mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-01 03:02:16 +01:00
834d92a47b
This is feature is workaround for #2628 (JumpCloud) and some other services that allow LDAP search only under BindDN user account, but not allow any LDAP search query in logged user DN context. Such approach is an alternative to minimal permissions security pattern for BindDN user.
172 lines
7.5 KiB
Cheetah
172 lines
7.5 KiB
Cheetah
{{template "base/head" .}}
|
|
<div class="admin edit authentication">
|
|
<div class="ui container">
|
|
<div class="ui grid">
|
|
{{template "admin/navbar" .}}
|
|
<div class="twelve wide column content">
|
|
{{template "base/alert" .}}
|
|
<h4 class="ui top attached header">
|
|
{{.i18n.Tr "admin.auths.edit"}}
|
|
</h4>
|
|
<div class="ui attached segment">
|
|
<form class="ui form" action="{{.Link}}" method="post">
|
|
{{.CsrfTokenHtml}}
|
|
<input type="hidden" name="id" value="{{.Source.ID}}">
|
|
<div class="inline field">
|
|
<label>{{$.i18n.Tr "admin.auths.auth_type"}}</label>
|
|
<input type="hidden" name="type" value="{{.Source.Type}}">
|
|
<span>{{.Source.TypeName}}</span>
|
|
</div>
|
|
<div class="required inline field {{if .Err_Name}}error{{end}}">
|
|
<label for="name">{{.i18n.Tr "admin.auths.auth_name"}}</label>
|
|
<input id="name" name="name" value="{{.Source.Name}}" autofocus required>
|
|
</div>
|
|
|
|
<!-- LDAP and DLDAP -->
|
|
{{if or .Source.IsLDAP .Source.IsDLDAP}}
|
|
{{ $cfg:=.Source.LDAP }}
|
|
<div class="required field">
|
|
<label for="host">{{.i18n.Tr "admin.auths.host"}}</label>
|
|
<input id="host" name="host" value="{{$cfg.Host}}" placeholder="e.g. mydomain.com" required>
|
|
</div>
|
|
<div class="required field">
|
|
<label for="port">{{.i18n.Tr "admin.auths.port"}}</label>
|
|
<input id="port" name="port" value="{{$cfg.Port}}" placeholder="e.g. 636" required>
|
|
</div>
|
|
{{if .Source.IsLDAP}}
|
|
<div class="field">
|
|
<label for="bind_dn">{{.i18n.Tr "admin.auths.bind_dn"}}</label>
|
|
<input id="bind_dn" name="bind_dn" value="{{$cfg.BindDN}}" placeholder="e.g. cn=Search,dc=mydomain,dc=com">
|
|
</div>
|
|
<input class="fake" type="password">
|
|
<div class="field">
|
|
<label for="bind_password">{{.i18n.Tr "admin.auths.bind_password"}}</label>
|
|
<input id="bind_password" name="bind_password" type="password" value="{{$cfg.BindPassword}}">
|
|
<p class="help text red">{{.i18n.Tr "admin.auths.bind_password_helper"}}</p>
|
|
</div>
|
|
<div class="required field">
|
|
<label for="user_base">{{.i18n.Tr "admin.auths.user_base"}}</label>
|
|
<input id="user_base" name="user_base" value="{{$cfg.UserBase}}" placeholder="e.g. ou=Users,dc=mydomain,dc=com" required>
|
|
</div>
|
|
{{end}}
|
|
{{if .Source.IsDLDAP}}
|
|
<div class="required field">
|
|
<label for="user_dn">{{.i18n.Tr "admin.auths.user_dn"}}</label>
|
|
<input id="user_dn" name="user_dn" value="{{$cfg.UserDN}}" placeholder="e.g. uid=%s,ou=Users,dc=mydomain,dc=com" required>
|
|
</div>
|
|
{{end}}
|
|
<div class="required field">
|
|
<label for="filter">{{.i18n.Tr "admin.auths.filter"}}</label>
|
|
<input id="filter" name="filter" value="{{$cfg.Filter}}" placeholder="e.g. (&(objectClass=posixAccount)(uid=%s))" required>
|
|
</div>
|
|
<div class="field">
|
|
<label for="admin_filter">{{.i18n.Tr "admin.auths.admin_filter"}}</label>
|
|
<input id="admin_filter" name="admin_filter" value="{{$cfg.AdminFilter}}">
|
|
</div>
|
|
<div class="field">
|
|
<label for="attribute_username">{{.i18n.Tr "admin.auths.attribute_username"}}</label>
|
|
<input id="attribute_username" name="attribute_username" value="{{$cfg.AttributeUsername}}" placeholder="{{.i18n.Tr "admin.auths.attribute_username_placeholder"}}">
|
|
</div>
|
|
<div class="field">
|
|
<label for="attribute_name">{{.i18n.Tr "admin.auths.attribute_name"}}</label>
|
|
<input id="attribute_name" name="attribute_name" value="{{$cfg.AttributeName}}">
|
|
</div>
|
|
<div class="field">
|
|
<label for="attribute_surname">{{.i18n.Tr "admin.auths.attribute_surname"}}</label>
|
|
<input id="attribute_surname" name="attribute_surname" value="{{$cfg.AttributeSurname}}">
|
|
</div>
|
|
<div class="required field">
|
|
<label for="attribute_mail">{{.i18n.Tr "admin.auths.attribute_mail"}}</label>
|
|
<input id="attribute_mail" name="attribute_mail" value="{{$cfg.AttributeMail}}" placeholder="e.g. mail" required>
|
|
</div>
|
|
{{if .Source.IsLDAP}}
|
|
<div class="inline field">
|
|
<div class="ui checkbox">
|
|
<label><strong>{{.i18n.Tr "admin.auths.attributes_in_bind"}}</strong></label>
|
|
<input name="attributes_in_bind" type="checkbox" {{if $cfg.AttributesInBind}}checked{{end}}>
|
|
</div>
|
|
</div>
|
|
{{end}}
|
|
{{end}}
|
|
|
|
<!-- SMTP -->
|
|
{{if .Source.IsSMTP}}
|
|
{{ $cfg:=.Source.SMTP }}
|
|
<div class="inline required field">
|
|
<label>{{.i18n.Tr "admin.auths.smtp_auth"}}</label>
|
|
<div class="ui selection type dropdown">
|
|
<input type="hidden" id="smtp_auth" name="smtp_auth" value="{{$cfg.Auth}}" required>
|
|
<div class="text">{{$cfg.Auth}}</div>
|
|
<i class="dropdown icon"></i>
|
|
<div class="menu">
|
|
{{range .SMTPAuths}}
|
|
<div class="item" data-value="{{.}}">{{.}}</div>
|
|
{{end}}
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="required field">
|
|
<label for="smtp_host">{{.i18n.Tr "admin.auths.smtphost"}}</label>
|
|
<input id="smtp_host" name="smtp_host" value="{{$cfg.Host}}" required>
|
|
</div>
|
|
<div class="required field">
|
|
<label for="smtp_port">{{.i18n.Tr "admin.auths.smtpport"}}</label>
|
|
<input id="smtp_port" name="smtp_port" value="{{$cfg.Port}}" required>
|
|
</div>
|
|
<div class="field">
|
|
<label for="allowed_domains">{{.i18n.Tr "admin.auths.allowed_domains"}}</label>
|
|
<input id="allowed_domains" name="allowed_domains" value="{{$cfg.AllowedDomains}}">
|
|
<p class="help">{{.i18n.Tr "admin.auths.allowed_domains_helper"}}</p>
|
|
</div>
|
|
{{end}}
|
|
|
|
<!-- PAM -->
|
|
{{if .Source.IsPAM}}
|
|
{{ $cfg:=.Source.PAM }}
|
|
<div class="required field">
|
|
<label for="pam_service_name">{{.i18n.Tr "admin.auths.pam_service_name"}}</label>
|
|
<input id="pam_service_name" name="pam_service_name" value="{{$cfg.ServiceName}}" required>
|
|
</div>
|
|
{{end}}
|
|
|
|
<div class="inline field {{if not (or (or .Source.IsLDAP .Source.IsDLDAP) .Source.IsSMTP)}}hide{{end}}">
|
|
<div class="ui checkbox">
|
|
<label><strong>{{.i18n.Tr "admin.auths.enable_tls"}}</strong></label>
|
|
<input name="tls" type="checkbox" {{if .Source.UseTLS}}checked{{end}}>
|
|
</div>
|
|
</div>
|
|
<div class="inline field {{if not (or (or .Source.IsLDAP .Source.IsDLDAP) .Source.IsSMTP)}}hide{{end}}">
|
|
<div class="ui checkbox">
|
|
<label><strong>{{.i18n.Tr "admin.auths.skip_tls_verify"}}</strong></label>
|
|
<input name="skip_verify" type="checkbox" {{if .Source.SkipVerify}}checked{{end}}>
|
|
</div>
|
|
</div>
|
|
<div class="inline field">
|
|
<div class="ui checkbox">
|
|
<label><strong>{{.i18n.Tr "admin.auths.activated"}}</strong></label>
|
|
<input name="is_active" type="checkbox" {{if .Source.IsActived}}checked{{end}}>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="field">
|
|
<button class="ui green button">{{.i18n.Tr "admin.auths.update"}}</button>
|
|
<div class="ui red button delete-button" data-url="{{$.Link}}/delete" data-id="{{.Source.ID}}">{{.i18n.Tr "admin.auths.delete"}}</div>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="ui small basic delete modal">
|
|
<div class="ui icon header">
|
|
<i class="trash icon"></i>
|
|
{{.i18n.Tr "admin.auths.delete_auth_title"}}
|
|
</div>
|
|
<div class="content">
|
|
<p>{{.i18n.Tr "admin.auths.delete_auth_desc"}}</p>
|
|
</div>
|
|
{{template "base/delete_modal_actions" .}}
|
|
</div>
|
|
{{template "base/footer" .}}
|