Add ldapAllowResetExpiredPassword parameter in trunk Manager (#1011)
This commit is contained in:
Clément Oudot
parent
6e1dc4b20b
commit
085ac82587
|
|
@ -76,6 +76,7 @@ sub defaultValues {
|
|||
'issuerDBSAMLPath' => '^/saml/',
|
||||
'issuerDBSAMLRule' => 1,
|
||||
'jsRedirect' => 0,
|
||||
'ldapAllowResetExpiredPassword' => 0,
|
||||
'ldapAuthnLevel' => 2,
|
||||
'ldapBase' => 'dc=example,dc=com',
|
||||
'ldapChangePasswordAsUser' => 0,
|
||||
|
|
|
|||
|
|
@ -31,12 +31,12 @@ sub types {
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
@ -83,10 +83,10 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
'test' => sub {
|
||||
my ( $val, $conf ) = @_;
|
||||
return 1
|
||||
if defined $conf->{'macros'}{$val} or $val eq '_timezone';
|
||||
if defined $$conf{'macros'}{$val} or $val eq '_timezone';
|
||||
foreach $_ ( keys %$conf ) {
|
||||
return 1
|
||||
if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val};
|
||||
if $_ =~ /exportedvars$/i and defined $$conf{$_}{$val};
|
||||
}
|
||||
return 1, "__unknownAttrOrMacro__: $val";
|
||||
}
|
||||
|
|
@ -221,7 +221,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\
|
|||
'test' => sub {
|
||||
my $test =
|
||||
grep( { $_ eq $_[0]; }
|
||||
map( { $_->{'k'}; } @{ $_[2]{'select'}; } ) );
|
||||
map( { $$_{'k'}; } @{ $_[2]{'select'}; } ) );
|
||||
return $test
|
||||
? 1
|
||||
: ( 0, "Invalid value '$_[0]' for this select" );
|
||||
|
|
@ -803,12 +803,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
@ -887,12 +887,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
@ -917,12 +917,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
@ -1017,6 +1017,10 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'key' => {
|
||||
'type' => 'password'
|
||||
},
|
||||
'ldapAllowResetExpiredPassword' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'ldapAuthnLevel' => {
|
||||
'default' => 2,
|
||||
'type' => 'int'
|
||||
|
|
@ -1124,7 +1128,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'default' => 'ldap://localhost',
|
||||
'test' => sub {
|
||||
my $l = shift();
|
||||
my @s = split( /[\s,]+/, $l, 0 );
|
||||
my (@s) = split( /[\s,]+/, $l, 0 );
|
||||
foreach my $s (@s) {
|
||||
return 0, qq[__badLdapUri__: "$s"]
|
||||
unless $s =~
|
||||
|
|
@ -1198,12 +1202,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
@ -1236,12 +1240,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
@ -1854,12 +1858,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'iso2unicode', 'groupMatch',
|
||||
'encrypt'
|
||||
);
|
||||
push @cf, defined $conf->{'customFunctions'}
|
||||
push @cf, defined $$conf{'customFunctions'}
|
||||
? map( {
|
||||
my $f = $_;
|
||||
$f =~ s/\w+:://g;
|
||||
$f, $_;
|
||||
} split( /\s+/, $conf->{'customFunctions'}, 0 ) )
|
||||
} split( /\s+/, $$conf{'customFunctions'}, 0 ) )
|
||||
: ();
|
||||
foreach my $f (@cf) {
|
||||
$s = "sub $f {1} $s";
|
||||
|
|
|
|||
|
|
@ -1831,6 +1831,11 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
|||
documentation => 'LDAP protocol version',
|
||||
},
|
||||
ldapRaw => { type => 'text', },
|
||||
ldapAllowResetExpiredPassword => {
|
||||
default => 0,
|
||||
type => 'bool',
|
||||
documentation => 'Allow a user to reset his expired password',
|
||||
},
|
||||
|
||||
# SSL
|
||||
SSLAuthnLevel => {
|
||||
|
|
|
|||
|
|
@ -264,7 +264,8 @@ sub tree {
|
|||
'ldapPwdEnc',
|
||||
'ldapUsePasswordResetAttribute',
|
||||
'ldapPasswordResetAttribute',
|
||||
'ldapPasswordResetAttributeValue'
|
||||
'ldapPasswordResetAttributeValue',
|
||||
'ldapAllowResetExpiredPassword'
|
||||
]
|
||||
},
|
||||
]
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ our $authParameters = {
|
|||
demoParams => [qw(demoExportedVars)],
|
||||
facebookParams => [qw(facebookAuthnLevel facebookExportedVars facebookAppId facebookAppSecret)],
|
||||
googleParams => [qw(googleAuthnLevel googleExportedVars)],
|
||||
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapBase managerDn managerPassword ldapTimeout ldapVersion ldapRaw LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue)],
|
||||
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapBase managerDn managerPassword ldapTimeout ldapVersion ldapRaw LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword)],
|
||||
multiParams => [qw(multiAuthStack multiUserDBStack)],
|
||||
nullParams => [qw(nullAuthnLevel)],
|
||||
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
|
||||
|
|
|
|||
|
|
@ -254,6 +254,7 @@
|
|||
"languages": "Languages",
|
||||
"latest": "Latest",
|
||||
"ldap": "LDAP",
|
||||
"ldapAllowResetExpiredPassword": "Allow to reset an expired password",
|
||||
"ldapAuthnLevel": "Authentication level",
|
||||
"ldapBase": "Users search base",
|
||||
"ldapChangePasswordAsUser": "Change as user",
|
||||
|
|
|
|||
|
|
@ -254,6 +254,7 @@
|
|||
"languages": "Langues",
|
||||
"latest": "Dernière",
|
||||
"ldap": "LDAP",
|
||||
"ldapAllowResetExpiredPassword": "Autoriser le changement de mot de passe expiré",
|
||||
"ldapAuthnLevel": "Niveau d'authentification",
|
||||
"ldapBase": "Base de recherche des utilisateurs",
|
||||
"ldapChangePasswordAsUser": "Changement en tant qu'utilisateur",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue
Block a user