dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Append comment box (#2808)

This commit is contained in:
Christophe Maudoux 2022-10-23 22:45:24 +02:00
parent bc08b06850
commit 285c6a7c85
19 changed files with 47 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/sources/admin/configvhost.rst
View File

@ -529,21 +529,22 @@ Some options are available:
Provide a comma separated parameters list with custom function path and args. Provide a comma separated parameters list with custom function path and args.
Args can be vars or session attributes, macros, ... Args can be vars or session attributes, macros, ...
By example: My::accessToTrace, Doctor, Who, _whatToTrace By example: My::accessToTrace, Doctor, Who, _whatToTrace
- **Required authentication level**: this option avoids to reject user with
a rule based on ``$_authenticationLevel``. When user has not got the
required level, he is redirected to an upgrade page in the portal.
This default level is required for ALL locations relative to this virtual host.
It can be overrided for each locations.
- **Type**: handler type (:ref:`Main<presentation-kinematics>`, - **Type**: handler type (:ref:`Main<presentation-kinematics>`,
:doc:`AuthBasic<authbasichandler>`, :doc:`AuthBasic<authbasichandler>`,
:doc:`ServiceToken<servertoserver>`, :doc:`ServiceToken<servertoserver>`,
:doc:`DevOps<devopshandler>`, :doc:`DevOps<devopshandler>`,
:doc:`DevOpsST<devopssthandler>`, :doc:`DevOpsST<devopssthandler>`,
:doc:`OAuth2<oauth2handler>`,...) :doc:`OAuth2<oauth2handler>`,...)
- **Required authentication level**: this option avoids to reject user with
a rule based on ``$_authenticationLevel``. When user has not got the
required level, he is redirected to an upgrade page in the portal.
This default level is required for ALL locations relative to this virtual host.
It can be overrided for each locations.
- **DevOps rules file URL**: option to define URL to retreive DevOps rules file. - **DevOps rules file URL**: option to define URL to retreive DevOps rules file.
This option can be overridden with ``uwsgi_param/fastcgi_param RULES_URL`` parameter. This option can be overridden with ``uwsgi_param/fastcgi_param RULES_URL`` parameter.
- **ServiceToken timeout**: by default, ServiceToken is just valid during 30 - **ServiceToken timeout**: by default, ServiceToken is just valid during 30
seconds. This TTL can be customized for each virtual host. seconds. This TTL can be customized for each virtual host.
- **Comment**: Can be used for setting comment.
.. attention:: .. attention::

2
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
View File

@ -30,7 +30,7 @@ our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Expiration|SignAlg|Claims|JWT)|uth(?:orizationCodeExpiration|nLevel)|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|Logout(?:SessionRequired|BypassConfirm|Type|Url)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|P(?:ostLogoutRedirectUris|ublic)|UserI(?:nfoSignAlg|DAttr)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims)|(?:ExportedVar|ScopeRule|Macro)s)'; our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Expiration|SignAlg|Claims|JWT)|uth(?:orizationCodeExpiration|nLevel)|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|Logout(?:SessionRequired|BypassConfirm|Type|Url)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|P(?:ostLogoutRedirectUris|ublic)|UserI(?:nfoSignAlg|DAttr)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims)|(?:ExportedVar|ScopeRule|Macro)s)';
our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ign(?:S[LS]OMessage|atureMethod)|toreSAMLToken|[LS]OBinding|ortNumber)|Re(?:questedAuthnContext|solutionRule|layStateURL)|A(?:daptSessionUtime|llowLoginFromIDP)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)'; our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ign(?:S[LS]OMessage|atureMethod)|toreSAMLToken|[LS]OBinding|ortNumber)|Re(?:questedAuthnContext|solutionRule|layStateURL)|A(?:daptSessionUtime|llowLoginFromIDP)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:S(?:ign(?:S[LS]OMessage|atureMethod)|essionNotOnOrAfterTimeout)|N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|AuthnLevel|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)'; our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:S(?:ign(?:S[LS]OMessage|atureMethod)|essionNotOnOrAfterTimeout)|N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|AuthnLevel|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)';
our $virtualHostKeys = '(?:vhost(?:A(?:ccessToTrace|uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|DevOpsRulesUrl|Https|Port)|(?:exportedHeader|locationRule)s|post)'; our $virtualHostKeys = '(?:vhost(?:A(?:ccessToTrace|uthnLevel|liases)|(?:Maintenanc|Typ)e|(?:Commen|Por)t|ServiceTokenTTL|DevOpsRulesUrl|Https)|(?:exportedHeader|locationRule)s|post)';
our $authParameters = { our $authParameters = {
adParams => [qw(ADPwdMaxAge ADPwdExpireWarning)], adParams => [qw(ADPwdMaxAge ADPwdExpireWarning)],

4
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View File

@ -4465,6 +4465,10 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
'vhostAuthnLevel' => { 'vhostAuthnLevel' => {
'type' => 'int' 'type' => 'int'
}, },
'vhostComment' => {
'default' => '',
'type' => 'longtext'
},
'vhostDevOpsRulesUrl' => { 'vhostDevOpsRulesUrl' => {
'type' => 'url' 'type' => 'url'
}, },

4
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View File

@ -2502,6 +2502,10 @@ sub attributes {
type => 'int', type => 'int',
default => -1, default => -1,
}, },
vhostComment => {
type => 'longtext',
default => '',
},
vhostAccessToTrace => { type => 'text', default => '' }, vhostAccessToTrace => { type => 'text', default => '' },
vhostAliases => { type => 'text', default => '' }, vhostAliases => { type => 'text', default => '' },
vhostType => { vhostType => {

13
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
View File

@ -27,11 +27,11 @@ sub cTrees {
help => 'configvhost.html#options', help => 'configvhost.html#options',
form => 'simpleInputContainer', form => 'simpleInputContainer',
nodes => [ nodes => [
'vhostPort', 'vhostHttps', 'vhostPort', 'vhostHttps',
'vhostMaintenance', 'vhostAliases', 'vhostMaintenance', 'vhostAliases',
'vhostAccessToTrace', 'vhostType', 'vhostAccessToTrace', 'vhostAuthnLevel',
'vhostAuthnLevel', 'vhostDevOpsRulesUrl', 'vhostType', 'vhostDevOpsRulesUrl',
'vhostServiceTokenTTL' 'vhostServiceTokenTTL', 'vhostComment'
], ],
}, },
], ],
@ -197,8 +197,7 @@ sub cTrees {
{ {
title => 'oidcRPMetaDataOptions', title => 'oidcRPMetaDataOptions',
help => 'idpopenidconnect.html#options', help => 'idpopenidconnect.html#options',
nodes => [ nodes => [ {
{
title => 'oidcRPMetaDataOptionsBasic', title => 'oidcRPMetaDataOptionsBasic',
form => 'simpleInputContainer', form => 'simpleInputContainer',
nodes => [ nodes => [

19
lemonldap-ng-manager/site/htdocs/static/js/conftree.js
View File

@ -1439,6 +1439,12 @@ function templates(tpl,key) {
"id" : tpl+"s/"+key+"/"+"vhostAccessToTrace", "id" : tpl+"s/"+key+"/"+"vhostAccessToTrace",
"title" : "vhostAccessToTrace" "title" : "vhostAccessToTrace"
}, },
{
"get" : tpl+"s/"+key+"/"+"vhostAuthnLevel",
"id" : tpl+"s/"+key+"/"+"vhostAuthnLevel",
"title" : "vhostAuthnLevel",
"type" : "int"
},
{ {
"default" : "Main", "default" : "Main",
"get" : tpl+"s/"+key+"/"+"vhostType", "get" : tpl+"s/"+key+"/"+"vhostType",
@ -1484,12 +1490,6 @@ function templates(tpl,key) {
"title" : "vhostType", "title" : "vhostType",
"type" : "select" "type" : "select"
}, },
{
"get" : tpl+"s/"+key+"/"+"vhostAuthnLevel",
"id" : tpl+"s/"+key+"/"+"vhostAuthnLevel",
"title" : "vhostAuthnLevel",
"type" : "int"
},
{ {
"get" : tpl+"s/"+key+"/"+"vhostDevOpsRulesUrl", "get" : tpl+"s/"+key+"/"+"vhostDevOpsRulesUrl",
"id" : tpl+"s/"+key+"/"+"vhostDevOpsRulesUrl", "id" : tpl+"s/"+key+"/"+"vhostDevOpsRulesUrl",
@ -1501,6 +1501,13 @@ function templates(tpl,key) {
"id" : tpl+"s/"+key+"/"+"vhostServiceTokenTTL", "id" : tpl+"s/"+key+"/"+"vhostServiceTokenTTL",
"title" : "vhostServiceTokenTTL", "title" : "vhostServiceTokenTTL",
"type" : "int" "type" : "int"
},
{
"default" : "",
"get" : tpl+"s/"+key+"/"+"vhostComment",
"id" : tpl+"s/"+key+"/"+"vhostComment",
"title" : "vhostComment",
"type" : "longtext"
} }
], ],
"help" : "configvhost.html#options", "help" : "configvhost.html#options",

2
lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map
View File

File diff suppressed because one or more lines are too long

1
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Access to trace", "vhostAccessToTrace":"Access to trace",
"vhostAliases":"اسماء مستعارة", "vhostAliases":"اسماء مستعارة",
"vhostAuthnLevel":"مستوى إثبات الهوية واجب", "vhostAuthnLevel":"مستوى إثبات الهوية واجب",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"إتش تي تي بي س", "vhostHttps":"إتش تي تي بي س",
"vhostMaintenance":"وضع الصيانة", "vhostMaintenance":"وضع الصيانة",

1
lemonldap-ng-manager/site/htdocs/static/languages/en.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Access to trace", "vhostAccessToTrace":"Access to trace",
"vhostAliases":"Aliases", "vhostAliases":"Aliases",
"vhostAuthnLevel":"Required authentication level", "vhostAuthnLevel":"Required authentication level",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Maintenance mode", "vhostMaintenance":"Maintenance mode",

1
lemonldap-ng-manager/site/htdocs/static/languages/es.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Access to trace", "vhostAccessToTrace":"Access to trace",
"vhostAliases":"Aliases", "vhostAliases":"Aliases",
"vhostAuthnLevel":"Nivel de autentificación requerido", "vhostAuthnLevel":"Nivel de autentificación requerido",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Modo de mantenimiento", "vhostMaintenance":"Modo de mantenimiento",

1
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Accès à tracer", "vhostAccessToTrace":"Accès à tracer",
"vhostAliases":"Alias", "vhostAliases":"Alias",
"vhostAuthnLevel":"Niveau d'authentification requis", "vhostAuthnLevel":"Niveau d'authentification requis",
"vhostComment": "Commentaire",
"vhostDevOpsRulesUrl":"URL du fichier de règles DevOps", "vhostDevOpsRulesUrl":"URL du fichier de règles DevOps",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Mode maintenance", "vhostMaintenance":"Mode maintenance",

1
lemonldap-ng-manager/site/htdocs/static/languages/he.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Access to trace", "vhostAccessToTrace":"Access to trace",
"vhostAliases":"כינויים", "vhostAliases":"כינויים",
"vhostAuthnLevel":"דרגת אימות נדרשת", "vhostAuthnLevel":"דרגת אימות נדרשת",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"מצב תחזוקה", "vhostMaintenance":"מצב תחזוקה",

1
lemonldap-ng-manager/site/htdocs/static/languages/it.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Access to trace", "vhostAccessToTrace":"Access to trace",
"vhostAliases":"Alias", "vhostAliases":"Alias",
"vhostAuthnLevel":"Livello di autenticazione richiesto", "vhostAuthnLevel":"Livello di autenticazione richiesto",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Modalità di manutenzione", "vhostMaintenance":"Modalità di manutenzione",

1
lemonldap-ng-manager/site/htdocs/static/languages/pl.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Dostęp do śledzenia", "vhostAccessToTrace":"Dostęp do śledzenia",
"vhostAliases":"Aliasy", "vhostAliases":"Aliasy",
"vhostAuthnLevel":"Wymagany poziom uwierzytelnienia", "vhostAuthnLevel":"Wymagany poziom uwierzytelnienia",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"Adres URL pliku reguł DevOps", "vhostDevOpsRulesUrl":"Adres URL pliku reguł DevOps",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Tryb konserwacji", "vhostMaintenance":"Tryb konserwacji",

1
lemonldap-ng-manager/site/htdocs/static/languages/tr.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"İzlemeye erişim", "vhostAccessToTrace":"İzlemeye erişim",
"vhostAliases":"Takma adlar", "vhostAliases":"Takma adlar",
"vhostAuthnLevel":"Gereken doğrulama seviyesi", "vhostAuthnLevel":"Gereken doğrulama seviyesi",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps kuralları dosya URL'si", "vhostDevOpsRulesUrl":"DevOps kuralları dosya URL'si",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Bakım modu", "vhostMaintenance":"Bakım modu",

1
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"Access to trace", "vhostAccessToTrace":"Access to trace",
"vhostAliases":"Bí danh", "vhostAliases":"Bí danh",
"vhostAuthnLevel":"Mức xác thực bắt buộc", "vhostAuthnLevel":"Mức xác thực bắt buộc",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"Chế độ bảo trì", "vhostMaintenance":"Chế độ bảo trì",

1
lemonldap-ng-manager/site/htdocs/static/languages/zh.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"存取追蹤", "vhostAccessToTrace":"存取追蹤",
"vhostAliases":"別名", "vhostAliases":"別名",
"vhostAuthnLevel":"需要的驗證等級", "vhostAuthnLevel":"需要的驗證等級",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"維護模式", "vhostMaintenance":"維護模式",

1
lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json
View File

@ -1214,6 +1214,7 @@
"vhostAccessToTrace":"存取追蹤", "vhostAccessToTrace":"存取追蹤",
"vhostAliases":"別名", "vhostAliases":"別名",
"vhostAuthnLevel":"需要的驗證等級", "vhostAuthnLevel":"需要的驗證等級",
"vhostComment": "Comment",
"vhostDevOpsRulesUrl":"DevOps rules file URL", "vhostDevOpsRulesUrl":"DevOps rules file URL",
"vhostHttps":"HTTPS", "vhostHttps":"HTTPS",
"vhostMaintenance":"維護模式", "vhostMaintenance":"維護模式",