Append an option to display sfManager link (#2185)

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm

@@ -325,6 +325,7 @@ sub defaultValues {
         'samlSPSSODescriptorWantAssertionsSigned' => 1,
         'securedCookie'                           => 0,
         'sfEngine'                                => '::2F::Engines::Default',
+        'sfManagerRule'                           => 1,
         'sfRemovedMsgRule'                        => 0,
         'sfRemovedNotifMsg' =>
           '_removedSF_ expired second factor(s) has/have been removed!',

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -3599,6 +3599,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             },
             'type' => 'sfExtraContainer'
         },
+        'sfManagerRule' => {
+            'default' => 1,
+            'type'    => 'boolOrExpr'
+        },
         'sfRemovedMsgRule' => {
             'default' => 0,
             'type'    => 'boolOrExpr'

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -2974,6 +2974,13 @@ sub attributes {
             help          => 'secondfactor.html',
             documentation => 'Second factor required',
         },
+        sfManagerRule => {
+            type    => 'boolOrExpr',
+            default => 1,
+            help    => 'secondfactor.html',
+            documentation =>
+              'Rule to display second factor Manager link',
+        },
         sfRemovedMsgRule => {
             type    => 'boolOrExpr',
             default => 0,

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm

@@ -901,6 +901,7 @@ sub tree {
                                 'sfRemovedNotifMsg',
                             ],
                         },
+                        'sfManagerRule',
                         'sfRequired',
                     ]
                 },

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -837,6 +837,7 @@
 "sessionTitle":"محتوى الجلسة",
 "sfaTitle":"Second factors authentication",
 "sfExtra":"Additional second factors",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"تفعيل",

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Session content",
 "sfaTitle":"Second factors authentication",
 "sfExtra":"Additional second factors",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"Activation",

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Session content",
 "sfaTitle":"Second factors authentication",
 "sfExtra":"Additional second factors",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"Activation",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Contenu de la session",
 "sfaTitle":"Seconds facteurs d'authentification",
 "sfExtra":"Seconds facteurs additionnels",
+"sfManagerRule":"Afficher le lien du Gestionnaire",
 "sfRequired":"Exiger l'enrôlement d'un SF à l'authentification",
 "sfRemovedNotification":"Avertir si un SF expiré est supprimé",
 "sfRemovedMsgRule":"Activation",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Contenuto della sessione",
 "sfaTitle":"Autenticazione a due fattori",
 "sfExtra":"Additional second factors",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"Attivazione",

lemonldap-ng-manager/site/htdocs/static/languages/tr.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Oturum içeriği",
 "sfaTitle":"İki Faktörlü Kimlik Doğrulaması",
 "sfExtra":"Ek ikinci faktörler",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"Aktivasyon",

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Nội dung phiên",
 "sfaTitle":"Second factors authentication",
 "sfExtra":"Additional second factors",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"Kích hoạt",

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -837,6 +837,7 @@
 "sessionTitle":"Session content",
 "sfaTitle":"Second factors authentication",
 "sfExtra":"Additional second factors",
+"sfManagerRule":"Display Manager link",
 "sfRequired":"Force 2FA registration at login",
 "sfRemovedNotification":"Warn if an expired 2FA is removed",
 "sfRemovedMsgRule":"激活",

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Menu.pm

@@ -30,7 +30,8 @@ has menuModules => (
     }
 );
 
-has specific => ( is => 'rw', default => sub { {} } );
+has specific      => ( is => 'rw', default => sub { {} } );
+has sfManagerRule => ( is => 'rw', default => sub { 1 } );
 
 has imgPath => (
     is      => 'rw',
@@ -44,7 +45,13 @@ has imgPath => (
 # INITIALIZATION
 
 sub init {
-    1;
+    my ($self) = @_;
+
+    $self->sfManagerRule(
+        $self->p->buildRule( $self->conf->{sfManagerRule}, 'sfManagerRule' ) );
+    $self->sfManagerRule(1) unless $self->sfManagerRule;
+
+    return 1;
 }
 
 # RUNNING METHODS
@@ -109,9 +116,10 @@ sub params {
     $res{AUTH_ERROR_TYPE} =
       $req->error_type( $res{AUTH_ERROR} = $req->menuError );
 
-    # Display menu 2fRegisters link only if at least a 2F device is registered
+# Display menu 2fRegisters link only if at least a 2F device is registered and rule
     $res{sfaManager} =
-      $self->p->_sfEngine->display2fRegisters( $req, $req->userData );
+         $self->p->_sfEngine->display2fRegisters( $req, $req->userData )
+      && $self->sfManagerRule->( $req, $req->userData );
     $self->logger->debug("Display 2fRegisters link") if $res{sfaManager};
 
     # Display refresh my rights unless disabled
@@ -285,11 +293,11 @@ sub _buildApplicationHash {
     my $applications;
 
     # Get application items
-    my $appname = $apphash->{options}->{name} || $appid;
-    my $appuri  = $apphash->{options}->{uri}  || "";
+    my $appname = $apphash->{options}->{name}    || $appid;
+    my $appuri  = $apphash->{options}->{uri}     || "";
     my $appdesc = $apphash->{options}->{description};
     my $applogo = $apphash->{options}->{logo};
-    my $apptip = $apphash->{options}->{tooltip} || $appname;
+    my $apptip  = $apphash->{options}->{tooltip} || $appname;
 
     # Detect sub applications
     my $subapphash;