diff options
| author | Sven Seeberg <sven@geeq.de> | 2022-02-11 15:24:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-11 22:24:58 +0800 |
| commit | 832ce406aefed0cceb30d42d1435f425a9aba279 (patch) | |
| tree | 7089998c621efe706fba829be9d6c31d97210ee7 /templates | |
| parent | 26718a785ac49f17eab51ad0f5324d036b810f73 (diff) | |
| download | gitea-832ce406aefed0cceb30d42d1435f425a9aba279.tar.gz gitea-832ce406aefed0cceb30d42d1435f425a9aba279.zip | |
Add LDAP group sync to Teams, fixes #1395 (#16299)
* Add setting for a JSON that maps LDAP groups to Org Teams.
* Add log when removing or adding team members.
* Sync is being run on login and periodically.
* Existing group filter settings are reused.
* Adding and removing team members.
* Sync not existing LDAP group.
* Login with broken group map JSON.
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/admin/auth/edit.tmpl | 36 | ||||
| -rw-r--r-- | templates/admin/auth/source/ldap.tmpl | 35 |
2 files changed, 47 insertions, 24 deletions
diff --git a/templates/admin/auth/edit.tmpl b/templates/admin/auth/edit.tmpl index efa440ff33..31c87597f0 100644 --- a/templates/admin/auth/edit.tmpl +++ b/templates/admin/auth/edit.tmpl @@ -108,31 +108,43 @@ <label for="attribute_avatar">{{.i18n.Tr "admin.auths.attribute_avatar"}}</label> <input id="attribute_avatar" name="attribute_avatar" value="{{$cfg.AttributeAvatar}}" placeholder="e.g. jpegPhoto"> </div> + + + <!-- ldap group begin --> <div class="inline field"> <div class="ui checkbox"> - <label for="groups_enabled"><strong>{{.i18n.Tr "admin.auths.verify_group_membership"}}</strong></label> - <input id="groups_enabled" name="groups_enabled" type="checkbox" {{if $cfg.GroupsEnabled}}checked{{end}}> + <label><strong>{{.i18n.Tr "admin.auths.enable_ldap_groups"}}</strong></label> + <input type="checkbox" name="groups_enabled" class="js-ldap-group-toggle" {{if $cfg.GroupsEnabled}}checked{{end}}> </div> </div> - <div id="groups_enabled_change"> + <div id="ldap-group-options" class="ui segment secondary" {{if not $cfg.GroupsEnabled}}hidden{{end}}> + <div class="field"> + <label>{{.i18n.Tr "admin.auths.group_search_base"}}</label> + <input name="group_dn" value="{{$cfg.GroupDN}}" placeholder="e.g. ou=group,dc=mydomain,dc=com"> + </div> <div class="field"> - <label for="group_dn">{{.i18n.Tr "admin.auths.group_search_base"}}</label> - <input id="group_dn" name="group_dn" value="{{$cfg.GroupDN}}" placeholder="e.g. ou=group,dc=mydomain,dc=com"> + <label>{{.i18n.Tr "admin.auths.group_attribute_list_users"}}</label> + <input name="group_member_uid" value="{{$cfg.GroupMemberUID}}" placeholder="e.g. memberUid"> </div> <div class="field"> - <label for="group_filter">{{.i18n.Tr "admin.auths.valid_groups_filter"}}</label> - <input id="group_filter" name="group_filter" value="{{$cfg.GroupFilter}}" placeholder="e.g. (|(cn=gitea_users)(cn=admins))"> + <label>{{.i18n.Tr "admin.auths.user_attribute_in_group"}}</label> + <input name="user_uid" value="{{$cfg.UserUID}}" placeholder="e.g. uid"> </div> <div class="field"> - <label for="group_member_uid">{{.i18n.Tr "admin.auths.group_attribute_list_users"}}</label> - <input id="group_member_uid" name="group_member_uid" value="{{$cfg.GroupMemberUID}}" placeholder="e.g. memberUid"> + <label>{{.i18n.Tr "admin.auths.verify_group_membership"}}</label> + <input name="group_filter" value="{{$cfg.GroupFilter}}" placeholder="e.g. (|(cn=gitea_users)(cn=admins))"> </div> <div class="field"> - <label for="user_uid">{{.i18n.Tr "admin.auths.user_attribute_in_group"}}</label> - <input id="user_uid" name="user_uid" value="{{$cfg.UserUID}}" placeholder="e.g. uid"> + <label>{{.i18n.Tr "admin.auths.map_group_to_team"}}</label> + <input name="group_team_map" value="{{$cfg.GroupTeamMap}}" placeholder='e.g. {"cn=my-group,cn=groups,dc=example,dc=org": {"MyGiteaOrganization": ["MyGiteaTeam1", "MyGiteaTeam2"]}}'> + </div> + <div class="ui checkbox"> + <label>{{.i18n.Tr "admin.auths.map_group_to_team_removal"}}</label> + <input name="group_team_map_removal" type="checkbox" {{if $cfg.GroupTeamMapRemoval}}checked{{end}}> </div> - <br/> </div> + <!-- ldap group end --> + {{if .Source.IsLDAP}} <div class="inline field"> <div class="ui checkbox"> diff --git a/templates/admin/auth/source/ldap.tmpl b/templates/admin/auth/source/ldap.tmpl index 9ea0fdf8c0..afdfbadd65 100644 --- a/templates/admin/auth/source/ldap.tmpl +++ b/templates/admin/auth/source/ldap.tmpl @@ -79,31 +79,42 @@ <label for="attribute_avatar">{{.i18n.Tr "admin.auths.attribute_avatar"}}</label> <input id="attribute_avatar" name="attribute_avatar" value="{{.attribute_avatar}}" placeholder="e.g. jpegPhoto"> </div> + + <!-- ldap group begin --> <div class="inline field"> <div class="ui checkbox"> - <label for="groups_enabled"><strong>{{.i18n.Tr "admin.auths.verify_group_membership"}}</strong></label> - <input id="groups_enabled" name="groups_enabled" type="checkbox" {{if .groups_enabled}}checked{{end}}> + <label><strong>{{.i18n.Tr "admin.auths.enable_ldap_groups"}}</strong></label> + <input type="checkbox" name="groups_enabled" class="js-ldap-group-toggle" {{if .groups_enabled}}checked{{end}}> </div> </div> - <div id="groups_enabled_change"> + <div id="ldap-group-options" class="ui segment secondary"> <div class="field"> - <label for="group_dn">{{.i18n.Tr "admin.auths.group_search_base"}}</label> - <input id="group_dn" name="group_dn" value="{{.group_dn}}" placeholder="e.g. ou=group,dc=mydomain,dc=com"> + <label>{{.i18n.Tr "admin.auths.group_search_base"}}</label> + <input name="group_dn" value="{{.group_dn}}" placeholder="e.g. ou=group,dc=mydomain,dc=com"> </div> <div class="field"> - <label for="group_filter">{{.i18n.Tr "admin.auths.valid_groups_filter"}}</label> - <input id="group_filter" name="group_filter" value="{{.group_filter}}" placeholder="e.g. (|(cn=gitea_users)(cn=admins))"> + <label>{{.i18n.Tr "admin.auths.group_attribute_list_users"}}</label> + <input name="group_member_uid" value="{{.group_member_uid}}" placeholder="e.g. memberUid"> </div> <div class="field"> - <label for="group_member_uid">{{.i18n.Tr "admin.auths.group_attribute_list_users"}}</label> - <input id="group_member_uid" name="group_member_uid" value="{{.group_member_uid}}" placeholder="e.g. memberUid"> + <label>{{.i18n.Tr "admin.auths.user_attribute_in_group"}}</label> + <input name="user_uid" value="{{.user_uid}}" placeholder="e.g. uid"> </div> <div class="field"> - <label for="user_uid">{{.i18n.Tr "admin.auths.user_attribute_in_group"}}</label> - <input id="user_uid" name="user_uid" value="{{.user_uid}}" placeholder="e.g. uid"> + <label>{{.i18n.Tr "admin.auths.verify_group_membership"}}</label> + <input name="group_filter" value="{{.group_filter}}" placeholder="e.g. (|(cn=gitea_users)(cn=admins))"> + </div> + <div class="field"> + <label>{{.i18n.Tr "admin.auths.map_group_to_team"}}</label> + <input name="group_team_map" value="{{.group_team_map}}" placeholder='e.g. {"cn=my-group,cn=groups,dc=example,dc=org": {"MyGiteaOrganization": ["MyGiteaTeam1", "MyGiteaTeam2"]}}'> + </div> + <div class="ui checkbox"> + <label>{{.i18n.Tr "admin.auths.map_group_to_team_removal"}}</label> + <input name="group_team_map_removal" type="checkbox" {{if .group_team_map_removal}}checked{{end}}> </div> - <br/> </div> + <!-- ldap group end --> + <div class="ldap inline field {{if not (eq .type 2)}}hide{{end}}"> <div class="ui checkbox"> <label for="use_paged_search"><strong>{{.i18n.Tr "admin.auths.use_paged_search"}}</strong></label> |