URL: https://github.com/freeipa/freeipa/pull/400 Author: pvomacka Title: #400: WebUI: Certificate Mapping Action: opened
PR body: """ Add WebUI for certificate mapping """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/400/head:pr400 git checkout pr400
From 0044846ee2c657179ec586b61ccec56876b3d6e2 Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Mon, 16 Jan 2017 13:59:16 +0100 Subject: [PATCH 1/4] WebUI: Add possibility to set widget always writable If widget will have set attribute 'always_writable' to true, then 'no_update' flag will be ingored. Used in command user-{add,remove}-certmap which needs to be writable in WebUI and also needs to be omitted from user-mod command. Part of: https://fedorahosted.org/freeipa/ticket/6601 --- install/ui/src/freeipa/field.js | 11 ++++++++++- install/ui/src/freeipa/widget.js | 2 ++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/install/ui/src/freeipa/field.js b/install/ui/src/freeipa/field.js index d70a778..2d05ab1 100644 --- a/install/ui/src/freeipa/field.js +++ b/install/ui/src/freeipa/field.js @@ -484,7 +484,16 @@ field.field = IPA.field = function(spec) { writable = false; } - if (that.metadata.flags && array.indexOf(that.metadata.flags, 'no_update') > -1) { + // In case that widget has set always_writable attribute, then + // 'no_update' flag is ignored in WebUI. It is done because of + // commands like user-{add,remove}-certmap. They operate with user's + // attribute, which cannot be changed using user-mod, but only + // using command user-{add,remove}-certmap. Therefore it has set + // 'no_update' flag, but we need to show 'Add', 'Remove' buttons in + // WebUI. + if (that.metadata.flags && + array.indexOf(that.metadata.flags, 'no_update') > -1 && + that.widget && !that.widget.always_writable) { writable = false; } } diff --git a/install/ui/src/freeipa/widget.js b/install/ui/src/freeipa/widget.js index 6ad8aad..e6dfef9 100644 --- a/install/ui/src/freeipa/widget.js +++ b/install/ui/src/freeipa/widget.js @@ -1516,6 +1516,8 @@ IPA.custom_command_multivalued_widget = function(spec) { var that = IPA.multivalued_widget(spec); + that.always_writable = spec.always_writable || true; + that.item_name = spec.item_name || ''; that.adder_dialog_spec = spec.adder_dialog_spec; From 4adde09f3fbb7471d1ef2a0aacd4e92c8e66c280 Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Mon, 16 Jan 2017 14:12:23 +0100 Subject: [PATCH 2/4] WebUI: Send option:false if checkbox is not checked A checkbox can have true (checked) as default value, then we need to send false in case that user uncheck the checkbox. Part of: https://fedorahosted.org/freeipa/ticket/6601 --- install/ui/src/freeipa/field.js | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/install/ui/src/freeipa/field.js b/install/ui/src/freeipa/field.js index 2d05ab1..01411e4 100644 --- a/install/ui/src/freeipa/field.js +++ b/install/ui/src/freeipa/field.js @@ -1167,6 +1167,18 @@ field.checkbox_field = IPA.checkbox_field = function(spec) { return false; }; + /** Returns false when checkbox is not checked. + * Necessary for checkboxes which has true as default value. i.e. + * certmaprule_add + */ + that.get_value = function() { + + if(that.value.length === 0) { + that.value = [false]; + } + return that.value; + }; + return that; }; From caef2cbe531e83a9bade00a55eb75c76bb34ae63 Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Mon, 16 Jan 2017 14:13:42 +0100 Subject: [PATCH 3/4] WebUI: Create non editable row widget for mutlivalued widget Old krb-principal widget is changed to general one. And used also for ipacertmapdata in user. This widget make every line non-editable. Part of: https://fedorahosted.org/freeipa/ticket/6601 --- install/ui/src/freeipa/host.js | 3 ++- install/ui/src/freeipa/service.js | 3 ++- install/ui/src/freeipa/user.js | 3 ++- install/ui/src/freeipa/widget.js | 26 ++++++++++++++++---------- 4 files changed, 22 insertions(+), 13 deletions(-) diff --git a/install/ui/src/freeipa/host.js b/install/ui/src/freeipa/host.js index 87cf264..023530a 100644 --- a/install/ui/src/freeipa/host.js +++ b/install/ui/src/freeipa/host.js @@ -93,7 +93,8 @@ return { name: 'krbprincipalname', item_name: 'principal', child_spec: { - $type: 'krb_principal' + $type: 'non_editable_row', + data_name: 'krb-principal' } }, { diff --git a/install/ui/src/freeipa/service.js b/install/ui/src/freeipa/service.js index a6607d2..adae347 100644 --- a/install/ui/src/freeipa/service.js +++ b/install/ui/src/freeipa/service.js @@ -81,7 +81,8 @@ return { name: 'krbprincipalname', item_name: 'principal', child_spec: { - $type: 'krb_principal' + $type: 'non_editable_row', + data_name: 'krb-principal' } }, { diff --git a/install/ui/src/freeipa/user.js b/install/ui/src/freeipa/user.js index 7a08151..a36b65a 100644 --- a/install/ui/src/freeipa/user.js +++ b/install/ui/src/freeipa/user.js @@ -192,7 +192,8 @@ return { name: 'krbprincipalname', item_name: 'principal', child_spec: { - $type: 'krb_principal' + $type: 'non_editable_row', + data_name: 'krb-principal' } }, { diff --git a/install/ui/src/freeipa/widget.js b/install/ui/src/freeipa/widget.js index e6dfef9..0472fdc 100644 --- a/install/ui/src/freeipa/widget.js +++ b/install/ui/src/freeipa/widget.js @@ -1809,6 +1809,8 @@ IPA.custom_command_multivalued_widget = function(spec) { IPA.krb_principal_multivalued_widget = function (spec) { spec = spec || {}; + spec.child_spec = spec.child_spec || {}; + spec.child_spec.data_name = spec.child_spec.data_name || 'krb-principal'; spec.adder_dialog_spec = spec.adder_dialog_spec || { title: '@i18n:krbaliases.adder_title', @@ -1829,7 +1831,7 @@ IPA.krb_principal_multivalued_widget = function (spec) { that.create_remove_dialog_message = function(row) { var message = text.get('@i18n:krbaliases.remove_message'); - message = message.replace('${alias}', row.widget.principal_name); + message = message.replace('${alias}', row.widget.new_value); return message; }; @@ -1837,7 +1839,7 @@ IPA.krb_principal_multivalued_widget = function (spec) { that.create_remove_args = function(row) { var pkey = that.facet.get_pkey(); - var krbprincipalname = row.widget.principal_name; + var krbprincipalname = row.widget.new_value; krbprincipalname = [ krbprincipalname ]; var args = [ @@ -1864,22 +1866,24 @@ IPA.krb_principal_multivalued_widget = function (spec) { }; /** - * Widget which is used as row in kerberos aliases multivalued widget. - * It contains only string where is the principal alias name and delete button. + * Widget which is used as row in multivalued widget. Each row is just + * non-editable text field. * * @class * @extends IPA.input_widget */ -IPA.krb_principal_widget = function(spec) { + IPA.non_editable_row_widget = function(spec) { spec = spec || {}; var that = IPA.input_widget(); + that.data_name = spec.data_name || 'default'; + that.create = function(container) { that.widget_create(container); - that.principal_text = $('<span />', { - 'class': 'krb-principal-name', + that.data_text = $('<span />', { + 'class': that.data_name + '-data', text: '' }).appendTo(container); @@ -1892,19 +1896,20 @@ IPA.krb_principal_widget = function(spec) { that.update = function(value) { - var principal_name = value[0] || ''; + var single_value = value[0] || ''; - that.principal_name = principal_name; + that.new_value = single_value; that.update_text(); }; that.update_text = function() { - that.principal_text.text(that.principal_name); + that.data_text.text(that.new_value); }; return that; }; + /** * Option widget base * @@ -7173,6 +7178,7 @@ exp.register = function() { w.register('html', IPA.html_widget); w.register('link', IPA.link_widget); w.register('multivalued', IPA.multivalued_widget); + w.register('non_editable_row', IPA.non_editable_row_widget); w.register('custom_command_multivalued', IPA.custom_command_multivalued_widget); w.register('krb_principal_multivalued', From c42f95e83a94ed6a7674903f2c513e98c59ce1aa Mon Sep 17 00:00:00 2001 From: Pavel Vomacka <pvoma...@redhat.com> Date: Mon, 16 Jan 2017 14:16:47 +0100 Subject: [PATCH 4/4] WebUI: Add certmap module Add facets for certmaprule and certmapconfigure entities. https://fedorahosted.org/freeipa/ticket/6601 --- install/ui/src/freeipa/app.js | 1 + install/ui/src/freeipa/navigation/menu_spec.js | 16 +- install/ui/src/freeipa/plugins/certmap.js | 261 +++++++++++++++++++++++++ install/ui/src/freeipa/user.js | 9 + install/ui/test/data/ipa_init.json | 8 + ipaserver/plugins/internal.py | 8 + 6 files changed, 302 insertions(+), 1 deletion(-) create mode 100644 install/ui/src/freeipa/plugins/certmap.js diff --git a/install/ui/src/freeipa/app.js b/install/ui/src/freeipa/app.js index 4eb045d..d262a64 100644 --- a/install/ui/src/freeipa/app.js +++ b/install/ui/src/freeipa/app.js @@ -32,6 +32,7 @@ define([ './plugins/ca', './plugins/caacl', './plugins/certprofile', + './plugins/certmap', './dns', './group', './hbac', diff --git a/install/ui/src/freeipa/navigation/menu_spec.js b/install/ui/src/freeipa/navigation/menu_spec.js index 7d121d9..281bf22 100644 --- a/install/ui/src/freeipa/navigation/menu_spec.js +++ b/install/ui/src/freeipa/navigation/menu_spec.js @@ -151,7 +151,21 @@ var nav = {}; ] }, { entity: 'otptoken' }, - { entity: 'radiusproxy' } + { entity: 'radiusproxy' }, + { + entity: 'certmaprule', + facet: 'search', + children: [ + { + entity: 'certmaprule', + facet: 'search' + }, + { + entity: 'certmapconfig', + facet: 'details' + } + ] + } ] }, { diff --git a/install/ui/src/freeipa/plugins/certmap.js b/install/ui/src/freeipa/plugins/certmap.js new file mode 100644 index 0000000..fb6022b --- /dev/null +++ b/install/ui/src/freeipa/plugins/certmap.js @@ -0,0 +1,261 @@ +// +// Copyright (C) 2017 FreeIPA Contributors see COPYING for license +// + + +define([ + 'dojo/_base/lang', + 'dojo/_base/declare', + 'dojo/Evented', + 'dojo/on', + '../navigation', + '../field', + '../ipa', + '../phases', + '../reg', + '../widget', + '../text', + // plain imports + '../search', + '../entity'], + function(lang, declare, Evented, on, navigation, mod_field, IPA, + phases, reg, widget_mod, text) { +/** + * Certificate map module + * @class + */ +var certmap = IPA.certmap = { + + search_facet_group: { + facets: { + certmaprule_search: 'certmaprule_search', + domainlevel: 'domainlevel_details' + } + } +}; + +var make_certmaprule_spec = function() { +return { + name: 'certmaprule', + facets: [ + { + $type: 'search', + always_request_members: true, + details_facet: 'details', + facet_groups: [certmap.search_facet_group], + facet_group: 'search', + row_enabled_attribute: 'ipaenabledflag', + columns: [ + 'cn', + { + name: 'ipaenabledflag', + label: '@i18n:status.label', + formatter: 'boolean_status' + }, + 'description' + ], + actions: [ + 'batch_disable', + 'batch_enable' + ], + control_buttons: [ + { + name: 'disable', + label: '@i18n:buttons.disable', + icon: 'fa-minus' + }, + { + name: 'enable', + label: '@i18n:buttons.enable', + icon: 'fa-check' + } + ] + }, + { + $type: 'details', + disable_facet_tabs: true, + facet_groups: [certmap.search_facet_group], + facet_group: 'search', + actions: [ + 'enable', + 'disable', + 'delete' + ], + header_actions: ['enable', 'disable', 'delete'], + state: { + evaluators: [ + { + $factory: IPA.enable_state_evaluator, + field: 'ipaenabledflag' + } + ] + }, + sections: [ + { + name: 'details', + fields: [ + 'cn', + { + $type: 'textarea', + name: 'description' + }, + 'ipacertmapissuer', + 'ipacertmapmaprule', + 'ipacertmapmatchrule', + { + $type: 'multivalued', + name: 'associateddomain' + }, + 'ipacertmappriority' + ] + } + ] + } + ], + adder_dialog: { + fields: [ + 'cn', + { + $type: 'checkbox', + name: 'ipaenabledflag', + checked: 'checked' + }, + { + $type: 'textarea', + name: 'description' + }, + 'ipacertmapissuer', + 'ipacertmapmaprule', + 'ipacertmapmatchrule', + { + $type: 'multivalued', + name: 'associateddomain' + }, + 'ipacertmappriority' + ] + } +};}; + + +var make_certmapconfig_spec = function() { +return { + name: 'certmapconfig', + defines_key: false, + facets: [ + { + $type: 'details', + facet_groups: [certmap.search_facet_group], + facet_group: 'search', + sections: [ + { + name: 'details', + fields: [ + { + $type: 'checkbox', + name: 'ipacertmappromptusername' + } + ] + } + ] + } + ] +};}; + + +/** + * Multivalued widget which is used for working with user's certmap. + * + * @class + * @extends IPA.custom_command_multivalued_widget + */ +certmap.certmap_multivalued_widget = function (spec) { + + spec = spec || {}; + + spec.adder_dialog_spec = spec.adder_dialog_spec || { + title: '@i18n:objects.certmap.adder_title', + fields: [ + { + $type: 'textarea', + name: 'ipacertmapdata', + label: '@i18n:objects.certmap.data_label' + } + ] + }; + + var that = IPA.custom_command_multivalued_widget(spec); + + that.create_remove_dialog_title = function(row) { + return text.get('@i18n:objects.certmap.deleter_title'); + }; + + that.create_remove_dialog_message = function(row) { + var message = text.get('@i18n:objects.certmap.deleter_content'); + message = message.replace('${data}', row.widget.new_value); + + return message; + }; + + /** + * Compose options for add command. + * @return {Object} options + */ + that.create_add_options = function() { + var options = {}; + var certmapdata = that.adder_dialog.get_field('ipacertmapdata').value; + + options['ipacertmapdata'] = certmapdata; + + return options; + }; + + + /** + * Compose options for remove command. + * + * @param {Object} row + * @return {Object} options + */ + that.create_remove_options = function(row) { + var options = {}; + var data = row.widget.new_value; + + options['ipacertmapdata'] = data; + + return options; + }; + + return that; +}; + +/** + * Certificat Mapping Rules entity specification object + * @member certmap + */ +certmap.certmaprule_spec = make_certmaprule_spec(); + +/** + * Certificate Mapping Configuration entity specification object + * @member certmap + */ +certmap.certmapconfig_spec = make_certmapconfig_spec(); + + +/** + * Register entity + * @member cermap + */ +certmap.register = function() { + var e = reg.entity; + var w = reg.widget; + + e.register({type: 'certmaprule', spec: certmap.certmaprule_spec}); + e.register({type: 'certmapconfig', spec: certmap.certmapconfig_spec}); + w.register('certmap_multivalued', + certmap.certmap_multivalued_widget); +}; + +phases.on('registration', certmap.register); + +return certmap; +}); diff --git a/install/ui/src/freeipa/user.js b/install/ui/src/freeipa/user.js index a36b65a..96ae5cb 100644 --- a/install/ui/src/freeipa/user.js +++ b/install/ui/src/freeipa/user.js @@ -218,6 +218,15 @@ return { label: '@i18n:objects.cert.certificates' }, { + $type: 'certmap_multivalued', + name: 'ipacertmapdata', + item_name: 'certmap', + child_spec: { + $type: 'non_editable_row', + data_name: 'certmap' + } + }, + { $type: 'checkboxes', name: 'ipauserauthtype', flags: ['w_if_no_aci'], diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 6d11e73..b4b8892 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -315,6 +315,14 @@ "view_certificate": "Certificate for ${entity} ${primary_key}", "view_certificate_btn": "View Certificate" }, + "certmap": { + "adder_title": "Add Certificate Mapping Data", + "data_label": "Certificate mapping data", + "conf_str": "Configuration string", + "deleter_content": "Do you want to remove certificate mapping data ${data}?", + "deleter_title": "Remove Certificate Mapping Data", + "version": "Version", + }, "config": { "group": "Group Options", "search": "Search Options", diff --git a/ipaserver/plugins/internal.py b/ipaserver/plugins/internal.py index 0a8139e..24a5acf 100644 --- a/ipaserver/plugins/internal.py +++ b/ipaserver/plugins/internal.py @@ -465,6 +465,14 @@ class i18n_messages(Command): "view_certificate": _("Certificate for ${entity} ${primary_key}"), "view_certificate_btn": _("View Certificate"), }, + "certmap": { + "adder_title": _("Add Certificate Mapping Data"), + "data_label": _("Certificate mapping data"), + "conf_str": _("Configuration string"), + "deleter_content": _("Do you want to remove certificate mapping data ${data}?"), + "deleter_title": _("Remove Certificate Mapping Data"), + "version": _("Version"), + }, "config": { "group": _("Group Options"), "search": _("Search Options"),
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code