add Web UI for new certificate objects

[PATCH] 894 webui: certificate profiles
[PATCH] 895 webui: caacl
[PATCH] 896 webui: hide facet tab in certificate details facet
--
Petr Vobornik
From 4d3332098c72545bc4bb179e29ede7fcbd6bbb1e Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Wed, 8 Jul 2015 14:18:48 +0200
Subject: [PATCH] webui: hide facet tab in certificate details facet

---
 install/ui/src/freeipa/certificate.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index 146c71ef54704c2a813816bde39fc8eb2e96e75f..28d0407db319a4b72f0021c7d10a30418c2e498f 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -1135,6 +1135,7 @@ return {
             $type: 'details',
             $factory: IPA.cert.details_facet,
             no_update: true,
+            disable_facet_tabs: true,
             actions: [
                 'cert_revoke',
                 'cert_restore'
-- 
2.4.3

From f993d9b8681cae681313dda06fa636956ed94188 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Wed, 8 Jul 2015 12:11:02 +0200
Subject: [PATCH] webui: caacl

---
 install/ui/doc/categories.json                 |   1 +
 install/ui/src/freeipa/app.js                  |   1 +
 install/ui/src/freeipa/certificate.js          |   3 +-
 install/ui/src/freeipa/navigation/menu_spec.js |   5 +
 install/ui/src/freeipa/plugins/caacl.js        | 379 +++++++++++++++++++++++++
 install/ui/test/data/ipa_init.json             |  13 +
 ipalib/plugins/internal.py                     |  13 +
 7 files changed, 414 insertions(+), 1 deletion(-)
 create mode 100644 install/ui/src/freeipa/plugins/caacl.js

diff --git a/install/ui/doc/categories.json b/install/ui/doc/categories.json
index 34ca7e839e2dfa354bbdeb37fdc30315a2a4f104..70b5666c062d9c5f8739e13ac3e82a74ab5249de 100644
--- a/install/ui/doc/categories.json
+++ b/install/ui/doc/categories.json
@@ -256,6 +256,7 @@
                     "topology",
                     "user",
                     "plugins.api_browser",
+                    "plugins.caacl",
                     "plugins.certprofile",
                     "plugins.load",
                     "plugins.login",
diff --git a/install/ui/src/freeipa/app.js b/install/ui/src/freeipa/app.js
index 6efb6b0c04a2339c84a18c77d80a4a7486382b08..1057120c02c000e5c21ad62c1517ccb59115f0cc 100644
--- a/install/ui/src/freeipa/app.js
+++ b/install/ui/src/freeipa/app.js
@@ -29,6 +29,7 @@ define([
     './aci',
     './automember',
     './automount',
+    './plugins/caacl',
     './plugins/certprofile',
     './dns',
     './group',
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index b2d740dcb74fc9b185a768d3675aea9527210040..146c71ef54704c2a813816bde39fc8eb2e96e75f 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -1024,7 +1024,8 @@ exp.facet_group = {
     label: '@i18n:tabs.cert',
     facets: {
         certificates: 'cert_search',
-        profiles: 'certprofile_search'
+        profiles: 'certprofile_search',
+        acls: 'caacl_search'
     }
 };
 
diff --git a/install/ui/src/freeipa/navigation/menu_spec.js b/install/ui/src/freeipa/navigation/menu_spec.js
index 713f205de1a06db255b559fbd2b6a7c7c340e18d..32bbd6aaab9e47854e74d26b7f23b89d8bfe7410 100644
--- a/install/ui/src/freeipa/navigation/menu_spec.js
+++ b/install/ui/src/freeipa/navigation/menu_spec.js
@@ -137,6 +137,11 @@ var nav = {};
                             entity: 'cert',
                             facet: 'search',
                             hidden: true
+                        },
+                        {
+                            entity: 'caacl',
+                            facet: 'search',
+                            hidden: true
                         }
                     ]
                 },
diff --git a/install/ui/src/freeipa/plugins/caacl.js b/install/ui/src/freeipa/plugins/caacl.js
new file mode 100644
index 0000000000000000000000000000000000000000..06973da4deb601d88809709f6260f5f26a1b7f31
--- /dev/null
+++ b/install/ui/src/freeipa/plugins/caacl.js
@@ -0,0 +1,379 @@
+//
+// Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+//
+
+define([
+    '../ipa',
+    '../jquery',
+    '../phases',
+    '../reg',
+    '../certificate',
+    '../rule'
+],
+function(IPA, $, phases, reg, cert) {
+/**
+ * caacl module
+ * @class plugins.caacl
+ * @singleton
+ */
+var caacl = IPA.caacl = {
+    remove_method_priority: IPA.config.default_priority - 1
+};
+
+var make_caacl_spec = function() {
+var spec = {
+    name: 'caacl',
+    facets: [
+        {
+            $type: 'search',
+            disable_facet_tabs: false,
+            tabs_in_sidebar: true,
+            tab_label: '@mo:caacl.label',
+            facet_groups: [cert.facet_group],
+            facet_group: 'certificates',
+            row_enabled_attribute: 'ipaenabledflag',
+            columns: [
+                'cn',
+                {
+                    name: 'ipaenabledflag',
+                    label: '@i18n:status.label',
+                    formatter: 'boolean_status'
+                },
+                'description'
+            ],
+            actions: [
+                'batch_disable',
+                'batch_enable'
+            ],
+            control_buttons: [
+                {
+                    name: 'disable',
+                    label: '@i18n:buttons.disable',
+                    icon: 'fa-minus'
+                },
+                {
+                    name: 'enable',
+                    label: '@i18n:buttons.enable',
+                    icon: 'fa-check'
+                }
+            ]
+        },
+        {
+            $type: 'details',
+            $factory: IPA.sudorule_details_facet,
+            disable_facet_tabs: true,
+            command_mode: 'info',
+            actions: [
+                'enable',
+                'disable',
+                'delete'
+            ],
+            header_actions: ['enable', 'disable', 'delete'],
+            state: {
+                evaluators: [
+                    {
+                        $factory: IPA.enable_state_evaluator,
+                        field: 'ipaenabledflag'
+                    }
+                ],
+                summary_conditions: [
+                    IPA.enabled_summary_cond,
+                    IPA.disabled_summary_cond
+                ]
+            }
+        }
+    ],
+    adder_dialog: {
+        fields: [
+            'cn',
+            {
+                $type: 'textarea',
+                name: 'description'
+            }
+        ]
+    }
+};
+
+    add_caacl_details_facet_widgets(spec.facets[1]);
+    return spec;
+};
+
+/**
+ * @ignore
+ * @param {Object} facet spec
+ */
+var add_caacl_details_facet_widgets = function (spec) {
+
+    //
+    // General
+    //
+
+    spec.fields = [
+        {
+            name: 'cn',
+            read_only: true,
+            widget: 'general.cn'
+        },
+        {
+            $type: 'textarea',
+            name: 'description',
+            widget: 'general.description'
+        }
+    ];
+
+    spec.widgets = [
+        {
+            $type: 'details_section',
+            name: 'general',
+            label: '@i18n:details.general',
+            widgets: [
+                {
+                    name: 'cn'
+                },
+                {
+                    $type: 'textarea',
+                    name: 'description'
+                }
+            ]
+        }
+    ];
+
+    //
+    // Cert Profiles
+    //
+
+    spec.fields.push(
+        {
+            $type: 'radio',
+            name: 'ipacertprofilecategory',
+            widget: 'certprofile.rule.ipacertprofilecategory'
+        },
+        {
+            $type: 'rule_association_table',
+            name: 'ipamembercertprofile_certprofile',
+            widget: 'certprofile.rule.ipamembercertprofile_certprofile',
+            priority: IPA.caacl.remove_method_priority
+        }
+    );
+
+    spec.widgets.push(
+        {
+            $factory: IPA.section,
+            name: 'certprofile',
+            label: '@i18n:objects.caacl.profile',
+            widgets: [
+                {
+                    $factory: IPA.rule_details_widget,
+                    name: 'rule',
+                    radio_name: 'ipacertprofilecategory',
+                    options: [
+                        { value: 'all',
+                        label: '@i18n:objects.caacl.any_profile' },
+                        { value: '',
+                        label: '@i18n:objects.caacl.specified_profiles' }
+                    ],
+                    tables: [
+                        { name: 'ipamembercertprofile_certprofile' }
+                    ],
+                    widgets: [
+                        {
+                            $type: 'rule_association_table',
+                            id: 'caacl-ipamembercertprofile_certprofile',
+                            name: 'ipamembercertprofile_certprofile',
+                            add_method: 'add_user',
+                            remove_method: 'remove_user',
+                            add_title: '@i18n:association.add.member',
+                            remove_title: '@i18n:association.remove.member'
+                        }
+                    ]
+                }
+            ]
+        }
+    );
+
+    //
+    // Who
+    //
+
+    spec.fields.push(
+        // users
+        {
+            $type: 'radio',
+            name: 'usercategory',
+            widget: 'who.user.usercategory'
+        },
+        {
+            $type: 'rule_association_table',
+            name: 'memberuser_user',
+            widget: 'who.user.memberuser_user',
+            priority: IPA.caacl.remove_method_priority
+        },
+        {
+            $type: 'rule_association_table',
+            name: 'memberuser_group',
+            widget: 'who.user.memberuser_group',
+            priority: IPA.caacl.remove_method_priority
+        },
+
+        // hosts
+        {
+            $type: 'radio',
+            name: 'hostcategory',
+            widget: 'who.host.hostcategory'
+        },
+        {
+            $type: 'rule_association_table',
+            name: 'memberhost_host',
+            widget: 'who.host.memberhost_host',
+            priority: IPA.caacl.remove_method_priority
+        },
+        {
+            $type: 'rule_association_table',
+            name: 'memberhost_hostgroup',
+            widget: 'who.host.memberhost_hostgroup',
+            priority: IPA.caacl.remove_method_priority
+        },
+
+        // services
+        {
+            $type: 'radio',
+            name: 'servicecategory',
+            widget: 'who.service.servicecategory'
+        },
+        {
+            $type: 'rule_association_table',
+            name: 'memberservice_service',
+            widget: 'who.service.memberservice_service',
+            priority: IPA.caacl.remove_method_priority
+        }
+    );
+
+    spec.widgets.push(
+        {
+            $factory: IPA.section,
+            name: 'who',
+            label: '@i18n:objects.caacl.who',
+            widgets: [
+                {
+                    $factory: IPA.rule_details_widget,
+                    name: 'user',
+                    radio_name: 'usercategory',
+                    options: [
+                        { value: 'all',
+                        label: '@i18n:objects.caacl.anyone' },
+                        { value: '',
+                        label: '@i18n:objects.caacl.specified_users' }
+                    ],
+                    tables: [
+                        { name: 'memberuser_user' },
+                        { name: 'memberuser_group' }
+                    ],
+                    widgets: [
+                        {
+                            $type: 'rule_association_table',
+                            id: 'caacl-memberuser_user',
+                            name: 'memberuser_user',
+                            add_method: 'add_user',
+                            remove_method: 'remove_user',
+                            add_title: '@i18n:association.add.member',
+                            remove_title: '@i18n:association.remove.member'
+                        },
+                        {
+                            $type: 'rule_association_table',
+                            id: 'caacl-memberuser_group',
+                            name: 'memberuser_group',
+                            add_method: 'add_user',
+                            remove_method: 'remove_user',
+                            add_title: '@i18n:association.add.member',
+                            remove_title: '@i18n:association.remove.member'
+                        }
+                    ]
+                },
+                {
+                    $factory: IPA.rule_details_widget,
+                    name: 'host',
+                    radio_name: 'hostcategory',
+                    options: [
+                        {
+                            'value': 'all',
+                            'label': '@i18n:objects.caacl.any_host'
+                        },
+                        {
+                            'value': '',
+                            'label': '@i18n:objects.caacl.specified_hosts'
+                        }
+                    ],
+                    tables: [
+                        { 'name': 'memberhost_host' },
+                        { 'name': 'memberhost_hostgroup' }
+                    ],
+                    widgets: [
+                        {
+                            $type: 'rule_association_table',
+                            id: 'caacl-memberuser_user',
+                            name: 'memberhost_host',
+                            add_method: 'add_host',
+                            remove_method: 'remove_host',
+                            add_title: '@i18n:association.add.member',
+                            remove_title: '@i18n:association.remove.member'
+                        },
+                        {
+                            $type: 'rule_association_table',
+                            id: 'caacl-memberuser_group',
+                            name: 'memberhost_hostgroup',
+                            add_method: 'add_host',
+                            remove_method: 'remove_host',
+                            add_title: '@i18n:association.add.member',
+                            remove_title: '@i18n:association.remove.member'
+                        }
+                    ]
+                },
+                {
+                    $factory: IPA.rule_details_widget,
+                    name: 'service',
+                    radio_name: 'servicecategory',
+                    options: [
+                        { 'value': 'all', 'label': '@i18n:objects.caacl.any_service' },
+                        { 'value': '', 'label': '@i18n:objects.caacl.specified_services' }
+                    ],
+                    tables: [
+                        { 'name': 'memberservice_service' }
+                    ],
+                    widgets: [
+                        {
+                            $type: 'rule_association_table',
+                            id: 'caacl-memberservice_service',
+                            name: 'memberservice_service',
+                            add_method: 'add_service',
+                            remove_method: 'remove_service',
+                            add_title: '@i18n:association.add.member',
+                            remove_title: '@i18n:association.remove.member'
+                        }
+                    ]
+                }
+            ]
+        }
+    );
+};
+
+
+/**
+ * CAACL entity specification object
+ * @member plugins.caacl
+ */
+caacl.caacl_spec = make_caacl_spec();
+
+
+/**
+ * Register entity
+ * @member plugins.caacl
+ */
+caacl.register = function() {
+    var e = reg.entity;
+    e.register({type: 'caacl', spec: caacl.caacl_spec});
+};
+
+phases.on('registration', caacl.register);
+
+return caacl;
+});
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index 1290db2c430354afdd79024dbda8752330d11aaf..f253c57fe80dc0846b25cfea8402ad7353e8da28 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -203,6 +203,19 @@
                             "indirect": "Indirect",
                             "map_type": "Map Type"
                         },
+                        "caacl": {
+                            "any_host": "Any Host",
+                            "any_service": "Any Service",
+                            "any_profile": "Any Profile",
+                            "anyone": "Anyone",
+                            "ipaenabledflag": "Rule status",
+                            "profile": "Profiles",
+                            "specified_hosts": "Specified Hosts and Groups",
+                            "specified_profiles": "Specified Profiles",
+                            "specified_services": "Specified Services and Groups",
+                            "specified_users": "Specified Users and Groups",
+                            "who": "Permitted to have certificates issued"
+                        },
                         "cert": {
                             "aa_compromise": "AA Compromise",
                             "affiliation_changed": "Affiliation Changed",
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 270a228b2713ac6b17cebb5f23158bc631d5e42d..653d866da509dd2cfb4d013850f797f8ef1d4fb4 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -347,6 +347,19 @@ class i18n_messages(Command):
                 "direct": _("Direct"),
                 "indirect": _("Indirect"),
             },
+            "caacl": {
+                "any_host": _("Any Host"),
+                "any_service": _("Any Service"),
+                "any_profile": _("Any Profile"),
+                "anyone": _("Anyone"),
+                "ipaenabledflag": _("Rule status"),
+                "profile": _("Profiles"),
+                "specified_hosts": _("Specified Hosts and Groups"),
+                "specified_profiles": _("Specified Profiles"),
+                "specified_services": _("Specified Services and Groups"),
+                "specified_users": _("Specified Users and Groups"),
+                "who": _("Permitted to have certificates issued"),
+            },
             "cert": {
                 "aa_compromise": _("AA Compromise"),
                 "affiliation_changed": _("Affiliation Changed"),
-- 
2.4.3

From 58fc335144cf0de013dd47baa230690e3124192c Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Thu, 2 Jul 2015 17:55:12 +0200
Subject: [PATCH] webui: certificate profiles

---
 install/ui/doc/categories.json                 |  1 +
 install/ui/src/freeipa/app.js                  |  1 +
 install/ui/src/freeipa/certificate.js          | 14 +++++
 install/ui/src/freeipa/navigation/menu_spec.js | 18 +++++-
 install/ui/src/freeipa/plugins/certprofile.js  | 84 ++++++++++++++++++++++++++
 5 files changed, 117 insertions(+), 1 deletion(-)
 create mode 100644 install/ui/src/freeipa/plugins/certprofile.js

diff --git a/install/ui/doc/categories.json b/install/ui/doc/categories.json
index 3a7c2ebc2d6cdee34d48cc72f94ce845bd73d7e4..34ca7e839e2dfa354bbdeb37fdc30315a2a4f104 100644
--- a/install/ui/doc/categories.json
+++ b/install/ui/doc/categories.json
@@ -256,6 +256,7 @@
                     "topology",
                     "user",
                     "plugins.api_browser",
+                    "plugins.certprofile",
                     "plugins.load",
                     "plugins.login",
                     "plugins.login_process",
diff --git a/install/ui/src/freeipa/app.js b/install/ui/src/freeipa/app.js
index 92613b4a4cec1487a6bde1bdc0049b16d3321418..6efb6b0c04a2339c84a18c77d80a4a7486382b08 100644
--- a/install/ui/src/freeipa/app.js
+++ b/install/ui/src/freeipa/app.js
@@ -29,6 +29,7 @@ define([
     './aci',
     './automember',
     './automount',
+    './plugins/certprofile',
     './dns',
     './group',
     './hbac',
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index 182ec7e66238375eb3140a449bd79c46d7937841..b2d740dcb74fc9b185a768d3675aea9527210040 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -1019,6 +1019,15 @@ exp.create_cert_metadata = function() {
     return entity;
 };
 
+exp.facet_group = {
+    name: 'certificates',
+    label: '@i18n:tabs.cert',
+    facets: {
+        certificates: 'cert_search',
+        profiles: 'certprofile_search'
+    }
+};
+
 var make_spec = function() {
 return {
     name: 'cert',
@@ -1051,6 +1060,11 @@ return {
         {
             $type: 'search',
             $factory: IPA.cert.search_facet,
+            disable_facet_tabs: false,
+            tabs_in_sidebar: true,
+            tab_label: '@i18n:tabs.cert',
+            facet_groups: [exp.facet_group],
+            facet_group: 'certificates',
             pagination: false,
             no_update: true,
             columns: [
diff --git a/install/ui/src/freeipa/navigation/menu_spec.js b/install/ui/src/freeipa/navigation/menu_spec.js
index 4265e98710cdaff0d2ea77ab1e62be1071b19c33..713f205de1a06db255b559fbd2b6a7c7c340e18d 100644
--- a/install/ui/src/freeipa/navigation/menu_spec.js
+++ b/install/ui/src/freeipa/navigation/menu_spec.js
@@ -123,7 +123,23 @@ var nav = {};
             name: 'authentication',
             label: '@i18n:tabs.authentication',
             children: [
-                { entity: 'cert', label: '@i18n:tabs.cert' },
+                {
+                    entity: 'cert',
+                    facet: 'search',
+                    label: '@i18n:tabs.cert',
+                    children: [
+                        {
+                            entity: 'certprofile',
+                            facet: 'search',
+                            hidden: true
+                        },
+                        {
+                            entity: 'cert',
+                            facet: 'search',
+                            hidden: true
+                        }
+                    ]
+                },
                 { entity: 'otptoken' },
                 { entity: 'radiusproxy' }
             ]
diff --git a/install/ui/src/freeipa/plugins/certprofile.js b/install/ui/src/freeipa/plugins/certprofile.js
new file mode 100644
index 0000000000000000000000000000000000000000..8f777e891734e237a67826501a13144d5350e5c8
--- /dev/null
+++ b/install/ui/src/freeipa/plugins/certprofile.js
@@ -0,0 +1,84 @@
+//
+// Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+//
+
+define([
+    '../ipa',
+    '../jquery',
+    '../phases',
+    '../reg',
+    '../certificate'
+],
+function(IPA, $, phases, reg, cert) {
+/**
+ * certprofile module
+ * @class plugins.certprofile
+ * @singleton
+ */
+var certprofile = IPA.certprofile = {
+};
+
+var make_certprofile_spec = function() {
+return {
+    name: 'certprofile',
+    facets: [
+           {
+            $type: 'search',
+            $pre_ops: [
+                { $del: [[ 'control_buttons', [{ name: 'add'}] ]] }
+            ],
+            disable_facet_tabs: false,
+            tabs_in_sidebar: true,
+            tab_label: '@mo:certprofile.label',
+            facet_groups: [cert.facet_group],
+            facet_group: 'certificates',
+            columns: [
+                'cn',
+                'description',
+                'ipacertprofilestoreissued'
+            ]
+        },
+        {
+            $type: 'details',
+            disable_facet_tabs: true,
+            sections: [
+                {
+                    name: 'details',
+                    fields: [
+                        'cn',
+                        {
+                            $type: 'textarea',
+                            name: 'description'
+                        },
+                        {
+                            $type: 'checkbox',
+                            name: 'ipacertprofilestoreissued'
+                        }
+                    ]
+                }
+            ]
+        }
+    ]
+};};
+
+
+/**
+ * Certificate profile entity specification object
+ * @member plugins.certprofile
+ */
+certprofile.certprofile_spec = make_certprofile_spec();
+
+
+/**
+ * Register entity
+ * @member plugins.certprofile
+ */
+certprofile.register = function() {
+    var e = reg.entity;
+    e.register({type: 'certprofile', spec: certprofile.certprofile_spec});
+};
+
+phases.on('registration', certprofile.register);
+
+return certprofile;
+});
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to