[Freeipa-devel] [PATCH] 0246-editable-entity_select
https://fedorahosted.org/freeipa/ticket/1043
From cb6c4e428c43ddb05f653c77f84cd2aadd2860ee Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Sat, 18 Jun 2011 23:22:48 -0400
Subject: [PATCH] editable entity_select
---
install/ui/host.js | 14 -
install/ui/widget.js | 52 -
2 files changed, 63 insertions(+), 3 deletions(-)
diff --git a/install/ui/host.js b/install/ui/host.js
index fe35e0f1fe60928eb5af01752722d3315482ec72..bd149178e452bf8c77eecedec7f0d899154b3a67 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -87,7 +87,19 @@ IPA.entity_factories.host = function () {
}).
standard_association_facets().
adder_dialog({
-fields: ['fqdn', {factory:IPA.force_host_add_checkbox_widget}]
+width:500,
+fields:[
+{
+factory:IPA.entity_select_widget,
+name: 'fqdn',
+field_name:'idnsname',
+entity: 'dnszone',
+label: IPA.messages.objects.service.host,
+editable: true,
+undo: false
+},
+{factory:IPA.force_host_add_checkbox_widget}
+]
}).
build();
};
diff --git a/install/ui/widget.js b/install/ui/widget.js
index 9f013a0a75168200ac338f79a2943e8781eb6dcc..63d9b6836f88487027f6495782c4fd2fe5f506c2 100644
--- a/install/ui/widget.js
+++ b/install/ui/widget.js
@@ -324,6 +324,20 @@ IPA.widget = function(spec) {
return that;
};
+/*uses a browser specific technique to select a range.*/
+IPA.select_range = function(input,start, end) {
+if (input[0].setSelectionRange) {
+input.focus();
+input[0].setSelectionRange(start, end);
+} else if (input[0].createTextRange) {
+var range = that.input[0].createTextRange();
+range.collapse(true);
+range.moveEnd('character', end);
+range.moveStart('character', start);
+range.select();
+}
+};
+
IPA.text_widget = function(spec) {
@@ -334,6 +348,10 @@ IPA.text_widget = function(spec) {
that.size = spec.size || 30;
that.type = spec.type || 'text';
+that.select_range = function(start, end){
+IPA.select_range(that.input, start, end);
+}
+
that.create = function(container) {
$('label/', {
@@ -1545,6 +1563,7 @@ IPA.entity_select_widget = function(spec) {
var that = IPA.widget(spec);
var entity = spec.entity || 'group';
var field_name = spec.field_name || 'cn';
+var editable = spec.editable || false;
function populate_select(value) {
function find_success(result) {
@@ -1588,9 +1607,25 @@ IPA.entity_select_widget = function(spec) {
that.create = function(container) {
+if (editable){
+that.edit_box = $('input /',{
+type: 'text',
+});
+
+$('div style:display=block; /').
+append(that.edit_box).
+appendTo(container);
+}
+
that.entity_select = $('select/', {
id: that.name + '-entity-select',
change: function(){
+if (editable){
+that.edit_box.val(
+$('option:selected', that.entity_select).val());
+that.edit_box.focus();
+IPA.select_range(that.edit_box,0,0);
+}
that.set_dirty(that.test_dirty());
}
}).appendTo(container);
@@ -1601,7 +1636,7 @@ IPA.entity_select_widget = function(spec) {
id: 'entity_filter',
style: 'display: none;',
keyup: function(){
-populate_select($('option:selected', that.entity_select).val());
+populate_select(current_value());
}
}).appendTo(container);
@@ -1630,6 +1665,9 @@ IPA.entity_select_widget = function(spec) {
that.entity_filter.val(that.values[0]);
that.set_dirty(false);
populate_select(that.values[0]);
+if (editable){
+that.edit_box.val(that.values[0]);
+}
};
that.load = function(record) {
@@ -1642,8 +1680,18 @@ IPA.entity_select_widget = function(spec) {
that.reset();
};
+function current_value(){
+var value;
+if (editable){
+value = that.edit_box.val();
+}else{
+value = $('option:selected', that.entity_select).val();
+}
+return value
+}
+
that.save = function() {
-var value = $('option:selected', that.entity_select).val();
+var value = current_value();
return [value];
};
--
1.7.5.2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 24/24] Add utility classes for handling DN's along with their, unittest.
John Dennis wrote:
This adds a new module and set of classes to ipalib for handling DN's.
Please see the module doc and class doc for full explanation.
Included is a very complete unit test for the module. At close to 900
lines of code the unit test exercises just about every conceivable way
these objects can be used.
The module doc touches on some of the problems found in our existing
code which handles DN's, which this module is meant to provide fixes
for. A more complete write-up of the existing code issues will follow on
the list.
Comments welcome of course.
Another patch will follow for comma's in privileges. The
test_role_plugin.py unit test was modified to introduce a comma, but
there were many failures because of improper DN handling in the core
code (as well as limitations of the unit test framework). The next patch
introduces a number of fixes, some of which are dependent upon the use
of the classes introduced here. With the fixes in the next patch the
test_role_plugin unit test once again fully succeeds.
Am I misreading the documentation on how one can create a DN?
print container
cn=users,cn=accounts
print basedn
dc=example,dc=com
str(DN(container, basedn))
'cn=users,cn=accounts=dc\\=example\\,dc\\=com'
uid='rcrit'
rdnattr='uid'
str(DN('%s=%s' % (rdnattr, uid), container, basedn))
'uid=rcrit=cn\\=users\\,cn\\=accounts,dc=example,dc=com'
The patch requires one very minor change, the import from dn should be
from ipalib.dn import ... We run the tests from the top-level.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 0247-entity-select-for-password-policy
From ccba0fce332a629072135eb1628b5a48f5ccd74a Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Mon, 20 Jun 2011 10:59:12 -0400
Subject: [PATCH] entity select for password policy
http://fedorahosted.org/freeipa/ticket/1110
---
install/ui/policy.js |9 -
1 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/install/ui/policy.js b/install/ui/policy.js
index f6bec48cf6b90bde2c94fdaddef103ce164f4084..d30abbfdc8522362522fe287598ef9d7380cd2f9 100644
--- a/install/ui/policy.js
+++ b/install/ui/policy.js
@@ -38,7 +38,14 @@ IPA.entity_factories.pwpolicy = function() {
}]}).
standard_association_facets().
adder_dialog({
-fields:['cn', 'cospriority']
+fields:[
+{
+factory:IPA.entity_select_widget,
+name: 'cn',
+entity: 'group',
+undo: false
+},
+'cospriority']
}).
build();
};
--
1.7.5.2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 083 Improve IP address handling in IPA option parser
Martin Kosek wrote: Implements a way to pass match_local and parse_netmask parameters to IP option checker. Now, there is just one common option type ip with new optional attributes ip_local and ip_netmask which can be used to pass IP address validation parameters. https://fedorahosted.org/freeipa/ticket/1333 ack, pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 22 Improve IP address handling in the host-add command
On 16.6.2011 14:31, Jan Cholasta wrote:
On 14.6.2011 20:54, Simo Sorce wrote:
On Tue, 2011-06-14 at 14:26 -0400, Rob Crittenden wrote:
Jan Cholasta wrote:
This patch enables the user to specify netmasks in the --ip-address
option of host-add. They're used for proper DNS reverse zone and PTR
record creation. Also the IP addresses are more strictly checked (just
like in the install scripts).
https://fedorahosted.org/freeipa/ticket/1234
Do we want a reverse zone created automatically when a host is added? I
think a warning that the reverse zone doesn't exist may be adequate.
A warning is preferable as we may not be controlling that reverse zone.
Simo.
Updated patch attached. NonFatalError is raised when the reverse zone is
not found.
Honza
Fixed commit message.
--
Jan Cholasta
From 4c832c2cd81ac5e3818a1d89981b5f21e68173f5 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Tue, 14 Jun 2011 16:31:36 +0200
Subject: [PATCH] Improve IP address handling in the host-add command.
IP addresses are more strictly checked. Netmasks can be specified
and are used in DNS PTR record creation.
ticket 1234
---
ipalib/plugins/host.py | 51 +--
1 files changed, 36 insertions(+), 15 deletions(-)
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index a602df4..178d526 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -89,7 +89,7 @@ from ipalib.plugins.dns import dns_container_exists, _record_types
from ipalib.plugins.dns import add_forward_record
from ipalib import _, ngettext
from ipalib import x509
-from ipapython.ipautil import ipa_generate_password
+from ipapython.ipautil import ipa_generate_password, CheckedIPAddress
from ipalib.request import context
import base64
import nss.nss as nss
@@ -115,17 +115,30 @@ def is_forward_record(zone, str_address):
return result['count'] 0
-def get_reverse_zone(ipaddr):
+def get_reverse_zone(ipaddr, prefixlen=None):
ip = netaddr.IPAddress(ipaddr)
revdns = unicode(ip.reverse_dns)
-revzone = u''
+if prefixlen is None:
+revzone = u''
-result = api.Command['dnszone_find']()['result']
-for zone in result:
-zonename = zone['idnsname'][0]
-if revdns.endswith(zonename) and len(zonename) len(revzone):
-revzone = zonename
+result = api.Command['dnszone_find']()['result']
+for zone in result:
+zonename = zone['idnsname'][0]
+if revdns.endswith(zonename) and len(zonename) len(revzone):
+revzone = zonename
+else:
+if ip.version == 4:
+pos = 4 - prefixlen / 8
+elif ip.version == 6:
+pos = 32 - prefixlen / 4
+items = ip.reverse_dns.split('.')
+revzone = u'.'.join(items[pos:])
+
+try:
+api.Command['dnszone_show'](revzone)
+except errors.NotFound:
+revzone = u''
if len(revzone) == 0:
raise errors.NotFound(
@@ -188,7 +201,9 @@ def validate_ipaddr(ugettext, ipaddr):
Verify that we have either an IPv4 or IPv6 address.
-if not util.validate_ipaddr(ipaddr):
+try:
+ip = CheckedIPAddress(ipaddr, match_local=False)
+except:
return _('invalid IP address')
return None
@@ -340,17 +355,21 @@ class host_add(LDAPCreate):
raise errors.NotFound(
reason=_('DNS zone %(zone)s not found') % dict(zone=domain)
)
+ip = CheckedIPAddress(options['ip_address'], match_local=False)
if not options.get('no_reverse', False):
try:
+prefixlen = None
+if not ip.defaultnet:
+prefixlen = ip.prefixlen
# we prefer lookup of the IP through the reverse zone
-revzone, revname = get_reverse_zone(options['ip_address'])
+revzone, revname = get_reverse_zone(ip, prefixlen)
reverse = api.Command['dnsrecord_find'](revzone, idnsname=revname)
if reverse['count'] 0:
raise errors.DuplicateEntry(message=u'This IP address is already assigned.')
except errors.NotFound:
pass
else:
-if is_forward_record(domain, options['ip_address']):
+if is_forward_record(domain, unicode(ip)):
raise errors.DuplicateEntry(message=u'This IP address is already assigned.')
if not options.get('force', False) and not 'ip_address' in options:
util.validate_host_dns(self.log, keys[-1])
@@ -388,15 +407,17 @@ class host_add(LDAPCreate):
parts = keys[-1].split('.')
domain = unicode('.'.join(parts[1:]))
-add_forward_record(domain, parts[0], options['ip_address'])
+ip =
Re: [Freeipa-devel] [PATCH] 084 Multi-process build problems
Martin Kosek wrote: Fix a problem when a target missed a version-update requirement. This caused build problems, especially in a parallel build environment. https://fedorahosted.org/freeipa/ticket/1215 ack, pushed to master and ipa-2-0 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0242-hide-automount-tabs
On 06/17/2011 08:12 PM, Adam Young wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
From 65156dcdf9389468e7211da339802a0052390d33 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Fri, 17 Jun 2011 20:09:03 -0400
Subject: [PATCH] hide automount tabs.
the tabs are required for natigation, but they should not be visible, as the breadcrub provides the navigation for them instead.
Moved the automount tabs up one level so that it uses the two level style
---
install/ui/navigation.js |6 +-
install/ui/webui.js |6 ++
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/install/ui/navigation.js b/install/ui/navigation.js
index 8e332cf6720efbcb6e00d4bd7af9750329ad8ba1..308f21154e09e79af572a2b2b39320b85db506af 100644
--- a/install/ui/navigation.js
+++ b/install/ui/navigation.js
@@ -174,12 +174,16 @@ IPA.navigation = function(spec) {
}
}
-$('li/').append($('a/', {
+var tab_li =$('li/').append($('a/', {
href: '#'+tab_id,
title: tab.label,
html: tab.label
})).appendTo(ul);
+if (tab.hidden){
+tab_li.css('display','none');
+}
+
tab.container = $('div/', {
id: tab_id,
name: tab.name
diff --git a/install/ui/webui.js b/install/ui/webui.js
index c014cea727c7cd60eec8e66e29ee7381bbedd347..cfbb9e69b987522375f9a0ec822f96e5dbfe6c84 100644
--- a/install/ui/webui.js
+++ b/install/ui/webui.js
@@ -53,10 +53,8 @@ IPA.admin_navigation = function(spec) {
{entity: 'sudocmd'},
{entity: 'sudocmdgroup'}
]},
-{name: 'automount', label: IPA.messages.tabs.automount, children: [
-{entity: 'automountlocation'},
-{entity: 'automountmap'}
-]},
+{entity: 'automountlocation', label: IPA.messages.tabs.automount},
+{entity: 'automountmap',hidden:true},
{entity: 'pwpolicy'},
{entity: 'krbtpolicy'}
]},
--
1.7.5.2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 178 Removed FreeWay font files.
On 06/15/2011 12:19 PM, Endi Sukma Dewata wrote: On 6/15/2011 11:02 AM, Endi Sukma Dewata wrote: The CSS files in install/html and install/migration have been modified to use the Overpass font. The changes can be verified here: http://edewata.fedorapeople.org/freeipa/install/html/unauthorized.html http://edewata.fedorapeople.org/freeipa/install/migration/index.html Attached the patch. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK. Pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 0245-entity-select-undo
On 6/18/2011 8:46 PM, Adam Young wrote: ACK and pushed to master. The set_dirty() invocation in reset() is no longer needed. This can be fixed later. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0237-no-redirect-on-unknown-error
On 6/17/2011 3:00 PM, Adam Young wrote: This version does the whitelist approach ACK and pushed to master. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 0248-ipaddress-for-host-add
From 1d2c9745fdeda9817022fe9386750197500ae9ec Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Mon, 20 Jun 2011 12:04:02 -0400
Subject: [PATCH] ipaddress for host add
updated label triggered an API change
---
API.txt|2 +-
install/ui/host.js | 10 -
install/ui/test/data/ipa_init.json | 68 +--
ipalib/plugins/host.py |1 +
4 files changed, 58 insertions(+), 23 deletions(-)
diff --git a/API.txt b/API.txt
index 87a6e79ceb4b662ed07c614acc2eac3f645e9272..17a470bf421a94211ec9f316ae9eceb042c088a2 100644
--- a/API.txt
+++ b/API.txt
@@ -1286,7 +1286,7 @@ option: Flag('random', attribute=True, autofill=True, cli_name='random', default
option: Bytes('usercertificate', validate_certificate, attribute=True, cli_name='certificate', label=Gettext('Certificate', domain='ipa', localedir=None), multivalue=False, required=False)
option: Flag('force', autofill=True, default=False, label=Gettext('Force', domain='ipa', localedir=None))
option: Flag('no_reverse', autofill=True, default=False)
-option: Str('ip_address?', validate_ipaddr)
+option: Str('ip_address?', validate_ipaddr, label=Gettext('IP Address', domain='ipa', localedir=None))
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
diff --git a/install/ui/host.js b/install/ui/host.js
index bd149178e452bf8c77eecedec7f0d899154b3a67..702d0cb833908083feeb5334fef3d3aaab53552b 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -98,8 +98,14 @@ IPA.entity_factories.host = function () {
editable: true,
undo: false
},
-{factory:IPA.force_host_add_checkbox_widget}
-]
+{factory:IPA.force_host_add_checkbox_widget},
+{
+factory:IPA.text_widget,
+name:ip_address,
+undo:false,
+label: IPA.get_method_option('host_add','ip_address')['label']
+}
+]
}).
build();
};
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index b7df777976d5f57b5009e3f22d7ea87f92776917..b74e1b41a4d35dd68b83b6239f772649e2c79e0a 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -169,7 +169,7 @@
pattern_errmsg: null,
primary_key: false,
query: false,
-required: true,
+required: false,
type: unicode
}
]
@@ -429,7 +429,7 @@
pattern_errmsg: null,
primary_key: false,
query: false,
-required: true,
+required: false,
type: unicode
}
]
@@ -3855,7 +3855,7 @@
flags: [],
hint: null,
include: null,
-label: ip_address,
+label: IP Address,
length: null,
maxlength: null,
minlength: null,
@@ -7288,7 +7288,7 @@
pattern_errmsg: null,
primary_key: false,
query: false,
-required: false,
+required: true,
type: unicode
}
]
@@ -10371,12 +10371,16 @@
memberof: [
group,
netgroup,
-role
+role,
+hbacrule,
+sudorule
],
memberofindirect: [
group,
netgroup,
-role
+role,
+hbacrule,
+sudorule
]
},
bindable: false,
@@ -11348,15 +11352,22 @@
managedby: [
host
Re: [Freeipa-devel] [PATCH] 0246-editable-entity_select
On 06/20/2011 09:46 AM, Adam Young wrote:
https://fedorahosted.org/freeipa/ticket/1043
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
From 70139d51f9b1071281ad248e01aa369cf4f5db5b Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Sat, 18 Jun 2011 23:22:48 -0400
Subject: [PATCH] editable entity_select
jsl fixes
https://fedorahosted.org/freeipa/ticket/1043
---
install/ui/host.js | 14 -
install/ui/widget.js | 52 -
2 files changed, 63 insertions(+), 3 deletions(-)
diff --git a/install/ui/host.js b/install/ui/host.js
index fe35e0f1fe60928eb5af01752722d3315482ec72..bd149178e452bf8c77eecedec7f0d899154b3a67 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -87,7 +87,19 @@ IPA.entity_factories.host = function () {
}).
standard_association_facets().
adder_dialog({
-fields: ['fqdn', {factory:IPA.force_host_add_checkbox_widget}]
+width:500,
+fields:[
+{
+factory:IPA.entity_select_widget,
+name: 'fqdn',
+field_name:'idnsname',
+entity: 'dnszone',
+label: IPA.messages.objects.service.host,
+editable: true,
+undo: false
+},
+{factory:IPA.force_host_add_checkbox_widget}
+]
}).
build();
};
diff --git a/install/ui/widget.js b/install/ui/widget.js
index 9f013a0a75168200ac338f79a2943e8781eb6dcc..bd6d2037b218ed2829565ff838b82f56bb9aeec7 100644
--- a/install/ui/widget.js
+++ b/install/ui/widget.js
@@ -324,6 +324,20 @@ IPA.widget = function(spec) {
return that;
};
+/*uses a browser specific technique to select a range.*/
+IPA.select_range = function(input,start, end) {
+if (input[0].setSelectionRange) {
+input.focus();
+input[0].setSelectionRange(start, end);
+} else if (input[0].createTextRange) {
+var range = input[0].createTextRange();
+range.collapse(true);
+range.moveEnd('character', end);
+range.moveStart('character', start);
+range.select();
+}
+};
+
IPA.text_widget = function(spec) {
@@ -334,6 +348,10 @@ IPA.text_widget = function(spec) {
that.size = spec.size || 30;
that.type = spec.type || 'text';
+that.select_range = function(start, end){
+IPA.select_range(that.input, start, end);
+};
+
that.create = function(container) {
$('label/', {
@@ -1545,6 +1563,7 @@ IPA.entity_select_widget = function(spec) {
var that = IPA.widget(spec);
var entity = spec.entity || 'group';
var field_name = spec.field_name || 'cn';
+var editable = spec.editable || false;
function populate_select(value) {
function find_success(result) {
@@ -1588,9 +1607,25 @@ IPA.entity_select_widget = function(spec) {
that.create = function(container) {
+if (editable){
+that.edit_box = $('input /',{
+type: 'text'
+});
+
+$('div style:display=block; /').
+append(that.edit_box).
+appendTo(container);
+}
+
that.entity_select = $('select/', {
id: that.name + '-entity-select',
change: function(){
+if (editable){
+that.edit_box.val(
+$('option:selected', that.entity_select).val());
+that.edit_box.focus();
+IPA.select_range(that.edit_box,0,0);
+}
that.set_dirty(that.test_dirty());
}
}).appendTo(container);
@@ -1601,7 +1636,7 @@ IPA.entity_select_widget = function(spec) {
id: 'entity_filter',
style: 'display: none;',
keyup: function(){
-populate_select($('option:selected', that.entity_select).val());
+populate_select(current_value());
}
}).appendTo(container);
@@ -1630,6 +1665,9 @@ IPA.entity_select_widget = function(spec) {
that.entity_filter.val(that.values[0]);
that.set_dirty(false);
populate_select(that.values[0]);
+if (editable){
+that.edit_box.val(that.values[0]);
+}
};
that.load = function(record) {
@@ -1642,8 +1680,18 @@ IPA.entity_select_widget = function(spec) {
that.reset();
};
+function current_value(){
+var value;
+if (editable){
+value = that.edit_box.val();
+}else{
+value = $('option:selected', that.entity_select).val();
+}
+return value;
+}
+
that.save = function() {
-var value = $('option:selected', that.entity_select).val();
+var value =
Re: [Freeipa-devel] [PATCH] 0246-editable-entity_select
On 06/20/2011 03:17 PM, Adam Young wrote: On 06/20/2011 09:46 AM, Adam Young wrote: https://fedorahosted.org/freeipa/ticket/1043 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACKed in IRC by edewata Made minor tweak from code review and pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0248-ipaddress-for-host-add
On 06/20/2011 03:16 PM, Adam Young wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
From 1c78111aceac2840c3154f856c24c44fa44e Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Mon, 20 Jun 2011 12:04:02 -0400
Subject: [PATCH] ipaddress for host add
updated label triggered an API change
---
API.txt|2 +-
install/ui/host.js | 10 -
install/ui/test/data/ipa_init.json | 68 +--
ipalib/plugins/host.py |1 +
4 files changed, 58 insertions(+), 23 deletions(-)
diff --git a/API.txt b/API.txt
index 87a6e79ceb4b662ed07c614acc2eac3f645e9272..17a470bf421a94211ec9f316ae9eceb042c088a2 100644
--- a/API.txt
+++ b/API.txt
@@ -1286,7 +1286,7 @@ option: Flag('random', attribute=True, autofill=True, cli_name='random', default
option: Bytes('usercertificate', validate_certificate, attribute=True, cli_name='certificate', label=Gettext('Certificate', domain='ipa', localedir=None), multivalue=False, required=False)
option: Flag('force', autofill=True, default=False, label=Gettext('Force', domain='ipa', localedir=None))
option: Flag('no_reverse', autofill=True, default=False)
-option: Str('ip_address?', validate_ipaddr)
+option: Str('ip_address?', validate_ipaddr, label=Gettext('IP Address', domain='ipa', localedir=None))
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
diff --git a/install/ui/host.js b/install/ui/host.js
index bd149178e452bf8c77eecedec7f0d899154b3a67..702d0cb833908083feeb5334fef3d3aaab53552b 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -98,8 +98,14 @@ IPA.entity_factories.host = function () {
editable: true,
undo: false
},
-{factory:IPA.force_host_add_checkbox_widget}
-]
+{factory:IPA.force_host_add_checkbox_widget},
+{
+factory:IPA.text_widget,
+name:ip_address,
+undo:false,
+label: IPA.get_method_option('host_add','ip_address')['label']
+}
+]
}).
build();
};
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index b7df777976d5f57b5009e3f22d7ea87f92776917..b74e1b41a4d35dd68b83b6239f772649e2c79e0a 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -169,7 +169,7 @@
pattern_errmsg: null,
primary_key: false,
query: false,
-required: true,
+required: false,
type: unicode
}
]
@@ -429,7 +429,7 @@
pattern_errmsg: null,
primary_key: false,
query: false,
-required: true,
+required: false,
type: unicode
}
]
@@ -3855,7 +3855,7 @@
flags: [],
hint: null,
include: null,
-label: ip_address,
+label: IP Address,
length: null,
maxlength: null,
minlength: null,
@@ -7288,7 +7288,7 @@
pattern_errmsg: null,
primary_key: false,
query: false,
-required: false,
+required: true,
type: unicode
}
]
@@ -10371,12 +10371,16 @@
memberof: [
group,
netgroup,
-role
+role,
+hbacrule,
+sudorule
],
memberofindirect: [
group,
netgroup,
-role
+role,
+hbacrule,
+sudorule
[Freeipa-devel] [PATCH] 806 configure sssd to talk to local master
On masters configure sssd to only talk to the local master rather than
having _srv_ as well. If we use _srv_ and a remote master is down the
local master will have problems as well.
ticket https://fedorahosted.org/freeipa/ticket/1187
rob
From 994e916edf2b6206bc430ec1233578f3b1c4b753 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Mon, 20 Jun 2011 15:39:25 -0400
Subject: [PATCH] On a master configure sssd to only talk to the local master.
Otherwise it is possible for sssd to pick a different master to
communicate with via the DNS SRV records and if the remote master
goes down the local one will have problems as well.
ticket https://fedorahosted.org/freeipa/ticket/1187
---
ipa-client/ipa-install/ipa-client-install |6 +-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 3b6385e..db0970a 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -528,7 +528,11 @@ def configure_sssd_conf(fstore, cli_realm, cli_domain, cli_server, options):
domain = sssdconfig.new_domain(cli_domain)
domain.add_provider('ipa', 'id')
-domain.set_option('ipa_server', '_srv_, %s' % cli_server)
+if not options.on_master:
+domain.set_option('ipa_server', '_srv_, %s' % cli_server)
+else:
+# the master should only use itself for Kerberos
+domain.set_option('ipa_server', cli_server)
domain.set_option('ipa_domain', cli_domain)
if options.hostname:
domain.set_option('ipa_hostname', options.hostname)
--
1.7.4
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 24/24] Add utility classes for handling DN's along with their, unittest.
On 06/20/2011 10:01 AM, Rob Crittenden wrote:
Am I misreading the documentation on how one can create a DN?
print container
cn=users,cn=accounts
print basedn
dc=example,dc=com
str(DN(container, basedn))
'cn=users,cn=accounts=dc\\=example\\,dc\\=com'
uid='rcrit'
rdnattr='uid'
str(DN('%s=%s' % (rdnattr, uid), container, basedn))
'uid=rcrit=cn\\=users\\,cn\\=accounts,dc=example,dc=com'
Either you misread the documentation, or I wrote it poorly. In either
case it's obvious it needs to be reworked to be clearer. Let me take
another crack at explaining :-)
[Caveat: I've made some simplifying assumptions below, e.g. RDN's can be
multi-valued, the classes handle everything correctly but only if you
use them properly, if you're working with multi-valued RDN's you'll have
to dig just a tad deeper to use the classes correctly.]
When you supply a sequence of strings those strings are assumed to be
the type (e.g. name) and value of a RDN. But of course since they must
be pairs the parser looks for adjacent pairs of strings in the sequence.
So taking your example cn=users forms the first RDN, thus:
'cn', 'users'
is the type,value pair of an RDN.
If that were followed by:
'cn', 'accounts'
the next RDN would be: cn=accounts and the sequence:
'cn', 'users', 'cn', 'accounts'
would produce:
cn=users,cn=accounts
O.K. so why wouldn't you just say:
'cn=users,cn=accounts'
instead of the 2 pairs:
'cn', 'users', 'cn', 'accounts'
it's so much simpler right?
The reason, and this is key, is because 'cn=users,cn=accounts' is DN
syntax and is subject to DN encoding rules. What is on the left and
right side of the equal sign may NOT be the string values you expect
them to be, rather they might be encoded. The only way to treat the LHS
and RHS of an RDN as the ORIGINAL strings you're expecting is to
reference them individually via the classes in the module. The classes
know how to encode and decode and they can do it in a smart fashion.
It's NEVER a good idea to construct DN's from DN strings. Why? Because
DN strings are subject to various escaping rules which after being
applied produces what I call the encoded value of the DN. To complicate
matters different encodings can produce the same DN. Once you get into
these edge cases most simple expectations go out the window.
The simple coding answer is to always work with DN, RDN, or AVA objects
and never with DN string syntax. The objects are aware of each other and
perform the correct class conversions. The only time you need DN string
syntax is at the moment you pass the DN into a LDAP library, and that is
as simple as calling str() on the object.
O.K. so why do the classes accept DN syntax, you just told me never to
use it! Well welcome to the real world, where not everything has been
converted to use the new classes yet and the reality is sometimes you
get strings in DN syntax. We don't want to be so rigid we barf, rather
than being pedantic we support DN syntax but it comes with a GIANT
WARNING of programmer beware, use at your own risk only if you know what
you're doing.
So if DN syntax is a string and the type and value of an RDN are also
strings how do the classes tell the difference when it's looking at a
sequence of values used to construct a DN? It does it by looking for
contiguous pairs of strings in the sequence, when it finds two adjacent
strings it pulls them from the sequence and forms an RDN from them. A
string is interpreted as DN syntax to be independently parsed if and
only if it's not a member of a pair of strings in the sequence. Recall
the sequence can include DN, RDN and AVA classes as well as strings.
Thus in your case what happened was you had two strings in the
constructor sequence:
'cn=users,cn=accounts', 'dc=example,dc=com'
and that got interpreted as the LHS and RHS of an RDN.
The right way to have done this would have been to construct two DN's,
one for the base and one for the container, for example:
base_dn = DN('dc', 'example', 'dc', 'com')
container_dn = DN('cn', 'users, 'cn', 'accounts')
then any new DN can be constructed via:
user_dn = DN('cn', 'Bob', container_dn, base_dn)
Make sense?
Note the syntax for constructing the DN objects is very flexible, you
could build it up from a sequence of RDN objects or you could put the
values in a list and pass the list to the constructor, e.g.
base_dn_list = ['dc', 'example', 'dc', 'com']
base_dn = DN(*base_dn_list)
or even:
base_dn_list = [RDN('dc', 'example'), RDN('dc', 'com')]
base_dn = DN(*base_dn_list)
The patch requires one very minor change, the import from dn should be
from ipalib.dn import ... We run the tests from the top-level.
O.K. will do. Also I added some new functionality I discovered was
useful when I was making other fixes, such as the ability to use
in-place addition (+= operator) and concatenation (+ operator) with DN
syntax on the RHS. The unit test was enhanced to
Re: [Freeipa-devel] [PATCH 24/24] Add utility classes for handling DN's along with their, unittest.
John Dennis wrote:
On 06/20/2011 10:01 AM, Rob Crittenden wrote:
Am I misreading the documentation on how one can create a DN?
print container
cn=users,cn=accounts
print basedn
dc=example,dc=com
str(DN(container, basedn))
'cn=users,cn=accounts=dc\\=example\\,dc\\=com'
uid='rcrit'
rdnattr='uid'
str(DN('%s=%s' % (rdnattr, uid), container, basedn))
'uid=rcrit=cn\\=users\\,cn\\=accounts,dc=example,dc=com'
Either you misread the documentation, or I wrote it poorly. In either
case it's obvious it needs to be reworked to be clearer. Let me take
another crack at explaining :-)
[Caveat: I've made some simplifying assumptions below, e.g. RDN's can be
multi-valued, the classes handle everything correctly but only if you
use them properly, if you're working with multi-valued RDN's you'll have
to dig just a tad deeper to use the classes correctly.]
When you supply a sequence of strings those strings are assumed to be
the type (e.g. name) and value of a RDN. But of course since they must
be pairs the parser looks for adjacent pairs of strings in the sequence.
So taking your example cn=users forms the first RDN, thus:
'cn', 'users'
is the type,value pair of an RDN.
If that were followed by:
'cn', 'accounts'
the next RDN would be: cn=accounts and the sequence:
'cn', 'users', 'cn', 'accounts'
would produce:
cn=users,cn=accounts
O.K. so why wouldn't you just say:
'cn=users,cn=accounts'
instead of the 2 pairs:
'cn', 'users', 'cn', 'accounts'
it's so much simpler right?
The reason, and this is key, is because 'cn=users,cn=accounts' is DN
syntax and is subject to DN encoding rules. What is on the left and
right side of the equal sign may NOT be the string values you expect
them to be, rather they might be encoded. The only way to treat the LHS
and RHS of an RDN as the ORIGINAL strings you're expecting is to
reference them individually via the classes in the module. The classes
know how to encode and decode and they can do it in a smart fashion.
It's NEVER a good idea to construct DN's from DN strings. Why? Because
DN strings are subject to various escaping rules which after being
applied produces what I call the encoded value of the DN. To complicate
matters different encodings can produce the same DN. Once you get into
these edge cases most simple expectations go out the window.
The simple coding answer is to always work with DN, RDN, or AVA objects
and never with DN string syntax. The objects are aware of each other and
perform the correct class conversions. The only time you need DN string
syntax is at the moment you pass the DN into a LDAP library, and that is
as simple as calling str() on the object.
O.K. so why do the classes accept DN syntax, you just told me never to
use it! Well welcome to the real world, where not everything has been
converted to use the new classes yet and the reality is sometimes you
get strings in DN syntax. We don't want to be so rigid we barf, rather
than being pedantic we support DN syntax but it comes with a GIANT
WARNING of programmer beware, use at your own risk only if you know what
you're doing.
So if DN syntax is a string and the type and value of an RDN are also
strings how do the classes tell the difference when it's looking at a
sequence of values used to construct a DN? It does it by looking for
contiguous pairs of strings in the sequence, when it finds two adjacent
strings it pulls them from the sequence and forms an RDN from them. A
string is interpreted as DN syntax to be independently parsed if and
only if it's not a member of a pair of strings in the sequence. Recall
the sequence can include DN, RDN and AVA classes as well as strings.
Thus in your case what happened was you had two strings in the
constructor sequence:
'cn=users,cn=accounts', 'dc=example,dc=com'
and that got interpreted as the LHS and RHS of an RDN.
The right way to have done this would have been to construct two DN's,
one for the base and one for the container, for example:
base_dn = DN('dc', 'example', 'dc', 'com')
container_dn = DN('cn', 'users, 'cn', 'accounts')
then any new DN can be constructed via:
user_dn = DN('cn', 'Bob', container_dn, base_dn)
Make sense?
Note the syntax for constructing the DN objects is very flexible, you
could build it up from a sequence of RDN objects or you could put the
values in a list and pass the list to the constructor, e.g.
base_dn_list = ['dc', 'example', 'dc', 'com']
base_dn = DN(*base_dn_list)
or even:
base_dn_list = [RDN('dc', 'example'), RDN('dc', 'com')]
base_dn = DN(*base_dn_list)
The patch requires one very minor change, the import from dn should be
from ipalib.dn import ... We run the tests from the top-level.
O.K. will do. Also I added some new functionality I discovered was
useful when I was making other fixes, such as the ability to use
in-place addition (+= operator) and concatenation (+ operator) with DN
syntax on the RHS. The unit test was enhanced to support those cases.
I'll resubmit the patch with better doc
Re: [Freeipa-devel] [PATCH] 806 configure sssd to talk to local master
On Mon, 2011-06-20 at 15:42 -0400, Rob Crittenden wrote: On masters configure sssd to only talk to the local master rather than having _srv_ as well. If we use _srv_ and a remote master is down the local master will have problems as well. ticket https://fedorahosted.org/freeipa/ticket/1187 Ack signature.asc Description: This is a digitally signed message part ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 24/24] Add utility classes for handling DN's along with their, unittest.
On 06/20/2011 04:06 PM, Rob Crittenden wrote: Take a look at ipalib/constants.py, it is full of containers like this. It is hard to review this patch without seeing how it will be used in the framework, are you planning on replacing all of these with DN constructors? Yup, I'm aware of these. There are two easy solutions: 1) Leave the containers as they are. They can always be used with DN class. This is another one of the reasons the DN class accepts DN syntax (for legacy and simplicity). The existing containers are all simple DN's, their encoded value and decoded values are identical. So as long as any programmer who adds a new container understands the encoding rules all will be good. (The problem with your example test was simply you didn't use the constructor correctly. See [PATCH 28/28] for just one way to construct a DN using the existing container and base strings as we currently have them defined.) 2) Convert the containers to DN objects. From a robustness point of view this is preferred. Converting them would be trivial. Once the containers are DN objects the programmer can't make unintentional mistakes and the objects combine correctly. The problem we were having is you CANNOT treat DN's as simple strings, they aren't simple strings, they are complex objects which in some instances are equivalent to simple strings. My thought was to do the conversion to DN objects incrementally. I deliberately wrote the classes to support incremental migration. We start with the bugs which we know are due to problems with DN handling and convert those first on an as needed basis rather than as a potentially large disruptive modification. The bottom line is we need to have some way to form DN's correctly from pieces and pick DN components apart into component pieces again. We want common utility code to do this and not have everybody take a crack at it in isolated cases when trying to fix bugs. We also want it to support our legacy implementation and be simple to use (at least those were the goals I tried to hit). Multi-valued RDNs are 100% guaranteed in IPA so the easier it is to work with them the better. I believe the classes make handling multi-valued RDN's quite easy. It's just when you start to try and explain things it seems easier to not fill the explanation with a bunch of caveats. If you understand mutli-valued RDN's and the AVA's they're composed from the classes will make perfect sense and combine easily. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH 24/24] Add utility classes for handling DN's along with their, unittest.
On 06/20/2011 04:51 PM, John Dennis wrote: On 06/20/2011 04:06 PM, Rob Crittenden wrote: Take a look at ipalib/constants.py, it is full of containers like this. It is hard to review this patch without seeing how it will be used in the framework, are you planning on replacing all of these with DN constructors? Yup, I'm aware of these. There are two easy solutions: 1) Leave the containers as they are. They can always be used with DN class. This is another one of the reasons the DN class accepts DN syntax (for legacy and simplicity). The existing containers are all simple DN's, their encoded value and decoded values are identical. So as long as any programmer who adds a new container understands the encoding rules all will be good. (The problem with your example test was simply you didn't use the constructor correctly. See [PATCH 28/28] for just one way to construct a DN using the existing container and base strings as we currently have them defined.) 2) Convert the containers to DN objects. From a robustness point of view this is preferred. Converting them would be trivial. Once the containers are DN objects the programmer can't make unintentional mistakes and the objects combine correctly. The problem we were having is you CANNOT treat DN's as simple strings, they aren't simple strings, they are complex objects which in some instances are equivalent to simple strings. I meant to add that if the container and base definitions in constants.py are converted to DN objects (a good idea I believe and easy) then in theory everything should still just work because when a DN object is evaluated in a string context (the only way these constants are used I believe) you get the identical string as to what we currently have in constants.py. The pay-off comes mostly with user supplied values which get used in conjunction with the container+base DN's because unlike what's in constants.py user supplied values are not crafted by programmers aware of the rules of LDAP syntax. It's the DN's which result from user supplied values which are the primary problem areas. It really doesn't make much sense to use DN objects in selected known problem areas, for consistency and robustness we should use just one idiom throughout the code base, things should just work much better all around. But the design of the classes allow for incremental conversion of the code as we converge on more consistent DN handling (a win/win situation). BTW, it was very difficult to track down how some values were getting corrupted along the way. After looking at both the client and server side of things and the way we designed the RPC API mechanism it became clear to me there was no easy fix, no band-aids, you really have to treat a DN string as data with known properties and behavior, e.g. an object that knows how to operate on it's internal data, everything else just has different failure modes. My thought was to do the conversion to DN objects incrementally. I deliberately wrote the classes to support incremental migration. We start with the bugs which we know are due to problems with DN handling and convert those first on an as needed basis rather than as a potentially large disruptive modification. The bottom line is we need to have some way to form DN's correctly from pieces and pick DN components apart into component pieces again. We want common utility code to do this and not have everybody take a crack at it in isolated cases when trying to fix bugs. We also want it to support our legacy implementation and be simple to use (at least those were the goals I tried to hit). Multi-valued RDNs are 100% guaranteed in IPA so the easier it is to work with them the better. I believe the classes make handling multi-valued RDN's quite easy. It's just when you start to try and explain things it seems easier to not fill the explanation with a bunch of caveats. If you understand mutli-valued RDN's and the AVA's they're composed from the classes will make perfect sense and combine easily. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0248-ipaddress-for-host-add
On 6/20/2011 2:44 PM, Adam Young wrote: ACK. As mentioned over IRC, it's better to show the IP address field before the force checkbox. This can be fixed before push. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0248-ipaddress-for-host-add
On 06/20/2011 08:07 PM, Endi Sukma Dewata wrote: On 6/20/2011 2:44 PM, Adam Young wrote: ACK. As mentioned over IRC, it's better to show the IP address field before the force checkbox. This can be fixed before push. Changed and pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0247-entity-select-for-password-policy
On 6/20/2011 10:01 AM, Adam Young wrote: ACK and pushed to master. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 0249-optional-uid.
Note that this patch needs a review by UXD in addition to code review
From 021a1dd03df86496d79a4b398f1e655d0306b8f1 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Mon, 20 Jun 2011 21:20:13 -0400
Subject: [PATCH] optional uid
Make the uid field optional
---
install/ui/dialog.js | 27 +++
install/ui/test/data/ipa_init.json |1 +
install/ui/user.js |8 +++-
ipalib/plugins/internal.py |1 +
4 files changed, 36 insertions(+), 1 deletions(-)
diff --git a/install/ui/dialog.js b/install/ui/dialog.js
index ebd6c9968bccff40d56d5a686bdc18abb83ae445..6b418b49a0b7ff536f13fad0ffbaedd920227aa4 100644
--- a/install/ui/dialog.js
+++ b/install/ui/dialog.js
@@ -188,6 +188,24 @@ IPA.dialog = function(spec) {
var span = $('span/', { 'name': field.name }).appendTo(td);
field.create(span);
+field.field_span = span;
+
+if (field.optional){
+var inputs = span.find('input');
+inputs.css('display','none');
+span.append(
+$('a/',{
+text: IPA.messages.widget.optional,
+href:'',
+click: function(){
+$(this).parent().find('input').
+css('display','inline');
+$(this).css('display','none');
+return false;
+}
+}));
+}
+
}
var sections = that.sections.values;
@@ -305,6 +323,13 @@ IPA.dialog = function(spec) {
for (var i=0; ifields.length; i++) {
var field = fields[i];
field.reset();
+if (field.optional){
+field.field_span.find('input').
+css('display','none');
+field.field_span.find('a').
+css('display','inline');
+}
+
}
var sections = that.sections.values;
@@ -327,6 +352,8 @@ IPA.dialog = function(spec) {
var factory = field_spec.factory || IPA.text_widget;
field = factory(field_spec);
+field.optional = field_spec.optional || false;
+
/* This is a bit of a hack, and is here to support ACI
permissions. The target section is a group of several
widgets together. It makes more sense to do them as a
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index b74e1b41a4d35dd68b83b6239f772649e2c79e0a..fa00a5a0603d9672c8c6891a84666c19be2899b9 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -15605,6 +15605,7 @@
sudo: Sudo
},
widget: {
+optional: Optional field: click to show,
validation_error: Text does not match field pattern
}
}
diff --git a/install/ui/user.js b/install/ui/user.js
index 0a13a546d4dd32cb5353d7960a6d91329632bc23..ccddbaf611bd47798d8cd4d6697809b1739c0afe 100644
--- a/install/ui/user.js
+++ b/install/ui/user.js
@@ -119,7 +119,13 @@ IPA.entity_factories.user = function() {
link: link
}).
adder_dialog({
-fields: ['uid', 'givenname', 'sn']
+fields: [
+{
+factory : IPA.text_widget,
+optional: true,
+name:'uid'
+},
+'givenname', 'sn']
});
return builder.build();
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 78c5a8480c44b10c83d50b71b209dc031ab08603..7cc7d63eac1534ef395ff9736214bcb34b0511fd 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -389,6 +389,7 @@ class i18n_messages(Command):
remove:_(Remove ${other_entity} from ${entity} ${primary_key}),
},
widget:{
+optional:_(Optional field: click to show),
validation_error:_(Text does not match field pattern),
},
ajax:{
--
1.7.5.2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
