mirror of https://github.com/gogits/gogs.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
266 lines
7.3 KiB
266 lines
7.3 KiB
11 years ago
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
||
|
// Use of this source code is governed by a MIT-style
|
||
|
// license that can be found in the LICENSE file.
|
||
|
|
||
11 years ago
|
package admin
|
||
|
|
||
|
import (
|
||
9 years ago
|
"fmt"
|
||
|
|
||
11 years ago
|
"github.com/Unknwon/com"
|
||
11 years ago
|
"github.com/go-xorm/core"
|
||
8 years ago
|
log "gopkg.in/clog.v1"
|
||
11 years ago
|
|
||
11 years ago
|
"github.com/gogits/gogs/models"
|
||
8 years ago
|
"github.com/gogits/gogs/pkg/auth/ldap"
|
||
|
"github.com/gogits/gogs/pkg/context"
|
||
|
"github.com/gogits/gogs/pkg/form"
|
||
|
"github.com/gogits/gogs/pkg/setting"
|
||
11 years ago
|
)
|
||
|
|
||
11 years ago
|
const (
|
||
8 years ago
|
AUTHS = "admin/auth/list"
|
||
|
AUTH_NEW = "admin/auth/new"
|
||
|
AUTH_EDIT = "admin/auth/edit"
|
||
11 years ago
|
)
|
||
|
|
||
8 years ago
|
func Authentications(c *context.Context) {
|
||
|
c.Data["Title"] = c.Tr("admin.authentication")
|
||
|
c.Data["PageIsAdmin"] = true
|
||
|
c.Data["PageIsAdminAuthentications"] = true
|
||
10 years ago
|
|
||
|
var err error
|
||
8 years ago
|
c.Data["Sources"], err = models.LoginSources()
|
||
10 years ago
|
if err != nil {
|
||
8 years ago
|
c.Handle(500, "LoginSources", err)
|
||
10 years ago
|
return
|
||
|
}
|
||
9 years ago
|
|
||
8 years ago
|
c.Data["Total"] = models.CountLoginSources()
|
||
|
c.HTML(200, AUTHS)
|
||
10 years ago
|
}
|
||
|
|
||
9 years ago
|
type dropdownItem struct {
|
||
9 years ago
|
Name string
|
||
9 years ago
|
Type interface{}
|
||
9 years ago
|
}
|
||
|
|
||
9 years ago
|
var (
|
||
|
authSources = []dropdownItem{
|
||
|
{models.LoginNames[models.LOGIN_LDAP], models.LOGIN_LDAP},
|
||
|
{models.LoginNames[models.LOGIN_DLDAP], models.LOGIN_DLDAP},
|
||
|
{models.LoginNames[models.LOGIN_SMTP], models.LOGIN_SMTP},
|
||
|
{models.LoginNames[models.LOGIN_PAM], models.LOGIN_PAM},
|
||
|
}
|
||
|
securityProtocols = []dropdownItem{
|
||
|
{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED], ldap.SECURITY_PROTOCOL_UNENCRYPTED},
|
||
|
{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_LDAPS], ldap.SECURITY_PROTOCOL_LDAPS},
|
||
|
{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_START_TLS], ldap.SECURITY_PROTOCOL_START_TLS},
|
||
|
}
|
||
|
)
|
||
9 years ago
|
|
||
8 years ago
|
func NewAuthSource(c *context.Context) {
|
||
|
c.Data["Title"] = c.Tr("admin.auths.new")
|
||
|
c.Data["PageIsAdmin"] = true
|
||
|
c.Data["PageIsAdminAuthentications"] = true
|
||
|
|
||
|
c.Data["type"] = models.LOGIN_LDAP
|
||
|
c.Data["CurrentTypeName"] = models.LoginNames[models.LOGIN_LDAP]
|
||
|
c.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED]
|
||
|
c.Data["smtp_auth"] = "PLAIN"
|
||
|
c.Data["is_active"] = true
|
||
|
c.Data["AuthSources"] = authSources
|
||
|
c.Data["SecurityProtocols"] = securityProtocols
|
||
|
c.Data["SMTPAuths"] = models.SMTPAuths
|
||
|
c.HTML(200, AUTH_NEW)
|
||
11 years ago
|
}
|
||
|
|
||
8 years ago
|
func parseLDAPConfig(f form.Authentication) *models.LDAPConfig {
|
||
9 years ago
|
return &models.LDAPConfig{
|
||
9 years ago
|
Source: &ldap.Source{
|
||
8 years ago
|
Name: f.Name,
|
||
|
Host: f.Host,
|
||
|
Port: f.Port,
|
||
|
SecurityProtocol: ldap.SecurityProtocol(f.SecurityProtocol),
|
||
|
SkipVerify: f.SkipVerify,
|
||
|
BindDN: f.BindDN,
|
||
|
UserDN: f.UserDN,
|
||
|
BindPassword: f.BindPassword,
|
||
|
UserBase: f.UserBase,
|
||
|
AttributeUsername: f.AttributeUsername,
|
||
|
AttributeName: f.AttributeName,
|
||
|
AttributeSurname: f.AttributeSurname,
|
||
|
AttributeMail: f.AttributeMail,
|
||
|
AttributesInBind: f.AttributesInBind,
|
||
|
Filter: f.Filter,
|
||
8 years ago
|
GroupEnabled: f.GroupEnabled,
|
||
|
GroupDN: f.GroupDN,
|
||
|
GroupFilter: f.GroupFilter,
|
||
|
GroupMemberUID: f.GroupMemberUID,
|
||
|
UserUID: f.UserUID,
|
||
8 years ago
|
AdminFilter: f.AdminFilter,
|
||
9 years ago
|
Enabled: true,
|
||
9 years ago
|
},
|
||
|
}
|
||
|
}
|
||
|
|
||
8 years ago
|
func parseSMTPConfig(f form.Authentication) *models.SMTPConfig {
|
||
9 years ago
|
return &models.SMTPConfig{
|
||
8 years ago
|
Auth: f.SMTPAuth,
|
||
|
Host: f.SMTPHost,
|
||
|
Port: f.SMTPPort,
|
||
|
AllowedDomains: f.AllowedDomains,
|
||
|
TLS: f.TLS,
|
||
|
SkipVerify: f.SkipVerify,
|
||
9 years ago
|
}
|
||
|
}
|
||
|
|
||
8 years ago
|
func NewAuthSourcePost(c *context.Context, f form.Authentication) {
|
||
|
c.Data["Title"] = c.Tr("admin.auths.new")
|
||
|
c.Data["PageIsAdmin"] = true
|
||
|
c.Data["PageIsAdminAuthentications"] = true
|
||
9 years ago
|
|
||
8 years ago
|
c.Data["CurrentTypeName"] = models.LoginNames[models.LoginType(f.Type)]
|
||
|
c.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocol(f.SecurityProtocol)]
|
||
|
c.Data["AuthSources"] = authSources
|
||
|
c.Data["SecurityProtocols"] = securityProtocols
|
||
|
c.Data["SMTPAuths"] = models.SMTPAuths
|
||
11 years ago
|
|
||
9 years ago
|
hasTLS := false
|
||
9 years ago
|
var config core.Conversion
|
||
8 years ago
|
switch models.LoginType(f.Type) {
|
||
9 years ago
|
case models.LOGIN_LDAP, models.LOGIN_DLDAP:
|
||
8 years ago
|
config = parseLDAPConfig(f)
|
||
|
hasTLS = ldap.SecurityProtocol(f.SecurityProtocol) > ldap.SECURITY_PROTOCOL_UNENCRYPTED
|
||
9 years ago
|
case models.LOGIN_SMTP:
|
||
8 years ago
|
config = parseSMTPConfig(f)
|
||
9 years ago
|
hasTLS = true
|
||
9 years ago
|
case models.LOGIN_PAM:
|
||
9 years ago
|
config = &models.PAMConfig{
|
||
8 years ago
|
ServiceName: f.PAMServiceName,
|
||
10 years ago
|
}
|
||
11 years ago
|
default:
|
||
8 years ago
|
c.Error(400)
|
||
11 years ago
|
return
|
||
11 years ago
|
}
|
||
8 years ago
|
c.Data["HasTLS"] = hasTLS
|
||
9 years ago
|
|
||
8 years ago
|
if c.HasError() {
|
||
|
c.HTML(200, AUTH_NEW)
|
||
9 years ago
|
return
|
||
|
}
|
||
11 years ago
|
|
||
8 years ago
|
if err := models.CreateLoginSource(&models.LoginSource{
|
||
8 years ago
|
Type: models.LoginType(f.Type),
|
||
|
Name: f.Name,
|
||
|
IsActived: f.IsActive,
|
||
9 years ago
|
Cfg: config,
|
||
9 years ago
|
}); err != nil {
|
||
8 years ago
|
if models.IsErrLoginSourceAlreadyExist(err) {
|
||
8 years ago
|
c.Data["Err_Name"] = true
|
||
|
c.RenderWithErr(c.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, f)
|
||
8 years ago
|
} else {
|
||
8 years ago
|
c.Handle(500, "CreateSource", err)
|
||
8 years ago
|
}
|
||
11 years ago
|
return
|
||
|
}
|
||
|
|
||
8 years ago
|
log.Trace("Authentication created by admin(%s): %s", c.User.Name, f.Name)
|
||
9 years ago
|
|
||
8 years ago
|
c.Flash.Success(c.Tr("admin.auths.new_success", f.Name))
|
||
|
c.Redirect(setting.AppSubURL + "/admin/auths")
|
||
11 years ago
|
}
|
||
|
|
||
8 years ago
|
func EditAuthSource(c *context.Context) {
|
||
|
c.Data["Title"] = c.Tr("admin.auths.edit")
|
||
|
c.Data["PageIsAdmin"] = true
|
||
|
c.Data["PageIsAdminAuthentications"] = true
|
||
9 years ago
|
|
||
8 years ago
|
c.Data["SecurityProtocols"] = securityProtocols
|
||
|
c.Data["SMTPAuths"] = models.SMTPAuths
|
||
11 years ago
|
|
||
8 years ago
|
source, err := models.GetLoginSourceByID(c.ParamsInt64(":authid"))
|
||
11 years ago
|
if err != nil {
|
||
8 years ago
|
c.Handle(500, "GetLoginSourceByID", err)
|
||
11 years ago
|
return
|
||
|
}
|
||
8 years ago
|
c.Data["Source"] = source
|
||
|
c.Data["HasTLS"] = source.HasTLS()
|
||
9 years ago
|
|
||
8 years ago
|
c.HTML(200, AUTH_EDIT)
|
||
11 years ago
|
}
|
||
|
|
||
8 years ago
|
func EditAuthSourcePost(c *context.Context, f form.Authentication) {
|
||
|
c.Data["Title"] = c.Tr("admin.auths.edit")
|
||
|
c.Data["PageIsAdmin"] = true
|
||
|
c.Data["PageIsAdminAuthentications"] = true
|
||
9 years ago
|
|
||
8 years ago
|
c.Data["SMTPAuths"] = models.SMTPAuths
|
||
11 years ago
|
|
||
8 years ago
|
source, err := models.GetLoginSourceByID(c.ParamsInt64(":authid"))
|
||
9 years ago
|
if err != nil {
|
||
8 years ago
|
c.Handle(500, "GetLoginSourceByID", err)
|
||
9 years ago
|
return
|
||
|
}
|
||
8 years ago
|
c.Data["Source"] = source
|
||
|
c.Data["HasTLS"] = source.HasTLS()
|
||
9 years ago
|
|
||
8 years ago
|
if c.HasError() {
|
||
|
c.HTML(200, AUTH_EDIT)
|
||
11 years ago
|
return
|
||
|
}
|
||
|
|
||
11 years ago
|
var config core.Conversion
|
||
8 years ago
|
switch models.LoginType(f.Type) {
|
||
9 years ago
|
case models.LOGIN_LDAP, models.LOGIN_DLDAP:
|
||
8 years ago
|
config = parseLDAPConfig(f)
|
||
9 years ago
|
case models.LOGIN_SMTP:
|
||
8 years ago
|
config = parseSMTPConfig(f)
|
||
9 years ago
|
case models.LOGIN_PAM:
|
||
10 years ago
|
config = &models.PAMConfig{
|
||
8 years ago
|
ServiceName: f.PAMServiceName,
|
||
10 years ago
|
}
|
||
11 years ago
|
default:
|
||
8 years ago
|
c.Error(400)
|
||
11 years ago
|
return
|
||
11 years ago
|
}
|
||
|
|
||
8 years ago
|
source.Name = f.Name
|
||
|
source.IsActived = f.IsActive
|
||
9 years ago
|
source.Cfg = config
|
||
|
if err := models.UpdateSource(source); err != nil {
|
||
8 years ago
|
c.Handle(500, "UpdateSource", err)
|
||
11 years ago
|
return
|
||
|
}
|
||
8 years ago
|
log.Trace("Authentication changed by admin(%s): %d", c.User.Name, source.ID)
|
||
11 years ago
|
|
||
8 years ago
|
c.Flash.Success(c.Tr("admin.auths.update_success"))
|
||
|
c.Redirect(setting.AppSubURL + "/admin/auths/" + com.ToStr(f.ID))
|
||
11 years ago
|
}
|
||
|
|
||
8 years ago
|
func DeleteAuthSource(c *context.Context) {
|
||
|
source, err := models.GetLoginSourceByID(c.ParamsInt64(":authid"))
|
||
11 years ago
|
if err != nil {
|
||
8 years ago
|
c.Handle(500, "GetLoginSourceByID", err)
|
||
11 years ago
|
return
|
||
|
}
|
||
|
|
||
9 years ago
|
if err = models.DeleteSource(source); err != nil {
|
||
8 years ago
|
if models.IsErrLoginSourceInUse(err) {
|
||
8 years ago
|
c.Flash.Error(c.Tr("admin.auths.still_in_used"))
|
||
8 years ago
|
} else {
|
||
8 years ago
|
c.Flash.Error(fmt.Sprintf("DeleteSource: %v", err))
|
||
11 years ago
|
}
|
||
8 years ago
|
c.JSON(200, map[string]interface{}{
|
||
|
"redirect": setting.AppSubURL + "/admin/auths/" + c.Params(":authid"),
|
||
9 years ago
|
})
|
||
11 years ago
|
return
|
||
|
}
|
||
8 years ago
|
log.Trace("Authentication deleted by admin(%s): %d", c.User.Name, source.ID)
|
||
9 years ago
|
|
||
8 years ago
|
c.Flash.Success(c.Tr("admin.auths.deletion_success"))
|
||
|
c.JSON(200, map[string]interface{}{
|
||
8 years ago
|
"redirect": setting.AppSubURL + "/admin/auths",
|
||
9 years ago
|
})
|
||
11 years ago
|
}
|