On 8.10.2014 18:53, Petr Vobornik wrote:
On 3.10.2014 16:12, Petr Vobornik wrote:
On 1.10.2014 18:15, Petr Vobornik wrote:
Hello list,

Patch for: https://fedorahosted.org/freeipa/ticket/4419


Web UI for 4419. Depends on patch 761 (parent thread).


New version which works with 761-2.

The content was moved to details facet (based on UXD feedback).


Server part has been pushed. Version which matches its API attached.
--
Petr Vobornik
From 8e4dd4b3b9e3d3d5613226861855e26433c5545d Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Fri, 17 Oct 2014 15:30:34 +0200
Subject: [PATCH] webui: management of keytab permissions

https://fedorahosted.org/freeipa/ticket/4419
---
 install/ui/src/freeipa/association.js | 12 +++--
 install/ui/src/freeipa/host.js        | 84 +++++++++++++++++++++++++++++++++++
 install/ui/src/freeipa/service.js     | 84 +++++++++++++++++++++++++++++++++++
 install/ui/test/data/ipa_init.json    |  8 ++++
 ipalib/plugins/internal.py            |  8 ++++
 5 files changed, 193 insertions(+), 3 deletions(-)

diff --git a/install/ui/src/freeipa/association.js b/install/ui/src/freeipa/association.js
index 64a2926d97856e3333b9a3dac27834bc4d78e8f5..03a358c60cc3632a6f000d47b2e29cabd07883c1 100644
--- a/install/ui/src/freeipa/association.js
+++ b/install/ui/src/freeipa/association.js
@@ -406,7 +406,7 @@ IPA.association_table_widget = function (spec) {
 
     spec = spec || {};
 
-    var index = spec.name.indexOf('_');
+    var index = spec.name.lastIndexOf('_');
     spec.attribute_member = spec.attribute_member || spec.name.substring(0, index);
     spec.other_entity = spec.other_entity || spec.name.substring(index+1);
 
@@ -589,7 +589,7 @@ IPA.association_table_widget = function (spec) {
         var i;
         var columns = that.columns.values;
         if (columns.length == 1) { // show pkey only
-            var name = columns[0].name;
+            var name = columns[0].param;
             for (i=0; i<that.values.length; i++) {
                 var record = {};
                 record[name] = that.values[i];
@@ -774,6 +774,12 @@ IPA.association_table_field = function (spec) {
 
     var that = IPA.field(spec);
 
+    that.load = function(data) {
+        that.values = that.adapter.load(data);
+        that.widget.update(that.values);
+        that.widget.unselect_all();
+    };
+
     that.refresh = function() {
 
         function on_success(data, text_status, xhr) {
@@ -821,7 +827,7 @@ exp.association_facet_pre_op = function(spec, context) {
     su.context_entity(spec, context);
     spec.entity = entity;
 
-    var index = spec.name.indexOf('_');
+    var index = spec.name.lastIndexOf('_');
     spec.attribute_member = spec.attribute_member ||
         spec.name.substring(0, index);
     spec.other_entity = spec.other_entity ||
diff --git a/install/ui/src/freeipa/host.js b/install/ui/src/freeipa/host.js
index 5b886b6394e73533d73f0d1a3d800922e4ef3e4d..455ff8f50ec58104d4e046ec0fabf2a7e89eeeb2 100644
--- a/install/ui/src/freeipa/host.js
+++ b/install/ui/src/freeipa/host.js
@@ -146,6 +146,90 @@ return {
                             label: '@i18n:objects.host.status'
                         }
                     ]
+                },
+                {
+                    $factory: IPA.section,
+                    name: 'divider',
+                    layout_css_class: 'col-sm-12',
+                    fields: []
+                },
+                {
+                    name: 'read',
+                    label: '@i18n:keytab.allowed_to_retrieve',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_read_keys_user',
+                            name: 'ipaallowedtoperform_read_keys_user',
+                            add_method: 'allow_retrieve_keytab',
+                            remove_method: 'disallow_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_user',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_read_keys_group',
+                            name: 'ipaallowedtoperform_read_keys_group',
+                            add_method: 'allow_retrieve_keytab',
+                            remove_method: 'disallow_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_group',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
+                },
+                {
+                    name: 'write',
+                    label: '@i18n:keytab.allowed_to_create',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_write_keys_user',
+                            name: 'ipaallowedtoperform_write_keys_user',
+                            add_method: 'allow_create_keytab',
+                            remove_method: 'disallow_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_user',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_write_keys_group',
+                            name: 'ipaallowedtoperform_write_keys_group',
+                            add_method: 'allow_create_keytab',
+                            remove_method: 'disallow_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_group',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
                 }
             ],
             actions: [
diff --git a/install/ui/src/freeipa/service.js b/install/ui/src/freeipa/service.js
index ee71e7af38df338aa2e1d50542f032a49602e59e..3e47981bdbda9cd076eab75da0f5133503af6f3d 100644
--- a/install/ui/src/freeipa/service.js
+++ b/install/ui/src/freeipa/service.js
@@ -134,6 +134,90 @@ return {
                             label: '@i18n:objects.service.status'
                         }
                     ]
+                },
+                {
+                    $factory: IPA.section,
+                    name: 'divider',
+                    layout_css_class: 'col-sm-12',
+                    fields: []
+                },
+                {
+                    name: 'read',
+                    label: '@i18n:keytab.allowed_to_retrieve',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_read_keys_user',
+                            name: 'ipaallowedtoperform_read_keys_user',
+                            add_method: 'allow_retrieve_keytab',
+                            remove_method: 'disallow_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_user',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_read_keys_group',
+                            name: 'ipaallowedtoperform_read_keys_group',
+                            add_method: 'allow_retrieve_keytab',
+                            remove_method: 'disallow_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_group',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
+                },
+                {
+                    name: 'write',
+                    label: '@i18n:keytab.allowed_to_create',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_write_keys_user',
+                            name: 'ipaallowedtoperform_write_keys_user',
+                            add_method: 'allow_create_keytab',
+                            remove_method: 'disallow_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_user',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_write_keys_group',
+                            name: 'ipaallowedtoperform_write_keys_group',
+                            add_method: 'allow_create_keytab',
+                            remove_method: 'disallow_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_group',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
                 }
             ],
             actions: [
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index f40ff14dfb3ecae40e6921da29ce3e2916121268..cfbf277f1b61ba57c398d2f39a9684427269bca0 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -143,6 +143,14 @@
                         "search": "Search"
                     },
                     "false": "False",
+                    "keytab": {
+                        "add_create": "Allow ${other_entity} to create keytab of ${primary_key}",
+                        "add_retrive": "Allow ${other_entity} to retrieve keytab of ${primary_key}",
+                        "allowed_to_create": "Allowed to create keytab",
+                        "allowed_to_retrieve": "Allowed to retrieve keytab",
+                        "remove_create": "Disallow ${other_entity} to create keytab of ${primary_key}",
+                        "remove_retrieve": "Disallow ${other_entity} to retrieve keytab of ${primary_key}"
+                    },
                     "krbauthzdata": {
                         "inherited": "Inherited from server configuration",
                         "mspac": "MS-PAC",
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 43805daa8d8765e5d0adfb41d89c26c41dd061c0..e15448650d7ebb073911c71790cad506c0d07901 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -285,6 +285,14 @@ class i18n_messages(Command):
             "search": _("Search"),
         },
         "false": _("False"),
+        "keytab": {
+            "add_create": _("Allow ${other_entity} to create keytab of ${primary_key}"),
+            "add_retrive": _("Allow ${other_entity} to retrieve keytab of ${primary_key}"),
+            "allowed_to_create": _("Allowed to create keytab"),
+            "allowed_to_retrieve": _("Allowed to retrieve keytab"),
+            "remove_create": _("Disallow ${other_entity} to create keytab of ${primary_key}"),
+            "remove_retrieve": _("Disallow ${other_entity} to retrieve keytab of ${primary_key}"),
+        },
         "krbauthzdata": {
             "inherited": _("Inherited from server configuration"),
             "mspac": _("MS-PAC"),
-- 
1.9.3

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to