[Freeipa-devel] Before we add these as Trac tasks

2010-06-08 Thread Adam Young
Here's my first, very broad stab at breaking down a reasonable chunk of work. This means nothing until Pavel has had a chance to hack at them. https://fedorahosted.org/freeipa/wiki/UITasks ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] Templating for the Web UI

2010-06-09 Thread Adam Young
Pavel and I have come to the same conclusion: JQuery seems to have the mindshare of Javascript developers. Looks like we aren't the only ones: http://stephenwalther.com/blog/archive/2010/03/16/microsoft-jquery-and-templating.aspx Perhaps I'm being blindly optimistic about the potentail for

Re: [Freeipa-devel] [PATCH] 464 User-Private groups

2010-06-11 Thread Adam Young
When the patch was applied, and the packages were installed on a clean system, ipa-server-install kicked directly into the debugger afterthe line: [7/21]: configuring user private groups stack trace showed dsinstance.py(124)has_managed_entries() -try On 06/08/2010 04:23 PM, Rob

[Freeipa-devel] Fields currently available for the user object

2010-06-16 Thread Adam Young
I was comparing what we have in the LDAP schema versus what we are coming up with for the UI. These are the fields that the user object returns if you request -all: We should either keep the UI to only showing a subset of these fields, or expand the default schema to have the fields that we

Re: [Freeipa-devel] Fields currently available for the user object

2010-06-16 Thread Adam Young
On 06/16/2010 05:09 PM, Rob Crittenden wrote: Adam Young wrote: I was comparing what we have in the LDAP schema versus what we are coming up with for the UI. These are the fields that the user object returns if you request -all: We should either keep the UI to only showing a subset

Re: [Freeipa-devel] Fields currently available for the user object

2010-06-16 Thread Adam Young
On 06/16/2010 07:03 PM, Adam Young wrote: On 06/16/2010 05:09 PM, Rob Crittenden wrote: Adam Young wrote: I was comparing what we have in the LDAP schema versus what we are coming up with for the UI. These are the fields that the user object returns if you request -all: We should either

Re: [Freeipa-devel] Fields currently available for the user object

2010-06-16 Thread Adam Young
On 06/16/2010 07:13 PM, Adam Young wrote: On 06/16/2010 07:03 PM, Adam Young wrote: On 06/16/2010 05:09 PM, Rob Crittenden wrote: Adam Young wrote: I was comparing what we have in the LDAP schema versus what we are coming up with for the UI. These are the fields that the user object returns

Re: [Freeipa-devel] [PATCH] 464 User-Private groups

2010-06-17 Thread Adam Young
On 06/14/2010 08:44 AM, Rob Crittenden wrote: Adam Young wrote: When the patch was applied, and the packages were installed on a clean system, ipa-server-install kicked directly into the debugger afterthe line: [7/21]: configuring user private groups stack trace showed dsinstance.py(124

[Freeipa-devel] Writing to /var/cache/ipa/assets/

2010-06-18 Thread Adam Young
Pavel's current code base tries to write to /var/cache/ipa/assets/ from within httpd, which is forbidden by SELinux. I suspect the code in the mainline might be doing this as well. The work around is: chcon -R -t httpd_sys_content_rw_t /var/cache/ipa/assets semanage fcontext -a -t

Re: [Freeipa-devel] Writing to /var/cache/ipa/assets/

2010-06-18 Thread Adam Young
On 06/18/2010 04:51 PM, Rob Crittenden wrote: Adam Young wrote: Pavel's current code base tries to write to /var/cache/ipa/assets/ from within httpd, which is forbidden by SELinux. I suspect the code in the mainline might be doing this as well. The work around is: chcon -R -t

Re: [Freeipa-devel] Writing to /var/cache/ipa/assets/

2010-06-18 Thread Adam Young
On 06/18/2010 05:53 PM, Simo Sorce wrote: On Fri, 18 Jun 2010 17:28:19 -0400 Adam Youngayo...@redhat.com wrote: On 06/18/2010 04:51 PM, Rob Crittenden wrote: Adam Young wrote: Pavel's current code base tries to write to /var/cache/ipa/assets/ from within httpd, which

Re: [Freeipa-devel] Writing to /var/cache/ipa/assets/

2010-06-22 Thread Adam Young
On 06/22/2010 05:45 AM, Pavel Zuna wrote: On 06/19/2010 12:22 AM, Adam Young wrote: On 06/18/2010 05:53 PM, Simo Sorce wrote: On Fri, 18 Jun 2010 17:28:19 -0400 Adam Youngayo...@redhat.com wrote: On 06/18/2010 04:51 PM, Rob Crittenden wrote: Adam Young wrote: Pavel's current code base

Re: [Freeipa-devel] [PATCH] 464 User-Private groups

2010-06-25 Thread Adam Young
On 06/25/2010 04:17 PM, Rob Crittenden wrote: Rob Crittenden wrote: Adam Young wrote: On 06/14/2010 08:44 AM, Rob Crittenden wrote: Adam Young wrote: When the patch was applied, and the packages were installed on a clean system, ipa-server-install kicked directly into the debugger afterthe

[Freeipa-devel] New web directory

2010-06-28 Thread Adam Young
I think we need a new web directory, something similar to /usr/share/ipa/html, but that shows up in the web url. The wsgi code chops off the file extension, so user.html becomes user. THis will break the javascript. I'm assuming that was why we're currently putting the .js files into

[Freeipa-devel] Development approach.

2010-06-28 Thread Adam Young
I've attempted to document what I think our approach should be for the FreeIPA Web UI. THe document is here: https://fedorahosted.org/freeipa/wiki/UIApproach For those adverse to clicking links, I'll inline it below as well. Please comment on specific section. This page is just a draft,

Re: [Freeipa-devel] New web directory

2010-07-07 Thread Adam Young
On 07/06/2010 02:35 PM, Rob Crittenden wrote: Adam Young wrote: I think we need a new web directory, something similar to /usr/share/ipa/html, but that shows up in the web url. The wsgi code chops off the file extension, so user.html becomes user. THis will break the javascript. I'm

Re: [Freeipa-devel] [PATCH] 478 better startup error handling

2010-07-09 Thread Adam Young
On 06/25/2010 01:52 PM, Rob Crittenden wrote: This patch will limit the amount of output in the Apache error log by default. It should suppress the traceback and just display the exception. This is mostly to handle LDAP connection issues during startup where we retrieve the schema but it could

[Freeipa-devel] [PATCH] 471

2010-07-14 Thread Adam Young
Ack ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 485 fix ipa-compat-manage and ipa-nis-manage

2010-07-14 Thread Adam Young
On 07/14/2010 03:40 PM, Rob Crittenden wrote: The commands ipa-compat-manage and ipa-nis-manage didn't really work properly. I think some backend changes caused at least some of the problems. I fixed a few errors causing backtraces as well as some corner cases. Enabling nis added a new

Re: [Freeipa-devel] [PATCH] 486 fix nis netgroups map

2010-07-14 Thread Adam Young
On 07/14/2010 03:41 PM, Rob Crittenden wrote: The netgroups map was being served out of the compat subtree. This wasn't working and it is better for the nis plugin to generate its data itself, so I added the rule there as well. rob ___

Re: [Freeipa-devel] [PATCH] 487 fix netgroup plugin

2010-07-14 Thread Adam Young
On 07/14/2010 03:43 PM, Rob Crittenden wrote: The netgroup plugin was using the wrong attribute for memberships. It needs to use memberuser for users and groups and memberhost for hosts and hostgroups. I fixed this up and corrected the tests as well. rob

Re: [Freeipa-devel] [PATCH] 487 fix netgroup plugin

2010-07-14 Thread Adam Young
On 07/14/2010 07:52 PM, Dmitri Pal wrote: Adam Young wrote: On 07/14/2010 03:43 PM, Rob Crittenden wrote: The netgroup plugin was using the wrong attribute for memberships. It needs to use memberuser for users and groups and memberhost for hosts and hostgroups. I fixed this up

Re: [Freeipa-devel] [PATCH] 487 fix netgroup plugin

2010-07-15 Thread Adam Young
On 07/15/2010 09:15 AM, Rob Crittenden wrote: Adam Young wrote: On 07/14/2010 07:52 PM, Dmitri Pal wrote: Adam Young wrote: On 07/14/2010 03:43 PM, Rob Crittenden wrote: The netgroup plugin was using the wrong attribute for memberships. It needs to use memberuser for users and groups

Re: [Freeipa-devel] Communicating with FreeIPA via curl

2010-07-22 Thread Adam Young
On 07/22/2010 08:16 AM, Simo Sorce wrote: On Wed, 21 Jul 2010 16:13:12 -0400 Adam Youngayo...@redhat.com wrote: The web UI uses JSON RPC to talk to the server. As I look at implement more and more functionality, I find I want to see the JSON messages much the same way that the ipa

[Freeipa-devel] Remove the assets and wehjits code

2010-07-26 Thread Adam Young
%endif %changelog +* Thu Jun 24 2010 Adam Young ayo...@redhat.com - 1.99-24 +- Removed python-asset based webui + * Thu Jun 24 2010 Rob Crittenden rcrit...@redhat.com - 1.99-23 - Change Requires from fedora-ds-base to 389-ds-base - Set minimum level of 389-ds-base to 1.2.6 for the replication

[Freeipa-devel] [PATCH] Remove the assets and wehjits code

2010-07-26 Thread Adam Young
@@ fi %endif %changelog +* Thu Jun 24 2010 Adam Young ayo...@redhat.com - 1.99-24 +- Removed python-asset based webui + * Thu Jun 24 2010 Rob Crittenden rcrit...@redhat.com - 1.99-23 - Change Requires from fedora-ds-base to 389-ds-base - Set minimum level of 389-ds-base to 1.2.6

Re: [Freeipa-devel] [PATCH] 477 add tests for ipalib/x509

2010-07-28 Thread Adam Young
On 06/25/2010 09:47 AM, Rob Crittenden wrote: Add some basic tests for loading certs and retrieving the data we use. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel I'll give it a

Re: [Freeipa-devel] [PATCH] 488 use the python-nss CertificateRequest object

2010-07-28 Thread Adam Young
On 07/20/2010 02:12 PM, Rob Crittenden wrote: This drops our own PKCS#10 parser and uses the one from python-nss. I had to bump up the minimum required version of python-nss to pick up some new API for this. This introduces some new challenges for us. NSS needs to be initialized for you to

Re: [Freeipa-devel] [PATCH] 489 initial entitlement support

2010-07-28 Thread Adam Young
On 07/21/2010 03:47 PM, Rob Crittenden wrote: This adds the container and initial ACIs to store and management entitlements. A management plugin will come later. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] WebUI Code review

2010-07-29 Thread Adam Young
Once more, here is the web UI for cod ereview. It is not complete, but this should be sufficient to give people a sense of where the UI is going. https://fedorahosted.org/reviewboard/r/75/ To test it, once the ipa server is set up, and kinit has been run, browse to

Re: [Freeipa-devel] WebUI Code review

2010-07-29 Thread Adam Young
On 07/29/2010 10:20 PM, Adam Young wrote: Once more, here is the web UI for cod ereview. It is not complete, but this should be sufficient to give people a sense of where the UI is going. https://fedorahosted.org/reviewboard/r/75/ To test it, once the ipa server is set up, and kinit has

[Freeipa-devel] Leap of faith: Merging in the new web UI

2010-07-30 Thread Adam Young
Rob commented earlier this week that the new Web UI code would require a leap of faith for merging into the mainline. I've decided to make that leap, and merged and pushed the code to master. With the small exception of a the whoami plugin, this code does not make any changes to the CLI,

Re: [Freeipa-devel] [PATCH] 490 add DNS lookup to new hosts/services

2010-07-30 Thread Adam Young
On 07/22/2010 02:25 PM, Rob Crittenden wrote: Make sure that the host behind new host and service records is actually a resolvable DNS A record. There is a --force flag if you know what you are doing (or just feel like charging ahead anyway). We use a lot of made-up names in the self-tests,

[Freeipa-devel] [Patch] Install infrastructure for new web UI.

2010-08-03 Thread Adam Young
This patch is one of a series that are the web UI code broken out into 4 separate patches. This one contains the changes to the files used for the build and configure infrastructure code to support the new web ui. From 07973bae42ac7506952957a45e3d7e2e4e1d2779 Mon Sep 17 00:00:00 2001 From: Adam

Re: [Freeipa-devel] [PATCH] 451 fix i18n test

2010-08-04 Thread Adam Young
On 05/27/2010 10:29 AM, Pavel Zuna wrote: On 05/21/2010 11:35 PM, Rob Crittenden wrote: Fix this test to work from source tree root It would work if you ran the test from its location in tests/test_ipalib but this isn't the most common method. If you want to run it individually you can do:

Re: [Freeipa-devel] [PATCH] 490 add DNS lookup to new hosts/services

2010-08-04 Thread Adam Young
On 07/30/2010 04:02 PM, Adam Young wrote: On 07/22/2010 02:25 PM, Rob Crittenden wrote: Make sure that the host behind new host and service records is actually a resolvable DNS A record. There is a --force flag if you know what you are doing (or just feel like charging ahead anyway). We use

Re: [Freeipa-devel] [PATCH] 491 Fix replacing a certificate in a service.

2010-08-04 Thread Adam Young
On 07/22/2010 04:14 PM, Rob Crittenden wrote: Rob Crittenden wrote: When a service has a certificate and the CA backend doesn't support revocation (like selfsign) then we simply drop the old certificate in preparation for adding a new one. We weren't setting the usercertificate attribute to

Re: [Freeipa-devel] [PATCH] 492 fix env plugin

2010-08-04 Thread Adam Young
On 07/26/2010 06:00 PM, Rob Crittenden wrote: The env plugin was displaying just the number of entries in the environment, not the values. Add an --all flag to print those, on by default. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 493 skip lang test if not built

2010-08-04 Thread Adam Young
On 07/26/2010 06:01 PM, Rob Crittenden wrote: The i18n tests were failing if the language wasn't built. Skip it in this case and inform the user what to run to get the test to execute. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 490 add DNS lookup to new hosts/services

2010-08-05 Thread Adam Young
On 08/05/2010 08:45 AM, Rob Crittenden wrote: Adam Young wrote: On 07/30/2010 04:02 PM, Adam Young wrote: On 07/22/2010 02:25 PM, Rob Crittenden wrote: Make sure that the host behind new host and service records is actually a resolvable DNS A record. There is a --force flag if you know what

Re: [Freeipa-devel] Proposal to reset master branch

2010-08-05 Thread Adam Young
On 08/03/2010 01:53 PM, Adam Young wrote: Proposal to reset master branch to last known good commit prior to the merge of the web UI code. Since the push on Friday complicates the source tree unnecessarily, making it difficult to track actual change4s done as well as to reproduce the current

Re: [Freeipa-devel] Proposal to reset master branch

2010-08-05 Thread Adam Young
On 08/05/2010 12:00 PM, Adam Young wrote: On 08/03/2010 01:53 PM, Adam Young wrote: Proposal to reset master branch to last known good commit prior to the merge of the web UI code. Since the push on Friday complicates the source tree unnecessarily, making it difficult to track actual

Re: [Freeipa-devel] [PATCH] 495 user/group name validation

2010-08-05 Thread Adam Young
On 07/27/2010 04:38 PM, Rob Crittenden wrote: Add optional error message to pattern validator and enforces valid user/group names. The pattern validator by default displays the pattern that is being matched against. This isn't helpful, particularly for very hairy patterns. This adds a new

Re: [Freeipa-devel] [PATCH] 496 fix RPC tests

2010-08-05 Thread Adam Young
On 07/27/2010 04:40 PM, Rob Crittenden wrote: Fix the RPC tests. The method name comes back as a unicode from xmlrpclib.loads(). With this and a fix in patch 495 all tests should now pass. rob ___ Freeipa-devel mailing list

Re: [Freeipa-devel] [PATCH] 499 show failures when adding/removing members from all group types

2010-08-05 Thread Adam Young
On 08/02/2010 06:14 PM, Rob Crittenden wrote: Properly show the members when an add/remove operation fails. The remove member function in baseldap was not returning failures at all. The add member function was only showing them in the group object. Most of the magic is handled in baseldap.

Re: [Freeipa-devel] [PATCH] 493 skip lang test if not built

2010-08-05 Thread Adam Young
On 08/04/2010 03:56 PM, Adam Young wrote: On 07/26/2010 06:01 PM, Rob Crittenden wrote: The i18n tests were failing if the language wasn't built. Skip it in this case and inform the user what to run to get the test to execute. rob ___ Freeipa

Re: [Freeipa-devel] [Patch] Simple-plugin-for-reflecting-user-principal

2010-08-05 Thread Adam Young
On 08/05/2010 11:01 AM, Pavel Zůna wrote: On 2010-08-04 01:49, Adam Young wrote: This is a required patch for the UI code. Basically, the Kerberos authentication method does not provide any way for the web ui to know who logged in. With this patch, we can do the equivalent of 'ipa whoami

[Freeipa-devel] gitweb doesn't show the correct histroy for webui-details

2010-08-06 Thread Adam Young
The recent reset of the origin/master branch for FreeIPA has had the side effec that it left gitweb confused. I've noticed the same thing on both my personal gitweb and the fedorahosted.org server: webui-details seems to show the tree from the same place as master currently shows. However,

Re: [Freeipa-devel] [Patch] Changes to the python infrastructure-supporting-the-web ui

2010-08-06 Thread Adam Young
On 08/06/2010 11:51 AM, Rob Crittenden wrote: Adam Young wrote: This code contains the changes to the python code necessary to support the new web ui. It handles the changes to the baseldap code necessary to expose the meta data to the front end, as well as the installation support. nack

Re: [Freeipa-devel] [patch] The Javascript code for the new web ui

2010-08-06 Thread Adam Young
On 08/06/2010 11:46 AM, Rob Crittenden wrote: Adam Young wrote: On 08/04/2010 11:05 AM, Adam Young wrote: On 08/03/2010 07:51 PM, Adam Young wrote: This code is the javascript, html and sample data code at the heart of the new web UI. ___ Freeipa

Re: [Freeipa-devel] [PATCH] 490 add DNS lookup to new hosts/services

2010-08-06 Thread Adam Young
On 08/05/2010 10:36 AM, Rob Crittenden wrote: Adam Young wrote: On 08/05/2010 08:45 AM, Rob Crittenden wrote: Adam Young wrote: On 07/30/2010 04:02 PM, Adam Young wrote: On 07/22/2010 02:25 PM, Rob Crittenden wrote: Make sure that the host behind new host and service records is actually

[Freeipa-devel] [Patch] 0001-Remove-search-field-on-group-button.patch

2010-08-06 Thread Adam Young
In reusing the search functionality for the group listing, we don't want the search field or button. THis patch hides it, while also performing some initialization/cleanup for the Enroll button From e9c411d6874bf5d1b4a16cad58bcdb97bde21601 Mon Sep 17 00:00:00 2001 From: Adam Young ayo

[Freeipa-devel] [Patch] IPA-HTTPD-config-uses-usr-share-static-as-target-

2010-08-06 Thread Adam Young
Changes the URI for the WebUI from ipa/static to ipa/ui, which makes the existing redirects work again. From 4ca2fc7223827e8ca97529acfe28c4c366bb14e9 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Fri, 6 Aug 2010 15:43:27 -0400 Subject: [PATCH 2/2] IPA HTTPD config uses /usr

Re: [Freeipa-devel] [PATCH] 501 report managedby errors

2010-08-09 Thread Adam Young
On 08/06/2010 01:10 PM, Rob Crittenden wrote: Report failures when adding/removing members to the managedby attribute (services and hosts). rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [Patch] 0001-Remove-search-field-on-group-button.patch

2010-08-09 Thread Adam Young
On 08/09/2010 01:27 PM, Rob Crittenden wrote: Adam Young wrote: In reusing the search functionality for the group listing, we don't want the search field or button. THis patch hides it, while also performing some initialization/cleanup for the Enroll button ack rob pushed to master

Re: [Freeipa-devel] [Patch] IPA-HTTPD-config-uses-usr-share-static-as-target-

2010-08-09 Thread Adam Young
On 08/09/2010 01:26 PM, Rob Crittenden wrote: Adam Young wrote: Changes the URI for the WebUI from ipa/static to ipa/ui, which makes the existing redirects work again. ack pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH] Web UI Group-add

2010-08-09 Thread Adam Young
This patch adds the ability to add a new group. is Posix and group Id fields are passed on accordingly. From d434b8dd837f80d0fc2e66aef6dcb68abe8ae61f Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Mon, 9 Aug 2010 16:32:52 -0400 Subject: [PATCH] Group add functionality now

Re: [Freeipa-devel] [PATCH] Web UI Group-add

2010-08-09 Thread Adam Young
On 08/09/2010 05:17 PM, Rob Crittenden wrote: Adam Young wrote: This patch adds the ability to add a new group. is Posix and group Id fields are passed on accordingly. ack pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 503 fix user tests

2010-08-09 Thread Adam Young
On 08/09/2010 04:47 PM, Rob Crittenden wrote: Fix the failing user test. It was failing because the entry has a user-private group and were weren't accounting for it in the expected data. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] Add new parameters to LDAPSearch: timelimit and sizelimit.

2010-08-09 Thread Adam Young
On 08/09/2010 05:01 PM, Rob Crittenden wrote: Pavel Zůna wrote: Doesn't include Robs loading of default values from cn=ipaConfig. Pavel ack for now. We're going to need to remove the built-in defaults at some point and have it default to the value in cn=ipaconfig. I still need to rework

Re: [Freeipa-devel] [PATCH] Add a new INTERNAL plugin that exports plugin meta-data into JSON.

2010-08-10 Thread Adam Young
On 08/10/2010 03:47 PM, Rob Crittenden wrote: Pavel Zuna wrote: This is required for the webUI, since we're dropping Genshi. *ehm* :) You can't use this command on the CLI. It takes one optional argument: the name of an IPA object. If not specified, meta-data for all objects are returned.

Re: [Freeipa-devel] [PATCH] Clean ipa.js and make it load plugin meta-data over JSON-RPC.

2010-08-10 Thread Adam Young
On 08/10/2010 03:50 PM, Rob Crittenden wrote: Pavel Zuna wrote: What it means? Well, first I removed some development control variables from ipa.js. Namely useSampleData and sizelimit. I moved useSampleData to the top of index.xhtml. This way we won't forget about it when we don't need it

[Freeipa-devel] Changing the param scheme

2010-08-11 Thread Adam Young
Pavel, I made a small change to the ipa.js:ipa_parse_qp that you should note: -qs = location.search.substring(1, location.search.length); +qs = location.hash.substring(1); Instead of searching for the ? it serach for the #. THis works much more cleanly with Javascript by allowing

Re: [Freeipa-devel] [PATCH] 494 ipa command failover

2010-08-12 Thread Adam Young
On 07/26/2010 06:02 PM, Rob Crittenden wrote: Add failover to the ipa command. If the server defined in /etc/ipa/default.conf is not available then each ldap SRV record in DNS is tried until either one is found that works or none of the available servers are responding. ticket #15 rob

Re: [Freeipa-devel] [PATCH] Add a new INTERNAL plugin that exports plugin meta-data into JSON.

2010-08-13 Thread Adam Young
On 08/11/2010 02:07 PM, Pavel Zůna wrote: On 2010-08-10 21:47, Rob Crittenden wrote: Pavel Zuna wrote: This is required for the webUI, since we're dropping Genshi. *ehm* :) You can't use this command on the CLI. It takes one optional argument: the name of an IPA object. If not specified,

Re: [Freeipa-devel] [PATCH] Change the behaviour of addattr/setattr parameters

2010-08-13 Thread Adam Young
directory: /home/kfrog Login shell: /bin/sh UID: 555 Groups: ipausers [r...@ipa ~]# ipa user-mod --setattr uidnumber=frog kfrog ipa: ERROR: invalid 'uidnumber': must be an integer From 030b5dab93971495d8656f7886c29136e118a9e6 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Fri

Re: [Freeipa-devel] [PATCH] Change the behaviour of addattr/setattr parameters

2010-08-13 Thread Adam Young
On 08/13/2010 04:24 PM, Adam Young wrote: On 08/12/2010 09:35 AM, Pavel Zůna wrote: On 2010-08-12 14:38, Rob Crittenden wrote: Pavel Zůna wrote: On 2010-08-12 04:46, Rob Crittenden wrote: Pavel Zůna wrote: setattr and addattr can now be used both to set all values of ANY attribute. the last

Re: [Freeipa-devel] [PATCH] Add a new INTERNAL plugin that exports plugin meta-data into JSON.

2010-08-13 Thread Adam Young
On 08/13/2010 03:17 PM, Adam Young wrote: On 08/11/2010 02:07 PM, Pavel Zůna wrote: On 2010-08-10 21:47, Rob Crittenden wrote: Pavel Zuna wrote: This is required for the webUI, since we're dropping Genshi. *ehm* :) You can't use this command on the CLI. It takes one optional argument

Re: [Freeipa-devel] [PATCH] Change the behaviour of addattr/setattr parameters

2010-08-13 Thread Adam Young
Here's my version, that just calls the parameter prior to updating the attr. I tested it with: [r...@ipa ~]# ipa user-mod --setattr uidnumber=555 kfrog - Modified user kfrog - User login: kfrog First name: Kermit Last name: Frog Home

[Freeipa-devel] Change the behaviour of addattr/setattr parameters

2010-08-16 Thread Adam Young
I'm going to top post this to make sure it gets seen. Just ran the details patch on top of this, and the user details page does not work with it. If you submit the page even with a minor edit to the full name you get an error: 'login' is required. I've tested it out with the JSON and CURL:

Re: [Freeipa-devel] Change the behaviour of addattr/setattr parameters

2010-08-16 Thread Adam Young
On 08/16/2010 09:30 AM, Adam Young wrote: I'm going to top post this to make sure it gets seen. Just ran the details patch on top of this, and the user details page does not work with it. If you submit the page even with a minor edit to the full name you get an error: 'login' is required

Re: [Freeipa-devel] [PATCH] 505 make logging more configurable

2010-08-16 Thread Adam Young
On 08/10/2010 10:03 AM, Rob Crittenden wrote: Make the server log level more configurable, not defaulting to debug. This disables debug output in the Apache log by default. If you want increased output create /etc/ipa/server.conf and set it to: [global] debug=True If this is too much output

Re: [Freeipa-devel] [PATCH] 507 add support for ldap:///self bind rules in the aci plugin

2010-08-16 Thread Adam Young
On 08/10/2010 01:24 PM, Rob Crittenden wrote: Add support for ldap:///self bind rules This is added mainly so the self service rules can be updated without resorting to ldapmodify. ticket 80 rob ___ Freeipa-devel mailing list

Re: [Freeipa-devel] Fwd: [Freeipa-users] [PATCH] 510 enable compat plugin by default

2010-08-16 Thread Adam Young
On 08/11/2010 04:07 PM, Rob Crittenden wrote: originall sent to wrong list ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK ___

Re: [Freeipa-devel] Fwd: [Freeipa-users] [PATCH] 511 improve dogtag install feedback and add arg to pkisilent

2010-08-16 Thread Adam Young
On 08/16/2010 05:56 PM, Rob Crittenden wrote: Rob Crittenden wrote: Ok, this time forward the e-mail with the patch. Updated patch. There was a merge failure in ipa.spec.in. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] Fix Update function on details page.

2010-08-17 Thread Adam Young
On 08/17/2010 09:09 AM, Pavel Zuna wrote: On 08/17/2010 03:08 PM, Pavel Zuna wrote: This is a fix to the setattr/addattr problem discussed in the thread: [Freeipa-devel] [PATCH] Change the behaviour of addattr/setattr parameters The problem was that parameters with no values are

[Freeipa-devel] Extending Details, user and otherwise

2010-08-17 Thread Adam Young
The structure of our details code is basciallt [categorid, categoryDisplay, atrrtibutes] and attributes are [attributeId, attributeDisplay, I've inlined the user details at the bottom as an example. In order to make these configuratble by the end user, here is a strawman proposal:

Re: [Freeipa-devel] [PATCH] Fix Update function on details page.

2010-08-17 Thread Adam Young
On 08/17/2010 09:09 AM, Pavel Zuna wrote: On 08/17/2010 03:08 PM, Pavel Zuna wrote: This is a fix to the setattr/addattr problem discussed in the thread: [Freeipa-devel] [PATCH] Change the behaviour of addattr/setattr parameters The problem was that parameters with no values are

Re: [Freeipa-devel] [PATCH] Clean ipa.js and make it load plugin meta-data over JSON-RPC.

2010-08-17 Thread Adam Young
On 08/10/2010 01:30 PM, Pavel Zuna wrote: What it means? Well, first I removed some development control variables from ipa.js. Namely useSampleData and sizelimit. I moved useSampleData to the top of index.xhtml. This way we won't forget about it when we don't need it anymore. sizelimit has

Re: [Freeipa-devel] [PATCH] Fix Update function on details page.

2010-08-17 Thread Adam Young
On 08/17/2010 09:09 AM, Pavel Zuna wrote: On 08/17/2010 03:08 PM, Pavel Zuna wrote: This is a fix to the setattr/addattr problem discussed in the thread: [Freeipa-devel] [PATCH] Change the behaviour of addattr/setattr parameters The problem was that parameters with no values are

Re: [Freeipa-devel] [PATCH] Clean details.js.

2010-08-17 Thread Adam Young
On 08/10/2010 01:30 PM, Pavel Zuna wrote: What does it mean? I removed duplicate code, that was pasted here from the user details page. ipa_details_init doesn't call ipa_init anymore. ipa_details_create takes a second optional parameter, that can be set to a container element if we want to

Re: [Freeipa-devel] [PATCH] Make user details work again in the webUI.

2010-08-17 Thread Adam Young
On 08/10/2010 01:31 PM, Pavel Zuna wrote: Unfortunately we can't have any javascript in *.inc files, because the browser will strip them for security reasons. I moved all the attribute callbacks etc. to the only logical place: user.js. It's fine for now, but user.js is going to need some

Re: [Freeipa-devel] [PATCH] Add link to json2.js to index.xhtml.

2010-08-18 Thread Adam Young
On 08/18/2010 08:43 AM, Pavel Zuna wrote: Applies after Adam's 0008 patch (Hash params). Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK It should apply before mine, too,

Re: [Freeipa-devel] [PATCH] 513 global size and time limit patch

2010-08-18 Thread Adam Young
On 08/18/2010 02:18 PM, Rob Crittenden wrote: Use the global time and size limits on searches if not user-provided. This removes the default settings for searching but the option is still there. I also added a test to ensure that the limit is properly enforced and the truncated flag is set.

[Freeipa-devel] [PATCH] Hash Params Redux

2010-08-18 Thread Adam Young
The patch replaces the earlier Hash Params patch. It fixs the build issues, and fixes the group details page as well. From 3cdb647946c49463ad8c4119ca64e514f59a0a51 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Wed, 18 Aug 2010 16:55:26 -0400 Subject: [PATCH 1/2] Changes

[Freeipa-devel] admiyo-freeipa-0011 const correctness in ipa-client

2010-08-19 Thread Adam Young
https://fedorahosted.org/freeipa/attachment/ticket/148/admiyo-freeipa-0011-const-correctness.patch made the data type for server consistent and correct across its usage. From 30d494247a84b96f78183225c6fdd67be0d2827d Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Thu, 19 Aug

[Freeipa-devel] [PATCH] admiyo 0012 ldap_initialize

2010-08-19 Thread Adam Young
:00:00 2001 From: Adam Young ayo...@redhat.com Date: Thu, 19 Aug 2010 16:49:50 -0400 Subject: [PATCH] ldap_initialize the code was calling ldap_init, which is a deprecated function, and getting a compilation warning. This version uses the recommended function ldap_initilaize. --- ipa-client/ipa

Re: [Freeipa-devel] [PATCH] Sample Metadata

2010-08-19 Thread Adam Young
On 08/19/2010 05:48 PM, Rob Crittenden wrote: Adam Young wrote: This is a trivial patch (despite its length) which is a snapshot of the output of the metadata plugin. This is required to do serverless development, but does not impact the deployed code. ACK I removed a slew of trailing

Re: [Freeipa-devel] [PATCH] Fix script tags in index.xhtml. End tag is required.

2010-08-19 Thread Adam Young
On 08/19/2010 06:51 PM, Pavel Zůna wrote: On 2010-08-20 00:48, Pavel Zůna wrote: The paste server had some issues with it and end tags are required by the standard anyway. Pavel I forgot to mention that this applies after Adam's 0009 patch (updated Hash Params). Pavel

Re: [Freeipa-devel] [PATCH] admiyo 0012 ldap_initialize

2010-08-19 Thread Adam Young
On 08/19/2010 05:45 PM, Rob Crittenden wrote: Adam Young wrote: Gets rid of the last of our compiler warnings by removing a deprecated function call :ldap_init should be replaced with ldap_initialize. https://fedorahosted.org/freeipa/attachment/ticket/151/admiyo-freeipa-0012

Re: [Freeipa-devel] [PATCH] admiyo 0012 ldap_initialize

2010-08-19 Thread Adam Young
On 08/19/2010 08:31 PM, Adam Young wrote: On 08/19/2010 05:45 PM, Rob Crittenden wrote: Adam Young wrote: Gets rid of the last of our compiler warnings by removing a deprecated function call :ldap_init should be replaced with ldap_initialize. https://fedorahosted.org/freeipa/attachment/ticket

Re: [Freeipa-devel] [PATCH] Hash Params Redux

2010-08-19 Thread Adam Young
On 08/19/2010 06:41 PM, Pavel Zůna wrote: On 2010-08-18 22:59, Adam Young wrote: The patch replaces the earlier Hash Params patch. It fixs the build issues, and fixes the group details page as well. Git still reports white space errors, but that's hardly a show stopper. ACK. Pavel

Re: [Freeipa-devel] admiyo-freeipa-0011 const correctness in ipa-client

2010-08-20 Thread Adam Young
On 08/20/2010 09:41 AM, Rob Crittenden wrote: Adam Young wrote: https://fedorahosted.org/freeipa/attachment/ticket/148/admiyo-freeipa-0011-const-correctness.patch made the data type for server consistent and correct across its usage. ACK pushed to master

[Freeipa-devel] [PATCH] admiyo-freeipa-0013 Revert of the host details patch

2010-08-20 Thread Adam Young
That patch got pushed by accident. Reverting. From 2742001ed0deaa4c23d5709d5244804bf29d0543 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Fri, 20 Aug 2010 11:16:36 -0400 Subject: [PATCH] Revert Started pulling the details functionality into the details form object. DOing

[Freeipa-devel] Object structure for UI

2010-08-20 Thread Adam Young
I've been working with the add host and host details pages for the past couple of days. It is getting time to refactor how we do add and details, to avoid cutting and pasting. Here's the general structure I'm approach on taking. For each collection (user, group, host, etc) there will be an

Re: [Freeipa-devel] [PATCH] 516 remove passwords from logs

2010-08-22 Thread Adam Young
On 08/20/2010 06:23 PM, Rob Crittenden wrote: This replaces the existing no password logging code. It only removed passwords sent on the command line, not those that may be in the stdout/stderr of the response from the command. I found a couple of invocations of ssl_get that weren't being

Re: [Freeipa-devel] [PATCH] 515 F-14 compatibility patch

2010-08-22 Thread Adam Young
On 08/20/2010 04:20 PM, Rob Crittenden wrote: F-14 introduced a number of changes including an updated krb5 server package and python 2.7. In krb5 the binaries moved from /usr/kerberos/* to /usr/* so some paths need to be adjusted. What I did was include a PATH in the env that covers both of

Re: [Freeipa-devel] Extending Details, user and otherwise

2010-08-23 Thread Adam Young
On 08/23/2010 08:28 AM, Pavel Zuna wrote: On 08/17/2010 08:12 PM, Adam Young wrote: The structure of our details code is basciallt [categorid, categoryDisplay, atrrtibutes] and attributes are [attributeId, attributeDisplay, I've inlined the user details at the bottom as an example

Re: [Freeipa-devel] BA-BBQ

2010-08-23 Thread Adam Young
On 08/23/2010 07:51 AM, Pavel Zuna wrote: On 08/23/2010 04:12 AM, Adam Young wrote: Pavel, Thoughts of jquery.ba-bbq have been marinating in the back of my brain. I know that the Back button doesn't work so well with hjashparams, and that BBQ purports to fix this, but I had some sort

Re: [Freeipa-devel] [PATCH] admiyo-freeipa-0013 Revert of the host details patch

2010-08-23 Thread Adam Young
On 08/20/2010 11:19 AM, Adam Young wrote: That patch got pushed by accident. Reverting. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Pushed to master

  1   2   3   4   5   6   7   8   9   10   >