Previously all columns was shown as links, that was caused by setting
link attribute of each column to true. This true value was there because
of possibility to turn off links in whole table on self-service pages.
Now only column which is primary key is set to be shown as link.
https://pagure.io/freeipa/issue/7066
Reviewed-By: Felipe Volpone <fbarreto@redhat.com>
jslint warned about parsing string to integer without explicit radix.
This error was introduced in commit 3cac851 .
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Previously, this configuration field was validated by integer_validator
which only checks that the input is number.
Now new positive_integer_validator can also check that
the inputed number positive.
https://pagure.io/freeipa/issue/6980
Reviewed-By: Felipe Volpone <felipevolpone@gmail.com>
Add new validator which inherits from integer validator
and checks whether the integer is positive.
https://pagure.io/freeipa/issue/6980
Reviewed-By: Felipe Volpone <felipevolpone@gmail.com>
It is now possible to change UPN suffixes in WebUI. This change
allows another way to changing UPN suffixes for AD users.
https://pagure.io/freeipa/issue/7015
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
The certificate to the certmapping might be inserted as
base64 encoded blob. This patch allows to also insert the certificate
blob with surrounding "-----BEGIN CERTIFICATE-----" and
"-----END CERTIFICATE-----" lines. This behavior is the same in
widget for assigning certificates to users, so the change helps
WebUI to be more consistent.
https://pagure.io/freeipa/issue/6772
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Vaults menu item was shown even when the KRA service was not installed.
That was caused by different path to the menu item in admin's view
and in selfservice view.
The path is now set correctly for both situations. 'network_service/vault'
for admin's view and 'vault' for selfservice view.
https://pagure.io/freeipa/issue/6812
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
This widget is used on details pages and dialogs. When the size limit
is set to lower number the warning about truncation was shown every time
the details page was open.
Now, with support for suppressing warning messages from server according
to its code, we are able to disable warning with 13017 code (truncation
warning)
https://pagure.io/freeipa/issue/6618
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Each command can have specified an array of warning codes which will
be suppressed and won't be shown.
For specifying this it is necessary to set command property
'supressed_warnings: [codes_of_warning]'
Part of: https://pagure.io/freeipa/issue/6618
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
After login, method user-find --whoami was called which cannot be
called for AD users. That method was replaced by ipa whoami command
and sequential command according to result of ipa whoami. AD user
can now be logged in.
AD users have new menu definition which contains only list of IPA
users and profile page of AD user - "User ID Override".
This commit also fixes several places where IPA.whoami object was
used, because its structure was also changed. It now contains two
objects. First one is stored in 'metadata' property and stores
result from ipa whoami (type of object, command which should be
called for showing detailed data about currently logged entity, etc).
The second one is stored in 'data' property which stores result of
_show command for currently logged entity.
https://pagure.io/freeipa/issue/3242
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
AD user can do only several things. One of those which are not
allowed is to reset password to itself. Therefore we need to be
able to turn of a item in dropdown menu. In our case
'Password reset' item. Function which disable menu item and detach
the listener on click from the item specified by its name was added.
Part of: https://pagure.io/freeipa/issue/3242
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
WebUI checks whether principal name of logged user and principal name
in each command is equal. As KDC for our principals is case insensitive
- it does make sense to switch this check also into case insensitive.
So both principals are reformated to lower case and then
compared.
Part of: https://pagure.io/freeipa/issue/3242
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Added field into idview details page and into server config where
the order of domains used while searching for user. Domains can
be separated by ':' character.
https://pagure.io/freeipa/issue/6372
Reviewed-By: Simo Sorce <ssorce@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Also add error message when login failed.
https://pagure.io/freeipa/issue/6225
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: David Kupka <dkupka@redhat.com>
Bunch of tests for WebUI Vault Management.
Covers:
Adding vaults
Modifying vaults
Adding members and owners to all types of vaults
https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Add vault management into WebUI, there are some constraints:
- There is no crypto library so Symmetric and Assymetric vaults
are not supported in WebUI. Also retrieving or archiving data
is not supported.
- There aren't any container support right now
Supported is:
- Browsing vaults
- Adding Standard vaults (users, service, shared)
- Removing vaults
- Adding and removing owners
- Adding and removing members
https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Allows to show rows which have the same primary key. Used in Vault.
https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
While defining search facet and adding custom actions with the same name
as default actions in search facet. Custom actions will be used and their
definition will override default actions.
Part of:https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Removes item selected by name attribute from sidebar
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
'additional_table_attrs' can contain array of names of columns. Value from each
column with its name will be added to the batch _del command. in case that
the column with set name does not exists - the name is skipped.
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Allow pagination to table facets which needs to call _show on all rows
with additional parameter. 'show_command_additional_attr' can be set to any
attribute from result of _find command. This attribute is taken with its value
and added to options of _each command for each row.
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
'update_attribute' can contain a name of field in details page. In that case the value
of the field with field name will be appended to the update command options.
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
'refresh_attribute' can be set to the name of url parameter name. This parameter with
its value is then passed to refresh command of the details facet.
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
The 'refresh_option' of association field takes string. This string has to
correspond with field name on details page. In case that the field is present
the value of the field is passed to command as option in following format:
{fieldname: field_value}
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Useful in association tables which need to ignore object's metadata flags.
Association tables don't check right at all. They check them only when
'acl_param' is set in association table field spec. In case that checking metadata
needs to be turned on even for Association table, then set 'check_writable_from_metadata'
true value in spec.
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Association table's add, del commands needs as option list of cn of
other_entity, which is added or deleted. There is a case (currently in vaults)
that the name of option is different than the name of other_entity.
In this situation we can set 'other_option_name' and put there the option name.
This option name will be used instead of 'other_entity' name.
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
By setting the property 'additional_add_del_field' to the name of one of
the fields which are on current details page, we choose field which value
will be added to *_add_* and *_del_* commands in this format:
{field_name: field_value}
--field_name: field_value
Part of: https://fedorahosted.org/freeipa/ticket/5426
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Web UI showed pop-up dialog which recommends to install additional CA in
topology section when only 1 CA existed even if there was only one master.
Though behind the pop-up is to prevent situation, where multiple replicas
are installed but neither with --setup-ca option and thus risking to loose
CA when original master is lost.
The warning was displayed also if only one IPA server exists. It is unnecessary
to annoy admin only about CA because the entire IPA is not duplicated.
Therefore the pop-up is now shown only one IPA server exists.
https://pagure.io/freeipa/issue/6598
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Add module which can show users which are mapped to the provided certificate.
Additionaly, the certificate is parsed and parsed information are
also displayed.
https://pagure.io/freeipa/issue/6601
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Result of certmap_match command is in the following format:
[{domain: 'domain1', uid:[uid11,uid12,uid13]}, {domain: 'domain2',
uid:[uid21, uid22, uid23},...]
For correct displaying in table we need to reformat it to the following:
[{domain: 'domain1', uid: 'uid11'}, {domain: 'domain1', uid: 'uid12'},...
This can be done using this Adapter.
Part of: https://pagure.io/freeipa/issue/6601
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
In case that API call returns array of objects which contains data, using
'object_index' attribute in adapter specification we can set which object
should be used.
It is possible to choose only one object specified by its index in array.
Part of: https://pagure.io/freeipa/issue/6601
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
When field on details facet has set 'autoload_value' to false, then it won't
be loaded using that.load method of details facet. That means that field
might stay unchanged even that loading of data was performed.
Part of: https://pagure.io/freeipa/issue/6601
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
All values were previously converted to lowercase which was not
coresponding with CLI behaviour. Now they stay as they are
inserted. I also have to change the strings to lowercase because
the otp and radius should be inserted as lowercase words.
https://fedorahosted.org/freeipa/ticket/6308
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Add new attribute which keeps information whether each text added
using custom_checkbox_widget shoud be transformed to lowercase.
Part of: https://fedorahosted.org/freeipa/ticket/6308
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Fix is in checkboxes widget but the only affected one is attributes widget.
Reproduction:
1. Add permission with attribute with uppercase character
$ ipa permission-add aa_test --type=stageuser --attrs=businessCategory --right=read
2. Check if it is correctly displayed in Web UI
Actual result:
- businesscategory is not checked
Expected result:
- businesscategory is checked
Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
New customization button opens dialog with field for setting the number of lines
in tables. After saving the new value there is new topic which starts refreshing
current table facet (if shown) and set all other facets expired. Therefore all
tables are immediately regenerated.
https://fedorahosted.org/freeipa/ticket/5742
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Javascript integer validator checks whether value entered into field is number
and is not higher than Number.MAX_SAFE_INTEGER constant.
Part of: https://fedorahosted.org/freeipa/ticket/5742
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Adder dialog which is used along with custom_command_multivalued_widget.
It behaivor of confirm dialog and adds fields which are necessary.
Part of: https://fedorahosted.org/freeipa/ticket/6601
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Old krb-principal widget is changed to general one. And used also for
ipacertmapdata in user.
This widget make every line non-editable.
Part of: https://fedorahosted.org/freeipa/ticket/6601
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
If field will have set attribute 'always_writable' to true, then
'no_update' flag will be ingored. Used in command user-{add,remove}-certmap
which needs to be writable in WebUI and also needs to be omitted from
user-mod command.
Part of: https://fedorahosted.org/freeipa/ticket/6601
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Previously there were 'User Groups', 'Host Groups' and 'Netgroups'
separately, now these three items are grouped into one named 'Groups'
which has sidebar with three items mentioned above.
This change allows us to move ID views into Identity submenu.
https://pagure.io/freeipa/issue/6717
Reviewed-By: Simo Sorce <ssorce@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
It was not possible to get all arbitrary certificates which were added
using {user|host|service|idview}-add-cert method. Adding sizelimit:0
to this cert-find command fix the issue. It set sizelimit to unlimited.
https://pagure.io/freeipa/issue/6712
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
