diff --git a/modules/lemonldap-ng-manager/example/skins/default/js/manager.js b/modules/lemonldap-ng-manager/example/skins/default/js/manager.js index 0a15427e4..a262d6eea 100644 --- a/modules/lemonldap-ng-manager/example/skins/default/js/manager.js +++ b/modules/lemonldap-ng-manager/example/skins/default/js/manager.js @@ -745,6 +745,15 @@ function zimbraByParams(id) { ],lmdata(id)); display('select',lmtext(id)); } +function casAccessControlPolicyParams(id) { + currentId=id; + formateSelect('select',[ + 'none=None', + 'error=Display error on portal', + 'faketicket=Send a fake service ticket', + ],lmdata(id)); + display('select',lmtext(id)); +} function btext(id) { currentId=id; $('#btextKey').attr('value',lmtext(id)); diff --git a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm index 526e5db72..b656c7548 100644 --- a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm +++ b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm @@ -9,7 +9,7 @@ use strict; use Lemonldap::NG::Common::Conf::SAML::Metadata; use Lemonldap::NG::Common::Regexp; -our $VERSION = '1.1.0'; +our $VERSION = '1.1.2'; ## @method protected hashref cstruct(hashref h,string k) # Merge $h with the structure produced with $k and return it. @@ -640,8 +640,12 @@ sub struct { issuerDBCASRule => 'text:/issuerDBCASRule:issuerdbCAS:boolOrPerlExpr', issuerDBCASOptions => { - _nodes => [qw(casAttr casStorage cn:casStorageOptions)], - casAttr => 'text:/casAttr', + _nodes => [ + qw(casAttr casAccessControlPolicy casStorage cn:casStorageOptions) + ], + casAttr => 'text:/casAttr', + casAccessControlPolicy => +'select:/casAccessControlPolicy:issuerdbCAS:casAccessControlPolicyParams', casStorage => 'text:/casStorage', casStorageOptions => { _nodes => @@ -1694,8 +1698,9 @@ sub testStruct { keyTest => qr/^\w+$/, keyMsgFail => 'Bad CAS proxied service identifier', }, - casAttr => $testNotDefined, - casStorage => { + casAttr => $testNotDefined, + casAccessControlPolicy => $testNotDefined, + casStorage => { test => qr/^[\w:]*$/, msgFail => 'Bad module name', }, @@ -1813,6 +1818,7 @@ sub defaultConf { authentication => 'LDAP', authChoiceParam => 'lmAuth', CAS_pgtFile => '/tmp/pgt.txt', + casAccessControlPolicy => 'none', cda => '0', cookieName => 'lemonldap', domain => 'example.com', diff --git a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm index 177197849..61b0f4ed9 100644 --- a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm +++ b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm @@ -9,7 +9,7 @@ package Lemonldap::NG::Manager::_i18n; use strict; use AutoLoader qw(AUTOLOAD); -our $VERSION = '1.1.0'; +our $VERSION = '1.1.2'; ## @method string translate(string text,string lang) # Returns $text translated in $lang. @@ -48,72 +48,73 @@ __END__ sub en { return { - _auth => 'Authentication', - _authChoice => 'Authentication choice', - _userDB => 'User', - _passwordDB => 'Password', - _issuerDB => 'Issuer', - _timezone => 'Time zone', - _session_id => 'Session identifier', - _url => 'Origin URL', - _user => 'Login', - _password => 'Password', - _utime => 'Session timestamp', - _lastAuthnUTime => 'Authentication timestamp', - _idp => 'IDP EntityID', - _idpConfKey => 'IDP configuration key', - _samlToken => 'SAML token', - _lassoSessionDump => 'Lasso session dump', - _lassoIdentityDump => 'Lasso identity dump', - advancedParams => 'Advanced parameters', - apacheParams => 'Apache parameters', - apacheAuthnLevel => 'Authentication level', - applicationList => 'Categories and applications', - attributesAndMacros => 'Attributes and macros', - authChoiceModules => 'Allowed modules', - authChoiceParam => 'URL parameter', - authentication => 'Authentication module', - authenticationLevel => 'Authentication level', - authenticationTitle => 'Authentication', - AuthLDAPFilter => 'Authentication filter', - authParams => 'Authentication modules', - dbiAuthChain => 'Chain', - dbiAuthLoginCol => 'Login field name', - dbiAuthnLevel => 'Authentication level', - dbiAuthPassword => 'Password', - dbiAuthPasswordCol => 'Password field name', - dbiAuthPasswordHash => 'Hash scheme', - dbiAuthTable => 'Authentication table', - dbiAuthUser => 'User', - dbiConnection => 'Connection', - dbiConnectionAuth => 'Authentication process', - dbiConnectionUser => 'User process', - dbiParams => 'DBI parameters', - dbiPassword => 'Password', - dbiPasswordMailCol => 'Mail field name', - dbiSchema => 'Schema', - dbiUserChain => 'Chain', - dbiUserPassword => 'Password', - dbiUserTable => 'User table', - dbiUserUser => 'User', - deleteNotification => 'Mark notification as done', - deleteSession => 'Delete session', - done => 'done', - CAS_authnLevel => 'Authentication level', - CAS_CAFile => 'CA file', - CAS_gateway => 'Gateway authentication', - CAS_pgtFile => 'PGT file', - CAS_proxiedServices => 'Proxied services', - CAS_renew => 'Renew authentication', - CAS_url => 'Server URL', - casAttr => 'CAS login', - casParams => 'CAS parameters', - casStorage => 'CAS sessions module name', - casStorageOptions => 'CAS sessions module options', - cda => 'Multiple domains', - clickHereToForce => 'Click here to force', - choiceParams => 'Choice parameters', - Configuration => 'Configuration', + _auth => 'Authentication', + _authChoice => 'Authentication choice', + _userDB => 'User', + _passwordDB => 'Password', + _issuerDB => 'Issuer', + _timezone => 'Time zone', + _session_id => 'Session identifier', + _url => 'Origin URL', + _user => 'Login', + _password => 'Password', + _utime => 'Session timestamp', + _lastAuthnUTime => 'Authentication timestamp', + _idp => 'IDP EntityID', + _idpConfKey => 'IDP configuration key', + _samlToken => 'SAML token', + _lassoSessionDump => 'Lasso session dump', + _lassoIdentityDump => 'Lasso identity dump', + advancedParams => 'Advanced parameters', + apacheParams => 'Apache parameters', + apacheAuthnLevel => 'Authentication level', + applicationList => 'Categories and applications', + attributesAndMacros => 'Attributes and macros', + authChoiceModules => 'Allowed modules', + authChoiceParam => 'URL parameter', + authentication => 'Authentication module', + authenticationLevel => 'Authentication level', + authenticationTitle => 'Authentication', + AuthLDAPFilter => 'Authentication filter', + authParams => 'Authentication modules', + dbiAuthChain => 'Chain', + dbiAuthLoginCol => 'Login field name', + dbiAuthnLevel => 'Authentication level', + dbiAuthPassword => 'Password', + dbiAuthPasswordCol => 'Password field name', + dbiAuthPasswordHash => 'Hash scheme', + dbiAuthTable => 'Authentication table', + dbiAuthUser => 'User', + dbiConnection => 'Connection', + dbiConnectionAuth => 'Authentication process', + dbiConnectionUser => 'User process', + dbiParams => 'DBI parameters', + dbiPassword => 'Password', + dbiPasswordMailCol => 'Mail field name', + dbiSchema => 'Schema', + dbiUserChain => 'Chain', + dbiUserPassword => 'Password', + dbiUserTable => 'User table', + dbiUserUser => 'User', + deleteNotification => 'Mark notification as done', + deleteSession => 'Delete session', + done => 'done', + CAS_authnLevel => 'Authentication level', + CAS_CAFile => 'CA file', + CAS_gateway => 'Gateway authentication', + CAS_pgtFile => 'PGT file', + CAS_proxiedServices => 'Proxied services', + CAS_renew => 'Renew authentication', + CAS_url => 'Server URL', + casAccessControlPolicy => 'Access control policy', + casAttr => 'CAS login', + casParams => 'CAS parameters', + casStorage => 'CAS sessions module name', + casStorageOptions => 'CAS sessions module options', + cda => 'Multiple domains', + clickHereToForce => 'Click here to force', + choiceParams => 'Choice parameters', + Configuration => 'Configuration', confModuledeprecated => 'This module has been deprecated, set "forceUpload=1" in lemonldap-ng.ini to use it', confSaved => 'Configuration saved', @@ -478,72 +479,73 @@ sub en { sub fr { use utf8; return { - _auth => 'Authentification', - _authChoice => 'Choix d\'authentification', - _userDB => 'Utilisateur', - _passwordDB => 'Mot de passe', - _issuerDB => 'Fournisseur', - _timezone => 'Zone horaire', - _session_id => 'Identifiant de session', - _url => "URL d'origine", - _user => 'Identifiant', - _password => 'Mot de passe', - _utime => 'Tampon de la session', - _lastAuthnUTime => 'Tampon d\'authentification ', - _idp => 'Identifiant d\'entité de l\'IDP', - _idpConfKey => 'Clé de configuration de l\'IDP', - _samlToken => ' Jeton SAML ', - _lassoSessionDump => ' Dump session Lasso ', - _lassoIdentityDump => 'Dump identité Lasso', - advancedParams => 'Paramètres avancés', - apacheParams => 'Paramètres Apache', - apacheAuthnLevel => 'Niveau d\'authentification', - applicationList => 'Catégories et applications', - attributesAndMacros => 'Attributs et macros', - authChoiceModules => 'Modules autorisés', - authChoiceParam => 'Parmètre de l\'URL', - authentication => "Module d'authentification", - authenticationLevel => 'Niveau d\'authentification', - authenticationTitle => 'Authentification', - AuthLDAPFilter => 'Filtre d\'authentification', - authParams => "Modules d'authentification", - dbiAuthChain => 'Chaîne', - dbiAuthLoginCol => 'Champ identifiant', - dbiAuthnLevel => 'Niveau d\'authentification', - dbiAuthPassword => 'Mot de passe', - dbiAuthPasswordCol => 'Champ mot de passe', - dbiAuthPasswordHash => 'Schéma de hachage', - dbiAuthTable => 'Table authentification', - dbiAuthUser => 'Utilisateur', - dbiConnection => 'Connexion', - dbiConnectionAuth => 'Authentification', - dbiConnectionUser => 'Utilisateurs', - dbiParams => 'Paramètres DBI', - dbiPassword => 'Mot de passe', - dbiPasswordMailCol => 'Champ mail', - dbiSchema => 'Schéma', - dbiUserChain => 'Chaîne', - dbiUserPassword => 'Mot de passe', - dbiUserTable => 'Table des utilisateurs', - dbiUserUser => 'Utilisateur', - deleteNotification => 'Marquer la notification comme validée', - deleteSession => 'Effacer la session', - done => 'validée', - CAS_authnLevel => 'Niveau d\'authentification', - CAS_CAFile => 'Fichier d\'AC', - CAS_gateway => 'Authentification transparente', - CAS_pgtFile => 'Fichier de PGT', - CAS_renew => 'Renouveller l\'authentication', - CAS_proxiedServices => 'Services mandatés', - CAS_url => 'URL du serveur', - casAttr => 'Identifiant CAS', - casParams => 'Paramètres CAS', - casStorage => 'Nom du module des session CAS', - casStorageOptions => 'Options du module des sessions CAS', - cda => 'Domaines multiples', - clickHereToForce => 'Cliquer ici pour forcer', - choiceParams => 'Paramètres des choix', - Configuration => 'Configuration', + _auth => 'Authentification', + _authChoice => 'Choix d\'authentification', + _userDB => 'Utilisateur', + _passwordDB => 'Mot de passe', + _issuerDB => 'Fournisseur', + _timezone => 'Zone horaire', + _session_id => 'Identifiant de session', + _url => "URL d'origine", + _user => 'Identifiant', + _password => 'Mot de passe', + _utime => 'Tampon de la session', + _lastAuthnUTime => 'Tampon d\'authentification ', + _idp => 'Identifiant d\'entité de l\'IDP', + _idpConfKey => 'Clé de configuration de l\'IDP', + _samlToken => ' Jeton SAML ', + _lassoSessionDump => ' Dump session Lasso ', + _lassoIdentityDump => 'Dump identité Lasso', + advancedParams => 'Paramètres avancés', + apacheParams => 'Paramètres Apache', + apacheAuthnLevel => 'Niveau d\'authentification', + applicationList => 'Catégories et applications', + attributesAndMacros => 'Attributs et macros', + authChoiceModules => 'Modules autorisés', + authChoiceParam => 'Parmètre de l\'URL', + authentication => "Module d'authentification", + authenticationLevel => 'Niveau d\'authentification', + authenticationTitle => 'Authentification', + AuthLDAPFilter => 'Filtre d\'authentification', + authParams => "Modules d'authentification", + dbiAuthChain => 'Chaîne', + dbiAuthLoginCol => 'Champ identifiant', + dbiAuthnLevel => 'Niveau d\'authentification', + dbiAuthPassword => 'Mot de passe', + dbiAuthPasswordCol => 'Champ mot de passe', + dbiAuthPasswordHash => 'Schéma de hachage', + dbiAuthTable => 'Table authentification', + dbiAuthUser => 'Utilisateur', + dbiConnection => 'Connexion', + dbiConnectionAuth => 'Authentification', + dbiConnectionUser => 'Utilisateurs', + dbiParams => 'Paramètres DBI', + dbiPassword => 'Mot de passe', + dbiPasswordMailCol => 'Champ mail', + dbiSchema => 'Schéma', + dbiUserChain => 'Chaîne', + dbiUserPassword => 'Mot de passe', + dbiUserTable => 'Table des utilisateurs', + dbiUserUser => 'Utilisateur', + deleteNotification => 'Marquer la notification comme validée', + deleteSession => 'Effacer la session', + done => 'validée', + CAS_authnLevel => 'Niveau d\'authentification', + CAS_CAFile => 'Fichier d\'AC', + CAS_gateway => 'Authentification transparente', + CAS_pgtFile => 'Fichier de PGT', + CAS_renew => 'Renouveller l\'authentication', + CAS_proxiedServices => 'Services mandatés', + CAS_url => 'URL du serveur', + casAccessControlPolicy => "Politique de contrôle d'accès", + casAttr => 'Identifiant CAS', + casParams => 'Paramètres CAS', + casStorage => 'Nom du module des session CAS', + casStorageOptions => 'Options du module des sessions CAS', + cda => 'Domaines multiples', + clickHereToForce => 'Cliquer ici pour forcer', + choiceParams => 'Paramètres des choix', + Configuration => 'Configuration', confModuledeprecated => "Ce module est obsolète, indiquez \"forceUpload=1\" dans le fichier lemonldap-ng.ini pour l'utiliser", confSaved => 'Configuration sauvegardée',