[Freeipa-devel] [PATCH] 160,161 Trust Web UI
Alexander Bokovoy
abokovoy at redhat.com
Fri Jun 22 16:48:42 UTC 2012
Hi Petr,
On Fri, 22 Jun 2012, Petr Vobornik wrote:
>The static preview of trust UI can be seen at: http://pvoborni.fedorapeople.org/trusts/#ipaserver=trust&navigation=ipaserver
Looks nice!
>
>[Patch] 161 Trust Web UI:
>
>This patch adds Web UI for trusts.
>
>Navigation path is IPA Server/Trust. It allows to add, deleted and
>show trust. Mod command doesn't have defined input options so update
>of a trust is not supported yet.
Yes, it will get defined once we finish support for uid/gid ranges.
>Adder dialog supports two ways if adding a trust:
>1) adding with domain name, admin name and admin password.
>2) adding with domain name, shared secret
>
>Search page shows only list of realm names which are trusts' cns.
>
>Details page is read only. It contains following attributes:
>* Realm name (cn)
>* Domain NetBIOS name (ipantflatname)
>* Domain Security Identifier (ipanttrusteddomainsid)
>* Trust direction (trustdirection)
>* Trust type (trusttype)
>
>For Domain Security Identifier is not used ipantsecurityidentifier
>param which is defined in trust plugin's trust_output_params list.
>This param is not returned by show command so ipanttrusteddomainsid
>is used instead.
You are using the proper one. I'm attaching a patch to fix existing
plugin. The issue here is that we have two attributes, one for SIDs of
our objects (users, groups, ...), another one is used specifically for
a trusted domain object. It was my mistake to mix them as I also was
thinking to allow seeing our own domain SID via 'ipa trust' commands.
>trust_output_params also defines 'Trust status' param. This param is
>not return by show command as well so it's commented out in code
>until it's fixed in plugin code.
Yes, the code for this will be implemented as part of trust validation,
ticket 2763.
>Fields in details pages are using labels defined in internal.py. It
>is temporary solution until including of command.has_output_params
>will be added to metadata.
>
>https://fedorahosted.org/freeipa/ticket/2829
1. Please update the patch with regards to the change in my
attached patch.
2. First two chunks of install/ui/test/data/ipa_init_commands.json and
install/ui/test/data/ipa_init_objects.json changes look unrelated to
this ticket.
>[PATCH] 160 Same password validator:
>
>This patch adds validator which compares passwords in two fields.
>
>In future it should be used in various password reset dialogs.
>
>A flags attribute was added to field. It's purpose is to define
>control flags. This patch uses it in details facet and adder dialog
>to not include fields to command option if the field has 'no_command'
>flag. Therefore there is no need to use hacks such as disabling of
>field or removing a value from command's option map when a
>non-command field is needed (ie verify password).
>
>https://fedorahosted.org/freeipa/ticket/2829
ACK
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list