[Freeipa-devel] Web UI refactoring effort ready for review

Ana Krivokapic akrivoka at redhat.com
Thu Apr 25 16:37:58 UTC 2013


On 04/24/2013 04:55 PM, Petr Vobornik wrote:
> I've implemented the remaining work. Pushed to the private repo.
>
>> Know problems & remaining work
>> ------------------------------
>> 1. Change generation of plugin index to dynamical instead of rpm-post
>
> The plugin index (plugins.js) is generated by wsgi script. New dir was
> created: /usr/share/ipa/wsgi to store the script. It has the same
> attributes as migration dir.
> Plugins.js should be located in /usr/share/ipa/ui/js/freeipa/ dir. New
> rewrite rule was added in order to make it work. It has a nice side
> effect that one could not find out that the file is dynamically
> generated.
>
> Design page updated accordingly:
> http://www.freeipa.org/page/V3/WebUI_plugins
>
>>
>> 2. Incorrect behavior (enabled buttons) of rule table when 'rule applies
>> to anyone' selected.
>
> Fixed by creating updated event. Probably not caused by this
> refactoring but by refactoring of checkboxes and radios for PAC patch.
>
>>
>> 3. delete ./facets module
>> Use ./reg an ./builder instead. Incorporate it into router to support
>> standalone facets.
>
> Done, but not tested. I'll create plugin example to test it.

Hi,

While reviewing and testing the new UI changes, I have encountered the
following issues. (Some of them may be unrelated to the webUI
refactoring effort, but I will list them here just so we are aware of them.)

1) When in self service mode, you are now allowed to go to pages of
related objects. If you go to e.g. User Groups for your user, there are
Add/Delete buttons and they are enabled, but if you try to use them, you
will be denied access. However, a message will appear, saying 'Items
added' / 'Items removed' even though the operation had failed. Should we
disable these options in self service mode? I think we should at least
make sure that the misleading message which suggests that the actions
was completed, does not appear.

2) This one was already discussed with Petr in person: Runtime error on
invalid URL: https://ipahost/ipa/ui/#/e/doesnotexist will give an ugly
runtime error and any further navigation does not get rid of this error
- you have to reload the page. We should make sure that this is handled
more gracefully.

3) Role Based Access Control, when trying to add a permission to a
privilege:
* Permissions which are already in that privilege appear in the list of
available permissions. They should not appear there (it doesn't make
sense to add something which is already there). (This behavior is
correct in other parts of UI, e.g. when you want add a privilege to a
role, the privileges which are already present for that role, do not
appear in the list of available privileges.)
* When you try to add such permission, first an Operations Error
appears, but when you click OK, a message saying 'Items added' appears
(similar issue is mentioned in 1) ).

4) Host Based Access Control:
When modifying a HBAC rule, workflow can be a bit confusing. For
example, if you have a rule with 'Anyone' selected in the 'WHO' section,
then you decide to change it to Specified Users and Groups, and then
click on Add to add users/groups, a dialog appears requiring you to save
your selection first (you have to click on Update, or click Cancel, then
Update the changes and then try to Add users again). Is it possible to
call the Update when Add is clicked, so that this step is automatically
performed, requiring no action from the user? I think it would feel more
intuitive to the user.

5) For sections that have Expand All/Collapse All link (for example,
when looking at a user's details page), I think that when you expand all
sections manually, the Expand All link should change to Collapse all.
And also the other way around: when you collapse all sections manually,
the Collapse All link should change to Expand All. This is probably
nitpicking too much, it is just a nice to have (does not make sense to
'expand all' if everything is already expanded).



-- 
Regards,

Ana Krivokapic
Associate Software Engineer
FreeIPA team
Red Hat Inc.




More information about the Freeipa-devel mailing list