Re: [Freeipa-devel] [PATCH] Add a new user-add flag param to disable the creation of UPG.

2011-04-08 Thread Pavel Zuna
if necessary. I think the description attribute is the best choice, because it's part of the posixAccount objectClass and we don't use it for anything on user entries. Pavel From 57f3b82bc4b3180a8b0a27733cc0632b813a7736 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Mon, 28

Re: [Freeipa-devel] [PATCH] Validate/Normalize user attributes if set using krbtpolicy set/add-attr.

2011-04-07 Thread Pavel Zuna
On 04/06/2011 05:08 PM, Pavel Zuna wrote: Ticket #744 Pavel New fixed version of patch attached. Pavel From c61c329c1fd4f806a64f4fa6b660b0baeea38377 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 6 Apr 2011 09:08:03 -0400 Subject: [PATCH] Validate/Normalize user

[Freeipa-devel] [PATCH] Validate/Normalize user attributes if set using krbtpolicy set/add-attr.

2011-04-06 Thread Pavel Zuna
Ticket #744 Pavel freeipa-pzuna-89-validatekrbt.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] Fix gidnumber option of user-add command.

2011-03-28 Thread Pavel Zuna
With this patch, the gidNumber is set automatically only if it wasn't specified explicitly by the user. Ticket #1127 Pavel freeipa-pzuna-87-fixgidnumber.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 039 Wait for Directory Server ports to open

2011-03-15 Thread Pavel Zuna
On 03/14/2011 06:03 PM, Martin Kosek wrote: I know this is a 2.1 ticket, but the patch is probably also a solution of #1047 - a 2.0.5 bucket critical bug. When Directory Server operation is run right after the server restart the listening ports may not be opened yet. This makes the

Re: [Freeipa-devel] [PATCH] 752 fix SELinux AVCs

2011-03-15 Thread Pavel Zuna
On 03/14/2011 09:33 PM, Rob Crittenden wrote: Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance. This fixes 2 AVCS: * One because we are enabling port 7390 because an SSL port must be defined to use TLS On 7389. * We were symlinking to the main IPA 389-ds NSS certificate

[Freeipa-devel] [PATCH] Fix error in user plugin email normalizer for empty --setattr=mail=.

2011-03-03 Thread Pavel Zuna
An exception was raised when you tried to reset user email addresses and setting new ones using: ipa user-add SOMEUSER --setattr=mail= --addattr=mail=someu...@redhat.com Pavel freeipa-pzuna-85-fixemailnorm.patch Description: application/mbox ___

Re: [Freeipa-devel] [PATCH] Fix error in user plugin email normalizer for empty --setattr=mail=.

2011-03-03 Thread Pavel Zuna
On 03/03/2011 04:23 PM, Pavel Zuna wrote: An exception was raised when you tried to reset user email addresses and setting new ones using: ipa user-add SOMEUSER --setattr=mail= --addattr=mail=someu...@redhat.com Pavel Just a correction: The example above should read 'ipa user-mod ...' ofc

Re: [Freeipa-devel] Localization patches.

2011-02-28 Thread Pavel Zuna
On 02/23/2011 07:09 PM, Pavel Zůna wrote: On 2011-02-22 20:16, Rob Crittenden wrote: Pavel Zůna wrote: On 2011-02-17 22:52, Rob Crittenden wrote: Pavel Zůna wrote: On 2011-02-17 05:09, Rob Crittenden wrote: Pavel Zůna wrote: My efforts in fixing localization all around the framework and

Re: [Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.

2011-02-25 Thread Pavel Zuna
On 02/23/2011 11:53 PM, Simo Sorce wrote: On Wed, 23 Feb 2011 23:41:33 +0100 Pavel Zůnapz...@redhat.com wrote: On 2011-02-15 16:36, JR Aquino wrote: On 2/15/11 6:52 AM, Simo Sorcesso...@redhat.com wrote: On Tue, 15 Feb 2011 15:19:50 +0100 Pavel Zunapz...@redhat.com wrote: I can't

Re: [Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.

2011-02-15 Thread Pavel Zuna
On 02/14/2011 04:53 PM, Rob Crittenden wrote: Pavel Zuna wrote: On 02/08/2011 01:06 PM, Pavel Zuna wrote: The patch also corrects exception handling in some of the tools. Fix #874 Pavel Updated patch attached. Forgot to rename an identifier in exception handling. Pavel This isn't

Re: [Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.

2011-02-15 Thread Pavel Zuna
On 02/14/2011 04:56 PM, JR Aquino wrote: On 2/10/11 2:42 AM, Pavel Zunapz...@redhat.com wrote: On 02/08/2011 01:06 PM, Pavel Zuna wrote: The patch also corrects exception handling in some of the tools. Fix #874 Pavel Updated patch attached. Forgot to rename an identifier in exception

Re: [Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.

2011-02-10 Thread Pavel Zuna
On 02/08/2011 01:06 PM, Pavel Zuna wrote: The patch also corrects exception handling in some of the tools. Fix #874 Pavel Updated patch attached. Forgot to rename an identifier in exception handling. Pavel freeipa-pzuna-78-2-toolsldapi.patch Description: application/mbox

Re: [Freeipa-devel] [PATCH] 050 Fix migration page

2011-02-09 Thread Pavel Zuna
On 02/09/2011 02:09 PM, Jakub Hrozek wrote: During some UI rewrite, the password migration form completely lost the action= field and defaulted to GET instead of POST. ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.

2011-02-08 Thread Pavel Zuna
The patch also corrects exception handling in some of the tools. Fix #874 Pavel freeipa-pzuna-78-toolsldapi.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 73 Update config doc to reflect that 0 is not allowed for search time limit.

2011-02-08 Thread Pavel Zuna
On 02/08/2011 12:34 AM, David O'Brien wrote: Pavel Zuna wrote: Fix #837 Pavel /me hesitantly asks... Doesn't this mean that 1 is illegal? doc=_('Max. amount of time (sec.) for a search ( 1 or -1 for unlimited)'), Neither is there any mention of zero being illegal. It may be implicit

[Freeipa-devel] [PATCH] 72 Set minimum for Kerberos policy max life and max renew

2011-02-07 Thread Pavel Zuna
Fix #847 Pavel freeipa-pzuna-72-krbtpmin.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 73 Update config doc to reflect that 0 is not allowed for search time limit.

2011-02-07 Thread Pavel Zuna
Fix #837 Pavel freeipa-pzuna-73-configdoc.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 76 Fallback to default locale (en_US) if env. setting is corrupt.

2011-02-07 Thread Pavel Zuna
This is a follow-up to my patches 69 and 71 (70 is garbage). It prevents a crash when user misconfigures his locale settings. Pavel freeipa-pzuna-76-deflocale.patch Description: application/mbox ___ Freeipa-devel mailing list

[Freeipa-devel] [PATCH] 77 Update krbtpolicy doc to inform that restarting krb5kdc might be needed.

2011-02-07 Thread Pavel Zuna
It seems that restarting krb5kdc is only needed when changes to the global policy are made. Per-user policies take effect immediately for newly requested tickets. Can someone please confirm? Fix #844 Pavel freeipa-pzuna-77-krbtpdoc.patch Description: application/mbox

Re: [Freeipa-devel] [PATCH] Remove deprecated i18n code from ipalib.request and all references to it.

2011-02-04 Thread Pavel Zuna
On 02/02/2011 09:36 PM, Rob Crittenden wrote: Pavel Zuna wrote: This ticket effectively fixes the translation of exception messages. Ticket #903 Pavel On hold for now, see also patch 'Translate exception messages on the client side.' rob This should get pushed for the translation

[Freeipa-devel] [PATCH] Send Accept-Language header over XML-RPC and translate on server.

2011-02-04 Thread Pavel Zuna
This patch makes the ipa client send the Accept-Language header, so that the server can translate things like exceptions, that cannot be translated on the client. It also fixes the language recognition for the webUI. The values in Accept-Language header are a bit different than what is

Re: [Freeipa-devel] python i18n options

2011-02-04 Thread Pavel Zuna
On 02/03/2011 05:13 PM, John Dennis wrote: On 02/03/2011 09:34 AM, Pavel Zuna wrote: Python 2.6+ provides secure ways to encode and decode literal types to/from strings. I'm not sure what you mean by this, could you elaborate please? http://docs.python.org/library/ast.html#ast.literal_eval

[Freeipa-devel] python i18n options

2011-02-03 Thread Pavel Zuna
I've been playing around with localizing python strings for a while and this is what I figured out: Currently we use xgettext to get strings to be translated from python files. From withing python we call the gettext library wrapped in ipalib/text.py classes to provide on request translation.

[Freeipa-devel] [PATCH] Fix crash in ipa help for NO_CLI plugins.

2011-02-02 Thread Pavel Zuna
Fix #854 Pavel From 6c9f25fa6c50034db4967e64590cc9d46bdf8e0b Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 2 Feb 2011 12:47:34 -0500 Subject: [PATCH] Fix crash in ipa help for NO_CLI plugins. Fix #854 --- ipalib/cli.py | 16 ++-- 1 files changed, 2

[Freeipa-devel] [PATCH] Fix minor bug in host-add logic.

2011-02-02 Thread Pavel Zuna
Fix #798 Pavel From c5872d7d532429341c86cf1ba10a24709b510664 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 2 Feb 2011 13:47:21 -0500 Subject: [PATCH] Fix minor bug in host-add logic. Ticket #798 --- ipalib/plugins/host.py |4 ++-- 1 files changed, 2 insertions(+), 2

Re: [Freeipa-devel] [PATCH] 698 Translate exception messages

2011-02-02 Thread Pavel Zuna
On 02/01/2011 11:36 PM, Rob Crittenden wrote: Pavel mentioned this morning that translations didn't seem to be working. I remembered that I did some things on the cli so I re-tested. Turned out that exceptions aren't being translated. I'm not at all sure this patch does the right thing, so take

[Freeipa-devel] [PATCH] Remove deprecated i18n code from ipalib.request and all references to it.

2011-02-02 Thread Pavel Zuna
This ticket effectively fixes the translation of exception messages. Ticket #903 Pavel From b051be4d816f94ebab3fc932b3d2372d1cf0345a Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 2 Feb 2011 15:37:14 -0500 Subject: [PATCH] Remove deprecated i18n code from ipalib/request

Re: [Freeipa-devel] [PATCH] Make 'ipa help' localizable.

2011-02-01 Thread Pavel Zuna
On 02/01/2011 03:08 PM, John Dennis wrote: On 02/01/2011 08:16 AM, Pavel Zuna wrote: For a long time, I was trying to find a way to localize python docstrings, that we use to generate the built-in documentation system. Unfortunately, python docstrings aren't meant to be localized and therefore

[Freeipa-devel] [PATCH] Add ldap2 method to retrieve allowed attributes for specified objectClasses.

2011-01-25 Thread Pavel Zuna
ldap2.get_allowed_attributes(['posixuser']) returns a list of unicode all lower case attribute names allowed for the object class 'posixuser' You can enter as many object classes as you want. Pavel From 044476963a96136f951ccf8232debc1b1c48513f Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz

[Freeipa-devel] [PATCH] Raise ValidationError when adding unallowed attribute to search fields.

2011-01-25 Thread Pavel Zuna
Depends on my previous patch number 64 (posted on the list 2 minutes ago). Ticket #845 Pavel From 275f22f718af14f3f3c5e29c1f03471ab152b386 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 25 Jan 2011 15:25:52 -0500 Subject: [PATCH 2/2] Raise ValidationError when adding

Re: [Freeipa-devel] [PATCH] test speedup patch

2011-01-19 Thread Pavel Zuna
On 01/19/2011 04:17 AM, Rob Crittenden wrote: Rob Crittenden wrote: Rob Crittenden wrote: Attached is a rough cut of a patch to try to speed up the cli a little bit. Basically in production mode it will skip some things during initialization. My concept is that we develop in mode !=

Re: [Freeipa-devel] [PATCH] Enable custom list of attributes to retrieve effective rights.

2011-01-18 Thread Pavel Zuna
attached. Pavel From abfe7eb176534b1d7cf0deae81f1bd2c2ebb7aef Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Thu, 30 Dec 2010 08:48:12 -0500 Subject: [PATCH] Enable custom list of attributes to retrieve effective rights. Fix #677 --- ipalib/plugins/baseldap.py | 34

[Freeipa-devel] [PATCH] Fix import API_VERSION import error.

2011-01-18 Thread Pavel Zuna
Fixes import errors in the framework cause by recent API version changes. Fix #796 Pavel From 3532c0f551edc79e63843ee112dee097dfb6aadf Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 18 Jan 2011 12:35:59 -0500 Subject: [PATCH] Fix import API_VERSION import error. Fix #796

Re: [Freeipa-devel] [PATCH] Fix import API_VERSION import error.

2011-01-18 Thread Pavel Zuna
On 01/18/2011 01:40 PM, Pavel Zuna wrote: Fixes import errors in the framework cause by recent API version changes. Fix #796 Pavel self-NACK. Ignore this patch, didn't realize the API_VERSION constant is auto-generated. Pavel ___ Freeipa-devel

[Freeipa-devel] [PATCH] Remove SOA maximum parameter from DNS zone.

2011-01-18 Thread Pavel Zuna
There's no such thing as maximum in SOA record RDATA format according to RFC 1035 and there's also no such attribute in the schema. Fix #788 https://bugzilla.redhat.com/show_bug.cgi?id=670343 Pavel From ee65cb0fc69384f2777537d222a762a4f7be5bfe Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz

[Freeipa-devel] [PATCH] Fix crash when building DN of host with name ending with period.

2011-01-18 Thread Pavel Zuna
Fix #797 Pavel From 509a77949474b429bb4d4ee6fa871bdade446625 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 18 Jan 2011 13:28:37 -0500 Subject: [PATCH 1/2] Fix crash when building DN of host with name ending with period. Fix #797 --- ipalib/plugins/host.py |9

[Freeipa-devel] [PATCH] Fix updating of DNS records by the host plugin.

2011-01-18 Thread Pavel Zuna
Fix #799 Pavel From e97aa6d78e0ec32b160bf17deb894b1ba091541c Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 18 Jan 2011 15:33:40 -0500 Subject: [PATCH 1/2] Fix updating of DNS records by the host plugin. Fix #799 --- ipalib/plugins/host.py | 10 +- 1 files

[Freeipa-devel] [PATCH] Fix password/random logic in host plugin.

2011-01-18 Thread Pavel Zuna
Fix #798 Pavel From a013e19957b33ca84102efdc0be7448eb3a83423 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 18 Jan 2011 15:43:07 -0500 Subject: [PATCH 2/2] Fix password/random logic in host plugin. Fix #798 --- ipalib/plugins/host.py | 15 +-- 1 files

[Freeipa-devel] [PATCH] Make it impossible to add an object as a member of itself in webUI.

2011-01-05 Thread Pavel Zuna
Ticket #700 Pavel From 793314369f6587fa1819a17bb0b196e09939c3f3 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 5 Jan 2011 09:31:02 -0500 Subject: [PATCH] Make it impossible to add an object as a member of itself in webUI. Ticket #700 --- install/static/associate.js

[Freeipa-devel] [PATCH] Retype (when cloning) Flag parameters to Bool for search commands.

2011-01-05 Thread Pavel Zuna
` (ticket #689). Ticket #689 Ticket #701 Pavel From 2206dd739dabf3e08555126b545a6cc62d6cd93c Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 5 Jan 2011 10:07:23 -0500 Subject: [PATCH] Retype (when cloning) Flag parameters to Bool for search commands. Flag parameters are always

[Freeipa-devel] [PATCH] Improve filtering of enrollments search results.

2011-01-04 Thread Pavel Zuna
--users=Pavel,Jakub --no-users=Honza ipa hostgroup-find --hosts=webui.pzuna Pavel From 19975e5e2ceb3a3f9fd18be0f3fafe8f42aa626c Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 4 Jan 2011 15:15:54 -0500 Subject: [PATCH 1/2] Improve filtering of enrollments search results

[Freeipa-devel] [PATCH] Improvements to enrollments in the webUI.

2011-01-04 Thread Pavel Zuna
not to display already enrolled ones. (On by default.) - Couple cosmetic changes. IT DEPENDS ON MY PATCH NUMBER 54 (Improve filtering of enrollments search results.) Pavel From 830c2c5f2780b461f62509ae044c82da76607dc3 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 4 Jan 2011

[Freeipa-devel] [PATCH] Fix the mod operations.

2010-12-21 Thread Pavel Zuna
*-mod operations were not functioning properly after the recent 'rename' patch. Pavel From 4f59a29a7f16a4dbdb8a39766968102a21fae1ed Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 21 Dec 2010 16:17:28 +0100 Subject: [PATCH] Fix the mod operations. --- ipalib/plugins

[Freeipa-devel] [PATCH] Fix reporting of errors when validating parameters.

2010-12-21 Thread Pavel Zuna
: Invalid 'hostname': blablabla instead of: Invalid 'fqdn': blablabla Ticket #435 Pavel From 8c6ef40f575399f3190ef077b26fd38ecb3a1c0e Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 21 Dec 2010 12:14:38 -0500 Subject: [PATCH 1/2] Fix reporting of errors when validating

[Freeipa-devel] [PATCH] Update built-in help for user (ipa help user) with info about username format.

2010-12-21 Thread Pavel Zuna
General talk about username format including username length and how to change it in ipa config. Ticket #436 Pavel From 6874f8d1ecc340832961b28b84b5140c65f6ca2b Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 21 Dec 2010 12:23:40 -0500 Subject: [PATCH 2/2] Update built

Re: [Freeipa-devel] [PATCH] Enable filtering search results by member attributes.

2010-12-09 Thread Pavel Zuna
optimization to de-dupe the no-users list but it isn't a priority. rob Re-based patch attached. Pavel From 871b9d2b52175a4209ba2d8bdb12fcc019d871e9 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Thu, 2 Dec 2010 19:24:11 -0500 Subject: [PATCH] Enable filtering search results by member

[Freeipa-devel] [PATCH] Introduce new env variable, enable_dns=True, if IPA is managing DNS.

2010-12-09 Thread Pavel Zuna
if api.env.enable_dns: print DNS is managed by IPA ipa env | grep enable_dns: True /devnull echo DNS is managed by IPA Ticket #600 Pavel From d6031a2bbb1bb5d4b0520d6d56fc4716c3ef2242 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Thu, 9 Dec 2010 13:10:36

[Freeipa-devel] [PATCH] Fix default attributes in config plugin (ipadefaultemaildomain).

2010-12-07 Thread Pavel Zuna
Fixes an attribute name mismatch in the config plugin. Ticket #573 Pavel From d98843a980331e9b8173a6eba228fa393b04e350 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Sun, 5 Dec 2010 03:26:52 -0500 Subject: [PATCH] Fix default attributes in config plugin (ipadefaultemaildomain

Re: [Freeipa-devel] [PATCH] Error message handling in HBAC module

2010-11-29 Thread Pavel Zuna
On 11/29/2010 11:20 AM, Jan Zelený wrote: This patch contains a part of my original 0008 patch. The rest of it is solved differently (see my patch 0010). ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH] Prompt correctly for required Password params.

2010-11-24 Thread Pavel Zuna
Required Password params were prompted for like any other non-Password params, resulting in the password being displayed on the command line and there was no confirmation. Ticket #361 Pavel From f8451a7b94f226f3e5b4181f464de52e2dfbad2d Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz

[Freeipa-devel] [PATCH] Add new version of DNS plugin: complete rework with baseldap + unit tests.

2010-11-23 Thread Pavel Zuna
2001 From: Pavel Zuna pz...@redhat.com Date: Mon, 8 Nov 2010 22:34:14 -0500 Subject: [PATCH 2/3] Add new version of DNS plugin: complete rework with baseldap + unit tests. Ticket #36 Ticket #450 --- ipa.spec.in |1 + ipalib/plugins/dns2.py | 584

Re: [Freeipa-devel] [PATCH] Add fail-safe defaults to time and size limits in ldap2 searches.

2010-10-21 Thread Pavel Zuna
On 10/20/2010 11:42 PM, Rob Crittenden wrote: Pavel Zuna wrote: On 10/14/2010 03:30 PM, Rob Crittenden wrote: Pavel Zuna wrote: There was no default value set even though we were using config.get and it was throwing exceptions if someone deleted one of the related config values. Pavel

Re: [Freeipa-devel] [PATCH] Add fail-safe defaults to time and size limits in ldap2 searches.

2010-10-20 Thread Pavel Zuna
On 10/14/2010 03:30 PM, Rob Crittenden wrote: Pavel Zuna wrote: There was no default value set even though we were using config.get and it was throwing exceptions if someone deleted one of the related config values. Pavel Is this needed since get_ipa_config() will always return something

Re: [Freeipa-devel] [PATCH] 552 handle setattr/addattr better

2010-10-14 Thread Pavel Zuna
On 09/29/2010 11:03 PM, Rob Crittenden wrote: When doing an addattr check to see if we are creating a multi-value attribute and see if that is allowed by the Param and/or the attribute in the schema (SINGLE-VALUE). Pavel, check my fix in the exception callback. It was passing attrs_list but

Re: [Freeipa-devel] [PATCH] Check if attribute is single-value before trying to add values to it.

2010-10-14 Thread Pavel Zuna
On 10/14/2010 12:01 AM, Rob Crittenden wrote: Pavel Zuna wrote: This patch adds a check in ldap2 for single-value attributes. DS doesn't seem to care much about attributes being defined as SINGLE-VALUE except for things like uidNumber and gidNumber (I suspect this is handled by the DNA plugin

[Freeipa-devel] [PATCH] Add fail-safe defaults to time and size limits in ldap2 searches.

2010-10-14 Thread Pavel Zuna
There was no default value set even though we were using config.get and it was throwing exceptions if someone deleted one of the related config values. Pavel From 5dfda61f3995f4d5ae5813b7f70f2d2658a687f0 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Thu, 14 Oct 2010 10:54:24

[Freeipa-devel] [PATCH] Check if attribute is single-value before trying to add values to it.

2010-10-13 Thread Pavel Zuna
94681f66292904979227bbe2fed058ba9b1a23a4 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 13 Oct 2010 12:40:51 -0400 Subject: [PATCH] Check if attribute is single-value before trying to add values to it. Ticket #246 --- ipalib/errors.py |2 +- ipaserver/plugins/ldap2.py | 16 +++- 2

Re: [Freeipa-devel] [PATCH] 570 enforce max username length

2010-10-13 Thread Pavel Zuna
On 10/11/2010 05:19 PM, Rob Crittenden wrote: Enforce the configurable max username length from cn=ipaconfig. rob This will raise an exception if the ipaMaxUsernameLength attribute isn't present in the config entry. I know it's not very likely, but it would be better to retrieve the

Re: [Freeipa-devel] [PATCH] 569 detect when DNS is not configured

2010-10-13 Thread Pavel Zuna
On 10/11/2010 04:55 PM, Rob Crittenden wrote: Detect when DNS is not configured and return an error message when using the command-line. It would be nicer if we disabled the command altogether but this would require checking the server to see every time the ipa command is executed (which would

Re: [Freeipa-devel] [PATCH] 571 return non-zero on *-find when nothing is found

2010-10-13 Thread Pavel Zuna
On 10/11/2010 06:58 PM, Rob Crittenden wrote: Return non-zero when the number of entries from *-find returned is zero. ticket 325 rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 572 fix usage help of ipa-replica-install

2010-10-13 Thread Pavel Zuna
On 10/11/2010 07:07 PM, Rob Crittenden wrote: Include REPLICA_FILE in usage for ipa-replica-install ticket 247 rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 570 enforce max username length

2010-10-13 Thread Pavel Zuna
On 10/13/2010 03:46 PM, Rob Crittenden wrote: Pavel Zuna wrote: On 10/11/2010 05:19 PM, Rob Crittenden wrote: Enforce the configurable max username length from cn=ipaconfig. rob This will raise an exception if the ipaMaxUsernameLength attribute isn't present in the config entry. I know

[Freeipa-devel] [PATCH] Fix attribute callbacks on details pages in the webUI.

2010-10-06 Thread Pavel Zuna
Fixes bug reported by Adam in internal discussion. Ticket #326 Pavel From 4ca5f618913d780e018e37e03b159201bffb9996 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 6 Oct 2010 12:01:02 -0400 Subject: [PATCH] Fix attribute callbacks on details pages in the webUI. Ticket #326

[Freeipa-devel] [PATCH] Fix inconsistent error message when deleting groups that don't exist.

2010-10-06 Thread Pavel Zuna
The pre_callback in group_del was using a direct ldap2 call with no exception handling. Ticket #292 Pavel From 60eb789c84f91c5911dec397c528fd8a2e21ef99 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 6 Oct 2010 13:45:20 -0400 Subject: [PATCH] Fix inconsistent error

[Freeipa-devel] [PATCH] Rename user-lock and user-unlock to user-enable user-disable.

2010-10-05 Thread Pavel Zuna
Also fixes related unit tests and therefore depends on my patch number 28. Ticket #165 Pavel From 9ead34195c3ef1b3be9f9c57ba54fd2849215ab0 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 5 Oct 2010 15:37:37 -0400 Subject: [PATCH] Rename user-lock and user-unlock to user

Re: [Freeipa-devel] [PATCH] Add 'continuous' mode to LDAPDelete. Fix *-del unit tests.

2010-10-05 Thread Pavel Zuna
On 10/05/2010 04:47 PM, Pavel Zuna wrote: All LDAPMultiQuery sub-classes (currently only LDAPDelete) now have the --continuous flag (off by default). The flag should indicate that the command shouldn't stop on errors and continue operation with the next primary key on the arguments lists

[Freeipa-devel] [PATCH] Add LDAPMultiQuery base class and make it the base of LDAPDelete

2010-10-01 Thread Pavel Zuna
In other words: make *-del commands accept 1 or more primary keys of entries to be deleted. We can now delete more entries at a time with a single command. Ticket #20 Pavel From 1aabeb75114ef01ec23044031664f82ed0364825 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Fri, 1 Oct

[Freeipa-devel] [PATCH] Add flag to group-find to only search on private groups.

2010-10-01 Thread Pavel Zuna
Ticket #251 Pavel From 1bb54788dca503a7b6e25e2fc13a8852174a3827 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Tue, 21 Sep 2010 13:03:40 -0400 Subject: [PATCH 1/3] Add flag to group-find to only search on private groups. Ticket #251 --- ipalib/plugins/group.py | 16

Re: [Freeipa-devel] [PATCH] Modal dialog for enrollment

2010-09-23 Thread Pavel Zuna
On 09/23/2010 01:04 AM, Endi Sukma Dewata wrote: Hi, Please review the attached patch. Thanks! The enroll facet has been converted into a dialog box. This dialog box will appear when the user clicks the enroll button above the association list. When the user clicks the enroll button in the

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0026-fixed-formatting-of-search-table.patch

2010-09-20 Thread Pavel Zuna
On 09/17/2010 04:33 PM, Adam Young wrote: admiyo-freeipa-0026-fixed-formatting-of-search-table.patch ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0027-fix-sampledata.patch

2010-09-20 Thread Pavel Zuna
On 09/17/2010 04:34 PM, Adam Young wrote: URL needs to be relative, not absolute in order for in tree development ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0031-unbroke-the-facets-link.patch

2010-09-20 Thread Pavel Zuna
On 09/17/2010 04:41 PM, Adam Young wrote: This has a fix for a previous patch which turned the facets into a hortizontal list, but broke the clickability. ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0032-css-cleanup.patch

2010-09-20 Thread Pavel Zuna
On 09/17/2010 04:42 PM, Adam Young wrote: Fixes many of the CSS issues introduced by jquery.ui.tabs. Not all, but it looks a lot better ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0033-pointer-cursor-for-facets.patch

2010-09-20 Thread Pavel Zuna
On 09/17/2010 04:43 PM, Adam Young wrote: Changes the mouse icon for facets to a the pointer, signifying clickability ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] Icons

2010-09-20 Thread Pavel Zuna
On 09/18/2010 02:35 AM, Adam Young wrote: THese are just place holder icons until we get the offical ones from UXD. They look roughly like the finished product, with have some rough points. They will be used by the next patch to Generate the quick links and facets. THis is a huga patch, but it

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0030-moved-images-up.patch

2010-09-20 Thread Pavel Zuna
On 09/17/2010 04:38 PM, Adam Young wrote: moved images up Adding an 'images' subdir was proliferating changes throughout the build system this seemed easier Submitted as a separate patch to signify where wea re departing from what is generated by theme-roller Doesn't apply for me. Missing

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0036-links-and-facet-icons.patch

2010-09-20 Thread Pavel Zuna
On 09/18/2010 02:36 AM, Adam Young wrote: This patch makes use of the previous patch to put the icons in the facets and quick links It looks OK, but I can't test it because the required patch 30 doesn't apply for me. Pavel ___ Freeipa-devel

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0019-associations.patch

2010-09-07 Thread Pavel Zuna
On 09/04/2010 04:29 AM, Adam Young wrote: You are right. the 'this' pointer always gets overridden, so it has to be assigtned to a nother variable name in order to get used in a closure. Here's an updated patch On 09/03/2010 05:20 PM, Endi Sukma Dewata wrote: Hi Adam, Thanks for the

Re: [Freeipa-devel] [PATCH] 514 make ldap2 class work with clients

2010-09-07 Thread Pavel Zuna
On 08/19/2010 01:08 AM, Rob Crittenden wrote: Make ldap2 class work as a client library as well. Move the user-private group caching code out of the global config and determine the value the first time it is needed. Renamed global_init() back to get_schema() and make it take an optional

Re: [Freeipa-devel] BA-BBQ

2010-08-23 Thread Pavel Zuna
On 08/23/2010 04:12 AM, Adam Young wrote: Pavel, Thoughts of jquery.ba-bbq have been marinating in the back of my brain. I know that the Back button doesn't work so well with hjashparams, and that BBQ purports to fix this, but I had some sort of mental shift I had to make. I think I have it

Re: [Freeipa-devel] Extending Details, user and otherwise

2010-08-23 Thread Pavel Zuna
On 08/17/2010 08:12 PM, Adam Young wrote: The structure of our details code is basciallt [categorid, categoryDisplay, atrrtibutes] and attributes are [attributeId, attributeDisplay, I've inlined the user details at the bottom as an example. In order to make these configuratble by the end

[Freeipa-devel] [PATCH] Add link to json2.js to index.xhtml.

2010-08-18 Thread Pavel Zuna
Applies after Adam's 0008 patch (Hash params). Pavel From 4be347d0cdf5f65d9360e8483d09076b45163d5b Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 18 Aug 2010 12:39:09 -0400 Subject: [PATCH] Add link to json2.js to index.xhtml. --- install/static/index.xhtml |1 + 1

Re: [Freeipa-devel] [PATCH] admiyo-0001-hash-params

2010-08-17 Thread Pavel Zuna
On 08/12/2010 08:36 PM, Adam Young wrote: I'll try to use a patch naming structure similar to what Pavel's using: This patch fixes https://fedorahosted.org/freeipa/ticket/135. Instead of HTML Params starting with '?' we use the Hash '#' as the startgin point. This keeps the broswer from

[Freeipa-devel] [PATCH] Improve serialization to JSON.

2010-08-10 Thread Pavel Zuna
- Make it recursive. - Make Param classes serializable. - Take python native data types into account. Pavel pzuna-freeipa-0010-json.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH] Add a new INTERNAL plugin that exports plugin meta-data into JSON.

2010-08-10 Thread Pavel Zuna
This is required for the webUI, since we're dropping Genshi. *ehm* :) You can't use this command on the CLI. It takes one optional argument: the name of an IPA object. If not specified, meta-data for all objects are returned. Note: If you want to try it out on the CLI, just comment out the

[Freeipa-devel] [PATCH] Clean ipa.js and make it load plugin meta-data over JSON-RPC.

2010-08-10 Thread Pavel Zuna
What it means? Well, first I removed some development control variables from ipa.js. Namely useSampleData and sizelimit. I moved useSampleData to the top of index.xhtml. This way we won't forget about it when we don't need it anymore. sizelimit has nothing to do in ipa.js and be hardcoded for ALL

[Freeipa-devel] [PATCH] Clean details.js.

2010-08-10 Thread Pavel Zuna
What does it mean? I removed duplicate code, that was pasted here from the user details page. ipa_details_init doesn't call ipa_init anymore. ipa_details_create takes a second optional parameter, that can be set to a container element if we want to place the definition lists into a specific

[Freeipa-devel] [PATCH] Stretch content div and make Reset/Update buttons stick to right.

2010-08-10 Thread Pavel Zuna
I know that the user details page still doesn't look exactly like the mockups, but it's getting there and it's mostly just a matter of moving elements around - easy. Pavel pzuna-freeipa-0015-detailscss.patch Description: application/mbox ___

Re: [Freeipa-devel] [PATCH] 506 correct ipa-server-install man page

2010-08-10 Thread Pavel Zuna
On 08/10/2010 07:20 PM, Rob Crittenden wrote: The ipa-server-install man page still referred to the deprecated --ca option to configure a dogtag instance. Drop that and include information on the --selfsign option. rob ack. Pavel ___

Re: [Freeipa-devel] [PATCH] 480 new search attribute

2010-07-13 Thread Pavel Zuna
On 07/12/2010 08:21 PM, Rob Crittenden wrote: Add a new optional calss variable to store the attributes to search on. They might differ from the default attributes you want to display. Also link in any search attributes defined in cn=ipaconfig. Thesese are a comma-separated list of attributes.

Re: [Freeipa-devel] [PATCH] 481 add has_output_params support to Method class

2010-07-13 Thread Pavel Zuna
On 07/12/2010 10:47 PM, Rob Crittenden wrote: When figuring out what to display has_output_params was being ignored by decendents of the Method class. rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 483 disable service/host

2010-07-13 Thread Pavel Zuna
On 07/12/2010 11:48 PM, Rob Crittenden wrote: This patch supercedes patch 479 which is now defunct. It relies on patch 481. Add API to delete a service principal key, service-disable and host-disable. This is so an admin can essentially revoke a service principal without deleting it (a host

Re: [Freeipa-devel] [PATCH] 476 fix bad API call in selfsign

2010-07-12 Thread Pavel Zuna
On 06/25/2010 03:46 PM, Rob Crittenden wrote: Use newer API in selfsign plugin. Fix missing import when running in the in-tree lite-server. rob Maybe we should remove the comment as well, if it's not valid anymore. Other than that: ACK. Pavel

Re: [Freeipa-devel] Fields currently available for the user object

2010-06-22 Thread Pavel Zuna
On 06/17/2010 03:23 AM, Adam Young wrote: Is there any documentation on how to write plugins, or extend existing plugins? As Rob pointed out, there are example plugins in ipalib/plugins/example.py. They should give you a good overview of the plugin framework, parameters, etc. Unfortunately,

Re: [Freeipa-devel] [PATCH] 460 an enrollment role

2010-06-22 Thread Pavel Zuna
On 06/02/2010 08:34 PM, Rob Crittenden wrote: Add a new role specifically for delegating enrollment. Previously you had to delegate two tasks, this simplifies things. rob ack. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 461 ignore no_* options in Virtual class

2010-06-22 Thread Pavel Zuna
On 06/02/2010 08:35 PM, Rob Crittenden wrote: The Virtual base class is used for doing non-LDAP operations, right not just for certificate commands. It wasn't honoring the no_* option flags. Add support for that. rob NACK. I think I do understand what this patch is trying to do and it works,

Re: [Freeipa-devel] [PATCH] 462 add per-command documentation

2010-06-22 Thread Pavel Zuna
On 06/02/2010 08:36 PM, Rob Crittenden wrote: First pass at adding per-command documentation for each plugin. rob ack. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 462 add per-command documentation

2010-06-22 Thread Pavel Zuna
On 06/15/2010 03:08 AM, David O'Brien wrote: Rob Crittenden wrote: First pass at adding per-command documentation for each plugin. rob Rob, How would you like edits to this? I _could_ edit the patch, or I could wait until you commit what you have and then run ipa help topic and send edited

Re: [Freeipa-devel] [PATCH] 458 catch no CA preop.pin

2010-06-01 Thread Pavel Zuna
On 05/28/2010 05:22 PM, Rob Crittenden wrote: The preop.pin is used to authenticate the admin when doing CA enrollment. We were assuming it would be available and things blow up badly if not (we end up passing None as an argument to exec). If there isn't a preop pin there is no need to do

  1   2   3   >