* refs/pull/33552/head:
mgr/dashboard: Enhance user create CLI command to force password change
Reviewed-by: Stephan Müller <smueller@suse.com>
Reviewed-by: Ernesto Puerta <epuertat@redhat.com>
mgr/dashboard: Enforce password change upon first login
Reviewed-by: Laura Paduano <lpaduano@suse.com>
Reviewed-by: Stephan Müller <smueller@suse.com>
Reviewed-by: Tiago Melo <tmelo@suse.com>
Introduce the following:
- A new layout component for the login pages.
- A new route called /login-change-password.
- A guard that checks if a user must change the password (ChangePasswordGuardService). If this is true, redirect to /login-change-password.
- Added LoginPasswordFormComponent (extends UserPasswordFormComponent) for the password form but (looks similar the login page).
Fixes: tracker.ceph.com/issues/24655
Signed-off-by: Volker Theile <vtheile@suse.com>
- We keep ServiceDescription around unmodified (although it will need some
cleanup later)
- We add DaemonDescription, and clean out the service-related ambiguities
- Add a new list_daemons() method for Orchestrator
- Add a new 'ceph orch ps' command
- In cephadm, drop get_services(), and implement list_daemons()
- a million changes to make this work
- Adjust health alert and option names
Signed-off-by: Sage Weil <sage@redhat.com>
* refs/pull/33175/head:
mgr/cephadm: Add some more type annotations
mgr/orchestrator: unify StatelessServiceSpec and StatefulServiceSpec
Reviewed-by: Sage Weil <sage@redhat.com>
Add a 'pwd_expiration_date' field to the User object to be able
to set password expiration date per user.
There are two options to set a password expiration date for a
user:
1. Set the 'USER_PWD_EXPIRATION_SPAN' setting. If defined
the expiration date of the password will be calculated
automatically based on the given value. It will also be
updated automatically when the user changes the password.
2. Set an expiration date by setting the 'pwdExpirationDate'
field when creating a user.
Add two more settings in addition: USER_PWD_EXPIRATION_WARNING_1
and USER_PWD_EXPIRATION_WARNING_2. These two settings are
defining the amount of days to notify the user that his password
will expiration soon.
It's not possible to set the 'pwd_expiration_date' field to a
date in the past.
If the password of a user is already expired he is no longer
allowed to log into the dashboard.
Fixes: https://tracker.ceph.com/issues/40329
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
by adding the previously added monitoring related features as well as
the newest feature addition. Extends the documentation where necessary
to describe the Prometheus' alert configuration.
Fixes: https://tracker.ceph.com/issues/42877
Signed-off-by: Patrick Seidensal <pseidensal@suse.com>
- Refactor parts of the existing password complexity code.
- Check password complexity when setting password via Dashboard CLI commands.
- Add ability to force setting a password via CLI. This is useful in vstart environments or wherever it is necessary to disable the password complexity check.
Signed-off-by: Volker Theile <vtheile@suse.com>
To configure SSL certificate verification use the following command:
$ ceph dashboard set-grafana-api-ssl-verify true|false
Fixes: https://tracker.ceph.com/issues/42445
Signed-off-by: Volker Theile <vtheile@suse.com>
