IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 17:01:14 -06:00
Code Issues Packages Projects Releases Wiki Activity
ad3cf68ac2
freeipa/install/ui/hbac.js
Endi S. Dewata 4ff959f55d Removed custom layouts using HTML templates. 
The code for supporting custom layouts using HTML templates has been
removed. If it's needed again in the future the code can be restored.

Ticket #1501
2011-07-21 11:47:57 -04:00

683 lines
22 KiB
JavaScript
Raw Blame History

/*jsl:import ipa.js */
/* Authors:
* Endi Sukma Dewata <edewata@redhat.com>
*
* Copyright (C) 2010 Red Hat
* see file 'COPYING' for use and warranty information
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */
IPA.entity_factories.hbacrule = function() {
return IPA.entity_builder().
entity('hbacrule').
search_facet({
columns:['cn',
{
factory: IPA.column,
name:'accessruletype',
setup : function(container,record){
container.empty();
var value = record[this.name];
value = value ? value.toString() : '';
if (value === 'deny'){
container.addClass('hbac-deny-rule');
}
container.append(value);
}
},
'usercategory','hostcategory','ipaenabledflag',
'servicecategory','sourcehostcategory']
}).
details_facet({
factory: IPA.hbacrule_details_facet
}).
adder_dialog({
fields:[
'cn',
{
factory: IPA.radio_widget,
'name': 'accessruletype',
'options': [
{ 'value': 'allow',
'label': IPA.messages.objects.hbacrule.allow
},
{ 'value': 'deny',
'label': IPA.messages.objects.hbacrule.deny
}],
'undo': false
}]
}).
build();
};
IPA.entity_factories.hbacsvc = function() {
return IPA.entity_builder().
entity('hbacsvc').
search_facet({
columns:['cn','description']}).
details_facet({sections:[{
name: 'general',
label: IPA.messages.details.general,
fields:[ 'cn', 'description']}]}).
adder_dialog({
fields:['cn','description']
}).
build();
};
IPA.entity_factories.hbacsvcgroup = function() {
return IPA.entity_builder().
entity('hbacsvcgroup').
search_facet({
columns:['cn', 'description']}).
details_facet({sections:[
{
name: 'general',
label: IPA.messages.details.general,
fields:['cn','description']
},
{
name: 'services',
label: IPA.messages.objects.hbacsvcgroup.services,
fields:[{
factory: IPA.hbacsvcgroup_member_hbacsvc_table_widget,
name: 'member_hbacsvc',
label: IPA.messages.objects.hbacsvcgroup.services,
other_entity: 'hbacsvc',
save_values: false
}]
}]}).
adder_dialog({
fields:['cn', 'description']
}).
build();
};
IPA.hbacsvcgroup_member_hbacsvc_table_widget = function(spec) {
spec = spec || {};
var that = IPA.association_table_widget(spec);
that.init = function() {
var column = that.create_column({
name: 'cn',
primary_key: true,
width: '150px',
link: true
});
that.create_column({
name: 'description',
width: '350px'
});
that.create_adder_column({
name: 'cn',
primary_key: true,
width: '100px'
});
that.create_adder_column({
name: 'description',
width: '100px'
});
that.association_table_widget_init();
};
return that;
};
IPA.hbacrule_details_facet = function(spec) {
spec = spec || {};
var that = IPA.details_facet(spec);
that.init = function() {
var section = IPA.hbacrule_details_general_section({
'name': 'general',
'label': IPA.messages.details.general
});
that.add_section(section);
section.text({name: 'cn', read_only: true});
section.radio({name: 'accessruletype'});
section.textarea({name: 'description'});
section.radio({name: 'ipaenabledflag'});
var param_info = IPA.get_entity_param('hbacrule', 'usercategory');
section = IPA.rule_details_section({
'name': 'user',
'label': IPA.messages.objects.hbacrule.user,
'text': param_info.doc+':',
'field_name': 'usercategory',
'options': [
{ 'value': 'all', 'label': IPA.messages.objects.hbacrule.anyone },
{ 'value': '', 'label': IPA.messages.objects.hbacrule.specified_users }
],
'tables': [
{ 'field_name': 'memberuser_user' },
{ 'field_name': 'memberuser_group' }
]
});
that.add_section(section);
var category = section.add_field(IPA.radio_widget({
name: 'usercategory'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-memberuser_user',
'name': 'memberuser_user', 'category': category,
'other_entity': 'user', 'add_method': 'add_user', 'remove_method': 'remove_user'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-memberuser_group',
'name': 'memberuser_group', 'category': category,
'other_entity': 'group', 'add_method': 'add_user', 'remove_method': 'remove_user'
}));
param_info = IPA.get_entity_param('hbacrule', 'hostcategory');
section = IPA.rule_details_section({
'name': 'host',
'label': IPA.messages.objects.hbacrule.host,
'text': param_info.doc+':',
'field_name': 'hostcategory',
'options': [
{ 'value': 'all', 'label': IPA.messages.objects.hbacrule.any_host },
{ 'value': '', 'label': IPA.messages.objects.hbacrule.specified_hosts }
],
'tables': [
{ 'field_name': 'memberhost_host' },
{ 'field_name': 'memberhost_hostgroup' }
]
});
that.add_section(section);
category = section.add_field(IPA.radio_widget({
name: 'hostcategory'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-memberhost_host',
'name': 'memberhost_host', 'category': category,
'other_entity': 'host', 'add_method': 'add_host', 'remove_method': 'remove_host'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-memberhost_hostgroup',
'name': 'memberhost_hostgroup', 'category': category,
'other_entity': 'hostgroup', 'add_method': 'add_host', 'remove_method': 'remove_host'
}));
param_info = IPA.get_entity_param('hbacrule', 'servicecategory');
section = IPA.rule_details_section({
'name': 'service',
'label': IPA.messages.objects.hbacrule.service,
'text': param_info.doc+':',
'field_name': 'servicecategory',
'options': [
{ 'value': 'all', 'label': IPA.messages.objects.hbacrule.any_service },
{ 'value': '', 'label': IPA.messages.objects.hbacrule.specified_services }
],
'tables': [
{ 'field_name': 'memberservice_hbacsvc' },
{ 'field_name': 'memberservice_hbacsvcgroup' }
]
});
that.add_section(section);
category = section.add_field(IPA.radio_widget({
name: 'servicecategory'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-memberservice_hbacsvc',
'name': 'memberservice_hbacsvc', 'category': category,
'other_entity': 'hbacsvc', 'add_method': 'add_service', 'remove_method': 'remove_service'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-memberservice_hbacsvcgroup',
'name': 'memberservice_hbacsvcgroup', 'category': category,
'other_entity': 'hbacsvcgroup', 'add_method': 'add_service', 'remove_method': 'remove_service'
}));
param_info = IPA.get_entity_param('hbacrule', 'sourcehostcategory');
section = IPA.rule_details_section({
'name': 'sourcehost',
'label': IPA.messages.objects.hbacrule.sourcehost,
'text': param_info.doc+':',
'field_name': 'sourcehostcategory',
'options': [
{ 'value': 'all', 'label': IPA.messages.objects.hbacrule.any_host },
{ 'value': '', 'label': IPA.messages.objects.hbacrule.specified_hosts }
],
'tables': [
{ 'field_name': 'sourcehost_host' },
{ 'field_name': 'sourcehost_hostgroup' }
]
});
that.add_section(section);
category = section.add_field(IPA.radio_widget({
name: 'sourcehostcategory'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-sourcehost_host',
'name': 'sourcehost_host', 'category': category,
'other_entity': 'host', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost'
}));
section.add_field(IPA.rule_association_table_widget({
'id': that.entity_name+'-sourcehost_hostgroup',
'name': 'sourcehost_hostgroup', 'category': category,
'other_entity': 'hostgroup', 'add_method': 'add_sourcehost', 'remove_method': 'remove_sourcehost'
}));
that.details_facet_init();
};
that.update = function(on_success, on_error) {
var pkey = IPA.nav.get_state(that.entity_name+'-pkey');
var modify_operation = {
'execute': false,
'command': IPA.command({
entity: that.entity_name,
method: 'mod',
args: [pkey],
options: {all: true, rights: true}
})
};
var categories = {
'usercategory': {
'remove_values': false
},
'hostcategory': {
'remove_values': false
},
'servicecategory': {
'remove_values': false
},
'sourcehostcategory': {
'remove_values': false
}
};
var member_operations = {
'memberuser': {
'category': 'usercategory',
'has_values': false,
'command': IPA.command({
entity: that.entity_name,
method: 'remove_user',
args: [pkey],
options: {all: true, rights: true}
})
},
'memberhost': {
'category': 'hostcategory',
'has_values': false,
'command': IPA.command({
entity: that.entity_name,
method: 'remove_host',
args: [pkey],
options: {all: true, rights: true}
})
},
'memberservice': {
'category': 'servicecategory',
'has_values': false,
'command': IPA.command({
entity: that.entity_name,
method: 'remove_service',
args: [pkey],
options: {all: true, rights: true}
})
},
'sourcehost': {
'category': 'sourcehostcategory',
'has_values': false,
'command': IPA.command({
entity: that.entity_name,
method: 'remove_sourcehost',
args: [pkey],
options: {all: true, rights: true}
})
}
};
var enable_operation = {
'execute': false,
'command': IPA.command({
entity: that.entity_name,
method: 'enable',
args: [pkey],
options: {all: true, rights: true}
})
};
var sections = that.sections.values;
for (var i=0; i<sections.length; i++) {
var section = sections[i];
var section_fields = section.fields.values;
for (var j=0; j<section_fields.length; j++) {
var field = section_fields[j];
if (!field.is_dirty()) continue;
var values = field.save();
if (!values) continue;
var param_info = IPA.get_entity_param(that.entity_name, field.name);
// skip primary key
if (param_info && param_info['primary_key']) continue;
var p = field.name.indexOf('_');
if (p >= 0) {
// prepare command to remove members if needed
var attribute = field.name.substring(0, p);
var other_entity = field.name.substring(p+1);
if (values.length) {
member_operations[attribute].command.set_option(other_entity, values.join(','));
member_operations[attribute].has_values = true;
}
continue;
}
// skip unchanged field
if (!field.is_dirty()) continue;
// check enable/disable
if (field.name == 'ipaenabledflag') {
if (values[0] == 'FALSE') enable_operation.command.method = 'disable';
enable_operation.execute = true;
continue;
}
if (categories[field.name]) {
if (values[0] == 'all') {
categories[field.name].remove_values = true;
}
}
if (param_info) {
if (values.length == 1) {
modify_operation.command.set_option(field.name, values[0]);
} else if (field.join) {
modify_operation.command.set_option(field.name, values.join(','));
} else {
modify_operation.command.set_option(field.name, values);
}
} else {
if (values.length) {
modify_operation.command.set_option('setattr', field.name+'='+values[0]);
} else {
modify_operation.command.set_option('setattr', field.name+'=');
}
for (var l=1; l<values.length; l++) {
modify_operation.command.set_option('addattr', field.name+'='+values[l]);
}
}
modify_operation.execute = true;
}
}
var batch = IPA.batch_command({
'name': 'hbac_details_update',
'on_success': function(data, text_status, xhr) {
that.refresh();
if (on_success) on_success(data, text_status, xhr);
},
'on_error': function(xhr, text_status, error_thrown) {
that.refresh();
if (on_error) on_error(xhr, text_status, error_thrown);
}
});
for (var member_attribute in member_operations) {
var member_operation = member_operations[member_attribute];
if (member_operation.has_values &&
categories[member_operation.category].remove_values) {
batch.add_command(member_operations[member_attribute].command);
}
}
if (modify_operation.execute) batch.add_command(modify_operation.command);
if (enable_operation.execute) batch.add_command(enable_operation.command);
if (!batch.commands.length) {
that.refresh();
return;
}
batch.execute();
};
return that;
};
IPA.hbacrule_details_general_section = function(spec) {
spec = spec || {};
var that = IPA.details_section(spec);
that.create = function(container) {
var table = $('<table/>', {
'style': 'width: 100%;'
}).appendTo(container);
var tr = $('<tr/>').appendTo(table);
var td = $('<td/>', {
'style': 'width: 100px; text-align: right;'
}).appendTo(tr);
var param_info = IPA.get_entity_param('hbacrule', 'cn');
td.append(param_info.label+':');
td = $('<td/>').appendTo(tr);
var field = that.get_field('cn');
var span = $('<span/>', {
name: 'cn',
'class': 'details-field'
}).appendTo(td);
$('<label/>', {
name: 'cn',
style: 'display: none;'
}).appendTo(span);
$('<input/>', {
'type': 'text',
'name': 'cn',
'size': 30
}).appendTo(span);
span.append(' ');
field.create_undo(span);
td = $('<td/>', {
'style': 'text-align: right;'
}).appendTo(tr);
param_info = IPA.get_entity_param('hbacrule', 'accessruletype');
td.append(param_info.label+':');
field = that.get_field('accessruletype');
span = $('<span/>', {
name: 'accessruletype',
'class': 'details-field'
}).appendTo(td);
$('<input/>', {
'type': 'radio',
'name': 'accessruletype',
'value': 'allow'
}).appendTo(span);
span.append(' ');
span.append(IPA.messages.objects.hbacrule.allow);
span.append(' ');
$('<input/>', {
'type': 'radio',
'name': 'accessruletype',
'value': 'deny'
}).appendTo(span);
span.append(' ');
span.append(IPA.messages.objects.hbacrule.deny);
span.append(' ');
field.create_undo(span);
tr = $('<tr/>').appendTo(table);
td = $('<td/>', {
'style': 'text-align: right; vertical-align: top;'
}).appendTo(tr);
param_info = IPA.get_entity_param('hbacrule', 'description');
td.append(param_info.label+':');
td = $('<td/>', {
'colspan': 2
}).appendTo(tr);
field = that.get_field('description');
span = $('<span/>', {
name: 'description',
'class': 'details-field'
}).appendTo(td);
$('<textarea/>', {
'name': 'description',
'rows': 5,
'style': 'width: 100%'
}).appendTo(span);
span.append(' ');
field.create_undo(span);
tr = $('<tr/>').appendTo(table);
td = $('<td/>', {
'style': 'text-align: right; vertical-align: top;'
}).appendTo(tr);
td.append(IPA.messages.objects.hbacrule.ipaenabledflag+':');
td = $('<td/>', {
'colspan': 2
}).appendTo(tr);
field = that.get_field('ipaenabledflag');
span = $('<span/>', {
name: 'ipaenabledflag',
'class': 'details-field'
}).appendTo(td);
$('<input/>', {
'type': 'radio',
'name': 'ipaenabledflag',
'value': 'TRUE'
}).appendTo(span);
span.append(' ');
span.append(IPA.messages.objects.hbacrule.active);
span.append(' ');
$('<input/>', {
'type': 'radio',
'name': 'ipaenabledflag',
'value': 'FALSE'
}).appendTo(span);
span.append(' ');
span.append(IPA.messages.objects.hbacrule.inactive);
span.append(' ');
field.create_undo(span);
};
return that;
};
IPA.hbac_deny_warning_dialog = function(container) {
var dialog = IPA.dialog({
'title': 'HBAC Deny Rules found'
});
var link_path = "config";
if (IPA.use_static_files){
link_path = "html";
}
dialog.create = function() {
dialog.container.append(
"HBAC rules with type deny have been found."+
" These rules have been deprecated." +
" Please remove them, and restructure the HBAC rules." );
$('<p/>').append($('<a/>',{
text: 'Click here for more information',
href: '../' +link_path +'/hbac-deny-remove.html',
target: "_blank",
style: 'target: tab; color: blue; '
})).appendTo(dialog.container);
};
dialog.add_button('Edit HBAC Rules', function() {
dialog.close();
IPA.nav.show_page('hbacrule', 'search');
});
dialog.add_button('Ignore for now', function() {
dialog.close();
});
dialog.init();
dialog.open();
};
Reference in New Issue View Git Blame Copy Permalink