Re: [Freeipa-devel] [PATCH] 304 Allow localhost in zone ACIs
On 09/10/2012 09:12 PM, Endi Sukma Dewata wrote: On 9/6/2012 7:00 AM, Martin Kosek wrote: On 09/06/2012 01:35 PM, Petr Vobornik wrote: On 09/06/2012 11:51 AM, Martin Kosek wrote: Loopback address, "localhost" and "localnets" ACIs are no longer an issue for bind-dyndb-ldap. Allow them in our validators. Martin's patch works and looks good - ACK. Attaching patch for Web UI part. Web UI validator works fine too, ACK. Pushed both patches to master, ipa-3-0. Martin Looks like there's a problem in DNS zone details page. The idnssoaserial's maxvalue is an empty string so the validation fails even if you are just opening an existing DNS zone. So either the server should not return maxvalue or the UI should check for possible empty string. I fixed the problem on both sides in patches 212, 213. 212 is fixing Web UI to be able to work with empty strings. 213 is fixing python part: serialization of long -- Petr Vobornik ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 304 Allow localhost in zone ACIs
On 9/6/2012 7:00 AM, Martin Kosek wrote: On 09/06/2012 01:35 PM, Petr Vobornik wrote: On 09/06/2012 11:51 AM, Martin Kosek wrote: Loopback address, "localhost" and "localnets" ACIs are no longer an issue for bind-dyndb-ldap. Allow them in our validators. Martin's patch works and looks good - ACK. Attaching patch for Web UI part. Web UI validator works fine too, ACK. Pushed both patches to master, ipa-3-0. Martin Looks like there's a problem in DNS zone details page. The idnssoaserial's maxvalue is an empty string so the validation fails even if you are just opening an existing DNS zone. So either the server should not return maxvalue or the UI should check for possible empty string. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 304 Allow localhost in zone ACIs
On 09/06/2012 01:35 PM, Petr Vobornik wrote: > On 09/06/2012 11:51 AM, Martin Kosek wrote: >> Loopback address, "localhost" and "localnets" ACIs are no longer >> an issue for bind-dyndb-ldap. Allow them in our validators. >> > > Martin's patch works and looks good - ACK. > > > Attaching patch for Web UI part. Web UI validator works fine too, ACK. Pushed both patches to master, ipa-3-0. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 304 Allow localhost in zone ACIs
On 09/06/2012 11:51 AM, Martin Kosek wrote:
Loopback address, "localhost" and "localnets" ACIs are no longer
an issue for bind-dyndb-ldap. Allow them in our validators.
Martin's patch works and looks good - ACK.
Attaching patch for Web UI part.
--
Petr Vobornik
From 6777b81c95d0e34f216954a59341679471a8d134 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 6 Sep 2012 13:22:21 +0200
Subject: [PATCH] Allow localhost in zone ACIs - Web UI
Loopback address, "localhost" and "localnets" ACIs are no longer
an issue for bind-dyndb-ldap. Allow them in our Web UI validators as well.
---
install/ui/dns.js | 10 ++
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/install/ui/dns.js b/install/ui/dns.js
index 33db481b84c0518ec1b326f8b016a8e487e3120b..43703e03f3e6dc4061f52d1f865db85b0e9c8502 100644
--- a/install/ui/dns.js
+++ b/install/ui/dns.js
@@ -168,11 +168,8 @@ IPA.dns.zone_entity = function(spec) {
type: 'netaddr',
name: 'idnsallowquery',
validators: [
-IPA.unsupported_validator({
-unsupported: ['localhost', 'localnets']
-}),
IPA.network_validator({
-specials: ['any', 'none'],
+specials: ['any', 'none', 'localhost', 'localnets'],
allow_negation: true,
allow_host_address: true
})]
@@ -181,11 +178,8 @@ IPA.dns.zone_entity = function(spec) {
type: 'netaddr',
name: 'idnsallowtransfer',
validators: [
-IPA.unsupported_validator({
-unsupported: ['localhost', 'localnets']
-}),
IPA.network_validator({
-specials: ['any', 'none'],
+specials: ['any', 'none', 'localhost', 'localnets'],
allow_negation: true,
allow_host_address: true
})]
--
1.7.11.4
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
