Blob Blame History Raw
From 10418b7f3ea8c682961fc201545169663d507bf6 Mon Sep 17 00:00:00 2001
From: Serhii Tsymbaliuk <stsymbal@redhat.com>
Date: Thu, 17 Jun 2021 13:56:19 +0200
Subject: [PATCH] WebUI: Improve subordinate ids user workflow

- add "Subordinate ID Statistics" page
- add button for generating subid in "Subordinate ids" tab of user details page
- allow to navigate directly to owner details from subordinate id page
- adjust i18n strings

Ticket: https://pagure.io/freeipa/issue/8361
Signed-off-by: Serhii Tsymbaliuk <stsymbal@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
---
 install/ui/src/freeipa/details.js             |  8 ++-
 .../ui/src/freeipa/navigation/menu_spec.js    | 19 ++++++-
 install/ui/src/freeipa/subid.js               | 43 +++++++++++++++-
 install/ui/src/freeipa/user.js                | 49 +++++++++++++++----
 ipaserver/plugins/internal.py                 | 22 ++++++---
 5 files changed, 121 insertions(+), 20 deletions(-)

diff --git a/install/ui/src/freeipa/details.js b/install/ui/src/freeipa/details.js
index b557bbcef9a427a87eee3216f4345fc853cbaaff..2704cbd0ba98efa877cf5ec8a878e688ee6807e9 100644
--- a/install/ui/src/freeipa/details.js
+++ b/install/ui/src/freeipa/details.js
@@ -602,6 +602,12 @@ exp.details_facet = IPA.details_facet = function(spec, no_init) {
      */
     that.facet_group = spec.facet_group || 'settings';
 
+    /**
+     * Indicates if the details facet depends on pkey
+     * @property {boolean}
+     */
+    that.require_pkey = spec.require_pkey !== undefined ? spec.require_pkey : true;
+
     /**
      * Widgets
      * @property {IPA.widget_container}
@@ -1105,7 +1111,7 @@ exp.details_facet = IPA.details_facet = function(spec, no_init) {
      */
     that.refresh = function(on_success, on_error) {
 
-        if (!that.get_pkey() && that.entity.redirect_facet) {
+        if (that.require_pkey && !that.get_pkey() && that.entity.redirect_facet) {
             that.redirect();
             return;
         }
diff --git a/install/ui/src/freeipa/navigation/menu_spec.js b/install/ui/src/freeipa/navigation/menu_spec.js
index 6ccd06919fbe04c7e8d2034ff7a1f644f373c607..a205dfade2f9508edbdc23ee6f7247508cc0479c 100644
--- a/install/ui/src/freeipa/navigation/menu_spec.js
+++ b/install/ui/src/freeipa/navigation/menu_spec.js
@@ -104,7 +104,24 @@ var nav = {};
                         }
                     ]
                 },
-                { entity: 'subid' }
+                {
+                    name: 'subid',
+                    label: '@i18n:tabs.subid',
+                    children: [
+                        {
+                            name: 'subid',
+                            entity: 'subid',
+                            facet: 'search',
+                            label: '@i18n:tabs.subid'
+                        },
+                        {
+                            name: 'subid-stats',
+                            entity: 'subid',
+                            facet: 'stats',
+                            label: '@i18n:objects.subid.stats'
+                        }
+                    ]
+                }
             ]
         },
         {
diff --git a/install/ui/src/freeipa/subid.js b/install/ui/src/freeipa/subid.js
index f286165070b08badf77cac6c30e93cab916c2acc..32f75bb7854cd3e84417a66870e99d34d49617e3 100644
--- a/install/ui/src/freeipa/subid.js
+++ b/install/ui/src/freeipa/subid.js
@@ -31,6 +31,7 @@ return {
         },
         {
             $type: 'details',
+            disable_facet_tabs: true,
             sections: [
                 {
                     name: 'details',
@@ -38,9 +39,11 @@ return {
                         'ipauniqueid',
                         'description',
                         {
+                            $type: 'link',
                             name: 'ipaowner',
                             label: '@i18n:objects.subid.ipaowner',
-                            title: '@mo-param:subid:ipaowner:label'
+                            title: '@mo-param:subid:ipaowner:label',
+                            other_entity: 'user'
                         },
                         {
                             name: 'ipasubgidnumber',
@@ -65,6 +68,44 @@ return {
                     ]
                 }
             ]
+        },
+        {
+            $type: 'details',
+            name: 'stats',
+            label: '@i18n:objects.subid.stats',
+            refresh_command_name: 'stats',
+            check_rights: false,
+            no_update: true,
+            disable_facet_tabs: true,
+            disable_breadcrumb: true,
+            require_pkey: false,
+            fields: [
+                {
+                    name: 'assigned_subids',
+                    label: '@i18n:objects.subid.assigned_subids',
+                    read_only: true
+                },
+                {
+                    name: 'baseid',
+                    label: '@i18n:objects.subid.baseid',
+                    read_only: true
+                },
+                {
+                    name: 'dna_remaining',
+                    label: '@i18n:objects.subid.dna_remaining',
+                    read_only: true
+                },
+                {
+                    name: 'rangesize',
+                    label: '@i18n:objects.subid.rangesize',
+                    read_only: true
+                },
+                {
+                    name: 'remaining_subids',
+                    label: '@i18n:objects.subid.remaining_subids',
+                    read_only: true
+                }
+            ]
         }
     ],
     adder_dialog: {
diff --git a/install/ui/src/freeipa/user.js b/install/ui/src/freeipa/user.js
index 56bb6f4feffb637d33a57aecf9a98f08d4639550..6a56320c580f58a1aba84e598736631986421113 100644
--- a/install/ui/src/freeipa/user.js
+++ b/install/ui/src/freeipa/user.js
@@ -464,7 +464,7 @@ return {
                 },
                 {
                     $type: 'subid_generate',
-                    hide_cond: ['preserved-user'],
+                    hide_cond: ['preserved-user', 'self-service-other'],
                     enable_cond: ['no-subid']
                 }
             ],
@@ -556,8 +556,35 @@ return {
         {
             $type: 'association',
             name: 'memberof_subid',
+            columns: [
+                'ipauniqueid',
+                'ipasubuidnumber',
+                'ipasubgidnumber'
+            ],
             associator: IPA.serial_associator,
-            read_only: true
+            read_only: true,
+            state: {
+                evaluators: [
+                    IPA.user.self_service_other_user_evaluator,
+                    IPA.user.preserved_user_evaluator,
+                    IPA.user.has_subid_evaluator
+                ]
+            },
+            actions: [
+                {
+                    $type: 'subid_generate',
+                    name: 'subid_generate',
+                    hide_cond: ['preserved-user', 'self-service-other'],
+                    enable_cond: ['no-subid']
+                }
+            ],
+            control_buttons: [
+                {
+                    name: 'subid_generate',
+                    label: '@i18n:objects.user.auto_subid',
+                    icon: 'fa-plus'
+                }
+            ]
         }
     ],
     standard_association_facets: {
@@ -1216,14 +1243,16 @@ IPA.user.subid_generate_action = function(spec) {
     var that = IPA.action(spec);
 
     that.execute_action = function(facet) {
-
-        var subid_e = reg.entity.get('subid');
-        var dialog = subid_e.get_dialog('add');
-        dialog.open();
-        if (!IPA.is_selfservice) {
-            var owner = facet.get_pkey();
-            dialog.get_field('ipaowner').set_value([owner]);
-        }
+        var owner = facet.get_pkey();
+        var command = rpc.command({
+            entity: 'subid',
+            method: 'generate'
+        });
+        command.set_option('ipaowner', owner);
+        command.on_success = function(data, text_status, xhr) {
+            facet.refresh();
+        };
+        command.execute();
     };
 
     return that;
diff --git a/ipaserver/plugins/internal.py b/ipaserver/plugins/internal.py
index 5ef940c2b88cc2b132a15d619772349b30731306..29e09f0067ec60d014e61c49313455d64478ef22 100644
--- a/ipaserver/plugins/internal.py
+++ b/ipaserver/plugins/internal.py
@@ -1364,6 +1364,20 @@ class i18n_messages(Command):
                 "undel_success": _("${count} user(s) restored"),
                 "user_categories": _("User categories"),
             },
+            "subid": {
+                "add": _("Add subid"),
+                "assigned_subids": _("Assigned subids"),
+                "baseid": _("Base ID"),
+                "dna_remaining": _("DNA remaining"),
+                "ipaowner": _("Owner"),
+                "ipasubgidcount": _("SubGID range size"),
+                "ipasubgidnumber": _("SubGID range start"),
+                "ipasubuidcount": _("SubUID range size"),
+                "ipasubuidnumber": _("SubUID range start"),
+                "rangesize": _("Range size"),
+                "remaining_subids": _("Remaining subids"),
+                "stats": _("Subordinate ID Statistics"),
+            },
             "sudocmd": {
                 "add": _("Add sudo command"),
                 "add_into_sudocmdgroups": _(
@@ -1547,13 +1561,6 @@ class i18n_messages(Command):
                     "Drive to mount a home directory"
                 ),
             },
-            "subid": {
-                "identity": _("Subordinate user and group id"),
-                "subuidnumber": _("Subordinate user id"),
-                "subuidcount": _("Subordinate user id count"),
-                "subgidnumber": _("Subordinate group id"),
-                "subgidcount": _("Subordinate group id count"),
-            },
             "trustconfig": {
                 "options": _("Options"),
             },
@@ -1942,6 +1949,7 @@ class i18n_messages(Command):
             "network_services": _("Network Services"),
             "policy": _("Policy"),
             "role": _("Role-Based Access Control"),
+            "subid": _("Subordinate IDs"),
             "sudo": _("Sudo"),
             "topology": _("Topology"),
             "trust": _("Trusts"),
-- 
2.26.3