Merge pull request #1562 from weseek/reactify-admin/remove-unnecessary-code

Reactify admin/remove unnecessary code

src/server/form/admin/securityGeneral.js

@@ -1,10 +0,0 @@
-const form = require('express-form');
-
-const field = form.field;
-
-module.exports = form(
-  field('settingForm[security:restrictGuestMode]'),
-  field('settingForm[security:list-policy:hideRestrictedByOwner]').trim().toBooleanStrict(),
-  field('settingForm[security:list-policy:hideRestrictedByGroup]').trim().toBooleanStrict(),
-  field('settingForm[security:pageCompleteDeletionAuthority]'),
-);

src/server/form/index.js

@@ -11,15 +11,6 @@ module.exports = {
     apiToken: require('./me/apiToken'),
   },
   admin: {
-    securityGeneral: require('./admin/securityGeneral'),
-    securityPassportLocal: require('./admin/securityPassportLocal'),
-    securityPassportLdap: require('./admin/securityPassportLdap'),
-    securityPassportSaml: require('./admin/securityPassportSaml'),
-    securityPassportBasic: require('./admin/securityPassportBasic'),
-    securityPassportGoogle: require('./admin/securityPassportGoogle'),
-    securityPassportGitHub: require('./admin/securityPassportGitHub'),
-    securityPassportTwitter: require('./admin/securityPassportTwitter'),
-    securityPassportOidc: require('./admin/securityPassportOidc'),
     slackIwhSetting: require('./admin/slackIwhSetting'),
     slackSetting: require('./admin/slackSetting'),
     userGroupCreate: require('./admin/userGroupCreate'),

src/server/routes/admin.js

@@ -563,243 +563,6 @@ module.exports = function(crowi, app) {
   };
 
   actions.api = {};
-  actions.api.securitySetting = async function(req, res) {
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    const form = req.form.settingForm;
-    if (aclService.isWikiModeForced()) {
-      logger.debug('security:restrictGuestMode will not be changed because wiki mode is forced to set');
-      delete form['security:restrictGuestMode'];
-    }
-
-    try {
-      await configManager.updateConfigsInTheSameNamespace('crowi', form);
-      return res.json({ status: true });
-    }
-    catch (err) {
-      logger.error(err);
-      return res.json({ status: false });
-    }
-  };
-
-  actions.api.securityPassportLocalSetting = async function(req, res) {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-
-    try {
-      await configManager.updateConfigsInTheSameNamespace('crowi', form);
-      // reset strategy
-      crowi.passportService.resetLocalStrategy();
-      // setup strategy
-      if (configManager.getConfig('crowi', 'security:passport-local:isEnabled')) {
-        crowi.passportService.setupLocalStrategy(true);
-      }
-    }
-    catch (err) {
-      logger.error(err);
-      return res.json({ status: false, message: err.message });
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportLdapSetting = async function(req, res) {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-
-    try {
-      await configManager.updateConfigsInTheSameNamespace('crowi', form);
-      // reset strategy
-      crowi.passportService.resetLdapStrategy();
-      // setup strategy
-      if (configManager.getConfig('crowi', 'security:passport-ldap:isEnabled')) {
-        crowi.passportService.setupLdapStrategy(true);
-      }
-    }
-    catch (err) {
-      logger.error(err);
-      return res.json({ status: false, message: err.message });
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportSamlSetting = async(req, res) => {
-    const form = req.form.settingForm;
-
-    validateSamlSettingForm(req.form, req.t);
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-    await configManager.updateConfigsInTheSameNamespace('crowi', form);
-
-    // reset strategy
-    await crowi.passportService.resetSamlStrategy();
-    // setup strategy
-    if (configManager.getConfig('crowi', 'security:passport-saml:isEnabled')) {
-      try {
-        await crowi.passportService.setupSamlStrategy(true);
-      }
-      catch (err) {
-        // reset
-        await crowi.passportService.resetSamlStrategy();
-        return res.json({ status: false, message: err.message });
-      }
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportBasicSetting = async(req, res) => {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-    await configManager.updateConfigsInTheSameNamespace('crowi', form);
-
-    // reset strategy
-    await crowi.passportService.resetBasicStrategy();
-    // setup strategy
-    if (configManager.getConfig('crowi', 'security:passport-basic:isEnabled')) {
-      try {
-        await crowi.passportService.setupBasicStrategy(true);
-      }
-      catch (err) {
-        // reset
-        await crowi.passportService.resetBasicStrategy();
-        return res.json({ status: false, message: err.message });
-      }
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportGoogleSetting = async(req, res) => {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-    await configManager.updateConfigsInTheSameNamespace('crowi', form);
-
-    // reset strategy
-    await crowi.passportService.resetGoogleStrategy();
-    // setup strategy
-    if (configManager.getConfig('crowi', 'security:passport-google:isEnabled')) {
-      try {
-        await crowi.passportService.setupGoogleStrategy(true);
-      }
-      catch (err) {
-        // reset
-        await crowi.passportService.resetGoogleStrategy();
-        return res.json({ status: false, message: err.message });
-      }
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportGitHubSetting = async(req, res) => {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-    await configManager.updateConfigsInTheSameNamespace('crowi', form);
-
-    // reset strategy
-    await crowi.passportService.resetGitHubStrategy();
-    // setup strategy
-    if (configManager.getConfig('crowi', 'security:passport-github:isEnabled')) {
-      try {
-        await crowi.passportService.setupGitHubStrategy(true);
-      }
-      catch (err) {
-        // reset
-        await crowi.passportService.resetGitHubStrategy();
-        return res.json({ status: false, message: err.message });
-      }
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportTwitterSetting = async(req, res) => {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-    await configManager.updateConfigsInTheSameNamespace('crowi', form);
-
-    // reset strategy
-    await crowi.passportService.resetTwitterStrategy();
-    // setup strategy
-    if (configManager.getConfig('crowi', 'security:passport-twitter:isEnabled')) {
-      try {
-        await crowi.passportService.setupTwitterStrategy(true);
-      }
-      catch (err) {
-        // reset
-        await crowi.passportService.resetTwitterStrategy();
-        return res.json({ status: false, message: err.message });
-      }
-    }
-
-    return res.json({ status: true });
-  };
-
-  actions.api.securityPassportOidcSetting = async(req, res) => {
-    const form = req.form.settingForm;
-
-    if (!req.form.isValid) {
-      return res.json({ status: false, message: req.form.errors.join('\n') });
-    }
-
-    debug('form content', form);
-    await configManager.updateConfigsInTheSameNamespace('crowi', form);
-
-    // reset strategy
-    await crowi.passportService.resetOidcStrategy();
-    // setup strategy
-    if (configManager.getConfig('crowi', 'security:passport-oidc:isEnabled')) {
-      try {
-        await crowi.passportService.setupOidcStrategy(true);
-      }
-      catch (err) {
-        // reset
-        await crowi.passportService.resetOidcStrategy();
-        return res.json({ status: false, message: err.message });
-      }
-    }
-
-    return res.json({ status: true });
-  };
-
 
   // app.post('/_api/admin/notifications.add'    , admin.api.notificationAdd);
   actions.api.notificationAdd = function(req, res) {
@@ -1011,21 +774,5 @@ module.exports = function(crowi, app) {
     return res.json(ApiResponse.success());
   };
 
-  /**
-   * validate setting form values for SAML
-   *
-   * This validation checks, for the value of each mandatory items,
-   * whether it from the environment variables is empty and form value to update it is empty.
-   */
-  function validateSamlSettingForm(form, t) {
-    for (const key of crowi.passportService.mandatoryConfigKeysForSaml) {
-      const formValue = form.settingForm[key];
-      if (configManager.getConfigFromEnvVars('crowi', key) === null && formValue === '') {
-        const formItemName = t(`security_setting.form_item_name.${key}`);
-        form.errors.push(t('form_validation.required', formItemName));
-      }
-    }
-  }
-
   return actions;
 };

src/server/routes/index.js

@@ -62,17 +62,8 @@ module.exports = function(crowi, app) {
 
   // security admin
   app.get('/admin/security'                     , loginRequiredStrictly , adminRequired , admin.security.index);
-  app.post('/_api/admin/security/general'       , loginRequiredStrictly , adminRequired , form.admin.securityGeneral, admin.api.securitySetting);
-  app.post('/_api/admin/security/passport-local', loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportLocal, admin.api.securityPassportLocalSetting);
-  app.post('/_api/admin/security/passport-ldap' , loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportLdap, admin.api.securityPassportLdapSetting);
-  app.post('/_api/admin/security/passport-saml' , loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportSaml, admin.api.securityPassportSamlSetting);
-  app.post('/_api/admin/security/passport-basic', loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportBasic, admin.api.securityPassportBasicSetting);
 
   // OAuth
-  app.post('/_api/admin/security/passport-google' , loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportGoogle, admin.api.securityPassportGoogleSetting);
-  app.post('/_api/admin/security/passport-github' , loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportGitHub, admin.api.securityPassportGitHubSetting);
-  app.post('/_api/admin/security/passport-twitter', loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportTwitter, admin.api.securityPassportTwitterSetting);
-  app.post('/_api/admin/security/passport-oidc',    loginRequiredStrictly , adminRequired , csrf, form.admin.securityPassportOidc, admin.api.securityPassportOidcSetting);
   app.get('/passport/google'                      , loginPassport.loginWithGoogle);
   app.get('/passport/github'                      , loginPassport.loginWithGitHub);
   app.get('/passport/twitter'                     , loginPassport.loginWithTwitter);

src/server/views/admin/security.html

@@ -16,261 +16,8 @@
     <div class="col-md-3">
       {% include './widget/menu.html' with {current: 'security'} %}
     </div>
-    <div class="col-md-9" id="admin-security-setting">
-
-      {% set smessage = req.flash('successMessage') %}
-      {% if smessage.length %}
-      <div class="alert alert-success">
-        {% for e in smessage %}
-          {{ e }}<br>
-        {% endfor %}
-      </div>
-      {% endif %}
-
-      {% set emessage = req.flash('errorMessage') %}
-      {% if emessage.length %}
-      <div class="alert alert-danger">
-        {% for e in emessage %}
-        {{ e }}<br>
-        {% endfor %}
-      </div>
-      {% endif %}
-
-      <form action="/_api/admin/security/general" method="post" class="form-horizontal" id="generalSetting" role="form">
-        <fieldset>
-        <legend class="alert-anchor">{{ t('security_settings') }}</legend>
-
-          <div class="form-group">
-            <label for="settingForm[security:restrictGuestMode]" class="col-xs-3 control-label">{{ t('security_setting.Guest Users Access') }}</label>
-            <div class="col-xs-6">
-              {% set selectedValue = guestModeValue %}
-              <select class="form-control selectpicker" {% if isWikiModeForced %}disabled{% endif %}
-                  name="settingForm[security:restrictGuestMode]" value="{{ getConfig('crowi', 'security:restrictGuestMode') }}">
-                {% for modeValue, modeLabel in consts.restrictGuestMode %}
-                  <option value="{{ t(modeValue) }}" {% if modeValue == selectedValue %}selected{% endif %}>{{ t(modeLabel) }}</option>
-                {% endfor %}
-              </select>
-              {% if isWikiModeForced %}
-              <p class="alert alert-warning mt-2">
-                <i class="icon-exclamation icon-fw"></i><b>FIXED</b><br>
-                {{ t('security_setting.Fixed by env var', 'FORCE_WIKI_MODE', getConfig('crowi', 'security:wikiMode')) }}
-              </p>
-              {% endif %}
-            </div>
-          </div>
-
-          <div class="form-group">
-            {% set configName = 'settingForm[security:list-policy:hideRestrictedByOwner]' %}
-            {% set configValue = getConfig('crowi', 'security:list-policy:hideRestrictedByOwner') %}
-            {% set isEnabled = !configValue %}
-            <label for="{{configName}}" class="col-xs-3 control-label">{{ t("security_setting.page_listing_1") }}</label>
-            <div class="col-xs-9">
-              <div class="btn-group btn-toggle" data-toggle="buttons">
-                <label class="btn btn-default btn-rounded btn-outline {% if isEnabled %}active{% endif %}" data-active-class="primary">
-                  <input name="{{configName}}" value="false" type="radio" {% if isEnabled %}checked{% endif %}> ON
-                </label>
-                <label class="btn btn-default btn-rounded btn-outline {% if !isEnabled %}active{% endif %}" data-active-class="default">
-                  <input name="{{configName}}" value="true" type="radio" {% if !isEnabled %}checked{% endif %}> OFF
-                </label>
-              </div>
-
-              <p class="help-block small">
-                {{ t("security_setting.page_listing_1_desc") }}
-              </p>
-            </div>
-          </div>
-
-          <div class="form-group">
-            {% set configName = 'settingForm[security:list-policy:hideRestrictedByGroup]' %}
-            {% set configValue = getConfig('crowi', 'security:list-policy:hideRestrictedByGroup') %}
-            {% set isEnabled = !configValue %}
-            <label for="{{configName}}" class="col-xs-3 control-label">{{ t("security_setting.page_listing_2") }}</label>
-            <div class="col-xs-9">
-              <div class="btn-group btn-toggle" data-toggle="buttons">
-                <label class="btn btn-default btn-rounded btn-outline {% if isEnabled %}active{% endif %}" data-active-class="primary">
-                  <input name="{{configName}}" value="false" type="radio" {% if isEnabled %}checked{% endif %}> ON
-                </label>
-                <label class="btn btn-default btn-rounded btn-outline {% if !isEnabled %}active{% endif %}" data-active-class="default">
-                  <input name="{{configName}}" value="true" type="radio" {% if !isEnabled %}checked{% endif %}> OFF
-                </label>
-              </div>
-
-              <p class="help-block small">
-                {{ t("security_setting.page_listing_2_desc") }}
-              </p>
-            </div>
-          </div>
-
-          <div class="form-group">
-            {% set configName = 'settingForm[security:pageCompleteDeletionAuthority]' %}
-            {% set configValue = getConfig('crowi','security:pageCompleteDeletionAuthority') %}
-            <label for="{{configName}}" class="col-xs-3 control-label">{{ t('security_setting.complete_deletion') }}</label>
-            <div class="col-xs-6">
-              <select class="form-control selectpicker" name="settingForm[security:pageCompleteDeletionAuthority]" value="{{ configValue }}">
-                <option value="anyOne" {% if configValue == "anyOne" %}selected{% endif %}>{{ t('security_setting.anyone') }}</option>
-                <option value="adminOnly" {% if configValue =="adiminOnly" %}selected{% endif %}>{{ t('security_setting.admin_only') }}</option>
-                <option value="adminAndAuthor" {% if configValue == "adminAndAuthor" %}selected{% endif %}>{{ t('security_setting.admin_and_author') }}</option>
-              </select>
-
-              <p class="help-block small">
-                {{ t('security_setting.complete_deletion_explain') }}
-              </p>
-            </div>
-          </div>
-
-          <div class="form-group">
-            <div class="col-xs-offset-3 col-xs-6">
-              <input type="hidden" name="_csrf" value="{{ csrf() }}">
-              <button type="submit" class="btn btn-primary">{{ t('Update') }}</button>
-            </div>
-          </div>
-
-        </fieldset>
-      </form>
-
-      <!-- prevent XSS link -->
-      <div class="mt-5">
-        <legend>{{ t('security_setting.xss_prevent_setting') }}</legend>
-        <div class="text-center">
-          <a class="flexbox" style="font-size: large;" href="/admin/markdown/#preventXSS">
-            <i class="fa-fw icon-login"></i> {{ t('security_setting.xss_prevent_setting_link') }}
-          </a>
-        </div>
-       </div>
-
-
-      <div class="auth-mechanism-configurations m-t-10">
-
-        <legend>{{ t('security_setting.Authentication mechanism settings') }}</legend>
-
-        {#
-         # passport settings nav
-         #}
-        <div class="passport-settings">
-          <ul class="nav nav-tabs" role="tablist">
-            <li class="active">
-              <a href="#passport-local" data-toggle="tab" role="tab"><i class="fa fa-users"></i> ID/Pass</a>
-            </li>
-            <li>
-              <a href="#passport-ldap" data-toggle="tab" role="tab"><i class="fa fa-sitemap"></i> LDAP</a>
-            </li>
-            <li>
-              <a href="#passport-saml" data-toggle="tab" role="tab"><i class="fa fa-key"></i> SAML</a>
-            </li>
-            <li>
-              <a href="#passport-oidc" data-toggle="tab" role="tab"><i class="fa fa-openid"></i> OIDC</a>
-            </li>
-            <li>
-              <a href="#passport-basic" data-toggle="tab" role="tab"><i class="fa fa-lock"></i> Basic</a>
-            </li>
-            <li>
-              <a href="#passport-google-oauth" data-toggle="tab" role="tab"><i class="fa fa-google"></i> Google</a>
-            </li>
-            <li>
-              <a href="#passport-github" data-toggle="tab" role="tab"><i class="fa fa-github"></i> GitHub</a>
-            </li>
-            <li>
-              <a href="#passport-twitter" data-toggle="tab" role="tab"><i class="fa fa-twitter"></i> Twitter</a>
-            </li>
-            <li class="tbd">
-              <a href="#passport-facebook" data-toggle="tab" role="tab"><i class="fa fa-facebook"></i> (TBD) Facebook</a>
-            </li>
-          </ul>
-
-          <div class="tab-content p-t-10">
-            <div id="passport-local" class="tab-pane active" role="tabpanel" >
-              {% include './widget/passport/local.html' %}
-            </div>
-
-            <div id="passport-ldap" class="tab-pane" role="tabpanel" >
-              {% include './widget/passport/ldap.html' with { settingForm: settingForm } %}
-            </div>
-
-            <div id="passport-saml" class="tab-pane" role="tabpanel" >
-              {% include './widget/passport/saml.html' %}
-            </div>
-
-            <div id="passport-oidc" class="tab-pane" role="tabpanel">
-              {% include './widget/passport/oidc.html' %}
-            </div>
-
-            <div id="passport-basic" class="tab-pane" role="tabpanel">
-              {% include './widget/passport/basic.html' %}
-            </div>
-
-            <div id="passport-google-oauth" class="tab-pane" role="tabpanel">
-              {% include './widget/passport/google-oauth.html' %}
-            </div>
-
-            <div id="passport-facebook" class="tab-pane" role="tabpanel">
-              {% include './widget/passport/facebook.html' %}
-            </div>
-
-            <div id="passport-twitter" class="tab-pane" role="tabpanel">
-              {% include './widget/passport/twitter.html' %}
-            </div>
-
-            <div id="passport-github" class="tab-pane" role="tabpanel">
-              {% include './widget/passport/github.html' %}
-            </div>
-
-          </div><!-- /.tab-content -->
-        </div>
-
-      </div><!-- /.auth-mechanism-configurations -->
-    </div>
+    <div class="col-md-9" id="admin-security-setting"></div>
   </div>
-
-  <script>
-    $('#generalSetting, #localSetting, #samlSetting, #basicSetting, #googleSetting, #githubSetting, #twitterSetting, #oidcSetting').each(function() {
-      $(this).submit(function()
-      {
-        function showMessage(formId, msg, status) {
-          $('#' + formId + ' > .alert').remove();
-          $('#' + formId ).find('.alert').remove();
-
-          if (!status) {
-            status = 'success';
-          }
-          var $message = $('<p class="alert"></p>');
-          $message.addClass('alert-' + status);
-          $message.html(msg.replace(/\n/g, '<br>'));
-          $message.insertAfter('#' + formId + ' .alert-anchor');
-
-          if (status == 'success') {
-            setTimeout(function()
-            {
-              $message.fadeOut({
-                complete: function() {
-                  $message.remove();
-                }
-              });
-            }, 5000);
-          }
-        }
-
-        var $form = $(this);
-        var $id = $form.attr('id');
-        var $button = $('button', this);
-        $button.attr('disabled', 'disabled');
-        var jqxhr = $.post($form.attr('action'), $form.serialize(), function(data)
-          {
-            if (data.status) {
-              showMessage($id, '更新しました Updated');
-            } else {
-              showMessage($id, data.message, 'danger');
-            }
-          })
-          .fail(function() {
-            showMessage($id, 'エラーが発生しました Error', 'danger');
-          })
-          .always(function() {
-            $button.prop('disabled', false);
-        });
-        return false;
-      });
-    });
-  </script>
 </div>
 {% endblock content_main %}
 

src/server/views/admin/widget/passport/basic.html

@@ -1,73 +0,0 @@
-<form action="/_api/admin/security/passport-basic" method="post" class="form-horizontal passportStrategy" id="basicSetting" role="form"
-    {% if isRestartingServerNeeded %}style="opacity: 0.4;"{% endif %}>
-  <legend class="alert-anchor">{{ t("security_setting.Basic.name") }} {{ t("security_setting.configuration") }}</legend>
-
-  {% set nameForIsbasicEnabled = "settingForm[security:passport-basic:isEnabled]" %}
-  {% set isbasicEnabled = getConfig('crowi', 'security:passport-basic:isEnabled') %}
-
-  <div class="form-group">
-    <label for="{{nameForIsbasicEnabled}}" class="col-xs-3 control-label">{{ t("security_setting.Basic.name") }}</label>
-    <div class="col-xs-6">
-      <div class="btn-group btn-toggle" data-toggle="buttons">
-        <label class="btn btn-default btn-rounded btn-outline {% if isbasicEnabled %}active{% endif %}" data-active-class="primary">
-          <input name="{{nameForIsbasicEnabled}}" value="true" type="radio"
-              {% if true === isbasicEnabled %}checked{% endif %}> ON
-        </label>
-        <label class="btn btn-default btn-rounded btn-outline {% if !isbasicEnabled %}active{% endif %}" data-active-class="default">
-          <input name="{{nameForIsbasicEnabled}}" value="false" type="radio"
-              {% if !isbasicEnabled %}checked{% endif %}> OFF
-        </label>
-      </div>
-      <p class="help-block">
-        <small>
-          {{ t("security_setting.Basic.desc_1") }}<br>
-          {{ t("security_setting.Basic.desc_2") }}
-        </small>
-      </p>
-    </div>
-  </div>
-
-
-  <fieldset id="passport-basic-hide-when-disabled" {%if !isbasicEnabled %}style="display: none;"{% endif %}>
-
-    <div class="form-group">
-    <div class="col-xs-6 col-xs-offset-3">
-      <div class="checkbox checkbox-info">
-        <input type="checkbox" id="bindByUserName-basic" name="settingForm[security:passport-basic:isSameUsernameTreatedAsIdenticalUser]" value="1"
-            {% if getConfig('crowi', 'security:passport-basic:isSameUsernameTreatedAsIdenticalUser') %}checked{% endif %} />
-        <label for="bindByUserName-basic">
-          {{ t("security_setting.Treat username matching as identical", "username") }}
-        </label>
-        <p class="help-block">
-          <small>
-            {{ t("security_setting.Treat username matching as identical_warn", "username") }}
-          </small>
-        </p>
-    </div>
-      </div>
-    </div>
-
-  </fieldset>
-
-  <div class="form-group" id="btn-update">
-    <div class="col-xs-offset-3 col-xs-6">
-      <input type="hidden" name="_csrf" value="{{ csrf() }}">
-      <button type="submit" class="btn btn-primary">{{ t('Update') }}</button>
-    </div>
-  </div>
-
-</form>
-
-<script>
-  $('input[name="settingForm[security:passport-basic:isEnabled]"]').change(function() {
-    const isEnabled = ($(this).val() === "true");
-
-    if (isEnabled) {
-      $('#passport-basic-hide-when-disabled').show(400);
-    }
-    else {
-      $('#passport-basic-hide-when-disabled').hide(400);
-    }
-  });
-</script>
-

src/server/views/admin/widget/passport/ldap.html

@@ -1,363 +0,0 @@
-<form action="/_api/admin/security/passport-ldap" method="post" class="form-horizontal" id="ldapSetting" role="form">
-
-  <fieldset>
-    <legend>LDAP {{ t("security_setting.configuration") }}</legend>
-
-    {% set nameForIsLdapEnabled = "settingForm[security:passport-ldap:isEnabled]" %}
-    {% set isLdapEnabled = getConfig('crowi', 'security:passport-ldap:isEnabled') %}
-    <div class="form-group">
-      <label for="{{nameForIsLdapEnabled}}" class="col-xs-3 control-label">Use LDAP</label>
-      <div class="col-xs-6">
-        <div class="btn-group btn-toggle" data-toggle="buttons">
-          <label class="btn btn-default btn-rounded btn-outline {% if isLdapEnabled %}active{% endif %}" data-active-class="primary">
-            <input name="{{nameForIsLdapEnabled}}" value="true" type="radio"
-                {% if true === isLdapEnabled %}checked{% endif %}> ON
-          </label>
-          <label class="btn btn-default btn-rounded btn-outline {% if !isLdapEnabled %}active{% endif %}" data-active-class="default">
-            <input name="{{nameForIsLdapEnabled}}" value="false" type="radio"
-                {% if !isLdapEnabled %}checked{% endif %}> OFF
-          </label>
-        </div>
-      </div>
-    </div>
-
-    <div class="passport-ldap-hide-when-disabled" {%if !isLdapEnabled %}style="display: none;"{% endif %}>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:serverUrl]" class="col-xs-3 control-label">Server URL</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text"
-              name="settingForm[security:passport-ldap:serverUrl]" value="{{ getConfig('crowi', 'security:passport-ldap:serverUrl') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.server_url_detail") }}<br>
-              {{ t("security_setting.example") }}: <code>ldaps://ldap.company.com/ou=people,dc=company,dc=com</code>
-            </small>
-          </p>
-        </div>
-      </div>
-
-      {% set nameForIsUserBind = "settingForm[security:passport-ldap:isUserBind]" %}
-      {% set isUserBind = getConfig('crowi', 'security:passport-ldap:isUserBind') %}
-      <div class="form-group">
-        <label for="{{nameForIsUserBind}}" class="col-xs-3 control-label">{{ t("security_setting.ldap.bind_mode") }}</label>
-        <div class="col-xs-6">
-          <div class="btn-group btn-toggle" data-toggle="buttons">
-            <label class="btn btn-default btn-rounded btn-outline {% if !isUserBind %}active{% endif %}" data-active-class="primary">
-              <input name="{{nameForIsUserBind}}" value="false" type="radio"
-                  {% if !isUserBind %}checked{% endif %}> {{ t("security_setting.ldap.bind_manager") }}
-            </label>
-            <label class="btn btn-default btn-rounded btn-outline {% if isUserBind %}active{% endif %}" data-active-class="primary">
-              <input name="{{nameForIsUserBind}}" value="true" type="radio"
-                  {% if isUserBind %}checked{% endif %}> {{ t("security_setting.ldap.bind_user") }}
-            </label>
-          </div>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:bindDN]" class="col-xs-3 control-label">Bind DN</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text"
-              name="settingForm[security:passport-ldap:bindDN]" value="{{ getConfig('crowi', 'security:passport-ldap:bindDN') | default('') }}">
-          <p class="help-block passport-ldap-managerbind" {% if isUserBind %}style="display: none;"{% endif %}>
-            <small>
-              {{ t("security_setting.ldap.bind_DN_manager_detail") }}<br>
-              {{ t("security_setting.example") }}1: <code>uid=admin,dc=domain,dc=com</code><br>
-              {{ t("security_setting.example") }}2: <code>admin@domain.com</code>
-            </small>
-          </p>
-          <p class="help-block passport-ldap-userbind" {% if !isUserBind %}style="display: none;"{% endif %}>
-            <small>
-              {{ t("security_setting.ldap.bind_DN_user_detail1") }}<br>
-              {{ t("security_setting.ldap.bind_DN_user_detail2") }}<br>
-              {{ t("security_setting.example") }}1: <code>uid={% raw %}{{username}}{% endraw %},dc=domain,dc=com</code><br>
-              {{ t("security_setting.example") }}2: <code>{% raw %}{{username}}{% endraw %}@domain.com</code>
-            </small>
-          </p>
-          </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:bindDNPassword]" class="col-xs-3 control-label">{{ t("security_setting.ldap.bind_DN_password") }}</label>
-        <div class="col-xs-6">
-          <input class="form-control passport-ldap-managerbind" type="password" {% if isUserBind %}style="display: none;"{% endif %}
-              name="settingForm[security:passport-ldap:bindDNPassword]" value="{{ getConfig('crowi', 'security:passport-ldap:bindDNPassword') | default('') }}">
-          <p class="help-block passport-ldap-managerbind">
-            <small>
-              {{ t("security_setting.ldap.bind_DN_password_manager_detail") }}
-            </small>
-          </p>
-          <p class="help-block passport-ldap-userbind" {% if !isUserBind %}style="display: none;"{% endif %}>
-            <small>
-              {{ t("security_setting.ldap.bind_DN_password_user_detail") }}
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:searchFilter]" class="col-xs-3 control-label">{{ t("security_setting.ldap.search_filter") }}</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text" placeholder="Default: (uid={% raw %}{{username}}{% endraw %})"
-              name="settingForm[security:passport-ldap:searchFilter]" value="{{ getConfig('crowi', 'security:passport-ldap:searchFilter') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.search_filter_detail1") }}<br>
-              {{ t("security_setting.ldap.search_filter_detail2") }}<br>
-              {{ t("security_setting.ldap.search_filter_detail3") }}
-            </small>
-          </p>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.example") }}1 - {{ t("security_setting.ldap.search_filter_example1") }}: <code>(|(uid={% raw %}{{username}}{% endraw %})(mail={% raw %}{{username}}{% endraw %}))</code><br>
-              {{ t("security_setting.example") }}2 - {{ t("security_setting.ldap.search_filter_example2") }}: <code>(sAMAccountName={% raw %}{{username}}{% endraw %})</code>
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <h4>Attribute Mapping ({{ t("security_setting.optional") }})</h4>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:attrMapUsername]" class="col-xs-3 control-label">username</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text" placeholder="Default: uid"
-              name="settingForm[security:passport-ldap:attrMapUsername]" value="{{ getConfig('crowi', 'security:passport-ldap:attrMapUsername') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.username_detail") }}
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <div class="col-xs-6 col-xs-offset-3">
-          <div class="checkbox checkbox-info">
-            <input type="checkbox" id="cbSameUsernameTreatedAsIdenticalUser" name="settingForm[security:passport-ldap:isSameUsernameTreatedAsIdenticalUser]" value="1"
-                {% if getConfig('crowi', 'security:passport-ldap:isSameUsernameTreatedAsIdenticalUser') %}checked{% endif %} />
-            <label for="cbSameUsernameTreatedAsIdenticalUser">
-              {{ t("security_setting.Treat username matching as identical", "username") }}
-            </label>
-            <p class="help-block">
-              <small>
-                {{ t("security_setting.Treat username matching as identical_warn", "username") }}
-              </small>
-            </p>
-          </div>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:attrMapMail]" class="col-xs-3 control-label">Mail</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text" placeholder="Default: mail"
-              name="settingForm[security:passport-ldap:attrMapMail]" value="{{ getConfig('crowi', 'security:passport-ldap:attrMapMail') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.mail_detail") }}
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:attrMapName]" class="col-xs-3 control-label">Name</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text"
-              name="settingForm[security:passport-ldap:attrMapName]" value="{{ getConfig('crowi', 'security:passport-ldap:attrMapName') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.name_detail") }}
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <h4>{{ t("security_setting.ldap.group_search_filter") }} ({{ t("security_setting.optional") }})</h4>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:groupSearchBase]" class="col-xs-3 control-label">{{ t("security_setting.ldap.group_search_base_DN") }}</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text"
-              name="settingForm[security:passport-ldap:groupSearchBase]" value="{{ getConfig('crowi', 'security:passport-ldap:groupSearchBase') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.group_search_base_DN_detail") }}<br>
-              {{ t("security_setting.example") }}: <code>ou=groups,dc=domain,dc=com</code>
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:groupSearchFilter]" class="col-xs-3 control-label">{{ t("security_setting.ldap.group_search_filter") }}</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text"
-              name="settingForm[security:passport-ldap:groupSearchFilter]" value="{{ getConfig('crowi', 'security:passport-ldap:groupSearchFilter') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.group_search_filter_detail1") }}<br>
-              {{ t("security_setting.ldap.group_search_filter_detail2") }}<br>
-              {{ t("security_setting.ldap.group_search_filter_detail3") }}
-            </small>
-          </p>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.example") }}: {{ t("security_setting.ldap.group_search_filter_detail4") }}
-            </small>
-          </p>
-        </div>
-      </div>
-
-      <div class="form-group">
-        <label for="settingForm[security:passport-ldap:groupSearchFilter]" class="col-xs-3 control-label">{{ t("security_setting.ldap.group_search_user_DN_property") }}</label>
-        <div class="col-xs-6">
-          <input class="form-control" type="text" placeholder="Default: uid"
-              name="settingForm[security:passport-ldap:groupDnProperty]" value="{{ getConfig('crowi', 'security:passport-ldap:groupDnProperty') | default('') }}">
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.ldap.group_search_user_DN_property_detail") }}
-            </small>
-          </p>
-        </div>
-      </div>
-
-    </div><!-- /.passport-ldap-configurations -->
-
-    <div class="form-group">
-      <div class="col-xs-offset-3 col-xs-6">
-        <button type="submit" class="btn btn-primary">{# the first element is the default button to submit #}
-          {{ t('Update') }}
-        </button>
-        <button type="button"
-            class="btn btn-default passport-ldap-hide-when-disabled"
-            data-target="#test-ldap-account" data-toggle="modal"
-            {%if !isLdapEnabled %}style="display: none;"{% endif %}>
-
-          {{ t("security_setting.ldap.test_config") }}
-        </button>
-      </div>
-    </div>
-  </fieldset>
-  <input type="hidden" name="_csrf" value="{{ csrf() }}">
-
-  <script>
-    // switch display according to on / off of radio buttons
-    $('input[name="{{nameForIsLdapEnabled}}"]:radio').change(function() {
-      const isEnabled = ($(this).val() === "true");
-
-      if (isEnabled) {
-        $('.passport-ldap-hide-when-disabled').show(400);
-      }
-      else {
-        $('.passport-ldap-hide-when-disabled').hide(400);
-      }
-    });
-
-    // switch display according to on / off of radio buttons
-    $('input[name="{{nameForIsUserBind}}"]:radio').change(function() {
-      const isUserBind = ($(this).val() === "true");
-
-      if (isUserBind) {
-        $('input.passport-ldap-managerbind').hide();
-        $('.help-block.passport-ldap-managerbind').hide();
-        $('.help-block.passport-ldap-userbind').show();
-      }
-      else {
-        $('input.passport-ldap-managerbind').show();
-        $('.help-block.passport-ldap-managerbind').show();
-        $('.help-block.passport-ldap-userbind').hide();
-      }
-    });
-
-    // store which button is clicked when submit
-    var submittedButton;
-    $('button[type="submit"]').click(function() {
-      submittedButton = $(this);
-    });
-    $('#ldapSetting, #ldapTest').each(function() {
-      $(this).submit(function()
-      {
-        function showMessage(formId, msg, status) {
-          $('#' + formId + ' .alert').remove();
-
-          if (!status) {
-            status = 'success';
-          }
-          var $message = $('<p class="alert"></p>');
-          $message.addClass('alert-' + status);
-          $message.html(msg.replace(/\n/g, '<br>'));
-          $message.insertAfter('#' + formId + ' legend');
-
-          if (status == 'success') {
-            setTimeout(function()
-            {
-              $message.fadeOut({
-                complete: function() {
-                  $message.remove();
-                }
-              });
-            }, 5000);
-          }
-        }
-
-        var $form = $(this);
-        var $id = $form.attr('id');
-        var $button = submittedButton;
-        var $action = $button.attr('formaction') || $form.attr('action');
-        $button.attr('disabled', 'disabled');
-        var jqxhr = $.post($action, $form.serialize(), function(data)
-        {
-          if (data.status) {
-            const message = data.message || '更新しました';
-            showMessage($id, message);
-          } else {
-            showMessage($id, data.message, 'danger');
-          }
-        })
-        .fail(function() {
-          showMessage($id, 'エラーが発生しました', 'danger');
-        })
-        .always(function() {
-          $button.prop('disabled', false);
-        });
-        return false;
-      });
-    });
-    </script>
-
-</form>
-
-<div class="modal test-ldap-account" id="test-ldap-account">
-  <div class="modal-dialog">
-    <div class="modal-content">
-
-      <div class="modal-header">
-        <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
-        <div class="modal-title">{{ t('Test LDAP Account') }}</div>
-      </div>
-
-      <div class="modal-body">
-
-        {% include '../../../widget/passport/ldap-association-tester.html' with { showLog: true } %}
-
-      </div><!-- /.modal-body -->
-
-    </div><!-- /.modal-content -->
-  </div><!-- /.modal-dialog -->
-
-  <script>
-    /**
-     * associate (submit the form)
-     */
-    function associateLdap() {
-      var $form = $('#formLdapAssociationContainer > form');
-      var $action = '/me/external-accounts/associateLdap';
-      $form.attr('action', $action);
-      $form.submit();
-    }
-  </script>
-
-</div><!-- /.modal -->

src/server/views/admin/widget/passport/local.html

@@ -1,85 +0,0 @@
-<form action="/_api/admin/security/passport-local" method="post" class="form-horizontal passportStrategy" id="localSetting" role="form"
-    {% if isRestartingServerNeeded %}style="opacity: 0.4;"{% endif %}>
-  <legend class="alert-anchor">{{ t("security_setting.Local.name") }} {{ t("security_setting.configuration") }}</legend>
-
-  {% set nameForIsLocalEnabled = "settingForm[security:passport-local:isEnabled]" %}
-  {% set isLocalEnabled = getConfig('crowi', 'security:passport-local:isEnabled') %}
-  {% set useOnlyEnvVars = getConfig('crowi', 'security:passport-local:useOnlyEnvVarsForSomeOptions') %}
-
-  <!-- TODO delete file after reactify-admin -->
-  {% if useOnlyEnvVars %}
-    <p class="alert alert-info">
-      {{ t("security_setting.Local.note for the only env option", "LOCAL_STRATEGY_USES_ONLY_ENV_VARS_FOR_SOME_OPTIONS") }}
-    </p>
-  {% endif %}
-
-  <div class="form-group">
-    <label for="{{nameForIsLocalEnabled}}" class="col-xs-3 control-label">{{ t("security_setting.Local.name") }}</label>
-    <div class="col-xs-6">
-      <div class="btn-group btn-toggle {% if useOnlyEnvVars %}btn-group-disabled{% endif %}" data-toggle="buttons">
-        <label class="btn btn-default btn-rounded btn-outline {% if isLocalEnabled %}active{% endif %}" data-active-class="primary">
-          <input name="{{nameForIsLocalEnabled}}"
-                 value="true"
-                 type="radio"
-                 {% if true === isLocalEnabled %}checked{% endif %}
-                 {% if useOnlyEnvVars %}readonly{% endif %}> ON
-        </label>
-        <label class="btn btn-default btn-rounded btn-outline {% if !isLocalEnabled %}active{% endif %}" data-active-class="default">
-          <input name="{{nameForIsLocalEnabled}}"
-                 value="false"
-                 type="radio"
-                 {% if !isLocalEnabled %}checked{% endif %}
-                 {% if useOnlyEnvVars %}readonly{% endif %}> OFF
-        </label>
-      </div>
-    </div>
-  </div>
-
-
-  <fieldset id="passport-local-hide-when-disabled" {%if !isLocalEnabled %}style="display: none;"{% endif %}>
-
-    <div class="form-group">
-      <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">{{ t('Register limitation') }}</label>
-      <div class="col-xs-9 col-lg-6">
-        <select class="form-control selectpicker" name="settingForm[security:registrationMode]" value="{{ getConfig('crowi', 'security:registrationMode') }}">
-          {% for modeValue, modeLabel in consts.registrationMode %}
-          <option value="{{ t(modeValue) }}" {% if modeValue == getConfig('crowi', 'security:registrationMode') %}selected{% endif %} >{{ t(modeLabel) }}</option>
-          {% endfor %}
-        </select>
-        <p class="help-block small">{{ t('security_setting.Register limitation desc') }}</p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:registrationWhiteList]" class="col-xs-3 control-label">{{ t('The whitelist of registration permission E-mail address') }}</label>
-      <div class="col-xs-9 col-lg-6">
-        <textarea class="form-control" type="textarea" name="settingForm[security:registrationWhiteList]" placeholder="{{ t('security_setting.example') }}: @growi.org">{{ getConfig('crowi', 'security:registrationWhiteList') | join('&#13') | raw }}</textarea>
-        <p class="help-block small">{{ t("security_setting.restrict_emails") }}{{ t("security_setting.for_instance") }}<code>@growi.org</code>{{ t("security_setting.only_those") }}<br>
-        {{ t("security_setting.insert_single") }}</p>
-      </div>
-    </div>
-
-  </fieldset>
-
-  <div class="form-group" id="btn-update">
-    <div class="col-xs-offset-3 col-xs-6">
-      <input type="hidden" name="_csrf" value="{{ csrf() }}">
-      <button type="submit" class="btn btn-primary">{{ t('Update') }}</button>
-    </div>
-  </div>
-
-</form>
-
-<script>
-  $('input[name="settingForm[security:passport-local:isEnabled]"]').change(function() {
-    const isEnabled = ($(this).val() === "true");
-
-    if (isEnabled) {
-      $('#passport-local-hide-when-disabled').show(400);
-    }
-    else {
-      $('#passport-local-hide-when-disabled').hide(400);
-    }
-  });
-</script>
-

src/server/views/admin/widget/passport/oidc.html

@@ -1,218 +0,0 @@
-<form action="/_api/admin/security/passport-oidc" method="post" class="form-horizontal passportStrategy" id="oidcSetting" role="form">
-  <legend class="alert-anchor">{{ t("security_setting.OAuth.OIDC.name") }} {{ t("security_setting.configuration") }}</legend>
-
-  {% set nameForIsOIDCEnabled = "settingForm[security:passport-oidc:isEnabled]" %}
-  {% set isOidcEnabled = getConfig('crowi', 'security:passport-oidc:isEnabled') %}
-  {% set siteUrl = getConfig('crowi', 'app:siteUrl') || '[INVALID]' %}
-  {% set callbackUrl = pathUtils.removeTrailingSlash(siteUrl) + '/passport/oidc/callback' %}
-
-  <div class="form-group">
-    <label for="{{nameForIsOIDCEnabled}}" class="col-xs-3 control-label">{{ t("security_setting.OAuth.OIDC.name") }}</label>
-    <div class="col-xs-6">
-      <div class="btn-group btn-toggle" data-toggle="buttons">
-        <label class="btn btn-default btn-rounded btn-outline {% if isOidcEnabled %}active{% endif %}" data-active-class="primary">
-          <input name="{{nameForIsOIDCEnabled}}" value="true" type="radio"
-              {% if true === isOidcEnabled %}checked{% endif %}> ON
-        </label>
-        <label class="btn btn-default btn-rounded btn-outline {% if !isOidcEnabled %}active{% endif %}" data-active-class="default">
-          <input name="{{nameForIsOIDCEnabled}}" value="false" type="radio"
-              {% if !isOidcEnabled %}checked{% endif %}> OFF
-        </label>
-      </div>
-    </div>
-  </div>
-
-  <div class="form-group">
-    <label class="col-xs-3 control-label">{{ t("security_setting.callback_URL") }}</label>
-    <div class="col-xs-6">
-      <input class="form-control" type="text" value="{{ callbackUrl }}" readonly>
-      <p class="help-block small">{{ t("security_setting.desc_of_callback_URL", 'OAuth') }}</p>
-      {% if !getConfig('crowi', 'app:siteUrl') %}
-      <div class="alert alert-danger">
-        <i class="icon-exclamation"></i> {{ t("security_setting.alert_siteUrl_is_not_set", '<a href="/admin/app">' + t('App settings') + '<i class="icon-login"></i></a>') }}
-      </div>
-      {% endif %}
-    </div>
-  </div>
-
-  <fieldset id="passport-oidc-hide-when-disabled" {%if !isOidcEnabled %}style="display: none;"{% endif %}>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:providerName]" class="col-xs-3 control-label">{{ t("security_setting.providerName") }}</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:providerName]" value="{{ getConfig('crowi', 'security:passport-oidc:providerName') | default('') }}">
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:issuerHost]" class="col-xs-3 control-label">{{ t("security_setting.issuerHost") }}</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:issuerHost]" value="{{ getConfig('crowi', 'security:passport-oidc:issuerHost') | default('') }}">
-        <p class="help-block">
-          <small>
-                {{ t("security_setting.Use env var if empty", "OAUTH_OIDC_ISSUER_HOST") }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:clientId]" class="col-xs-3 control-label">{{ t("security_setting.clientID") }}</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:clientId]" value="{{ getConfig('crowi', 'security:passport-oidc:clientId') | default('') }}">
-        <p class="help-block">
-          <small>
-             {{ t("security_setting.Use env var if empty", "OAUTH_OIDC_CLIENT_ID") }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:clientSecret]" class="col-xs-3 control-label">{{ t("security_setting.client_secret") }}</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:clientSecret]" value="{{ getConfig('crowi', 'security:passport-oidc:clientSecret') | default('') }}">
-        <p class="help-block">
-          <small>
-             {{ t("security_setting.Use env var if empty", "OAUTH_OIDC_CLIENT_SECRET") }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <h4>Attribute Mapping ({{ t("security_setting.optional") }})</h4>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:attrMapId]" class="col-xs-3 control-label">Identifier</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:attrMapId]" value="{{ getConfig('crowi', 'security:passport-oidc:attrMapId') | default('') }}">
-        <p class="help-block">
-          <small>
-            {{ t("security_setting.OAuth.OIDC.id_detail") }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:attrMapUserName]" class="col-xs-3 control-label">Username</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:attrMapUserName]" value="{{ getConfig('crowi', 'security:passport-oidc:attrMapUserName') | default('') }}">
-        <p class="help-block">
-          <small>
-            {{ t("security_setting.OAuth.OIDC.username_detail") }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:attrMapName]" class="col-xs-3 control-label">Name</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:attrMapName]" value="{{ getConfig('crowi', 'security:passport-oidc:attrMapName') | default('') }}">
-        <p class="help-block">
-          <small>
-            {{ t("security_setting.OAuth.OIDC.name_detail") }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label for="settingForm[security:passport-oidc:attrMapMail]" class="col-xs-3 control-label">Mail</label>
-      <div class="col-xs-6">
-        <input class="form-control" type="text" name="settingForm[security:passport-oidc:attrMapMail]" value="{{ getConfig('crowi', 'security:passport-oidc:attrMapMail') | default('') }}">
-        <p class="help-block">
-          <small>
-            {{ t("security_setting.OAuth.OIDC.mapping_detail", t("Email")) }}
-          </small>
-        </p>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label class="col-xs-3 control-label">{{ t("security_setting.callback_URL") }}</label>
-      <div class="col-xs-6">
-          <input class="form-control" type="text" value="{{ callbackUrl }}" readonly>
-        <p class="help-block small">{{ t("security_setting.desc_of_callback_URL", 'OAuth') }}</p>
-        {% if !getConfig('crowi', 'app:siteUrl') %}
-        <div class="alert alert-danger">
-          <i class="icon-exclamation"></i> {{ t("security_setting.alert_siteUrl_is_not_set", '<a href="/admin/app">' + t('App settings') + '<i class="icon-login"></i></a>') }}
-        </div>
-        {% endif %}
-      </div>
-    </div>
-
-    <div class="form-group">
-      <div class="col-xs-6 col-xs-offset-3">
-        <div class="checkbox checkbox-info">
-          <input type="checkbox" id="bindByUserName-oidc" name="settingForm[security:passport-oidc:isSameUsernameTreatedAsIdenticalUser]" value="1"
-              {% if getConfig('crowi', 'security:passport-oidc:isSameUsernameTreatedAsIdenticalUser') %}checked{% endif %} />
-          <label for="bindByUserName-oidc">
-            {{ t("security_setting.Treat username matching as identical", "username") }}
-          </label>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.Treat username matching as identical_warn", "username") }}
-            </small>
-          </p>
-        </div>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <div class="col-xs-6 col-xs-offset-3">
-        <div class="checkbox checkbox-info">
-          <input type="checkbox" id="bindByEmail-oidc" name="settingForm[security:passport-oidc:isSameEmailTreatedAsIdenticalUser]" value="1"
-              {% if getConfig('crowi', 'security:passport-oidc:isSameEmailTreatedAsIdenticalUser') %}checked{% endif %} />
-          <label for="bindByEmail-oidc">
-            {{ t("security_setting.Treat email matching as identical", "email") }}
-          </label>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.Treat email matching as identical_warn", "email") }}
-            </small>
-          </p>
-        </div>
-      </div>
-    </div>
-
-  </fieldset>
-
-  <div class="form-group" id="btn-update">
-    <div class="col-xs-offset-3 col-xs-6">
-      <input type="hidden" name="_csrf" value="{{ csrf() }}">
-      <button type="submit" class="btn btn-primary">{{ t('Update') }}</button>
-    </div>
-  </div>
-
-</form>
-
-{# Help Section #}
-<hr>
-
-<div style="min-height: 300px;">
-  <h4>
-    <i class="icon-question" aria-hidden="true"></i>
-    <a href="#collapseHelpForOidcOauth" data-toggle="collapse">{{ t("security_setting.OAuth.how_to.oidc") }}</a>
-  </h4>
-  <ol id="collapseHelpForOidcOauth" class="collapse">
-    <li>{{ t("security_setting.OAuth.OIDC.register_1") }}</li>
-    <li>{{ t("security_setting.OAuth.OIDC.register_2", callbackUrl) }}</li>
-    <li>{{ t("security_setting.OAuth.OIDC.register_3") }}</li>
-  </ol>
-</div>
-
-<script>
-  $('input[name="settingForm[security:passport-oidc:isEnabled]"]').change(function() {
-      const isEnabled = ($(this).val() === "true");
-
-      if (isEnabled) {
-        $('#passport-oidc-hide-when-disabled').show(400);
-      }
-      else {
-        $('#passport-oidc-hide-when-disabled').hide(400);
-      }
-    });
-</script>
-

src/server/views/admin/widget/passport/saml.html

@@ -1,406 +0,0 @@
-<form action="/_api/admin/security/passport-saml" method="post" class="form-horizontal passportStrategy" id="samlSetting" role="form">
-  <legend class="alert-anchor">{{ t("security_setting.SAML.name") }} {{ t("security_setting.configuration") }}</legend>
-
-  {% set nameForIsSamlEnabled = "settingForm[security:passport-saml:isEnabled]" %}
-  {% set isSamlEnabled  = getConfig('crowi', 'security:passport-saml:isEnabled') %}
-  {% set useOnlyEnvVars = getConfig('crowi', 'security:passport-saml:useOnlyEnvVarsForSomeOptions') %}
-  {% set siteUrl = getConfig('crowi', 'app:siteUrl') || '[INVALID]' %}
-  {% set callbackUrl = pathUtils.removeTrailingSlash(siteUrl) + '/passport/saml/callback' %}
-
-  {% if useOnlyEnvVars %}
-    <p class="alert alert-info">
-      {{ t("security_setting.SAML.note for the only env option", "SAML_USES_ONLY_ENV_VARS_FOR_SOME_OPTIONS") }}
-    </p>
-  {% endif %}
-
-  <div class="form-group">
-    <label class="col-xs-3 control-label">{{ t("security_setting.SAML.name") }}</label>
-    <div class="col-xs-6">
-      <div class="btn-group btn-toggle {% if useOnlyEnvVars %}btn-group-disabled{% endif %}" data-toggle="buttons">
-        <label class="btn btn-default btn-rounded btn-outline {% if isSamlEnabled %}active{% endif %}" data-active-class="primary">
-          <input name="{{nameForIsSamlEnabled}}"
-                 value="true"
-                 type="radio"
-                 {% if true === isSamlEnabled %}checked{% endif %}
-                 {% if useOnlyEnvVars %}readonly{% endif %}> ON
-        </label>
-        <label class="btn btn-default btn-rounded btn-outline {% if !isSamlEnabled %}active{% endif %}" data-active-class="default">
-          <input name="{{nameForIsSamlEnabled}}"
-                 value="false"
-                 type="radio"
-                 {% if !isSamlEnabled %}checked{% endif %}
-                 {% if useOnlyEnvVars %}readonly{% endif %}> OFF
-        </label>
-      </div>
-    </div>
-  </div>
-
-  <div class="form-group">
-    <label class="col-xs-3 control-label">{{ t("security_setting.callback_URL") }}</label>
-    <div class="col-xs-6">
-      <input class="form-control"
-             type="text"
-             value="{{ callbackUrl }}"
-             readonly>
-      <p class="help-block small">{{ t("security_setting.desc_of_callback_URL", 'SAML Identity') }}</p>
-      {% if !getConfig('crowi', 'app:siteUrl') %}
-      <div class="alert alert-danger">
-        <i class="icon-exclamation"></i> {{ t("security_setting.alert_siteUrl_is_not_set", '<a href="/admin/app">' + t('App settings') + '<i class="icon-login"></i></a>') }}
-      </div>
-      {% endif %}
-    </div>
-  </div>
-
-  <fieldset id="passport-saml-hide-when-disabled" {%if !isSamlEnabled %}style="display: none;"{% endif %}>
-
-    {% set missingMandatoryConfigKeys = getSamlMissingMandatoryConfigKeys() %}
-    {% if missingMandatoryConfigKeys.length !== 0 %}
-    <div class="alert alert-danger">
-      {{ t("security_setting.missing mandatory configs") }}
-      <ul>
-        {% for missingMandatoryConfigKey in missingMandatoryConfigKeys %}
-        <li>{{ t("security_setting.form_item_name." + missingMandatoryConfigKey) }}</li>
-        {% endfor %}
-      </ul>
-    </div>
-    {% endif %}
-
-    <h4>Basic Settings</h4>
-    <table class="table settings-table {% if useOnlyEnvVars %}use-only-env-vars{% endif %}">
-      <colgroup>
-        <col class="item-name">
-        <col class="from-db">
-        <col class="from-env-vars">
-      </colgroup>
-      <thead>
-        <tr><th></th><th>Database</th><th>Environment variables</th></tr>
-      </thead>
-      <tbody>
-        <tr>
-          <th>{{ t("security_setting.form_item_name.security:passport-saml:entryPoint") }}</th>
-          <td>
-            <input class="form-control"
-                   type="text"
-                   name="settingForm[security:passport-saml:entryPoint]"
-                   value="{{ getConfigFromDB('crowi', 'security:passport-saml:entryPoint') || '' }}"
-                   {% if useOnlyEnvVars %}readonly{% endif %}>
-          </td>
-          <td>
-            <input class="form-control"
-                   type="text"
-                   value="{{ getConfigFromEnvVars('crowi', 'security:passport-saml:entryPoint') || '' }}"
-                   readonly>
-            <p class="help-block">
-              <small>
-                {{ t("security_setting.SAML.Use env var if empty", "SAML_ENTRY_POINT") }}
-              </small>
-            </p>
-          </td>
-        </tr>
-        <tr>
-          <th>{{ t("security_setting.form_item_name.security:passport-saml:issuer") }}</th>
-          <td>
-            <input class="form-control"
-                   type="text"
-                   name="settingForm[security:passport-saml:issuer]"
-                   value="{{ getConfigFromDB('crowi', 'security:passport-saml:issuer') || '' }}"
-                   {% if useOnlyEnvVars %}readonly{% endif %}>
-          </td>
-          <td>
-            <input class="form-control"
-                   type="text"
-                   value="{{ getConfigFromEnvVars('crowi', 'security:passport-saml:issuer') || '' }}"
-                   readonly>
-            <p class="help-block">
-              <small>
-                {{ t("security_setting.SAML.Use env var if empty", "SAML_ISSUER") }}
-              </small>
-            </p>
-          </td>
-        </tr>
-        <tr>
-          <th>{{ t("security_setting.form_item_name.security:passport-saml:cert") }}</th>
-          <td>
-            <textarea class="form-control input-sm"
-                      type="text"
-                      rows="5"
-                      name="settingForm[security:passport-saml:cert]"
-                      {% if useOnlyEnvVars %}readonly{% endif %}
-            >{{ getConfigFromDB('crowi', 'security:passport-saml:cert') || '' }}</textarea>
-            <p class="help-block">
-              <small>
-                {{ t("security_setting.SAML.cert_detail") }}
-              </small>
-            </p>
-            <p>
-              <small>
-                e.g.
-                <pre>-----BEGIN CERTIFICATE-----
-MIICBzCCAXACCQD4US7+0A/b/zANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJK
-UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFdFU0VFSywgSW5jLjESMBAGA1UE
-...
-crmVwBzbloUO2l6k1ibwD2WVwpdxMKIF5z58HfKAvxZAzCHE7kMEZr1ge30WRXQA
-pWVdnzS1VCO8fKsJ7YYIr+JmHvseph3kFUOI5RqkCcMZlKUv83aUThsTHw==
------END CERTIFICATE-----</pre>
-              </small>
-            </p>
-          </td>
-          <td>
-            <textarea class="form-control input-sm"
-                      type="text"
-                      rows="5"
-                      readonly
-            >{{ getConfigFromEnvVars('crowi', 'security:passport-saml:cert') || '' }}</textarea>
-            <p class="help-block">
-              <small>
-                {{ t("security_setting.SAML.Use env var if empty", "SAML_CERT") }}
-              </small>
-            </p>
-          </td>
-        </tr>
-      </tbody>
-    </table>
-
-    <h4>Attribute Mapping</h4>
-
-    <table class="table settings-table {% if useOnlyEnvVars %}use-only-env-vars{% endif %}">
-      <colgroup>
-        <col class="item-name">
-        <col class="from-db">
-        <col class="from-env-vars">
-      </colgroup>
-      <thead>
-        <tr><th></th><th>Database</th><th>Environment variables</th></tr>
-      </thead>
-      <tbody>
-      <tr>
-        <th>{{ t("security_setting.form_item_name.security:passport-saml:attrMapId") }}</th>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 name="settingForm[security:passport-saml:attrMapId]"
-                 value="{{ getConfigFromDB('crowi', 'security:passport-saml:attrMapId') || '' }}"
-                 {% if useOnlyEnvVars %}readonly{% endif %}>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.id_detail") }}
-            </small>
-          </p>
-        </td>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 value="{{ getConfigFromEnvVars('crowi', 'security:passport-saml:attrMapId') || '' }}"
-                 readonly>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.Use env var if empty", "SAML_ATTR_MAPPING_ID") }}
-            </small>
-          </p>
-        </td>
-      </tr>
-      <tr>
-        <th>{{ t("security_setting.form_item_name.security:passport-saml:attrMapUsername") }}</th>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 name="settingForm[security:passport-saml:attrMapUsername]"
-                 value="{{ getConfigFromDB('crowi', 'security:passport-saml:attrMapUsername') || '' }}"
-                 {% if useOnlyEnvVars %}readonly{% endif %}>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.username_detail") }}
-            </small>
-          </p>
-        </td>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 value="{{ getConfigFromEnvVars('crowi', 'security:passport-saml:attrMapUsername') || '' }}"
-                 readonly>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.Use env var if empty", "SAML_ATTR_MAPPING_USERNAME") }}
-            </small>
-          </p>
-        </td>
-      </tr>
-      <tr>
-        <th>{{ t("security_setting.form_item_name.security:passport-saml:attrMapMail") }}</th>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 name="settingForm[security:passport-saml:attrMapMail]"
-                 value="{{ getConfigFromDB('crowi', 'security:passport-saml:attrMapMail') || '' }}"
-                 {% if useOnlyEnvVars %}readonly{% endif %}>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.mapping_detail", t("Email")) }}
-            </small>
-        </td>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 value="{{ getConfigFromEnvVars('crowi', 'security:passport-saml:attrMapMail') || '' }}"
-                 readonly>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.Use env var if empty", "SAML_ATTR_MAPPING_MAIL") }}
-            </small>
-          </p>
-        </td>
-      </tr>
-      <tr>
-        <th>{{ t("security_setting.form_item_name.security:passport-saml:attrMapFirstName") }}</th>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 name="settingForm[security:passport-saml:attrMapFirstName]"
-                 value="{{ getConfigFromDB('crowi', 'security:passport-saml:attrMapFirstName') || '' }}"
-                 {% if useOnlyEnvVars %}readonly{% endif %}>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.mapping_detail", t("security_setting.form_item_name.security:passport-saml:attrMapFirstName")) }}
-            </small>
-          </p>
-        </td>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 value="{{ getConfigFromEnvVars('crowi', 'security:passport-saml:attrMapFirstName') || '' }}"
-                 readonly>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.Use env var if empty", "SAML_ATTR_MAPPING_FIRST_NAME") }}<br>
-              {{ t("security_setting.Use default if both are empty", "firstName") }}
-            </small>
-          </p>
-        </td>
-      </tr>
-      <tr>
-        <th>{{ t("security_setting.form_item_name.security:passport-saml:attrMapLastName") }}</th>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 name="settingForm[security:passport-saml:attrMapLastName]"
-                 value="{{　getConfigFromDB('crowi', 'security:passport-saml:attrMapLastName') || '' }}"
-                 {% if useOnlyEnvVars %}readonly{% endif %}>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.mapping_detail", t("security_setting.form_item_name.security:passport-saml:attrMapLastName")) }}
-            </small>
-          </p>
-        </td>
-        <td>
-          <input class="form-control"
-                 type="text"
-                 value="{{　getConfigFromEnvVars('crowi', 'security:passport-saml:attrMapLastName') || '' }}"
-                 readonly>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.SAML.Use env var if empty", "SAML_ATTR_MAPPING_LAST_NAME") }}<br>
-              {{ t("security_setting.Use default if both are empty", "lastName") }}
-            </small>
-          </p>
-        </td>
-      </tr>
-      </tbody>
-    </table>
-
-    <h4>Attribute Mapping Options</h4>
-
-    <div class="form-group">
-      <div class="col-xs-offset-1">
-        <div class="checkbox checkbox-info">
-          <input id="bindByUserName-SAML"
-                 type="checkbox"
-                 name="settingForm[security:passport-saml:isSameUsernameTreatedAsIdenticalUser]"
-                 value="1"
-                 {% if getConfig('crowi', 'security:passport-saml:isSameUsernameTreatedAsIdenticalUser') %}checked{% endif %} />
-          <label for="bindByUserName-SAML">
-            {{ t("security_setting.Treat username matching as identical", "username") }}
-          </label>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.Treat username matching as identical_warn", "username") }}
-            </small>
-          </p>
-        </div>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <div class="col-xs-offset-1">
-        <div class="checkbox checkbox-info">
-          <input id="bindByEmail-SAML"
-                 type="checkbox"
-                 name="settingForm[security:passport-saml:isSameEmailTreatedAsIdenticalUser]"
-                 value="1"
-                 {% if getConfig('crowi', 'security:passport-saml:isSameEmailTreatedAsIdenticalUser') %}checked{% endif %} />
-          <label for="bindByEmail-SAML">
-            {{ t("security_setting.Treat email matching as identical", "email") }}
-          </label>
-          <p class="help-block">
-            <small>
-              {{ t("security_setting.Treat email matching as identical_warn", "email") }}
-            </small>
-          </p>
-        </div>
-      </div>
-    </div>
-
-  </fieldset>
-
-  <div class="form-group" id="btn-update">
-    <div class="col-xs-offset-3 col-xs-6">
-      <input type="hidden" name="_csrf" value="{{ csrf() }}">
-      <button type="submit" class="btn btn-primary">{{ t('Update') }}</button>
-    </div>
-  </div>
-
-</form>
-
-<script>
-  $('.btn-group-disabled').on('click', '.btn', function() {
-    return false;
-  });
-
-  $('input[name="settingForm[security:passport-saml:isEnabled]"]').change(function() {
-    const isEnabled = ($(this).val() === "true");
-
-    if (isEnabled) {
-      $('#passport-saml-hide-when-disabled').show(400);
-    }
-    else {
-      $('#passport-saml-hide-when-disabled').hide(400);
-    }
-  });
-
-
-  /**
-   * The following script sets the class name 'unused' to the cell in from-env-vars column
-   * when the value of the corresponding cell from the database is not empty.
-   * It is used to indicate that the system does not use a value from the environment variables by setting a css style.
-   * This behavior is disabled when the system is in the use-only-env-vars mode.
-   */
-  $('.settings-table:not(.use-only-env-vars) tbody tr').each(function(_, element) {
-    const inputElemFromDB      = $('td:nth-of-type(1) input[type="text"], td:nth-of-type(1) textarea', element);
-    const inputElemFromEnvVars = $('td:nth-of-type(2) input[type="text"], td:nth-of-type(2) textarea', element);
-
-    // initialize
-    addClassToUnusedInputElemFromEnvVars(inputElemFromDB, inputElemFromEnvVars);
-
-    // set keyup event handler
-    inputElemFromDB.keyup(function () { addClassToUnusedInputElemFromEnvVars(inputElemFromDB, inputElemFromEnvVars) });
-  });
-
-  function addClassToUnusedInputElemFromEnvVars(inputElemFromDB, inputElemFromEnvVars) {
-    if (inputElemFromDB.val() === '') {
-      inputElemFromEnvVars.parent().removeClass('unused');
-    }
-    else {
-      inputElemFromEnvVars.parent().addClass('unused');
-    }
-  };
-</script>
-