Normally the operation log doesn't include operations performed by users
that are not logged in, but we want to make an exception for the change
user password form, which is used for changing expired passwords, that
doesn't log the user in, but we still want to have it logged.
Also, update the default value of mask_fields to include the field
names used in that form.
Change-Id: Ib07efeda9eecd78b91f8f13624578264282c3f89
These are detected as errors since the clean up was done[1] in
the requirements repository.
[1] 314734e938f107cbd5ebcc7af4d9167c11347406
Also remove the note about old pip's behavior because resolver in
recent pip does not require specific order.
Change-Id: Ic8a34616a5723517cad880da3d9b75d03808c265
Compound sorting is an existing feature on the Horizon dashboard.
It is not obvious, however.
This change should bring this feature to the attention of users.
It should also guide users into how to use the feature when sorting.
Horizon DataTables.
DocImpact
Closes-Bug: #1287418
Implements: compound sorting
Change-Id: I810e863e01ca54f6751e1608e99ce97833597aff
Retrieving that information for every network can take considerable time
on large deployments with large number of networks, and for some kinds
of network drivers (ovn binary) this will be always zero anyways.
This setting lets us disable that column to speed up the networks view.
Change-Id: I1f1561916067d3f4a02f10ec9f62e8ba777a1501
Django 3.2 support was dropped. Django 3.2 ends its extended support
in April 2024[1]. Considering this, horizon dropped Django 3.2 support
and used Django 4.2 as the default version of Django. It also updates
some references to Django 4.2 from Django 3.2 in the documentation.
[1] https://www.djangoproject.com/download/
Change-Id: I9fff310c5433cf96cdf0a2cd81d11a96c2a4a55b
This patch adds support for MFA TOTP on openstack dashboard.
A new configuration variable OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED
was added false by default.
If enabled, users needing TOTP are prompted with a new form.
keystone doc: https://docs.openstack.org/keystone/latest/admin/auth-totp.html
Demonstration video : https://youtu.be/prDJJdFoMpM
Change-Id: I1047102a379c8a900a5e6840096bb671da4fd2ff
Blueprint: #totp-support
Closes-Bug: #2030477
The final revision of I86ac21bf82c1667135abd4f20fb4514da0899450 is buggy
and doesn't work.
This commit fixes it and adds a proper test.
Also, this commit updates the docs with a proper horizon version that
corresponds to Zed release (the feature was introduced before final Zed
cut so the author tried to guess the final release number).
Change-Id: Id921b69df13af3cc209236f0446d82dd30e4d8a2
This is follow-up of I8438bedaf7cead452fc499e484d23690b48894d9 and
ensures the OPENSTACK_ENDPOINT_TYPE parameter is used when
OPENSTACK_KEYSTONE_ENDPOINT_TYPE is not set. This avoids backward-
incompatible change which affects deployments with endpoint type set
to non-default values.
Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: I94d2d3e31fc0103773fb5d3ed2f5f792e8851f78
The [1] changed the previous behavior of Horizon by
changing the hardcoded internal endpoint type to using
OPENSTACK_ENDPOINT_TYPE so it's no longer possible to use
internal endpoint type for Keystone but public for others.
This adds the OPENSTACK_KEYSTONE_ENDPOINT_TYPE config opt
to set the endpoint type for Keystone when grabbing it from
the service catalog.
[1] https://review.opendev.org/c/openstack/horizon/+/730781
Change-Id: I8438bedaf7cead452fc499e484d23690b48894d9
The new setting should allow an administrator to specify default user_data
for new VMs. The default user_data can be a string template that accepts
request object which has info about the user, so the default user_data can
be personalized.
Change-Id: I86ac21bf82c1667135abd4f20fb4514da0899450
The new settings ``LAUNCH_INSTANCE_DEFAULTS.enable_metadata`` and
``LAUNCH_INSTANCE_DEFAULTS.enable_net_ports`` allow to hide Metadata and
Network Ports tabs from launch instance workflow.
It is implemented in the similar way to existing enable_scheduler_hints
setting and doesn't change default behaviour
Change-Id: I3d1ae5ab6cee614dd2c400f66570e320efbe6100
As discussed in the horizon meetings or in horizon PTG sessions,
horizon team agreed to deprecate django version of Images, Keypair
and Roles panel as we think that feature gaps between the two
implementations have been closed. Let's mark the Django version as
deprecated for all these panels and gather more attention
from operators.
Change-Id: I965f9dbdd5e78b52a788f73b359c1c6fbc18637e
Since not all services are ready to use the system scope token,
we need a way to disable and enable the use of system scope
token on a per-service basis. This setting let us configure
which services should use the system scope token. By default
the list is empty and system scope token is not used at all.
Change-Id: I5e0cdc7288221571f183a37b800c19dc4cff5707
The Multiple Simultaneous Logins Control is a feature designed
for securing Horizon dashboard sessions. The default Horizon
configuration allows the same user to login several times
(e.g. different browsers) simultaneously, that is, the same user
can have more than one active session for Horizon dashboard. When
there is the need to control the active sessions that one user can
have simultaneously, it will be possible to configure the Horizon dashboard
to disallow more than one active session per user. When multiple simultaneously
sessions are disabled, the most recent authenticated session will be considered
the valid one and the previous session will be invalidated.
The following manual tests encompass both simulteaneous session control
configuration: 'allow' and 'disconnect' and were verified with this code
change before submitting it:
Test Plan:
PASS: Verify that a user is able to login to Horizon dashboard (when
configuration is 'disconnect')
PASS: Verify that a user is able to start a second Horizon dashboard
session and the first session is finished (when configuration is
'disconnect')
Failure Path:
PASS: Verify that when a user fails to authenticate a second Horizon
dashboard session the first session stills active (when configuration is
'disconnect')
Regression:
PASS: Verify that a user is able to login to Horizon dashboard (when
configuration is default: 'allow')
PASS: Verify that a user is able to start multiple simultaneous Horizon
dashboard sessions (when configuration is default: 'allow')
Implements: blueprint handle-multiple-login-sessions-from-same-user-in-horizon
Signed-off-by: Hugo Brito <hugo.brito@windriver.com>
Co-authored-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Change-Id: I8462aa98398dd8f27fe24d911c9bfaa7f303eb93
Python 2 support was removed during Ussuri cycle. This change adds
the classifier to clearly state that only Python 3 is supported.
Change-Id: I51552cadaed82b29dcd10043ba23a0682e549156
This commit updates the examples of setup.py and setup.cfg
to reflect the recent changes.
- Replace dashes by underscores in setup.cfg.
Since setuptools v54.1.0[1], the parmeters with dash have been
deprecated in favor of the new parameters with underscore.
- Update python versions in setup.cfg to match the current
supported versions of python in OpenStack Yoga.
- Change the homepage URL in setup.cfg from horizon URL to a notice.
- Drop a workaround for python <2.7.4 in setup.py.
- Update the pbr requirement in setup.py
- Drop the unnecessary comment not to edit it
as setup.py is not synced globally.
[1] https://github.com/pypa/setuptools/commit/a2e9ae4cb
Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: Id38299245f31d2db17fb1b74d60cf1232ee4a509
django.utils.translation.ugettext(), ugettext_lazy(), ugettext_noop(),
ungettext(), and ungettext_lazy() are deprecated in favor of the
functions that they’re aliases for: django.utils.translation.gettext(),
gettext_lazy(), gettext_noop(), ngettext(), and ngettext_lazy().
https://docs.djangoproject.com/en/4.0/releases/3.0/#id3
Change-Id: I77878f84e9d10cf6a136dada81eabf4e18676250