.
The dialog box for adding access time is implemented using ipa_dialog
and currently contains only a text field. This will be replaced with a
custom dialog box in a separate patch.
The dialog box for removing access time is implemented using the
generic deleter class because it's not an association. Removing multiple
access times is implemented using batch operations.
New test data files for access times have been added.
if the field does not have a 'w' for writable in its rights, disable it.
Merged with the HBAC/Widget changes
add and remove links are managed via permissions now
The UI framework has been extended to include a collection of widgets:
- ipa_widget: base class
- ipa_text_widget: text field
- ipa_radio_widget: radio button
- ipa_textarea_widget: textarea
- ipa_button_widget: button
- ipa_column_widget: column for table
- ipa_table_widget: table
These widgets can be used to create input controls. They can also be
extended to create custom controls.
The framework has also been enhanced to support custom layouts. This
can be used to change the look of the application without changing
the code. Initially this is only available in details section.
Layout consists of a collection of HTML templates. Each template is a
complete and valid HTML file representing a portion of a page. The
template will be loaded and initialized by the code, then filled with
the data from the server. The layouts are located in
install/static/layouts/<name> folder.
By default, if no templates are used, the fields in the details page
are rendered vertically using dd/dt/dd tags. For pages that require
different layout, a custom UI needs to be developed. There are two ways
to do that:
- write a custom widget to generate the UI dynamically
- create an HTML template and write the initialization code
For components that are quite complex or used frequently, it's might
be better to use the first method. For simple pages that are used only
in one location or need to support customization, the second method
might be preferable. Other benefits of templates:
- cleaner code and UI separation
- more flexibility in customization
- new pages can be developed quickly and require less coding
- multiple templates can be used with the same initialization code
- easier to maintain
The HBAC details page has been implemented using both methods. By
default it will use custom widgets to generate the page. To use a
custom layout, add the following parameter to the URL, then reload
the page:
&layout=<name>
Currently the only available layout is 'default' which produces the
same look as the custom widgets.
The HBAC details page is usable, but it still needs additional work.
The access time is not working yet. There is no undo button, hint,
or validation yet.
The table in the association facet has also been changed to use
ipa_association_widget which is derived from ipa_table_widget.
The Makefile has been updated to include the layouts. The unit tests
have been updated as well.
