Add global settings that are valid for all identity providers

Signed-off-by: Julius Härtl <jus@bitgrid.net>
author: Julius Härtl <jus@bitgrid.net> 2018-07-05 22:53:52 +0300
committer: Bjoern Schiessle <bjoern@schiessle.org> 2018-08-03 13:42:08 +0300
commit: 8c3a4b83e4ec7153222e7307aa12323a2d2b0eed (patch)
tree: a0d372ce137b28fcdb00ddd30bb902ce587d46fc
parent: d908675b74b5ea5d19285d1ebd04370ca3f8079f (diff)
3 files changed, 74 insertions, 25 deletions
diff --git a/js/admin.js b/js/admin.js
index bfc19d84..76c59801 100644
--- a/js/admin.js
+++ b/js/admin.js
@@ -70,9 +70,13 @@
 				OC.PasswordConfirmation.requirePasswordConfirmation(_.bind(this.setSamlConfigValue, this, category, setting, value));
 				return;
 			}
-
+			// store global config flags without idp prefix
+			var configIdentifier = this.getConfigIdentifier();
+			if (typeof global === 'undefined') {
+				configIdentifier = '';
+			}
 			OC.msg.startSaving('#user-saml-save-indicator');
-			OCP.AppConfig.setValue('user_saml', this.getConfigIdentifier() + category + '-' + setting, value);
+			OCP.AppConfig.setValue('user_saml', configIdentifier + category + '-' + setting, value);
 			OC.msg.finishedSaving('#user-saml-save-indicator', {status: 'success', data: {message: t('user_saml', 'Saved')}});
 		}
 	}
@@ -82,20 +86,28 @@ $(function() {
 	OCA.User_SAML.Admin.init();
 	// Hide depending on the setup state
 	var type = $('#user-saml').data('type');
-	if(type !== '') {
-		$('#user-saml-choose-type').addClass('hidden');
-		$('#user-saml-warning-admin-user').removeClass('hidden');
+	console.log(type);
+	if(type === '') {
+		$('#user-saml-choose-type').removeClass('hidden');
 	} else {
-		$('#user-saml div:gt(2)').addClass('hidden');
-		$('#user-saml-settings .button').addClass('hidden');
+		$('#user-saml-global').removeClass('hidden');
+		$('#user-saml-warning-admin-user').removeClass('hidden');
+		$('#user-saml-settings').removeClass('hidden');
+		$('#user-saml-general').removeClass('hidden');
 	}
 	if(type === 'environment-variable') {
-		$('#user-saml div:gt(4)').addClass('hidden');
+		// we need the settings div to be visible for require_providioned_account
+		$('#user-saml-settings div').addClass('hidden');
 		$('#user-saml-settings .button').addClass('hidden');
 	}
+	if (type === 'saml') {
+		$('#user-saml .account-list').removeClass('hidden');
+	}
 
 	if($('#user-saml-general-require_provisioned_account').val() === '0' && type !== '') {
-		$('#user-saml-attribute-mapping').toggleClass('hidden');
+		$('#user-saml-attribute-mapping').removeClass('hidden');
+	} else {
+		$('#user-saml-attribute-mapping').addClass('hidden');
 	}
 
 	$('#user-saml-choose-saml').click(function(e) {
@@ -157,6 +169,9 @@ $(function() {
 		});
 	});
 
+	$('[data-js="remove-idp"]').on('click', function() {
+		OCA.User_SAML.Admin.removeProvider();
+	});
 
 	// Enable tabs
 	$('input:checkbox[value="1"]').attr('checked', true);
@@ -204,7 +219,7 @@ $(function() {
 		}
 	});
 
-	$('#user-saml-general input[type="checkbox"]').change(function(e) {
+	$('#user-saml-global input[type="checkbox"]').change(function(e) {
 		var el = $(this);
 		$.when(el.focusout()).then(function() {
 			var key = $(this).attr('name');
@@ -216,6 +231,19 @@ $(function() {
 			if(key === 'require_provisioned_account') {
 				$('#user-saml-attribute-mapping').toggleClass('hidden');
 			}
+			OCA.User_SAML.Admin.setSamlConfigValue('general', key, $(this).val(), true);
+		});
+	});
+
+	$('#user-saml-general input[type="checkbox"]').change(function(e) {
+		var el = $(this);
+		$.when(el.focusout()).then(function() {
+			var key = $(this).attr('name');
+			if($(this).val() === "0") {
+				$(this).val("1");
+			} else {
+				$(this).val("0");
+			}
 			OCA.User_SAML.Admin.setSamlConfigValue('general', key, $(this).val());
 		});
 	});
diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php
index 56f8ce2d..a440a46f 100644
--- a/lib/Settings/Admin.php
+++ b/lib/Settings/Admin.php
@@ -97,10 +97,13 @@ class Admin implements ISettings {
 			'require_provisioned_account' => [
 				'text' => $this->l10n->t('Only allow authentication if an account exists on some other backend. (e.g. LDAP)'),
 				'type' => 'checkbox',
+				'global' => true,
 			],
 			'allow_multiple_user_back_ends' => [
 				'text' => $this->l10n->t('Allow the use of multiple user back-ends (e.g. LDAP)'),
 				'type' => 'checkbox',
+				'hideForEnv' => true,
+				'global' => true,
 			],
 		];
 		$attributeMappingSettings = [
@@ -131,6 +134,7 @@ class Admin implements ISettings {
 			$generalSettings['use_saml_auth_for_desktop'] = [
 				'text' => $this->l10n->t('Use SAML auth for the %s desktop clients (requires user re-authentication)', [$this->defaults->getName()]),
 				'type' => 'checkbox',
+				'global' => true,
 			];
 		}
 
diff --git a/templates/admin.php b/templates/admin.php
index dcb44238..54110d4c 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -24,35 +24,51 @@ style('user_saml', 'admin');
 		?>
 	</div>
 
-	<ul class="account-list">
+	<div id="user-saml-choose-type" class="hidden">
+		<?php p($l->t('Please choose whether you want to authenticate using the SAML provider built-in in Nextcloud or whether you want to authenticate against an environment variable.')) ?>
+		<br/>
+		<button id="user-saml-choose-saml"><?php p($l->t('Use built-in SAML authentication')) ?></button>
+		<button id="user-saml-choose-env"><?php p($l->t('Use environment variable')) ?></button>
+	</div>
+
+	<div id="user-saml-save-indicator" class="msg success inlineblock" style="display: none;"><?php p($l->t('Saved')); ?></div>
+
+	<div id="user-saml-global" class="hidden">
+		<h3><?php p($l->t('Global settings')) ?></h3>
+		<?php foreach($_['general'] as $key => $attribute): ?>
+			<?php if($attribute['type'] === 'checkbox' && $attribute['global']): ?>
+				<p>
+					<input type="checkbox" data-key="<?php p($key)?>" id="user-saml-general-<?php p($key)?>" name="<?php p($key)?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'general-'.$key, '0')) ?>">
+					<label for="user-saml-general-<?php p($key)?>"><?php p($attribute['text']) ?></label><br/>
+				</p>
+			<?php elseif($attribute['type'] === 'line' && $attribute['global']): ?>
+				<p>
+					<input data-key="<?php p($key)?>" name="<?php p($key) ?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'general-'.$key, '')) ?>" type="text" <?php if(isset($attribute['required']) && $attribute['required'] === true): ?>class="required"<?php endif;?> placeholder="<?php p($attribute['text']) ?>"/>
+				</p>
+			<?php endif; ?>
+		<?php endforeach; ?>
+	</div>
+
+	<ul class="account-list hidden">
 		<?php foreach ($_['providers'] as $id => $name) { ?>
 		<li data-id="<?php p($id); ?>" class="<?php if ((string)$id === '1') { p('active'); } ?>">
 			<a href="#"><?php p($name); ?></a>
 		</li>
 		<?php } ?>
-		<li class="add-provider"><a href="#" class="button"><span class="icon-add"></span> <?php p($l->t('Add another provider')); ?></a></li>
+		<li class="add-provider"><a href="#" class="button"><span class="icon-add"></span> <?php p($l->t('Add identity provider')); ?></a></li>
 	</ul>
 
-	<div id="user-saml-save-indicator" class="msg success inlineblock" style="display: none;"><?php p($l->t('Saved')); ?></div>
-
-	<div id="user-saml-settings">
-		<div id="user-saml-choose-type">
-			<?php p($l->t('Please choose whether you want to authenticate using the SAML provider built-in in Nextcloud or whether you want to authenticate against an environment variable.')) ?>
-			<br/>
-			<button id="user-saml-choose-saml"><?php p($l->t('Use built-in SAML authentication')) ?></button>
-			<button id="user-saml-choose-env"><?php p($l->t('Use environment variable')) ?></button>
-		</div>
-
+	<div id="user-saml-settings" class="hidden">
 
-		<div id="user-saml-general">
+		<div id="user-saml-general" class="hidden">
 			<h3><?php p($l->t('General')) ?></h3>
 			<?php foreach($_['general'] as $key => $attribute): ?>
-				<?php if($attribute['type'] === 'checkbox'): ?>
+				<?php if($attribute['type'] === 'checkbox' && !$attribute['global']): ?>
 					<p>
 						<input type="checkbox" data-key="<?php p($key)?>" id="user-saml-general-<?php p($key)?>" name="<?php p($key)?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'general-'.$key, '0')) ?>">
 						<label for="user-saml-general-<?php p($key)?>"><?php p($attribute['text']) ?></label><br/>
 					</p>
-				<?php elseif($attribute['type'] === 'line'): ?>
+				<?php elseif($attribute['type'] === 'line' && !$attribute['global']): ?>
 					<p>
 						<input data-key="<?php p($key)?>" name="<?php p($key) ?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'general-'.$key, '')) ?>" type="text" <?php if(isset($attribute['required']) && $attribute['required'] === true): ?>class="required"<?php endif;?> placeholder="<?php p($attribute['text']) ?>"/>
 					</p>
@@ -142,6 +158,7 @@ style('user_saml', 'admin');
 			</div>
 		</div>
 
+		<a data-js="remove-idp" class="button"><?php p($l->t('Remove identity provider')); ?></button>
 		<a href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('user_saml.SAML.getMetadata')) ?>" class="button"><?php p($l->t('Download metadata XML')) ?></a>
 		<span class="warning hidden" id="user-saml-settings-incomplete"><?php p($l->t('Metadata invalid')) ?></span>
 		<span class="success hidden" id="user-saml-settings-complete"><?php p($l->t('Metadata valid')) ?></span>
author	Julius Härtl <jus@bitgrid.net>	2018-07-05 22:53:52 +0300
committer	Bjoern Schiessle <bjoern@schiessle.org>	2018-08-03 13:42:08 +0300
commit	8c3a4b83e4ec7153222e7307aa12323a2d2b0eed (patch)
tree	a0d372ce137b28fcdb00ddd30bb902ce587d46fc
parent	d908675b74b5ea5d19285d1ebd04370ca3f8079f (diff)