[Freeipa-devel] Reorganization of Web UI navigation items

Petr Spacek pspacek at redhat.com
Wed Jun 4 11:14:17 UTC 2014 

On 4.6.2014 09:55, Petr Vobornik wrote:
> On 4.6.2014 09:37, Petr Spacek wrote:
>> On 4.6.2014 08:44, Martin Kosek wrote:
>>> On 06/04/2014 08:34 AM, Martin Kosek wrote:
>>> ...
>>
>> This is really good proposal! Scroll down to see three nit picks:
>>
>>>> Users
>>>> - Users
>>>> - Groups
>>>> - SUDO
>>>>
>>>> Hosts
>>>> - Hosts
>>>> - Host groups
>>>> - Services
>>>> - Netgroups
>>>> - Automount
>>>>
>>>> Authentication
>>>> - OTP Tokens
>>>> - Password Policy
>>>> - Kerberos Ticket Policy
>>>>
>>>> Policy
>>>> - HBAC
>>>> - SELinux User Maps
>>>> - Automember
>>>
>>> Alternatively, we could rename Policy to "Authorization" as both HBAC and
>>> SELinux is about authorizing what an authenticated user can do. We
>>> would just
>>> need to move Automember to different place, though this one is
>>> difficult - it
>>> relates both to Users and Hosts, just like Netgroup.
>>>
>>>>
>>>> Trusts
>>>> - Trust configuration
>>>> - Trusts
>>>> - (future) Views
>>>>
>>>> Infrastructure
>>>> - Certificates
>> ^^^ I would like to see this under "Authentication". Nowaways it is used
>> to authenticate machines and it will be extended to user authentication
>> as soon as Smart Card support is added.
>>
>>>> - DNS
>>>> - (future) Replication topology
>> ^^^ Personally, I would place it under "IPA Configuration".
>>
>>>> - (future) Vault
>> ^^^ Why is Vault under "Infrastructure"? It sounds like "Authentication"
>> to me. It is meant to store plain-text passwords etc., no?
>>
>>
>> It seems that I'm proposing to reduce "Infrastructure" to "DNS". We can
>> move DNS somewhere or make DNS top-level item until we get DHCP or
>> something similar.
>
> I would rather avoid having a temporary top-level item.
Temporary ~ years in this case. Is it good enough? :-)

I personally don't like categories with one item in them, it seems ridiculous. 
Look at "Time" menu in OrangeHRM :-) You have to go through it just to click 
to the only option inside. Ridiculous.

>> This also opens the question if DNS management is really the right
>> business for us :-) I'm personally not sure :-)
>>
>>
>>>> Configuration
>> ^^^ Can it be "IPA configuration" or something like that? Just
>> "Configuration" seems too vague to me. After all, everything in the UI
>> is some kind of configuration :-)
>
> We can leave the old "IPA Server" name. I agree that "Replication topology"
> could be here because it configures the tool and not the data, similar to
> other items under this category. But I think that many users would try to find
> it in infrastructure.
My point is that distinction between "Infrastructure" and "IPA server" or it's 
configuration is really vague. I'm worried that people (or at least I) will 
always look in the "wrong" category first which makes me unhappy.

>>>> - Global
>>>> - Access Control (RBAC)
BTW can we clarify somehow that this applies purely to IPA? Maybe "IPA Server" 
category will make it clear enough...

>>>> - Realm Domains
>>>> - ID Ranges

-- 
Petr^2 Spacek

More information about the Freeipa-devel mailing list