wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
Browse Source

basic authentications

tags/v1.2.0-rc1
Lunny Xiao 11 years ago
parent
79ea34e70e
commit
1652dd5068
13 changed files with 334 additions and 49 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +60
    -13
      models/login.go
  2. +1
    -6
      models/user.go
  3. +7
    -6
      modules/auth/admin.go
  4. +1
    -0
      modules/auth/auth.go
  5. +2
    -0
      modules/auth/authentication.go
  6. +88
    -3
      routers/admin/auths.go
  7. +28
    -5
      routers/admin/user.go
  8. +3
    -3
      templates/admin/auths.tmpl
  9. +107
    -0
      templates/admin/auths/edit.tmpl
  10. +12
    -11
      templates/admin/auths/new.tmpl
  11. +12
    -0
      templates/admin/users/edit.tmpl
  12. +11
    -0
      templates/admin/users/new.tmpl
  13. +2
    -2
      web.go

+ 60
- 13
models/login.go View File

@@ -2,17 +2,31 @@ package models

import (
"encoding/json"
"errors"
"time"

"github.com/go-xorm/core"
"github.com/go-xorm/xorm"
"github.com/gogits/gogs/modules/auth/ldap"
)

/*const (
// Login types.
const (
LT_PLAIN = iota + 1
LT_LDAP
LT_SMTP
)*/
)

var (
ErrAuthenticationAlreadyExist = errors.New("Authentication already exist")
ErrAuthenticationNotExist = errors.New("Authentication is not exist")
ErrAuthenticationUserUsed = errors.New("Authentication has been used by some users")
)

var LoginTypes = map[int]string{
LT_LDAP: "LDAP",
LT_SMTP: "SMTP",
}

var _ core.Conversion = &LDAPConfig{}

@@ -32,19 +46,50 @@ func (cfg *LDAPConfig) ToDB() ([]byte, error) {
type LoginSource struct {
Id int64
Type int
Name string
IsActived bool
Name string `xorm:"unique"`
IsActived bool `xorm:"not null default false"`
Cfg core.Conversion `xorm:"TEXT"`
Created time.Time `xorm:"created"`
Updated time.Time `xorm:"updated"`
}

func (source *LoginSource) TypeString() string {
return LoginTypes[source.Type]
}

func (source *LoginSource) LDAP() *LDAPConfig {
return source.Cfg.(*LDAPConfig)
}

// for xorm callback
func (source *LoginSource) BeforeSet(colName string, val xorm.Cell) {
if colName == "type" {
ty := (*val).(int64)
switch ty {
case LT_LDAP:
source.Cfg = new(LDAPConfig)
}
}
}

func GetAuths() ([]*LoginSource, error) {
var auths = make([]*LoginSource, 0)
err := orm.Find(&auths)
return auths, err
}

func GetLoginSourceById(id int64) (*LoginSource, error) {
source := new(LoginSource)
has, err := orm.Id(id).Get(source)
if err != nil {
return nil, err
}
if !has {
return nil, ErrAuthenticationNotExist
}
return source, nil
}

func AddLDAPSource(name string, cfg *LDAPConfig) error {
_, err := orm.Insert(&LoginSource{Type: LT_LDAP,
Name: name,
@@ -54,17 +99,19 @@ func AddLDAPSource(name string, cfg *LDAPConfig) error {
return err
}

func UpdateLDAPSource(id int64, name string, cfg *LDAPConfig) error {
_, err := orm.AllCols().Id(id).Update(&LoginSource{
Id: id,
Type: LT_LDAP,
Name: name,
Cfg: cfg,
})
func UpdateLDAPSource(source *LoginSource) error {
_, err := orm.AllCols().Id(source.Id).Update(source)
return err
}

func DelLoginSource(id int64) error {
_, err := orm.Id(id).Delete(&LoginSource{})
func DelLoginSource(source *LoginSource) error {
cnt, err := orm.Count(&User{LoginSource: source.Id})
if err != nil {
return err
}
if cnt > 0 {
return ErrAuthenticationUserUsed
}
_, err = orm.Id(source.Id).Delete(&LoginSource{})
return err
}

+ 1
- 6
models/user.go View File

@@ -26,12 +26,6 @@ const (
UT_ORGANIZATION
)

// Login types.
const (
LT_PLAIN = iota + 1
LT_LDAP
)

var (
ErrUserOwnRepos = errors.New("User still have ownership of repositories")
ErrUserAlreadyExist = errors.New("User already exist")
@@ -49,6 +43,7 @@ type User struct {
Email string `xorm:"unique not null"`
Passwd string `xorm:"not null"`
LoginType int
LoginSource int64 `xorm:"not null default 0"`
Type int
NumFollowers int
NumFollowings int


+ 7
- 6
modules/auth/admin.go View File

@@ -15,12 +15,13 @@ import (
)

type AdminEditUserForm struct {
Email string `form:"email" binding:"Required;Email;MaxSize(50)"`
Website string `form:"website" binding:"MaxSize(50)"`
Location string `form:"location" binding:"MaxSize(50)"`
Avatar string `form:"avatar" binding:"Required;Email;MaxSize(50)"`
Active string `form:"active"`
Admin string `form:"admin"`
Email string `form:"email" binding:"Required;Email;MaxSize(50)"`
Website string `form:"website" binding:"MaxSize(50)"`
Location string `form:"location" binding:"MaxSize(50)"`
Avatar string `form:"avatar" binding:"Required;Email;MaxSize(50)"`
Active string `form:"active"`
Admin string `form:"admin"`
LoginType int `form:"login_type"`
}

func (f *AdminEditUserForm) Name(field string) string {


+ 1
- 0
modules/auth/auth.go View File

@@ -25,6 +25,7 @@ type RegisterForm struct {
Email string `form:"email" binding:"Required;Email;MaxSize(50)"`
Password string `form:"passwd" binding:"Required;MinSize(6);MaxSize(30)"`
RetypePasswd string `form:"retypepasswd"`
LoginType string `form:"logintype"`
}

func (f *RegisterForm) Name(field string) string {


+ 2
- 0
modules/auth/authentication.go View File

@@ -1,6 +1,7 @@
package auth

type AuthenticationForm struct {
Id int64 `form:"id"`
Type int `form:"type"`
Name string `form:"name" binding:"MaxSize(50)"`
Domain string `form:"domain"`
@@ -10,4 +11,5 @@ type AuthenticationForm struct {
Attributes string `form:"attributes"`
Filter string `form:"filter"`
MsAdSA string `form:"ms_ad_sa"`
IsActived bool `form:"is_actived"`
}

+ 88
- 3
routers/admin/auths.go View File

@@ -3,9 +3,11 @@ package admin
import (
"strings"

"github.com/go-martini/martini"
"github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/auth"
"github.com/gogits/gogs/modules/auth/ldap"
"github.com/gogits/gogs/modules/base"
"github.com/gogits/gogs/modules/middleware"
"github.com/gpmgo/gopm/log"
)
@@ -13,6 +15,7 @@ import (
func NewAuthSource(ctx *middleware.Context) {
ctx.Data["Title"] = "New Authentication"
ctx.Data["PageIsAuths"] = true
ctx.Data["LoginTypes"] = models.LoginTypes
ctx.HTML(200, "admin/auths/new")
}

@@ -52,11 +55,93 @@ func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
ctx.Redirect("/admin/auths")
}

func EditAuthSource(ctx *middleware.Context) {
func EditAuthSource(ctx *middleware.Context, params martini.Params) {
ctx.Data["Title"] = "Edit Authentication"
ctx.Data["PageIsAuths"] = true
id, err := base.StrTo(params["authid"]).Int64()
if err != nil {
ctx.Handle(404, "admin.auths.EditAuthSource", err)
return
}
u, err := models.GetLoginSourceById(id)
if err != nil {
ctx.Handle(500, "admin.user.EditUser", err)
return
}
ctx.Data["Source"] = u
ctx.Data["LoginTypes"] = models.LoginTypes
ctx.HTML(200, "admin/auths/edit")
}

func EditAuthSourcePost(ctx *middleware.Context) {
func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = "Edit Authentication"
ctx.Data["PageIsAuths"] = true

if ctx.HasError() {
ctx.HTML(200, "admin/auths/edit")
return
}

u := models.LoginSource{
Name: form.Name,
IsActived: form.IsActived,
Type: models.LT_LDAP,
Cfg: &models.LDAPConfig{
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
BaseDN: form.BaseDN,
Attributes: form.Attributes,
Filter: form.Filter,
MsAdSAFormat: form.MsAdSA,
Enabled: true,
Name: form.Name,
},
},
}

if err := models.UpdateLDAPSource(&u); err != nil {
switch err {
default:
ctx.Handle(500, "admin.auths.EditAuth", err)
}
return
}

log.Trace("%s Authentication changed by admin(%s): %s", ctx.Req.RequestURI,
ctx.User.LowerName, strings.ToLower(form.Name))

ctx.Redirect("/admin/auths")
}

func DeleteAuthSource(ctx *middleware.Context) {
func DeleteAuthSource(ctx *middleware.Context, params martini.Params) {
ctx.Data["Title"] = "Delete Authentication"
ctx.Data["PageIsAuths"] = true

id, err := base.StrTo(params["authid"]).Int64()
if err != nil {
ctx.Handle(404, "admin.auths.DeleteAuth", err)
return
}

a, err := models.GetLoginSourceById(id)
if err != nil {
ctx.Handle(500, "admin.auths.DeleteAuth", err)
return
}

if err = models.DelLoginSource(a); err != nil {
switch err {
case models.ErrAuthenticationUserUsed:
ctx.Flash.Error("This authentication still has used by some users, you should move them and then delete again.")
ctx.Redirect("/admin/auths/" + params["authid"])
default:
ctx.Handle(500, "admin.auths.DeleteAuth", err)
}
return
}
log.Trace("%s Authentication deleted by admin(%s): %s", ctx.Req.RequestURI,
ctx.User.LowerName, ctx.User.LowerName)

ctx.Redirect("/admin/auths")
}

+ 28
- 5
routers/admin/user.go View File

@@ -5,6 +5,8 @@
package admin

import (
"fmt"
"strconv"
"strings"

"github.com/go-martini/martini"
@@ -19,6 +21,12 @@ import (
func NewUser(ctx *middleware.Context) {
ctx.Data["Title"] = "New Account"
ctx.Data["PageIsUsers"] = true
auths, err := models.GetAuths()
if err != nil {
ctx.Handle(500, "admin.user.NewUser", err)
return
}
ctx.Data["LoginSources"] = auths
ctx.HTML(200, "admin/users/new")
}

@@ -40,10 +48,18 @@ func NewUserPost(ctx *middleware.Context, form auth.RegisterForm) {
}

u := &models.User{
Name: form.UserName,
Email: form.Email,
Passwd: form.Password,
IsActive: true,
Name: form.UserName,
Email: form.Email,
Passwd: form.Password,
IsActive: true,
LoginType: models.LT_PLAIN,
}

if len(form.LoginType) > 0 {
fields := strings.Split(form.LoginType, "-")
u.LoginType, _ = strconv.Atoi(fields[0])
u.LoginSource, _ = strconv.ParseInt(fields[1], 10, 64)
fmt.Println(u.LoginSource)
}

var err error
@@ -84,6 +100,12 @@ func EditUser(ctx *middleware.Context, params martini.Params) {
}

ctx.Data["User"] = u
auths, err := models.GetAuths()
if err != nil {
ctx.Handle(500, "admin.user.NewUser", err)
return
}
ctx.Data["LoginSources"] = auths
ctx.HTML(200, "admin/users/edit")
}

@@ -110,6 +132,7 @@ func EditUserPost(ctx *middleware.Context, params martini.Params, form auth.Admi
u.AvatarEmail = form.Avatar
u.IsActive = form.Active == "on"
u.IsAdmin = form.Admin == "on"
u.LoginType = form.LoginType
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "admin.user.EditUser", err)
return
@@ -126,7 +149,7 @@ func DeleteUser(ctx *middleware.Context, params martini.Params) {
ctx.Data["Title"] = "Delete Account"
ctx.Data["PageIsUsers"] = true

log.Info("delete")
//log.Info("delete")
uid, err := base.StrTo(params["userid"]).Int()
if err != nil {
ctx.Handle(404, "admin.user.EditUser", err)


+ 3
- 3
templates/admin/auths.tmpl View File

@@ -27,11 +27,11 @@
<tr>
<td>{{.Id}}</td>
<td><a href="/admin/auths/{{.Id}}">{{.Name}}</a></td>
<td>{{.Type}}</td>
<td>{{.Actived}}</td>
<td>{{.TypeString}}</td>
<td><i class="fa fa{{if .IsActived}}-check{{end}}-square-o"></i></td>
<td>{{DateFormat .Updated "M d, Y"}}</td>
<td>{{DateFormat .Created "M d, Y"}}</td>
<td><a href="/admin/users/{{.Id}}"><i class="fa fa-pencil-square-o"></i></a></td>
<td><a href="/admin/auths/{{.Id}}"><i class="fa fa-pencil-square-o"></i></a></td>
</tr>
{{end}}
</tbody>


+ 107
- 0
templates/admin/auths/edit.tmpl View File

@@ -0,0 +1,107 @@
{{template "base/head" .}}
{{template "base/navbar" .}}
<div id="body" class="container" data-page="admin">
{{template "admin/nav" .}}
<div id="admin-container" class="col-md-9">
<div class="panel panel-default">
<div class="panel-heading">
Edit Authentication
</div>

<div class="panel-body">
<br/>
<form action="/admin/auths/{{.Source.Id}}" method="post" class="form-horizontal">
{{.CsrfTokenHtml}}
{{template "base/alert" .}}
<input type="hidden" value="{{.Source.Id}}" name="id"/>
<div class="form-group">
<label class="col-md-3 control-label">Auth Type: </label>
<div class="col-md-7">
<select class="form-control">
{{$type := .Source.Type}}
{{range $key, $val := .LoginTypes}}
<option value="{{$key}}" {{if eq $key $type}}selected{{end}}>{{$val}}</option>
{{end}}
</select>
</div>
</div>
<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Name: </label>
<div class="col-md-7">
<input name="name" class="form-control" placeholder="Type account's username" value="{{.Source.Name}}" required="required">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Domain: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.Name}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Host: </label>
<div class="col-md-7">
<input name="host" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.Host}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Port: </label>
<div class="col-md-7">
<input name="port" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.Port}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Base DN: </label>
<div class="col-md-7">
<input name="base_dn" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.BaseDN}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Search Attributes: </label>
<div class="col-md-7">
<input name="attributes" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.Attributes}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Search Filter: </label>
<div class="col-md-7">
<input name="filter" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.Filter}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Ms Ad SA: </label>
<div class="col-md-7">
<input name="ms_ad_sa" class="form-control" placeholder="Type account's e-mail address" value="{{.Source.LDAP.MsAdSAFormat}}" required="required" title="Email is not valid">
</div>
</div>
<div class="form-group">
<div class="col-md-7 col-md-offset-3">
<div class="checkbox">
<label>
<input type="checkbox" name="is_actived" {{if .Source.IsActived}}checked{{end}}>
<strong>This authentication has activated.</strong>
</label>
</div>
</div>
</div>
<hr/>
<div class="form-group">
<div class="col-md-offset-3 col-md-6">
<button type="submit" class="btn btn-lg btn-primary btn-block">Update authentication config</button>
<a type="button" href="/admin/auths/{{.Source.Id}}/delete" class="btn btn-lg btn-danger btn-block">Delete this authentication</a>
</div>
</div>
</form>
</div>
</div>

</div>
</div>
{{template "base/footer" .}}

+ 12
- 11
templates/admin/auths/new.tmpl View File

@@ -17,64 +17,65 @@
<label class="col-md-3 control-label">Auth Type: </label>
<div class="col-md-7">
<select class="form-control">
<option value=2>LDAP</option>
<option value=3>SMTP</option>
</select>
{{range $key, $val := .LoginTypes}}
<option value="{{$key}}">{{$val}}</option>
{{end}}
</select>
</div>
</div>
<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Name: </label>
<div class="col-md-7">
<input name="name" class="form-control" placeholder="Type account's username" value="{{.username}}" required="required">
<input name="name" class="form-control" placeholder="Authentication's name" required="required">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Domain: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="domain" class="form-control" placeholder="Domain name" value="{{.domain}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Host: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="host" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Port: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="port" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Base DN: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="base_dn" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Search Attributes: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="attributes" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Search Filter: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="filter" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
</div>
</div>

<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Ms Ad SA: </label>
<div class="col-md-7">
<input name="domain" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
<input name="ms_ad_sa" class="form-control" placeholder="Type account's e-mail address" value="{{.email}}" required="required" title="Email is not valid">
</div>
</div>


+ 12
- 0
templates/admin/users/edit.tmpl View File

@@ -14,6 +14,18 @@
{{.CsrfTokenHtml}}
{{template "base/alert" .}}
<input type="hidden" value="{{.User.Id}}" name="userId"/>
<div class="form-group">
<label class="col-md-3 control-label">Auth Source: </label>
<div class="col-md-7">
<select name="logintype" class="form-control">
<option value="0-0"{{if eq 0 .User.LoginSource}} selected{{end}}>Local</option>
{{$tp := .User.LoginSource}}
{{range $key, $val := .LoginSources}}
<option value="{{$val.Type}}-{{$val.Id}}"{{if eq $val.Id $tp}} selected{{end}}>{{$val.Name}}</option>
{{end}}
</select>
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label">Username: </label>
<label class="control-label">{{.User.Name}}</label>


+ 11
- 0
templates/admin/users/new.tmpl View File

@@ -13,6 +13,17 @@
<form action="/admin/users/new" method="post" class="form-horizontal">
{{.CsrfTokenHtml}}
{{template "base/alert" .}}
<div class="form-group">
<label class="col-md-3 control-label">Auth Source: </label>
<div class="col-md-7">
<select name="logintype" class="form-control">
<option value="0-0">Local</option>
{{range $key, $val := .LoginSources}}
<option value="{{$val.Type}}-{{$val.Id}}">{{$val.Name}}</option>
{{end}}
</select>
</div>
</div>
<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Username: </label>
<div class="col-md-7">


+ 2
- 2
web.go View File

@@ -144,7 +144,7 @@ func runWeb(*cli.Context) {
r.Get("/new", admin.NewAuthSource)
r.Post("/new", bindIgnErr(auth.AuthenticationForm{}), admin.NewAuthSourcePost)
r.Get("/:authid", admin.EditAuthSource)
r.Post("/:authid" /*, bindIgnErr(auth.AdminEditUserForm{})*/, admin.EditAuthSourcePost)
r.Post("/:authid", bindIgnErr(auth.AuthenticationForm{}), admin.EditAuthSourcePost)
r.Get("/:authid/delete", admin.DeleteAuthSource)
}, adminReq)

@@ -196,7 +196,7 @@ func runWeb(*cli.Context) {

protocol := base.Cfg.MustValue("server", "PROTOCOL", "http")
listenAddr := fmt.Sprintf("%s:%s",
base.Cfg.MustValue("server", "HTTP_ADDR"),
base.Cfg.MustValue("server", "HTTP_ADDR", "0.0.0.0"),
base.Cfg.MustValue("server", "HTTP_PORT", "3000"))

if protocol == "http" {


Write Preview
Loading…
Cancel
Save