| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 1 | <loader loading="loading"></loader> |
| 2 | <div class="ldap" id="configuration-ldap"> |
| 3 | <div class="row column"> |
| miramurali23 | afc8a79 | 2019-06-17 13:07:24 -0500 | [diff] [blame] | 4 | <h1>LDAP</h1> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 5 | </div> |
| 6 | <div class="row column"> |
| 7 | <p>Configure LDAP settings and manage role groups.</p> |
| 8 | </div> |
| 9 | <div class="row column"> |
| 10 | <h2 class="subhead"> |
| 11 | Settings |
| 12 | </h2> |
| 13 | </div> |
| 14 | <div class="row column"> |
| 15 | <label class="control-check ldap__control-check"> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 16 | <input type="checkbox" aria-labelledby="ldap-auth-label" |
| 17 | ng-change="updateServiceEnabled(); ldap__configuration.$setUntouched()" |
| 18 | ng-model="ldapProperties.ServiceEnabled" /> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 19 | <span class="control__indicator"></span> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 20 | <span id="ldap-auth-label" class="control__label"> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 21 | <strong>Enable LDAP authentication</strong> <br> |
| 22 | LDAP authentication must be enabled to modify role groups. |
| 23 | </span> |
| 24 | </label> |
| 25 | </div> |
| 26 | <div class="row column"> |
| 27 | <form id="ldap__configuration" name="ldap__configuration" ng-class="{'submitted': submitted}" |
| 28 | class="ldap__configuration" novalidate> |
| 29 | <fieldset ng-disabled="!ldapProperties.ServiceEnabled"> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 30 | <legend class="screen-reader-offscreen">LDAP Settings</legend> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 31 | <div class="ldap__configure-settings row column"> |
| 32 | <div class="large-3 column ldap__ssl-column"> |
| 33 | <label class="control-check" ng-class="{'disabled' : certificates.length < 1}"> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 34 | <input id="secure-ldap-ssl" aria-labelledby="use-ssl" type="checkbox" |
| 35 | ng-model="ldapProperties.useSSL" ng-checked="ldapProperties.useSSL" |
| 36 | ng-disabled="certificates.length < 1" /> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 37 | <span class="control__indicator"></span> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 38 | <span class="control__label" id="use-ssl">Secure LDAP using SSL</span> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 39 | </label> |
| 40 | <div> |
| 41 | <div class="ldap__certificate-info" ng-if="ldapProperties.ServiceEnabled"> |
| 42 | <p>Client certificate valid until:</p> |
| 43 | <small> |
| 44 | {{clientCertificateExpires ? (clientCertificateExpires | localeDate) : 'none available'}}</small> |
| 45 | </div> |
| 46 | </div> |
| 47 | <div class="ldap__certificate-info" ng-if="data.ValidNotAfter='' || !ldapProperties.ServiceEnabled"> |
| 48 | <span>SSL certificates must be uploaded to secure LDAP using SSL.</span> |
| 49 | </div> |
| 50 | <div class="ldap__certificate-info"> |
| miramurali23 | afc8a79 | 2019-06-17 13:07:24 -0500 | [diff] [blame] | 51 | <a href="#/access-control/ssl-certificates">Go to SSL certificates</a> |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 52 | </div> |
| 53 | </div> |
| 54 | <div class="large-9 columns ldap__server-info"> |
| 55 | <div class="column service-type-column"> |
| 56 | <fieldset class="ldap__server-info-service-type"> |
| 57 | <legend class="content-label">Service Type</legend> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 58 | <label class="control-radio control__radio__label">Open LDAP |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 59 | <input type="radio" name="service_enabled_type" id="open-ldap" value="ldap" |
| 60 | ng-checked="ldapProperties.LDAPServiceEnabled" |
| 61 | ng-change="ldapProperties.EnabledServiceUpdated = true" ng-model="ldapProperties.EnabledServiceType" |
| 62 | required /> |
| 63 | <span class="control__indicator control__indicator-on control__indicator-service-type"></span> |
| 64 | </label> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 65 | <label class="control-radio control__radio__label">Active directory |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 66 | <input type="radio" name="service_enabled_type" id="active-directory" |
| 67 | ng-change="ldapProperties.EnabledServiceUpdated = true" value="ad" |
| 68 | ng-checked="ldapProperties.ADServiceEnabled" ng-model="ldapProperties.EnabledServiceType" |
| 69 | required /> |
| 70 | <span class="control__indicator control__indicator-on control__indicator-service-type"></span> |
| 71 | </label> |
| 72 | </fieldset> |
| 73 | </div> |
| 74 | <div class="medium-6 large-4 columns"> |
| 75 | <label for="ldap__uri">Server uri</label> |
| 76 | <input id="ldap__uri" name="ldap__uri" type="text" |
| 77 | ng-change="ldapProperties.ServiceAddressesUpdated = true" ng-model="ldapProperties.ServiceAddresses[0]" |
| 78 | required /> |
| 79 | <div ng-messages="ldap__configuration.ldap__uri.$error" class="form-error" |
| 80 | ng-class="{'visible' : ldap__configuration.ldap__uri.$touched || submitted}"> |
| 81 | <p ng-message="required">Field is required</p> |
| 82 | </div> |
| 83 | </div> |
| 84 | <div class="medium-6 large-4 columns"> |
| 85 | <label for="ldap__bind__dn">Bind DN</label> |
| 86 | <input id="ldap__bind__dn" name="ldap__bind__dn" type="text" |
| 87 | ng-change="ldapProperties.UsernameUpdated = true" ng-model="ldapProperties.Username" required /> |
| 88 | <div ng-messages="ldap__configuration.ldap__bind__dn.$error" class="form-error" |
| 89 | ng-class="{'visible' : ldap__configuration.ldap__bind__dn.$touched || submitted}"> |
| 90 | <p ng-message="required">Field is required</p> |
| 91 | </div> |
| 92 | </div> |
| 93 | <div class="medium-6 large-4 columns"> |
| 94 | <label for="ldap__bind_pw">Bind password</label> |
| 95 | <input id="ldap__bind_pw" type="{{showpassword ? 'text' : 'password'}}" name="ldap__bind_pw" |
| 96 | ng-change="ldapProperties.PasswordUpdated = true" autocomplete="off" ng-model="ldapProperties.Password" |
| 97 | required /> |
| 98 | <button ng-model="showpassword" ng-class="{'disabled' : !ldap__configuration.$valid}" |
| 99 | ng-click="togglePassword = !togglePassword; showpassword = !showpassword;" class="password-toggle"> |
| 100 | <span ng-hide="togglePassword">Show</span> |
| 101 | <span ng-show="togglePassword">Hide</span> |
| 102 | </button> |
| 103 | <div ng-messages="ldap__configuration.ldap__bind_pw.$error" class="form-error" |
| 104 | ng-class="{'visible' : ldap__configuration.ldap__bind_pw.$touched || submitted}"> |
| 105 | <p ng-message="required">Field is required</p> |
| 106 | </div> |
| 107 | </div> |
| 108 | <div class="medium-6 large-4 columns"> |
| 109 | <label for="ldap__base__dn">Base DN</label> |
| 110 | <input id="ldap__base__dn" name="ldap__base__dn" type="text" |
| 111 | ng-change="ldapProperties.BaseDistinguishedNamesUpdated = true" |
| 112 | ng-model="ldapProperties.BaseDistinguishedNames[0]" required /> |
| 113 | <div ng-messages="ldap__configuration.ldap__base__dn.$error" class="form-error" |
| 114 | ng-class="{'visible' : ldap__configuration.ldap__base__dn.$touched || submitted}"> |
| 115 | <p ng-message="required">Field is required</p> |
| 116 | </div> |
| 117 | </div> |
| 118 | <div class="medium-6 large-4 columns"> |
| 119 | <label for="ldap__user_attribute">User id attribute (optional)</label> |
| 120 | <input id="ldap__user_attribute" name="ldap__user_attribute" type="text" |
| 121 | ng-change="ldapProperties.UsernameAttributeUpdated = true" ng-model="ldapProperties.UsernameAttribute" |
| 122 | class="ldap__optional-field" /> |
| 123 | </div> |
| 124 | <div class="medium-6 large-4 columns"> |
| 125 | <label for="ldap__group_attribute">Group id attribute (optional)</label> |
| 126 | <input id="ldap__group_attribute" name="ldap__group_attribute" type="text" |
| 127 | ng-change="ldapProperties.GroupsAttributeUpdated = true" ng-model="ldapProperties.GroupsAttribute" |
| 128 | class="ldap__optional-field" /> |
| 129 | </div> |
| 130 | <div class="column ldap__configuration-buttons"> |
| Dixsie Wolmers | 28e9ed8 | 2019-07-11 13:46:08 -0500 | [diff] [blame^] | 131 | <button type="submit" class="btn btn-primary" ng-disabled="!ldap__configuration.$valid" |
| beccabroek | 5e258e4 | 2018-11-07 12:22:31 -0600 | [diff] [blame] | 132 | ng-click="$parent.submitted=true; ldap__configuration.$valid && saveLdapSettings(); ldap__configuration.$setUntouched()">Save</button> |
| 133 | <button type="button" class="btn btn-secondary" |
| 134 | ng-click="loadLdap(); ldap__configuration.$setUntouched()">Reset</button> |
| 135 | </div> |
| 136 | </fieldset> |
| 137 | </form> |
| 138 | </div> |
| 139 | </div> |
| 140 | <div class="ldap-groups row column"> |
| 141 | <h2 class="small-12 subhead"> |
| 142 | Role groups |
| 143 | </h2> |
| 144 | <div class="row column"> |
| 145 | <div class="small-12"> |
| 146 | <ldap-user-roles role-groups="roleGroups" role-group-type="roleGroupType" enabled="ldapProperties.ServiceEnabled"> |
| 147 | </ldap-user-roles> |
| 148 | </div> |
| 149 | </div> |
| 150 | </div> |