[Freeipa-devel] Web UI refactoring effort ready for review
Petr Vobornik
pvoborni at redhat.com
Fri Apr 26 10:51:40 UTC 2013
On 04/25/2013 06:37 PM, Ana Krivokapic wrote:
>
> Hi,
>
> While reviewing and testing the new UI changes, I have encountered the
> following issues. (Some of them may be unrelated to the webUI
> refactoring effort, but I will list them here just so we are aware of them.)
Thanks for review, I will fix regressions today. We might open a ticket
for the rest.
>
> 1) When in self service mode, you are now allowed to go to pages of
> related objects. If you go to e.g. User Groups for your user, there are
> Add/Delete buttons and they are enabled, but if you try to use them, you
> will be denied access. However, a message will appear, saying 'Items
> added' / 'Items removed' even though the operation had failed. Should we
> disable these options in self service mode? I think we should at least
> make sure that the misleading message which suggests that the actions
> was completed, does not appear.
Regression. Links should not be clickable and buttons should be hidden.
>
> 2) This one was already discussed with Petr in person: Runtime error on
> invalid URL: https://ipahost/ipa/ui/#/e/doesnotexist will give an ugly
> runtime error and any further navigation does not get rid of this error
> - you have to reload the page. We should make sure that this is handled
> more gracefully.
>
Kind of regression. I will fix it by redirecting to default facet (user
search).
> 3) Role Based Access Control, when trying to add a permission to a
> privilege:
> * Permissions which are already in that privilege appear in the list of
> available permissions. They should not appear there (it doesn't make
> sense to add something which is already there). (This behavior is
> correct in other parts of UI, e.g. when you want add a privilege to a
> role, the privileges which are already present for that role, do not
> appear in the list of available privileges.)
> * When you try to add such permission, first an Operations Error
> appears, but when you click OK, a message saying 'Items added' appears
> (similar issue is mentioned in 1) ).
Not related to refactoring.
a) permission-find doesn't have not-in-priviledge options so the
not-offering of existing values is handled by association_adder_dialog
dialog's `exclude` array. This array is filled with already added and
then compared with the keys got from xx-find command. Problems is that
memberships are lowercased and therefore the values have different
casing -> don't match and therefore are still offered. We might do some
normalization in association_adder_dialog.
I don't mind fixing it along with the refactoring.
b) the success message might be a more wide-spread problem I noticed
similar behavior in group's external member.
Because of the wider scope please open a ticket.
>
> 4) Host Based Access Control:
> When modifying a HBAC rule, workflow can be a bit confusing. For
> example, if you have a rule with 'Anyone' selected in the 'WHO' section,
> then you decide to change it to Specified Users and Groups, and then
> click on Add to add users/groups, a dialog appears requiring you to save
> your selection first (you have to click on Update, or click Cancel, then
> Update the changes and then try to Add users again). Is it possible to
> call the Update when Add is clicked, so that this step is automatically
> performed, requiring no action from the user? I think it would feel more
> intuitive to the user.
I see one problem with the proposal. User might have changed also a
description field or other category rule radio. I'm not sure if he wants
to apply these changes automatically as well.
>
> 5) For sections that have Expand All/Collapse All link (for example,
> when looking at a user's details page), I think that when you expand all
> sections manually, the Expand All link should change to Collapse all.
> And also the other way around: when you collapse all sections manually,
> the Collapse All link should change to Expand All. This is probably
> nitpicking too much, it is just a nice to have (does not make sense to
> 'expand all' if everything is already expanded).
>
Open a ticket. I wonder how many users is using this feature.
Personally, I don't.
--
Petr Vobornik
More information about the Freeipa-devel
mailing list