forgejo/routers/admin/auths.go

262 lines
7.6 KiB
Go
Raw Normal View History

2014-05-05 18:32:47 +09:00
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2014-05-03 11:48:14 +09:00
package admin
import (
"fmt"
2014-07-26 13:24:27 +09:00
"github.com/Unknwon/com"
2014-05-11 19:10:37 +09:00
"github.com/go-xorm/core"
2014-05-11 23:37:31 +09:00
"github.com/go-gitea/gitea/models"
"github.com/go-gitea/gitea/modules/auth"
"github.com/go-gitea/gitea/modules/auth/ldap"
"github.com/go-gitea/gitea/modules/base"
"github.com/go-gitea/gitea/modules/context"
"github.com/go-gitea/gitea/modules/log"
"github.com/go-gitea/gitea/modules/setting"
2014-05-03 11:48:14 +09:00
)
const (
2014-08-29 21:50:43 +09:00
AUTHS base.TplName = "admin/auth/list"
AUTH_NEW base.TplName = "admin/auth/new"
AUTH_EDIT base.TplName = "admin/auth/edit"
)
2016-03-12 01:56:52 +09:00
func Authentications(ctx *context.Context) {
2014-08-29 21:50:43 +09:00
ctx.Data["Title"] = ctx.Tr("admin.authentication")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
var err error
ctx.Data["Sources"], err = models.LoginSources()
2014-08-29 21:50:43 +09:00
if err != nil {
ctx.Handle(500, "LoginSources", err)
2014-08-29 21:50:43 +09:00
return
}
2015-09-11 04:45:03 +09:00
ctx.Data["Total"] = models.CountLoginSources()
2014-08-29 21:50:43 +09:00
ctx.HTML(200, AUTHS)
}
type dropdownItem struct {
2015-09-11 06:11:41 +09:00
Name string
Type interface{}
2015-09-11 06:11:41 +09:00
}
var (
authSources = []dropdownItem{
2016-11-08 01:30:04 +09:00
{models.LoginNames[models.LoginLdap], models.LoginLdap},
2016-11-08 01:37:28 +09:00
{models.LoginNames[models.LoginDldap], models.LoginDldap},
{models.LoginNames[models.LoginSmtp], models.LoginSmtp},
{models.LoginNames[models.LoginPam], models.LoginPam},
}
securityProtocols = []dropdownItem{
{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED], ldap.SECURITY_PROTOCOL_UNENCRYPTED},
{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_LDAPS], ldap.SECURITY_PROTOCOL_LDAPS},
{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_START_TLS], ldap.SECURITY_PROTOCOL_START_TLS},
}
)
2015-09-11 06:11:41 +09:00
2016-03-12 01:56:52 +09:00
func NewAuthSource(ctx *context.Context) {
2014-08-29 21:50:43 +09:00
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
2015-09-11 06:11:41 +09:00
2016-11-08 01:30:04 +09:00
ctx.Data["type"] = models.LoginLdap
ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginLdap]
ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED]
2015-09-11 06:11:41 +09:00
ctx.Data["smtp_auth"] = "PLAIN"
ctx.Data["is_active"] = true
ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols
2014-05-11 19:10:37 +09:00
ctx.Data["SMTPAuths"] = models.SMTPAuths
ctx.HTML(200, AUTH_NEW)
2014-05-03 11:48:14 +09:00
}
2015-09-12 01:03:08 +09:00
func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {
return &models.LDAPConfig{
2015-09-15 04:48:51 +09:00
Source: &ldap.Source{
Name: form.Name,
Host: form.Host,
Port: form.Port,
SecurityProtocol: ldap.SecurityProtocol(form.SecurityProtocol),
SkipVerify: form.SkipVerify,
BindDN: form.BindDN,
UserDN: form.UserDN,
BindPassword: form.BindPassword,
UserBase: form.UserBase,
AttributeUsername: form.AttributeUsername,
AttributeName: form.AttributeName,
AttributeSurname: form.AttributeSurname,
AttributeMail: form.AttributeMail,
AttributesInBind: form.AttributesInBind,
Filter: form.Filter,
AdminFilter: form.AdminFilter,
Enabled: true,
2015-09-12 01:03:08 +09:00
},
}
}
func parseSMTPConfig(form auth.AuthenticationForm) *models.SMTPConfig {
return &models.SMTPConfig{
Auth: form.SMTPAuth,
Host: form.SMTPHost,
Port: form.SMTPPort,
AllowedDomains: form.AllowedDomains,
TLS: form.TLS,
SkipVerify: form.SkipVerify,
2015-09-12 01:03:08 +09:00
}
}
2016-03-12 01:56:52 +09:00
func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
2014-08-29 21:50:43 +09:00
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
2015-09-11 06:11:41 +09:00
ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginType(form.Type)]
ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocol(form.SecurityProtocol)]
2015-09-11 06:11:41 +09:00
ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols
2014-05-11 19:10:37 +09:00
ctx.Data["SMTPAuths"] = models.SMTPAuths
2014-05-03 11:48:14 +09:00
hasTLS := false
2015-09-12 01:03:08 +09:00
var config core.Conversion
switch models.LoginType(form.Type) {
2016-11-08 01:37:28 +09:00
case models.LoginLdap, models.LoginDldap:
2015-09-12 01:03:08 +09:00
config = parseLDAPConfig(form)
hasTLS = ldap.SecurityProtocol(form.SecurityProtocol) > ldap.SECURITY_PROTOCOL_UNENCRYPTED
2016-11-08 01:37:28 +09:00
case models.LoginSmtp:
2015-09-12 01:03:08 +09:00
config = parseSMTPConfig(form)
hasTLS = true
2016-11-08 01:37:28 +09:00
case models.LoginPam:
2015-09-12 01:03:08 +09:00
config = &models.PAMConfig{
2015-04-23 20:58:57 +09:00
ServiceName: form.PAMServiceName,
}
2014-05-11 20:43:57 +09:00
default:
ctx.Error(400)
return
2014-05-11 19:10:37 +09:00
}
ctx.Data["HasTLS"] = hasTLS
if ctx.HasError() {
ctx.HTML(200, AUTH_NEW)
return
}
2014-05-11 19:10:37 +09:00
if err := models.CreateLoginSource(&models.LoginSource{
Type: models.LoginType(form.Type),
Name: form.Name,
IsActived: form.IsActive,
Cfg: config,
2015-09-12 01:03:08 +09:00
}); err != nil {
if models.IsErrLoginSourceAlreadyExist(err) {
ctx.Data["Err_Name"] = true
ctx.RenderWithErr(ctx.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, form)
} else {
ctx.Handle(500, "CreateSource", err)
}
2014-05-03 11:48:14 +09:00
return
}
log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)
2015-09-12 01:03:08 +09:00
ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))
2014-09-20 09:11:34 +09:00
ctx.Redirect(setting.AppSubUrl + "/admin/auths")
2014-05-03 11:48:14 +09:00
}
2016-03-12 01:56:52 +09:00
func EditAuthSource(ctx *context.Context) {
2014-08-29 21:50:43 +09:00
ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
2015-09-12 01:03:08 +09:00
ctx.Data["SecurityProtocols"] = securityProtocols
2014-05-11 19:10:37 +09:00
ctx.Data["SMTPAuths"] = models.SMTPAuths
2015-09-12 01:03:08 +09:00
source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
2014-05-05 17:40:25 +09:00
if err != nil {
2015-09-12 01:03:08 +09:00
ctx.Handle(500, "GetLoginSourceByID", err)
2014-05-05 17:40:25 +09:00
return
}
2015-09-12 01:03:08 +09:00
ctx.Data["Source"] = source
ctx.Data["HasTLS"] = source.HasTLS()
ctx.HTML(200, AUTH_EDIT)
2014-05-03 11:48:14 +09:00
}
2016-03-12 01:56:52 +09:00
func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
2014-08-29 21:50:43 +09:00
ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
2015-09-12 01:03:08 +09:00
2014-05-11 19:10:37 +09:00
ctx.Data["SMTPAuths"] = models.SMTPAuths
2014-05-05 17:40:25 +09:00
2015-09-12 01:03:08 +09:00
source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
if err != nil {
ctx.Handle(500, "GetLoginSourceByID", err)
return
}
ctx.Data["Source"] = source
ctx.Data["HasTLS"] = source.HasTLS()
2015-09-12 01:03:08 +09:00
2014-05-05 17:40:25 +09:00
if ctx.HasError() {
ctx.HTML(200, AUTH_EDIT)
2014-05-05 17:40:25 +09:00
return
}
2014-05-11 19:10:37 +09:00
var config core.Conversion
switch models.LoginType(form.Type) {
2016-11-08 01:37:28 +09:00
case models.LoginLdap, models.LoginDldap:
2015-09-12 01:03:08 +09:00
config = parseLDAPConfig(form)
2016-11-08 01:37:28 +09:00
case models.LoginSmtp:
2015-09-12 01:03:08 +09:00
config = parseSMTPConfig(form)
2016-11-08 01:37:28 +09:00
case models.LoginPam:
2015-04-23 20:58:57 +09:00
config = &models.PAMConfig{
ServiceName: form.PAMServiceName,
}
2014-05-11 23:37:31 +09:00
default:
ctx.Error(400)
return
2014-05-11 19:10:37 +09:00
}
2015-09-12 01:03:08 +09:00
source.Name = form.Name
source.IsActived = form.IsActive
source.Cfg = config
if err := models.UpdateSource(source); err != nil {
2014-08-29 21:50:43 +09:00
ctx.Handle(500, "UpdateSource", err)
2014-05-05 17:40:25 +09:00
return
}
2015-09-12 01:03:08 +09:00
log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, source.ID)
2014-05-05 17:40:25 +09:00
2014-08-29 21:50:43 +09:00
ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))
2015-09-12 01:03:08 +09:00
ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + com.ToStr(form.ID))
2014-05-03 11:48:14 +09:00
}
2016-03-12 01:56:52 +09:00
func DeleteAuthSource(ctx *context.Context) {
2015-09-12 01:03:08 +09:00
source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
2014-05-05 17:40:25 +09:00
if err != nil {
2015-09-12 01:03:08 +09:00
ctx.Handle(500, "GetLoginSourceByID", err)
2014-05-05 17:40:25 +09:00
return
}
2015-09-12 01:03:08 +09:00
if err = models.DeleteSource(source); err != nil {
2016-08-31 17:22:41 +09:00
if models.IsErrLoginSourceInUse(err) {
ctx.Flash.Error(ctx.Tr("admin.auths.still_in_used"))
2016-08-31 17:22:41 +09:00
} else {
ctx.Flash.Error(fmt.Sprintf("DeleteSource: %v", err))
2014-05-05 17:40:25 +09:00
}
ctx.JSON(200, map[string]interface{}{
"redirect": setting.AppSubUrl + "/admin/auths/" + ctx.Params(":authid"),
})
2014-05-05 17:40:25 +09:00
return
}
2015-09-12 01:03:08 +09:00
log.Trace("Authentication deleted by admin(%s): %d", ctx.User.Name, source.ID)
ctx.Flash.Success(ctx.Tr("admin.auths.deletion_success"))
ctx.JSON(200, map[string]interface{}{
"redirect": setting.AppSubUrl + "/admin/auths",
})
2014-05-03 11:48:14 +09:00
}