From c98d2f30091194540fec4d3069a8923fa112216a Mon Sep 17 00:00:00 2001 From: Agustin Moyano Date: Fri, 23 Sep 2022 15:02:48 -0300 Subject: [PATCH] Bug 31378: Add an administration interface for authentication sources Signed-off-by: Lukasz Koszyk Signed-off-by: Tomas Cohen Arazi Signed-off-by: Nick Clemens Signed-off-by: Martin Renvoize Signed-off-by: Tomas Cohen Arazi --- admin/authentication_providers.pl | 299 +++++++++++ .../prog/en/includes/admin-menu.inc | 5 +- .../prog/en/modules/admin/admin-home.tt | 6 +- .../admin/authentication_provider_domains.tt | 476 ++++++++++++++++++ .../modules/admin/authentication_providers.tt | 466 +++++++++++++++++ 5 files changed, 1250 insertions(+), 2 deletions(-) create mode 100644 admin/authentication_providers.pl create mode 100644 koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_provider_domains.tt create mode 100644 koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_providers.tt diff --git a/admin/authentication_providers.pl b/admin/authentication_providers.pl new file mode 100644 index 0000000000..07c33b9324 --- /dev/null +++ b/admin/authentication_providers.pl @@ -0,0 +1,299 @@ +#!/usr/bin/perl + +# Copyright 2022 Theke Solutions +# +# This file is part of Koha. +# +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . + +use Modern::Perl; + +use CGI qw ( -utf8 ); +use Scalar::Util qw( blessed ); +use Try::Tiny qw( catch try ); + +use C4::Auth qw( get_template_and_user ); +use C4::Output qw( output_html_with_http_headers ); + +use Koha::Auth::Providers; + +my $input = CGI->new; +my $op = $input->param('op') || 'list'; +my $domain_ops = $input->param('domain_ops'); +my $auth_provider_id = $input->param('auth_provider_id'); +my $auth_provider; + +$auth_provider = Koha::Auth::Providers->find($auth_provider_id) + unless !$auth_provider_id; + +my $template_name = $domain_ops ? 'admin/authentication_provider_domains.tt' : 'admin/authentication_providers.tt'; + +my ( $template, $borrowernumber, $cookie ) = get_template_and_user( + { template_name => $template_name, + query => $input, + type => "intranet", + flagsrequired => { parameters => 'manage_authentication_providers' }, + } +); + +my @messages; + +if ( !$domain_ops && $op eq 'add' ) { + + my $code = $input->param('code'); + my $config = $input->param('config'); + my $description = $input->param('description'); + my $icon_url = $input->param('icon_url'); + my $mapping = $input->param('mapping'); + my $matchpoint = $input->param('matchpoint'), + my $protocol = $input->param('protocol'); + + try { + my $provider = Koha::Auth::Provider->new( + { code => $code, + config => $config, + description => $description, + icon_url => $icon_url, + mapping => $mapping, + matchpoint => $matchpoint, + protocol => $protocol, + } + )->store; + + Koha::Auth::Provider::Domain->new( + { + auth_provider_id => $provider->auth_provider_id, + } + )->store; + + push @messages, { type => 'message', code => 'success_on_insert' }; + } + catch { + if ( blessed $_ and $_->isa('Koha::Exceptions::Object::DuplicateID') ) { + push @messages, + { + type => 'alert', + code => 'error_on_insert', + reason => 'duplicate_id' + }; + } + }; + + # list servers after adding + $op = 'list'; +} +elsif ( $domain_ops && $op eq 'add' ) { + + my $allow_opac = $input->param('allow_opac'); + my $allow_staff = $input->param('allow_staff'); + my $auth_provider_id = $input->param('auth_provider_id'); + my $auto_register = $input->param('auto_register'); + my $default_category_id = $input->param('default_category_id'); + my $default_library_id = $input->param('default_library_id'); + my $domain = $input->param('domain'); + my $update_on_auth = $input->param('update_on_auth'); + + try { + + Koha::Auth::Provider::Domain->new( + { + allow_opac => $allow_opac, + allow_staff => $allow_staff, + auth_provider_id => $auth_provider_id, + auto_register => $auto_register, + default_category_id => $default_category_id, + default_library_id => $default_library_id, + domain => $domain, + update_on_auth => $update_on_auth, + } + )->store; + + push @messages, { type => 'message', code => 'success_on_insert' }; + } + catch { + if ( blessed $_ and $_->isa('Koha::Exceptions::Object::DuplicateID') ) { + push @messages, + { + type => 'alert', + code => 'error_on_insert', + reason => 'duplicate_id' + }; + } + }; + + # list servers after adding + $op = 'list'; +} +elsif ( !$domain_ops && $op eq 'edit_form' ) { + + if ( $auth_provider ) { + $template->param( + auth_provider => $auth_provider + ); + } + else { + push @messages, + { + type => 'alert', + code => 'error_on_edit', + reason => 'invalid_id' + }; + } +} +elsif ( $domain_ops && $op eq 'edit_form' ) { + my $auth_provider_domain_id = $input->param('auth_provider_domain_id'); + my $auth_provider_domain; + + $auth_provider_domain = Koha::Auth::Provider::Domains->find($auth_provider_domain_id) + unless !$auth_provider_domain_id; + + if ( $auth_provider_domain ) { + $template->param( + auth_provider_domain => $auth_provider_domain + ); + } + else { + push @messages, + { + type => 'alert', + code => 'error_on_edit', + reason => 'invalid_id' + }; + } +} +elsif ( !$domain_ops && $op eq 'edit_save' ) { + + if ( $auth_provider ) { + + my $code = $input->param('code'); + my $config = $input->param('config'); + my $description = $input->param('description'); + my $icon_url = $input->param('icon_url'); + my $mapping = $input->param('mapping'); + my $matchpoint = $input->param('matchpoint'); + my $protocol = $input->param('protocol'); + + try { + + $auth_provider->set( + { code => $code, + config => $config, + description => $description, + icon_url => $icon_url, + mapping => $mapping, + matchpoint => $matchpoint, + protocol => $protocol, + } + )->store; + + push @messages, + { + type => 'message', + code => 'success_on_update' + }; + } + catch { + push @messages, + { + type => 'alert', + code => 'error_on_update' + }; + }; + + # list servers after adding + $op = 'list'; + } + else { + push @messages, + { + type => 'alert', + code => 'error_on_update', + reason => 'invalid_id' + }; + } +} +elsif ( $domain_ops && $op eq 'edit_save' ) { + + my $auth_provider_domain_id = $input->param('auth_provider_domain_id'); + my $auth_provider_domain; + + $auth_provider_domain = Koha::Auth::Provider::Domains->find($auth_provider_domain_id) + unless !$auth_provider_domain_id; + + if ( $auth_provider_domain ) { + + my $auth_provider_id = $input->param('auth_provider_id'); + my $domain = $input->param('domain'); + my $auto_register = $input->param('auto_register'); + my $update_on_auth = $input->param('update_on_auth'); + my $default_library_id = $input->param('default_library_id'); + my $default_category_id = $input->param('default_category_id'); + my $allow_opac = $input->param('allow_opac'); + my $allow_staff = $input->param('allow_staff'); + + try { + + $auth_provider_domain->set( + { + auth_provider_id => $auth_provider_id, + domain => $domain, + auto_register => $auto_register, + update_on_auth => $update_on_auth, + default_library_id => $default_library_id, + default_category_id => $default_category_id, + allow_opac => $allow_opac, + allow_staff => $allow_staff, + } + )->store; + + push @messages, + { + type => 'message', + code => 'success_on_update' + }; + } + catch { + push @messages, + { + type => 'alert', + code => 'error_on_update' + }; + }; + + # list servers after adding + $op = 'list'; + } + else { + push @messages, + { + type => 'alert', + code => 'error_on_update', + reason => 'invalid_id' + }; + } +} + +if ( $domain_ops ) { + $template->param( + auth_provider_code => $auth_provider->code, + auth_provider_id => $auth_provider_id, + ); +} + +$template->param( + op => $op, + messages => \@messages, +); + +output_html_with_http_headers $input, $cookie, $template->output; diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/admin-menu.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/admin-menu.inc index 356ae1ab8b..fa771e629f 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/admin-menu.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/admin-menu.inc @@ -141,9 +141,12 @@ [% END %] - [% IF ( CAN_user_parameters_manage_smtp_servers || CAN_user_parameters_manage_search_targets || CAN_user_parameters_manage_didyoumean || CAN_user_parameters_manage_column_config || CAN_user_parameters_manage_audio_alerts || ( CAN_user_parameters_manage_sms_providers && Koha.Preference('SMSSendDriver') == 'Email' ) || CAN_user_parameters_manage_usage_stats || CAN_user_parameters_manage_additional_fields || ( Koha.Preference('EnableAdvancedCatalogingEditor') && CAN_user_parameters_manage_keyboard_shortcuts ) ) %] + [% IF ( CAN_user_parameters_manage_authentication_providers || CAN_user_parameters_manage_smtp_servers || CAN_user_parameters_manage_search_targets || CAN_user_parameters_manage_didyoumean || CAN_user_parameters_manage_column_config || CAN_user_parameters_manage_audio_alerts || ( CAN_user_parameters_manage_sms_providers && Koha.Preference('SMSSendDriver') == 'Email' ) || CAN_user_parameters_manage_usage_stats || CAN_user_parameters_manage_additional_fields || ( Koha.Preference('EnableAdvancedCatalogingEditor') && CAN_user_parameters_manage_keyboard_shortcuts ) ) %]
Additional parameters
    + [% IF ( CAN_user_parameters_manage_authentication_providers) %] +
  • Authentication providers
  • + [% END %] [% IF ( CAN_user_parameters_manage_search_targets ) %]
  • Z39.50/SRU servers
  • [% END %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt index 79a6853e53..4cc7f83139 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt @@ -238,11 +238,15 @@ [% END %] - [% IF ( ( CAN_user_parameters_manage_smtp_servers || CAN_user_parameters_manage_search_targets || CAN_user_parameters_manage_didyoumean || CAN_user_parameters_manage_column_config || CAN_user_parameters_manage_audio_alerts || CAN_user_parameters_manage_sms_providers && Koha.Preference('SMSSendDriver') == 'Email' ) || CAN_user_parameters_manage_usage_stats || CAN_user_parameters_manage_additional_fields || CAN_user_parameters_manage_mana || (Koha.Preference('EnableAdvancedCatalogingEditor') && CAN_user_parameters_manage_keyboard_shortcuts) ) %] + [% IF ( ( CAN_user_parameters_manage_authentication_providers || CAN_user_parameters_manage_smtp_servers || CAN_user_parameters_manage_search_targets || CAN_user_parameters_manage_didyoumean || CAN_user_parameters_manage_column_config || CAN_user_parameters_manage_audio_alerts || CAN_user_parameters_manage_sms_providers && Koha.Preference('SMSSendDriver') == 'Email' ) || CAN_user_parameters_manage_usage_stats || CAN_user_parameters_manage_additional_fields || CAN_user_parameters_manage_mana || (Koha.Preference('EnableAdvancedCatalogingEditor') && CAN_user_parameters_manage_keyboard_shortcuts) ) %]

    Additional parameters

    + [% IF ( CAN_user_parameters_manage_authentication_providers) %] +
    Authentication providers
    +
    Define which external authentication providers to use
    + [% END %] [% IF ( CAN_user_parameters_manage_search_targets ) %]
    Z39.50/SRU servers
    Define which external servers to query for MARC data
    diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_provider_domains.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_provider_domains.tt new file mode 100644 index 0000000000..582842ae08 --- /dev/null +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_provider_domains.tt @@ -0,0 +1,476 @@ +[% USE raw %] +[% USE Asset %] +[% USE Branches %] +[% USE Categories %] +[% SET footerjs = 1 %] +[% INCLUDE 'doc-head-open.inc' %] + + [% IF op == 'add_form' %] + New authentication provider domain › [% ELSIF op == 'edit_form' %] + Edit authentication provider domain › [% END %] + + Authentication providers › Administration › Koha + +[% INCLUDE 'doc-head-close.inc' %] + + + +[% INCLUDE 'header.inc' %] +[% INCLUDE 'prefs-admin-search.inc' %] + + + +
    +
    +
    +
    + +[% FOREACH m IN messages %] +
    + [% SWITCH m.code %] + [% CASE 'error_on_update' %] + An error occurred trying to open the authentication provider domain for editing. The passed id is invalid. + [% CASE 'error_on_insert' %] + An error occurred when adding a new authentication provider domain. + [% CASE 'success_on_update' %] + Authentication provider domain updated successfully. + [% CASE 'success_on_insert' %] + Authentication provider domain added successfully. + [% CASE %] + [% m.code | html %] + [% END %] +
    +[% END %] + + + + +[% IF op == 'add_form' %] +

    New authentication provider domain

    +
    + + + +
    +
      +
    1. + + +
    2. +
    +
    + +
    +
      +
    1. + + + user data on login +
    2. +
    3. + + + users to auto register on login +
    4. +
    5. + + +
    6. +
    7. + + [% SET categories = Categories.all() %] + +
    8. +
    9. + + + opac users of this domain to login with this authentication provider +
    10. +
    11. + + + of this domain +
    12. +
    +
    +
    + + Cancel +
    +
    +[% END %] + +[% IF op == 'edit_form' %] +

    Edit authentication provider domain

    +
    + + + + +
    +
      +
    1. + + +
    2. +
    +
    + +
    +
      +
    1. + + + user data on login +
    2. +
    3. + + + users to auto register on login +
    4. +
    5. + + +
    6. +
    7. + + [% SET categories = Categories.all() %] + +
    8. +
    9. + + + opac users of this domain to login with this authentication provider +
    10. +
    11. + + + staff users of this domain to login with this authentication provider +
    12. +
    +
    +
    + + Cancel +
    +
    +[% END %] + +[% IF op == 'list' %] + + + +

    Authentication provider domains

    + + + + + + + + + + + + + + +
    DomainUpdate on loginAuto registerDefault libraryDefault categoryAllow opacAllow staffActions
    +[% END %] + + + +
    +
    + +
    + +
    +
    + + +[% MACRO jsinclude BLOCK %] + [% Asset.js("js/admin-menu.js") | $raw %] + [% INCLUDE 'datatables.inc' %] + +[% END %] + +[% INCLUDE 'intranet-bottom.inc' %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_providers.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_providers.tt new file mode 100644 index 0000000000..a33428840f --- /dev/null +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authentication_providers.tt @@ -0,0 +1,466 @@ +[% USE raw %] +[% USE Asset %] +[% SET footerjs = 1 %] +[% INCLUDE 'doc-head-open.inc' %] + + [% IF op == 'add_form' %] + New authentication provider › [% ELSIF op == 'edit_form' %] + Edit authentication provider › [% END %] + + Authentication providers › Administration › Koha + +[% INCLUDE 'doc-head-close.inc' %] + + + +[% INCLUDE 'header.inc' %] +[% INCLUDE 'prefs-admin-search.inc' %] + + + +
    +
    +
    +
    + +[% FOREACH m IN messages %] +
    + [% SWITCH m.code %] + [% CASE 'error_on_update' %] + An error occurred trying to open the authentication provider for editing. The passed id is invalid. + [% CASE 'error_on_insert' %] + An error occurred when adding a new authentication provider. + [% CASE 'success_on_update' %] + Authentication provider updated successfully. + [% CASE 'success_on_insert' %] + Authentication provider added successfully. + [% CASE %] + [% m.code | html %] + [% END %] +
    +[% END %] + + + + +[% IF op == 'add_form' %] +

    New authentication provider

    +
    + +
    +
      +
    1. + + + Required +
    2. +
    3. + + + Required +
    4. +
    5. + + +
    6. +
    +
    + +
    +
      +
    1. +
      + + + Required +
      +
      + + +
      +
    2. +
    3. +
      + + + Required +
      +
      + + +
      +
    4. +
    5. + + + Required +
    6. +
    7. + + +
    8. +
    +
    +
    + + Cancel +
    +
    +[% END %] + +[% IF op == 'edit_form' %] +

    Edit authentication provider

    +
    + + +
    +
      +
    1. + + + Required +
    2. +
    3. + + + Required +
    4. +
    5. + + +
    6. +
    +
    + +
    +
      +
    1. +
      + + + Required +
      +
      + + +
      +
    2. +
    3. +
      + + + Required +
      +
      + + +
      +
    4. +
    5. + + + Required +
    6. +
    7. + + +
    8. +
    +
    +
    + + Cancel +
    +
    +[% END %] + +[% IF op == 'list' %] + + + +

    Authentication providers

    + + + + + + + + + + +
    CodeDescriptionProtocolActions
    +[% END %] + + + +
    +
    + +
    + +
    +
    + + +[% MACRO jsinclude BLOCK %] + [% Asset.js("js/admin-menu.js") | $raw %] + [% INCLUDE 'datatables.inc' %] + +[% END %] + +[% INCLUDE 'intranet-bottom.inc' %] -- 2.39.5