From ee3e03eaad451e1158d1fb51333dbb509a1f1863 Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Fri, 9 Mar 2018 18:34:59 +0100 Subject: [PATCH] Update wiki script --- .../lib/Lemonldap/NG/Manager/Attributes.pm | 51 ++++++++ .../Lemonldap/NG/Manager/Build/Attributes.pm | 123 +++++++++++++++++- scripts/parameters-for-wiki.pl | 17 ++- 3 files changed, 184 insertions(+), 7 deletions(-) diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index d95735309..622e9ff44 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -871,6 +871,9 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'type' => 'cmbModuleContainer' }, + 'configStorage' => { + 'type' => 'text' + }, 'confirmFormMethod' => { 'default' => 'post', 'select' => [ @@ -1457,6 +1460,12 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: }, 'type' => 'keyTextContainer' }, + 'localStorage' => { + 'type' => 'text' + }, + 'localStorageOptions' => { + 'type' => 'keyTextContainer' + }, 'locationRules' => { 'default' => { 'default' => 'deny' @@ -3010,6 +3019,30 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] ], 'type' => 'select' }, + 'secureTokenAllowOnError' => { + 'default' => '', + 'type' => 'text' + }, + 'secureTokenAttribute' => { + 'default' => 'uid', + 'type' => 'text' + }, + 'secureTokenExpiration' => { + 'default' => 60, + 'type' => 'text' + }, + 'secureTokenHeader' => { + 'default' => 'Auth-Token', + 'type' => 'text' + }, + 'secureTokenMemcachedServers' => { + 'default' => '', + 'type' => 'text' + }, + 'secureTokenUrls' => { + 'default' => '.*', + 'type' => 'text' + }, 'sessionDataToRemember' => { 'keyMsgFail' => '__invalidSessionData__', 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, @@ -3124,6 +3157,9 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- 'staticPrefix' => { 'type' => 'text' }, + 'status' => { + 'type' => 'bool' + }, 'stayConnected' => { 'type' => 'bool' }, @@ -3364,6 +3400,21 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- }, 'yubikeySecretKey' => { 'type' => 'text' + }, + 'zimbraAccountKey' => { + 'type' => 'text' + }, + 'zimbraBy' => { + 'type' => 'text' + }, + 'zimbraPreAuthKey' => { + 'type' => 'text' + }, + 'zimbraSsoUrl' => { + 'type' => 'text' + }, + 'zimbraUrl' => { + 'type' => 'text' } }; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 9b3423c4b..5c1a29a5e 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -215,6 +215,21 @@ sub attributes { return { # Other + configStorage => { + type => 'text', + documentation => 'Configuration storage', + flags => 'hmp', + }, + localStorage => { + type => 'text', + documentation => 'Local cache', + flags => 'hmp', + }, + localStorageOptions => { + type => 'keyTextContainer', + documentation => 'Local cache', + flags => 'hmp', + }, cfgNum => { type => 'int', default => 0, @@ -240,6 +255,11 @@ sub attributes { type => 'text', documentation => 'Version of LLNG which build configuration', }, + status => { + type => 'bool', + documentation => 'Status daemon activation', + flags => 'h', + }, confirmFormMethod => { type => "select", select => @@ -251,12 +271,14 @@ sub attributes { type => 'text', test => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/, msgFail => "__badCustomFuncName__", - documentation => 'List of custom functions' + documentation => 'List of custom functions', + flags => 'hmp', }, https => { default => 0, type => 'bool', documentation => 'Use HTTPS for redirection from portal', + flags => 'h', }, infoFormMethod => { type => "select", @@ -265,7 +287,11 @@ sub attributes { default => 'get', documentation => 'HTTP method for info page form', }, - port => { type => 'int', documentation => 'Force port in redirection' }, + port => { + type => 'int', + documentation => 'Force port in redirection', + flags => 'h', + }, jsRedirect => { type => 'boolOrExpr', default => 0, @@ -281,6 +307,7 @@ sub attributes { default => 0, type => 'bool', documentation => 'Maintenance mode for all virtual hosts', + flags => 'h', }, nginxCustomHandlers => { type => 'keyTextContainer', @@ -298,6 +325,7 @@ sub attributes { type => 'url', default => 'http://auth.example.com/', documentation => 'Portal URL', + flags => 'hmp', }, portalStatus => { type => 'bool', @@ -334,6 +362,7 @@ sub attributes { type => 'authParamsText', default => '; ', documentation => 'Separator for multiple values', + flags => 'hmp', }, stayConnected => { type => 'bool', @@ -347,6 +376,7 @@ sub attributes { msgFail => '__authorizedValues__: none authenticate manager', default => 'none', documentation => 'Manager protection method', + flags => 'hm', }, # Menu @@ -447,6 +477,7 @@ sub attributes { default => 0, type => 'bool', documentation => 'Enable Cross Domain Authentication', + flags => 'hp', }, checkXSS => { default => 1, @@ -560,6 +591,7 @@ sub attributes { type => 'bool', default => 1, documentation => 'Use 302 redirect code for error (500)', + flags => 'h', }, useRedirectOnForbidden => { default => 0, @@ -571,11 +603,13 @@ sub attributes { type => 'bool', help => 'safejail.html', documentation => 'Activate Safe jail', + flags => 'hp', }, whatToTrace => { type => 'lmAttrOrMacro', default => 'uid', documentation => 'Session parameter used to fill REMOTE_USER', + flags => 'hp', }, lwpOpts => { type => 'keyTextContainer', @@ -641,14 +675,18 @@ sub attributes { }, # Cookies - cookieExpiration => - { type => 'text', documentation => 'Cookie expiration', }, + cookieExpiration => { + type => 'text', + documentation => 'Cookie expiration', + flags => 'hp', + }, cookieName => { type => 'text', test => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, msgFail => '__badCookieName__', default => 'lemonldap', documentation => 'Name of the main cookie', + flags => 'hp', }, domain => { type => 'text', @@ -656,11 +694,13 @@ sub attributes { msgFail => '__badDomainName__', default => 'example.com', documentation => 'DNS domain', + flags => 'hp', }, httpOnly => { default => 1, type => 'bool', documentation => 'Enable httpOnly flag in cookie', + flags => 'hp', }, securedCookie => { type => 'select', @@ -672,6 +712,7 @@ sub attributes { ], default => 0, documentation => 'Cookie securisation method', + flags => 'hp', }, # Notification @@ -767,6 +808,7 @@ sub attributes { type => 'PerlModule', default => 'Apache::Session::File', documentation => 'Session backend module', + flags => 'hp', }, globalStorageOptions => { type => 'keyTextContainer', @@ -777,6 +819,7 @@ sub attributes { 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', }, documentation => 'Session backend module options', + flags => 'hp', }, localSessionStorage => { type => 'PerlModule', @@ -1234,6 +1277,7 @@ sub attributes { default => 'deny', }, documentation => 'Virtualhost rules', + flags => 'h', }, exportedHeaders => { type => 'keyTextContainer', @@ -1255,6 +1299,7 @@ sub attributes { } }, documentation => 'Virtualhost headers', + flags => 'h', }, post => { type => 'postContainer', @@ -1301,6 +1346,76 @@ sub attributes { type => 'int', }, + # SecureToken parameters + secureTokenAllowOnError => { + type => 'text', + documentation => 'Secure Token allow requests in error', + flags => 'h', + }, + secureTokenAttribute => { + type => 'text', + documentation => 'Secure Token attribute', + flags => 'h', + default => 'uid', + }, + secureTokenExpiration => { + type => 'text', + documentation => 'Secure Token expiration', + flags => 'h', + default => 60, + }, + secureTokenHeader => { + type => 'text', + documentation => 'Secure Token header', + flags => 'h', + default => 'Auth-Token', + }, + secureTokenMemcachedServers => { + type => 'text', + documentation => 'Secure Token Memcached servers', + flags => 'h', + default => '', + }, + secureTokenUrls => { + type => 'text', + documentation => '', + flags => 'h', + default => '.*', + }, + secureTokenAllowOnError => { + type => 'text', + documentation => '', + flags => 'h', + default => '', + }, + + # Zimbra handler parameters + zimbraAccountKey => { + type => 'text', + flags => 'h', + documentation => 'Zimbra account session key', + }, + zimbraBy => { + type => 'text', + flags => 'h', + documentation => 'Zimbra account type', + }, + zimbraPreAuthKey => { + type => 'text', + flags => 'h', + documentation => 'Zimbra preauthentication key', + }, + zimbraSsoUrl => { + type => 'text', + flags => 'h', + documentation => 'Zimbra local SSO URL pattern', + }, + zimbraUrl => { + type => 'text', + flags => 'h', + documentation => 'Zimbra preauthentication URL', + }, + # CAS IDP casAttr => { type => 'text', }, casAttributes => { type => 'keyTextContainer', }, diff --git a/scripts/parameters-for-wiki.pl b/scripts/parameters-for-wiki.pl index 437971fa3..c0ad58d9f 100755 --- a/scripts/parameters-for-wiki.pl +++ b/scripts/parameters-for-wiki.pl @@ -31,15 +31,26 @@ The attribute key name can be used directly in ''lemonldap-ng.ini'' or in Perl s ===== Main parameters ===== -^ Key name ^ Documentation ^ ini file only ^ +^ Key name ^ Documentation ^ Portal ^ Handler ^ Manager ^ ini file only ^ EOF #| Activate auto accept timer | activeTimer | ✔ | | | foreach my $k ( sort keys %$prm ) { next if $k =~ $ignore; - print "| $k | $prm->{$k}->{documentation} | " - . ( ( $managed->{$k} or $k =~ $rmg ) ? '' : $ok ) . " |\n"; + my $p = $prm->{$k}; + $p->{flags} ||= 'p'; + print "| $k | $p->{documentation}" + # Portal flag + .' | '.( $p->{flags} =~ /p/ ? $ok : '') + # Handler flag + .' | '.( $p->{flags} =~ /h/ ? $ok : '') + # Manager flag + .' | '.( $p->{flags} =~ /m/ ? $ok : '') + # Ini-only flag + .' | ' . ( ( $managed->{$k} or $k =~ $rmg ) ? '' : $ok ) + # End of line + . " |\n"; } print <