|
|
@@ -74,133 +74,131 @@ const validator = {
|
|
|
*
|
|
|
* components:
|
|
|
* schemas:
|
|
|
- * SecurityParams:
|
|
|
- * type: object
|
|
|
- * GeneralSetting:
|
|
|
- * type:object
|
|
|
- * GuestModeParams:
|
|
|
- * type: object
|
|
|
- * properties:
|
|
|
- * restrictGuestMode:
|
|
|
- * type: string
|
|
|
- * description: type of restrictGuestMode
|
|
|
- * PageDeletionParams:
|
|
|
- * type: object
|
|
|
- * properties:
|
|
|
- * pageCompleteDeletionAuthority:
|
|
|
- * type: string
|
|
|
- * description: type of pageDeletionAuthority
|
|
|
- * Function:
|
|
|
- * type: object
|
|
|
- * properties:
|
|
|
- * hideRestrictedByOwner:
|
|
|
- * type: boolean
|
|
|
- * description: enable hide by owner
|
|
|
- * hideRestrictedByGroup:
|
|
|
- * type: boolean
|
|
|
- * description: enable hide by group
|
|
|
- * SamlAuthSetting:
|
|
|
- * type:object
|
|
|
- * samlEntryPoint:
|
|
|
+ * GeneralSetting:
|
|
|
+ * type:object
|
|
|
+ * GuestModeParams:
|
|
|
+ * type: object
|
|
|
+ * properties:
|
|
|
+ * restrictGuestMode:
|
|
|
* type: string
|
|
|
- * description: entry point for saml
|
|
|
- * samlIssuer:
|
|
|
+ * description: type of restrictGuestMode
|
|
|
+ * PageDeletionParams:
|
|
|
+ * type: object
|
|
|
+ * properties:
|
|
|
+ * pageCompleteDeletionAuthority:
|
|
|
* type: string
|
|
|
- * description: issuer for saml
|
|
|
- * samlCert:
|
|
|
- * type: string
|
|
|
- * description: certificate for saml
|
|
|
- * samlAttrMapId:
|
|
|
- * type: string
|
|
|
- * description: attribute mapping id for saml
|
|
|
- * samlAttrMapUserName:
|
|
|
- * type: string
|
|
|
- * description: attribute mapping user name for saml
|
|
|
- * samlAttrMapMail:
|
|
|
- * type: string
|
|
|
- * description: attribute mapping mail for saml
|
|
|
- * samlAttrMapFirstName:
|
|
|
- * type: string
|
|
|
- * description: attribute mapping first name for saml
|
|
|
- * samlAttrMapLastName:
|
|
|
- * type: string
|
|
|
- * description: attribute mapping last name for saml
|
|
|
- * isSameUsernameTreatedAsIdenticalUser
|
|
|
- * type: boolean
|
|
|
- * description: local account automatically linked the user name matched
|
|
|
- * isSameEmailTreatedAsIdenticalUser
|
|
|
- * type: boolean
|
|
|
- * description: local account automatically linked the email matched
|
|
|
- * OidcAuthSetting:
|
|
|
- * type:object
|
|
|
- * oidcProviderName:
|
|
|
- * type: string
|
|
|
- * description: provider name for oidc
|
|
|
- * oidcIssuerHost:
|
|
|
- * type: string
|
|
|
- * description: issuer host for oidc
|
|
|
- * oidcClientId:
|
|
|
- * type: string
|
|
|
- * description: client id for oidc
|
|
|
- * oidcClientSecret:
|
|
|
- * type: string
|
|
|
- * description: client secret for oidc
|
|
|
- * oidcAttrMapId:
|
|
|
- * type: string
|
|
|
- * description: attr map id for oidc
|
|
|
- * oidcAttrMapUserName:
|
|
|
- * type: string
|
|
|
- * description: attr map username for oidc
|
|
|
- * oidcAttrMapName:
|
|
|
- * type: string
|
|
|
- * description: attr map name for oidc
|
|
|
- * oidcAttrMapMail:
|
|
|
- * type: string
|
|
|
- * description: attr map mail for oidc
|
|
|
- * isSameUsernameTreatedAsIdenticalUser
|
|
|
- * type: boolean
|
|
|
- * description: local account automatically linked the user name matched
|
|
|
- * isSameEmailTreatedAsIdenticalUser
|
|
|
+ * description: type of pageDeletionAuthority
|
|
|
+ * Function:
|
|
|
+ * type: object
|
|
|
+ * properties:
|
|
|
+ * hideRestrictedByOwner:
|
|
|
* type: boolean
|
|
|
- * description: local account automatically linked the email matched
|
|
|
- * BasicAuthSetting:
|
|
|
- * type:object
|
|
|
- * isSameUsernameTreatedAsIdenticalUser
|
|
|
- * type: boolean
|
|
|
- * description: local account automatically linked the email matched
|
|
|
- * GitHubOAuthSetting:
|
|
|
- * type:object
|
|
|
- * githubClientId:
|
|
|
- * type: string
|
|
|
- * description: key of comsumer
|
|
|
- * githubClientSecret:
|
|
|
- * type: string
|
|
|
- * description: password of comsumer
|
|
|
- * isSameUsernameTreatedAsIdenticalUser
|
|
|
- * type: boolean
|
|
|
- * description: local account automatically linked the email matched
|
|
|
- * GoogleOAuthSetting:
|
|
|
- * type:object
|
|
|
- * googleClientId:
|
|
|
- * type: string
|
|
|
- * description: key of comsumer
|
|
|
- * googleClientSecret:
|
|
|
- * type: string
|
|
|
- * description: password of comsumer
|
|
|
- * isSameUsernameTreatedAsIdenticalUser
|
|
|
- * type: boolean
|
|
|
- * description: local account automatically linked the email matched
|
|
|
- * TwitterOAuthSetting:
|
|
|
- * type:object
|
|
|
- * twitterConsumerKey:
|
|
|
- * type: string
|
|
|
- * description: key of comsumer
|
|
|
- * twitterConsumerSecret:
|
|
|
- * type: string
|
|
|
- * description: password of comsumer
|
|
|
- * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * description: enable hide by owner
|
|
|
+ * hideRestrictedByGroup:
|
|
|
* type: boolean
|
|
|
- * description: local account automatically linked the email matched
|
|
|
+ * description: enable hide by group
|
|
|
+ * SamlAuthSetting:
|
|
|
+ * type:object
|
|
|
+ * samlEntryPoint:
|
|
|
+ * type: string
|
|
|
+ * description: entry point for saml
|
|
|
+ * samlIssuer:
|
|
|
+ * type: string
|
|
|
+ * description: issuer for saml
|
|
|
+ * samlCert:
|
|
|
+ * type: string
|
|
|
+ * description: certificate for saml
|
|
|
+ * samlAttrMapId:
|
|
|
+ * type: string
|
|
|
+ * description: attribute mapping id for saml
|
|
|
+ * samlAttrMapUserName:
|
|
|
+ * type: string
|
|
|
+ * description: attribute mapping user name for saml
|
|
|
+ * samlAttrMapMail:
|
|
|
+ * type: string
|
|
|
+ * description: attribute mapping mail for saml
|
|
|
+ * samlAttrMapFirstName:
|
|
|
+ * type: string
|
|
|
+ * description: attribute mapping first name for saml
|
|
|
+ * samlAttrMapLastName:
|
|
|
+ * type: string
|
|
|
+ * description: attribute mapping last name for saml
|
|
|
+ * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the user name matched
|
|
|
+ * isSameEmailTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the email matched
|
|
|
+ * OidcAuthSetting:
|
|
|
+ * type:object
|
|
|
+ * oidcProviderName:
|
|
|
+ * type: string
|
|
|
+ * description: provider name for oidc
|
|
|
+ * oidcIssuerHost:
|
|
|
+ * type: string
|
|
|
+ * description: issuer host for oidc
|
|
|
+ * oidcClientId:
|
|
|
+ * type: string
|
|
|
+ * description: client id for oidc
|
|
|
+ * oidcClientSecret:
|
|
|
+ * type: string
|
|
|
+ * description: client secret for oidc
|
|
|
+ * oidcAttrMapId:
|
|
|
+ * type: string
|
|
|
+ * description: attr map id for oidc
|
|
|
+ * oidcAttrMapUserName:
|
|
|
+ * type: string
|
|
|
+ * description: attr map username for oidc
|
|
|
+ * oidcAttrMapName:
|
|
|
+ * type: string
|
|
|
+ * description: attr map name for oidc
|
|
|
+ * oidcAttrMapMail:
|
|
|
+ * type: string
|
|
|
+ * description: attr map mail for oidc
|
|
|
+ * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the user name matched
|
|
|
+ * isSameEmailTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the email matched
|
|
|
+ * BasicAuthSetting:
|
|
|
+ * type:object
|
|
|
+ * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the email matched
|
|
|
+ * GitHubOAuthSetting:
|
|
|
+ * type:object
|
|
|
+ * githubClientId:
|
|
|
+ * type: string
|
|
|
+ * description: key of comsumer
|
|
|
+ * githubClientSecret:
|
|
|
+ * type: string
|
|
|
+ * description: password of comsumer
|
|
|
+ * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the email matched
|
|
|
+ * GoogleOAuthSetting:
|
|
|
+ * type:object
|
|
|
+ * googleClientId:
|
|
|
+ * type: string
|
|
|
+ * description: key of comsumer
|
|
|
+ * googleClientSecret:
|
|
|
+ * type: string
|
|
|
+ * description: password of comsumer
|
|
|
+ * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the email matched
|
|
|
+ * TwitterOAuthSetting:
|
|
|
+ * type:object
|
|
|
+ * twitterConsumerKey:
|
|
|
+ * type: string
|
|
|
+ * description: key of comsumer
|
|
|
+ * twitterConsumerSecret:
|
|
|
+ * type: string
|
|
|
+ * description: password of comsumer
|
|
|
+ * isSameUsernameTreatedAsIdenticalUser
|
|
|
+ * type: boolean
|
|
|
+ * description: local account automatically linked the email matched
|
|
|
*/
|
|
|
module.exports = (crowi) => {
|
|
|
const loginRequiredStrictly = require('../../middleware/login-required')(crowi);
|
|
|
@@ -222,9 +220,13 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * properties:
|
|
|
- * securityParams:
|
|
|
- * $ref: '#/components/schemas/SecurityParams'
|
|
|
+ * $ref: '#/components/schemas/GeneralSetting'
|
|
|
+ * $ref: '#/components/schemas/SamlAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/OidcAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/BasicAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/GitHubOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/GoogleOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/TwitterOAuthSetting'
|
|
|
*/
|
|
|
router.get('/', loginRequiredStrictly, adminRequired, async(req, res) => {
|
|
|
|
|
|
@@ -318,29 +320,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * type: object
|
|
|
- * properties:
|
|
|
- * restrictGuestMode:
|
|
|
- * description: type of restrictGuestMode
|
|
|
- * type: string
|
|
|
- * pageCompleteDeletionAuthority:
|
|
|
- * type: string
|
|
|
- * description: type of pageDeletionAuthority
|
|
|
- * hideRestrictedByOwner:
|
|
|
- * type: boolean
|
|
|
- * description: enable hide by owner
|
|
|
- * hideRestrictedByGroup:
|
|
|
- * type: boolean
|
|
|
- * description: enable hide by group
|
|
|
+ * $ref: '#/components/schemas/GeneralSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to update general Setting
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * properties:
|
|
|
- * status:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/GeneralSetting'
|
|
|
+ * $ref: '#/components/schemas/GeneralSetting'
|
|
|
*/
|
|
|
router.put('/general-setting', loginRequiredStrictly, adminRequired, csrf, validator.generalSetting, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
|
|
@@ -379,14 +366,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/SamlAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/SamlAuthSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to update SAML setting
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/SamlAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/SamlAuthSetting'
|
|
|
*/
|
|
|
router.put('/saml', loginRequiredStrictly, adminRequired, csrf, validator.samlAuth, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
|
|
@@ -437,14 +424,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/OidcAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/OidcAuthSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to update OpenID Connect setting
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/OidcAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/OidcAuthSetting'
|
|
|
*/
|
|
|
router.put('/oidc', loginRequiredStrictly, adminRequired, csrf, validator.oidcAuth, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
|
|
@@ -495,14 +482,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/BasicAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/BasicAuthSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to update basic
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/BasicAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/BasicAuthSetting'
|
|
|
*/
|
|
|
router.put('/basic', loginRequiredStrictly, adminRequired, csrf, validator.basicAuth, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
|
|
@@ -535,14 +522,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/GoogleOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/GoogleOAuthSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to google OAuth
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/GoogleOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/GoogleOAuthSetting'
|
|
|
*/
|
|
|
router.put('/google-oauth', loginRequiredStrictly, adminRequired, csrf, validator.googleOAuth, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
|
|
@@ -579,14 +566,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/GitHubOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/GitHubOAuthSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to github OAuth
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/GitHubOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/GitHubOAuthSetting'
|
|
|
*/
|
|
|
router.put('/github-oauth', loginRequiredStrictly, adminRequired, csrf, validator.githubOAuth, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
|
|
@@ -623,14 +610,14 @@ module.exports = (crowi) => {
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/TwitterOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/TwitterOAuthSetting'
|
|
|
* responses:
|
|
|
* 200:
|
|
|
* description: Succeeded to update twitter OAuth
|
|
|
* content:
|
|
|
* application/json:
|
|
|
* schema:
|
|
|
- * $ref: '#/components/schemas/SecurityParams/TwitterOAuthSetting'
|
|
|
+ * $ref: '#/components/schemas/TwitterOAuthSetting'
|
|
|
*/
|
|
|
router.put('/twitter-oauth', loginRequiredStrictly, adminRequired, csrf, validator.twitterOAuth, ApiV3FormValidator, async(req, res) => {
|
|
|
const requestParams = {
|
itizawa