subject:"\[Freeipa\-devel\] \[PATCH\] 543 Trust domains Web UI"

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

2014-01-21 Thread Petr Vobornik


On 20.1.2014 18:01, Alexander Bokovoy wrote:

On Fri, 17 Jan 2014, Petr Vobornik wrote:

Note: this version of the patch is especially prepared for ipa-3-3
branch.

Add Web UI counterpart of following CLI commands:

* trust-fetch-domains Refresh list of the domains associated with the
trust
* trustdomain-del Remove infromation about the domain associated with
the trust.
* trustdomain-disable Disable use of IPA resources by the domain of
the trust
* trustdomain-enable Allow use of IPA resources by the domain of the
trust
* trustdomain-find Search domains of the trust

https://fedorahosted.org/freeipa/ticket/4119

ACK functionally, everything works for me.

I wonder if you could make UI a bit smarter and prevent enable/disable
actions for the forest root trusted domain. Right now selecting it for
'disable' will show you an error telling that disabling root domain is
not possible.




Some enhancement could be done in this area. Similar issue is also 
present when enabling/disabling already enabled/disabled items (not just 
in trusted domains but also in users, HBAC and SUDO rules... pages).


But what should be the ideal behavior?

We must take into considerations facts as follows:
- button which executes the action is enabled/disabled based on user 
selection

- user can select multiple items
- some of those items are suitable for the action (e.g., disabled items 
for enable action), some not (disabled for disable).

- backend will tell us what succeeded and what not

Current behavior:
- action button is enabled when user selects any item
- after action execution, user is told, if some or all items were not 
suitable (the action was not performed for them).


If server behaves correctly this UI behavior should not cause any harm.

Some possible enhancements are:
1. Do not enable action button if all selected items are not suitable 
for the action. If some are suitable, continue with current behavior


2. If some of selected items are not suitable, show a warning dialog 
which will list items for which the action will be executed and items 
for which it won't be. After confirmation, request will be sent only 
with suitable items.


3. Do not enable action button if some selected item is not suitable.

#1 and #2 can be combined. I'm not a fan of #3; sounds more like a drawback.

Do you have something similar in mind?

Anyway I don't think this is a material for IPA 3.3. If you agree, I 
will open a new ticket and also ask Kyle for his option on this topic.

--
Petr Vobornik

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

2014-01-21 Thread Alexander Bokovoy


On Tue, 21 Jan 2014, Petr Vobornik wrote:

On 20.1.2014 18:01, Alexander Bokovoy wrote:

On Fri, 17 Jan 2014, Petr Vobornik wrote:

Note: this version of the patch is especially prepared for ipa-3-3
branch.

Add Web UI counterpart of following CLI commands:

* trust-fetch-domains Refresh list of the domains associated with the
trust
* trustdomain-del Remove infromation about the domain associated with
the trust.
* trustdomain-disable Disable use of IPA resources by the domain of
the trust
* trustdomain-enable Allow use of IPA resources by the domain of the
trust
* trustdomain-find Search domains of the trust

https://fedorahosted.org/freeipa/ticket/4119

ACK functionally, everything works for me.

I wonder if you could make UI a bit smarter and prevent enable/disable
actions for the forest root trusted domain. Right now selecting it for
'disable' will show you an error telling that disabling root domain is
not possible.




Some enhancement could be done in this area. Similar issue is also 
present when enabling/disabling already enabled/disabled items (not 
just in trusted domains but also in users, HBAC and SUDO rules... 
pages).


But what should be the ideal behavior?

We must take into considerations facts as follows:
- button which executes the action is enabled/disabled based on user 
selection

- user can select multiple items
- some of those items are suitable for the action (e.g., disabled 
items for enable action), some not (disabled for disable).

- backend will tell us what succeeded and what not

Current behavior:
- action button is enabled when user selects any item
- after action execution, user is told, if some or all items were not 
suitable (the action was not performed for them).


If server behaves correctly this UI behavior should not cause any harm.

Some possible enhancements are:
1. Do not enable action button if all selected items are not suitable 
for the action. If some are suitable, continue with current behavior


2. If some of selected items are not suitable, show a warning dialog 
which will list items for which the action will be executed and items 
for which it won't be. After confirmation, request will be sent only 
with suitable items.


3. Do not enable action button if some selected item is not suitable.

#1 and #2 can be combined. I'm not a fan of #3; sounds more like a drawback.

Do you have something similar in mind?

#1 and #2 would require either embedding knowledge about specific items in Web
UI or extending metadata we have about commands. In both cases it looks
a bit weird as it is not a metadata per se. I'm not even sure we can
maintain it properly in all cases.

Anyway I don't think this is a material for IPA 3.3. If you agree, I 
will open a new ticket and also ask Kyle for his option on this 
topic.

Yes, it is something for future but given options you presented I don't
see much future in it...

--
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

2014-01-21 Thread Martin Kosek

On 01/21/2014 10:43 AM, Alexander Bokovoy wrote:
 On Tue, 21 Jan 2014, Petr Vobornik wrote:
 On 20.1.2014 18:01, Alexander Bokovoy wrote:
 On Fri, 17 Jan 2014, Petr Vobornik wrote:
 Note: this version of the patch is especially prepared for ipa-3-3
 branch.

 Add Web UI counterpart of following CLI commands:

 * trust-fetch-domains Refresh list of the domains associated with the
 trust
 * trustdomain-del Remove infromation about the domain associated with
 the trust.
 * trustdomain-disable Disable use of IPA resources by the domain of
 the trust
 * trustdomain-enable Allow use of IPA resources by the domain of the
 trust
 * trustdomain-find Search domains of the trust

 https://fedorahosted.org/freeipa/ticket/4119
 ACK functionally, everything works for me.

 I wonder if you could make UI a bit smarter and prevent enable/disable
 actions for the forest root trusted domain. Right now selecting it for
 'disable' will show you an error telling that disabling root domain is
 not possible.



 Some enhancement could be done in this area. Similar issue is also present
 when enabling/disabling already enabled/disabled items (not just in trusted
 domains but also in users, HBAC and SUDO rules... pages).

 But what should be the ideal behavior?

 We must take into considerations facts as follows:
 - button which executes the action is enabled/disabled based on user 
 selection
 - user can select multiple items
 - some of those items are suitable for the action (e.g., disabled items for
 enable action), some not (disabled for disable).
 - backend will tell us what succeeded and what not

 Current behavior:
 - action button is enabled when user selects any item
 - after action execution, user is told, if some or all items were not
 suitable (the action was not performed for them).

 If server behaves correctly this UI behavior should not cause any harm.

 Some possible enhancements are:
 1. Do not enable action button if all selected items are not suitable for the
 action. If some are suitable, continue with current behavior

 2. If some of selected items are not suitable, show a warning dialog which
 will list items for which the action will be executed and items for which it
 won't be. After confirmation, request will be sent only with suitable items.

 3. Do not enable action button if some selected item is not suitable.

 #1 and #2 can be combined. I'm not a fan of #3; sounds more like a drawback.

 Do you have something similar in mind?
 #1 and #2 would require either embedding knowledge about specific items in Web
 UI or extending metadata we have about commands. In both cases it looks
 a bit weird as it is not a metadata per se. I'm not even sure we can
 maintain it properly in all cases.
 
 Anyway I don't think this is a material for IPA 3.3. If you agree, I will
 open a new ticket and also ask Kyle for his option on this topic.
 Yes, it is something for future but given options you presented I don't
 see much future in it...
 

Ok. I pushed Petr's patch to master, ipa-3-3.

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

2014-01-21 Thread Petr Vobornik


On 21.1.2014 10:43, Alexander Bokovoy wrote:

On Tue, 21 Jan 2014, Petr Vobornik wrote:

On 20.1.2014 18:01, Alexander Bokovoy wrote:

On Fri, 17 Jan 2014, Petr Vobornik wrote:

Note: this version of the patch is especially prepared for ipa-3-3
branch.

Add Web UI counterpart of following CLI commands:

* trust-fetch-domains Refresh list of the domains associated with the
trust
* trustdomain-del Remove infromation about the domain associated with
the trust.
* trustdomain-disable Disable use of IPA resources by the domain of
the trust
* trustdomain-enable Allow use of IPA resources by the domain of the
trust
* trustdomain-find Search domains of the trust

https://fedorahosted.org/freeipa/ticket/4119

ACK functionally, everything works for me.

I wonder if you could make UI a bit smarter and prevent enable/disable
actions for the forest root trusted domain. Right now selecting it for
'disable' will show you an error telling that disabling root domain is
not possible.




Some enhancement could be done in this area. Similar issue is also
present when enabling/disabling already enabled/disabled items (not
just in trusted domains but also in users, HBAC and SUDO rules... pages).

But what should be the ideal behavior?

We must take into considerations facts as follows:
- button which executes the action is enabled/disabled based on user
selection
- user can select multiple items
- some of those items are suitable for the action (e.g., disabled
items for enable action), some not (disabled for disable).
- backend will tell us what succeeded and what not

Current behavior:
- action button is enabled when user selects any item
- after action execution, user is told, if some or all items were not
suitable (the action was not performed for them).

If server behaves correctly this UI behavior should not cause any harm.

Some possible enhancements are:
1. Do not enable action button if all selected items are not suitable
for the action. If some are suitable, continue with current behavior

2. If some of selected items are not suitable, show a warning dialog
which will list items for which the action will be executed and items
for which it won't be. After confirmation, request will be sent only
with suitable items.

3. Do not enable action button if some selected item is not suitable.

#1 and #2 can be combined. I'm not a fan of #3; sounds more like a
drawback.

Do you have something similar in mind?

#1 and #2 would require either embedding knowledge about specific items
in Web
UI or extending metadata we have about commands. In both cases it looks
a bit weird as it is not a metadata per se. I'm not even sure we can
maintain it properly in all cases.


Anyway I don't think this is a material for IPA 3.3. If you agree, I
will open a new ticket and also ask Kyle for his option on this topic.

Yes, it is something for future but given options you presented I don't
see much future in it...



It's feasible. For standard enable/disable it could more or less 
declarative. The root domain case will require more embedding of 
specific logic. I guess it's OK, not everything can/should be driven by 
metadata.


Anyway here's a ticket https://fedorahosted.org/freeipa/ticket/4129 
(beer exchange candidate)

--
Petr Vobornik

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

2014-01-20 Thread Alexander Bokovoy


On Fri, 17 Jan 2014, Petr Vobornik wrote:

Note: this version of the patch is especially prepared for ipa-3-3 branch.

Add Web UI counterpart of following CLI commands:

* trust-fetch-domains Refresh list of the domains associated with the trust
* trustdomain-del Remove infromation about the domain associated with 
the trust.
* trustdomain-disable Disable use of IPA resources by the domain of 
the trust

* trustdomain-enable Allow use of IPA resources by the domain of the trust
* trustdomain-find Search domains of the trust

https://fedorahosted.org/freeipa/ticket/4119

ACK functionally, everything works for me.

I wonder if you could make UI a bit smarter and prevent enable/disable
actions for the forest root trusted domain. Right now selecting it for
'disable' will show you an error telling that disabling root domain is
not possible.


--
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 543 Trust domains Web UI

2014-01-17 Thread Petr Vobornik


Note: this version of the patch is especially prepared for ipa-3-3 branch.

Add Web UI counterpart of following CLI commands:

* trust-fetch-domains Refresh list of the domains associated with the trust
* trustdomain-del Remove infromation about the domain associated with 
the trust.
* trustdomain-disable Disable use of IPA resources by the domain of the 
trust

* trustdomain-enable Allow use of IPA resources by the domain of the trust
* trustdomain-find Search domains of the trust

https://fedorahosted.org/freeipa/ticket/4119
--
Petr Vobornik
From 152aaf52f7daaf50ae44a4761849603756c186d1 Mon Sep 17 00:00:00 2001
From: Petr Vobornik pvobo...@redhat.com
Date: Wed, 15 Jan 2014 18:01:02 +0100
Subject: [PATCH] Trust domains Web UI

Add Web UI counterpart of following CLI commands:

* trust-fetch-domains Refresh list of the domains associated with the trust
* trustdomain-del Remove infromation about the domain associated with the trust.
* trustdomain-disable Disable use of IPA resources by the domain of the trust
* trustdomain-enable Allow use of IPA resources by the domain of the trust
* trustdomain-find Search domains of the trust

https://fedorahosted.org/freeipa/ticket/4119
---
 install/ui/src/freeipa/search.js   | 11 +++---
 install/ui/src/freeipa/trust.js| 68 ++
 install/ui/test/data/ipa_init.json |  1 +
 ipalib/plugins/internal.py |  1 +
 4 files changed, 77 insertions(+), 4 deletions(-)

diff --git a/install/ui/src/freeipa/search.js b/install/ui/src/freeipa/search.js
index c2e678a35e7d7d5179c1b766eea88599710593c3..3f7fdf9b1e6716c73e0657dc678abe332f6fc8c0 100644
--- a/install/ui/src/freeipa/search.js
+++ b/install/ui/src/freeipa/search.js
@@ -470,20 +470,23 @@ IPA.batch_items_action = function(spec) {
 that.execute_action = function(facet, on_success, on_error) {
 
 var entity = facet.managed_entity;
-var pkeys = facet.get_selected_values();
+var selected_keys = facet.get_selected_values();
+var pkeys = facet.get_pkeys();
+if (!pkeys[0]) pkeys = []; // correction for search facet
 
 that.batch = IPA.batch_command({
 name: entity.name + '_batch_'+ that.method,
 on_success: that.get_on_success(facet, on_success)
 });
 
-for (var i=0; ipkeys.length; i++) {
-var pkey = pkeys[i];
+for (var i=0; iselected_keys.length; i++) {
+var item_keys = pkeys.splice(0);
+item_keys.push(selected_keys[i]);
 
 var command = IPA.command({
 entity: entity.name,
 method: that.method,
-args: [pkey]
+args: item_keys
 });
 
 that.batch.add_command(command);
diff --git a/install/ui/src/freeipa/trust.js b/install/ui/src/freeipa/trust.js
index 2653d3e67c2c5591f000e32c43a3a5878eef28fd..51f2000b47fd7943cb9a200c9bec7ebd3459178a 100644
--- a/install/ui/src/freeipa/trust.js
+++ b/install/ui/src/freeipa/trust.js
@@ -48,6 +48,7 @@ return {
 dest_facet: 'search'
 }
 ],
+facet_groups: [ 'settings', 'trustdomain' ],
 facets: [
 {
 $type: 'search',
@@ -56,6 +57,63 @@ return {
 ]
 },
 {
+$type: 'nested_search',
+$pre_ops: [
+// trustdomain-add is hidden, remove add button
+{ $del: [[ 'control_buttons', [{ name: 'add'}] ]] }
+],
+nested_entity: 'trustdomain',
+facet_group: 'trustdomain',
+name: 'domains',
+label: '@mo:trustdomain.label',
+tab_label: '@mo:trustdomain.label',
+search_all_entries: true,
+actions: [
+{
+$type: 'batch_disable'
+},
+{
+$type: 'batch_enable'
+},
+{
+$type: 'object',
+name: 'fetch',
+label: '@i18n:objects.trust.fetch_domains',
+method: 'fetch_domains'
+}
+],
+control_buttons: [
+{
+name: 'disable',
+label: '@i18n:buttons.disable',
+icon: 'fa-minus'
+},
+{
+name: 'enable',
+label: '@i18n:buttons.enable',
+icon: 'fa-check'
+},
+{
+name: 'fetch',
+label: '@i18n:objects.trust.fetch_domains',
+icon: 'fa-download'
+}
+],
+columns: [
+{
+name: 'cn',
+link: false
+},
+{
+name: 'domain_enabled',
+label: '@i18n:status.label',
+formatter:

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

Re: [Freeipa-devel] [PATCH] 543 Trust domains Web UI

[Freeipa-devel] [PATCH] 543 Trust domains Web UI

6 matches

Site Navigation

Mail list logo

Footer information