From 7a3aea72b3ad89d8b68cea13aa9034a0d99d919c Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Thu, 10 May 2018 12:06:15 -0700 Subject: [PATCH 01/17] Add DNS Prfix to aks config rancher/rancher#13395 --- .../cluster-driver/driver-azureaks/template.hbs | 8 ++++++-- translations/en-us.yaml | 9 ++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/lib/shared/addon/components/cluster-driver/driver-azureaks/template.hbs b/lib/shared/addon/components/cluster-driver/driver-azureaks/template.hbs index b10252f58..a1783985d 100644 --- a/lib/shared/addon/components/cluster-driver/driver-azureaks/template.hbs +++ b/lib/shared/addon/components/cluster-driver/driver-azureaks/template.hbs @@ -18,6 +18,10 @@ localizedPrompt=true }} +
+ + {{input type="text" value=config.masterDnsPrefix classNames="form-control" placeholder=(t 'clusterNew.azureaks.dns.placeholder')}} +
{{/accordion-list-item}} {{#accordion-list-item @@ -70,7 +74,7 @@ {{t 'generic.na'}} {{else}} - {{input type="text" value=config.clientSecret classNames="form-control" placeholder=(t 'clusterNew.azureaks.clientSecret.placeholder')}} + {{input type="password" value=config.clientSecret classNames="form-control" placeholder=(t 'clusterNew.azureaks.clientSecret.placeholder')}} {{/if}} @@ -111,7 +115,7 @@ {{/if}}
- + {{#if editing}}
{{config.resourceGroup}} diff --git a/translations/en-us.yaml b/translations/en-us.yaml index 0511ba224..4c40ad2f1 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -1747,6 +1747,9 @@ clusterNew: prompt: Choose a size... diskSizeGb: label: OS Disk Size + dns: + label: DNS Prfix + placeholder: "e.g. example" ssh: label: SSH Public Key security: @@ -4753,7 +4756,7 @@ nodeDriver: region: label: Region aliyunecs: - accountSection: + accountSection: label: 1. Account Access detail: API Keys will be used to launch Aliyun ECS Instances. next: "Next: Authenticate & Config network options" @@ -4786,7 +4789,7 @@ nodeDriver: aliyunSLB: label: Aliyun SLB ID placeholder: Aliyun SLB ID - storageSection: + storageSection: label: Storage detail: Configure the storage for the instances that will be created by this template. next: "Next: Config Aliyun ECS Instance options" @@ -4827,7 +4830,7 @@ nodeDriver: placeholder: Private IP in Private Network privateAddressOnly: label: Private Address Only - securitySection: + securitySection: label: Security detail: Choose the security groups that will be applied to Instances securityGroup: From 6495bf1d582ca3576818c0321b91585baec48784 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Fri, 11 May 2018 15:12:26 -0700 Subject: [PATCH 02/17] lang dropdown on login max height --- app/styles/components/_dropdown.scss | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/styles/components/_dropdown.scss b/app/styles/components/_dropdown.scss index e4810bfaf..d6f6b014b 100644 --- a/app/styles/components/_dropdown.scss +++ b/app/styles/components/_dropdown.scss @@ -57,6 +57,11 @@ $ember-basic-dropdown-content-z-index: 1500; background: $accent-bg; } + &.lang-select { + max-height: 300px; + overflow: scroll; + } + // Links within the dropdown menu > li > a { display: block; From 7b5720e340c4783557eb9c6d4771b64855a34167 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Fri, 11 May 2018 16:07:50 -0700 Subject: [PATCH 03/17] first run azure ad auth --- .../authentication/azuread/controller.js | 148 +++++++++--- .../security/authentication/azuread/route.js | 46 +++- .../authentication/azuread/template.hbs | 215 +++++++++++------- .../security/authentication/controller.js | 2 +- .../components/language-dropdown/template.hbs | 3 +- translations/en-us.yaml | 54 +++-- 6 files changed, 331 insertions(+), 137 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/controller.js b/lib/global-admin/addon/security/authentication/azuread/controller.js index d05becacf..0c7cb7448 100644 --- a/lib/global-admin/addon/security/authentication/azuread/controller.js +++ b/lib/global-admin/addon/security/authentication/azuread/controller.js @@ -1,49 +1,135 @@ import { later } from '@ember/runloop'; import { inject as service } from '@ember/service'; import Controller from '@ember/controller'; +import { alias } from '@ember/object/computed'; +import { + get, set, setProperties, computed +} from '@ember/object'; +import C from 'ui/utils/constants'; export default Controller.extend({ - access : service(), - settings : service(), - intl : service(), + access: service(), + settings: service(), + intl: service(), - confirmDisable : false, - errors : null, - testing : false, - error : null, + confirmDisable: false, + errors: null, + testing: false, + error: null, - loginUsername : null, - loginPassword : null, + loginUsername: null, + loginPassword: null, + + //new + azureADConfig: alias('model.azureADConfig'), + isEnabled: alias('azureADConfig.enabled'), + // isEnabled: true, + mode: 'global', + modeClass: 'span-4', + + numUsers: computed('azureADConfig.allowedPrincipalIds.[]','userType','groupType', function() { + return ( get(this, 'azureADConfig.allowedPrincipalIds') || [] ).filter(principal => principal.includes(C.PROJECT.TYPE_AZURE_USER)).get('length'); + }), + + numGroups: computed('azureADConfig.allowedPrincipalIds.[]','userType','groupType', function() { + return ( get(this, 'azureADConfig.allowedPrincipalIds') || [] ).filter(principal => principal.includes(C.PROJECT.TYPE_AZURE_GROUP)).get('length'); + }), actions: { + toggleMode() { + + if (get(this, 'mode') === 'global') { + + setProperties(this, { + mode: 'china', + modeClass: 'span-3' + }); + + } else { + + setProperties(this, { + mode: 'global', + modeClass: 'span-4' + }); + + } + }, test: function() { + this.send('clearError'); - var model = this.get('model'); - model.setProperties({ + const model = get(this, 'model'); + + setProperties(model, { enabled: false, }); var errors = model.validationErrors(); - if ( errors.get('length') ) - { - this.set('errors', errors); - } - else - { - this.set('testing', true); + + if ( errors.get('length') ) { + + set(this, 'errors', errors); + + } else { + + set(this, 'testing', true); + model.save().then(() => { + this.send('authenticate'); + }).catch(err => { + this.send('gotError', err); + + }); + } + }, + + test2: function() { + this.send('clearError'); + + const model = get(this, 'azureADConfig'); + + model.setProperties({ + accessMode: 'unrestricted', + }); + + var errors = model.validationErrors(); + + if ( errors.get('length') ) { + + set(this, 'errors', errors); + set(this, 'testing', false); + model.set('enabled', false); + + } else { + + set(this, 'testing', true); + + model.doAction('testAndApply', { + azureADConfig: model, + enabled: true, + username: get(this, 'loginUsername'), + password: get(this, 'loginPassword'), + }).then( () => { + + this.send('waitAndRefresh'); + + }).catch((err) => { + + set(model, 'enabled', false); + + this.send('gotError', err); + }); } }, authenticate: function() { this.send('clearError'); - var code = this.get('loginUsername')+':'+this.get('loginPassword'); - this.get('access').login(code).then(res => { + var code = get(this, 'loginUsername')+':'+get(this, 'loginPassword'); + get(this, 'access').login(code).then(res => { this.send('authenticationSucceeded', res.body); }).catch(err => { this.send('gotError', err); @@ -54,9 +140,9 @@ export default Controller.extend({ this.send('clearError'); // Set this to true so the token will be sent with the request - this.set('access.enabled', true); + set(this, 'access.enabled', true); - var model = this.get('model'); + var model = get(this, 'model'); model.setProperties({ enabled: true, }); @@ -64,7 +150,7 @@ export default Controller.extend({ model.save().then(() => { this.send('waitAndRefresh'); }).catch((err) => { - this.set('access.enabled', false); + set(this, 'access.enabled', false); this.send('gotError', err); }); }, @@ -77,9 +163,9 @@ export default Controller.extend({ }, promptDisable: function() { - this.set('confirmDisable', true); + set(this, 'confirmDisable', true); later(this, function() { - this.set('confirmDisable', false); + set(this, 'confirmDisable', false); }, 10000); }, @@ -93,23 +179,23 @@ export default Controller.extend({ this.send('showError', 'Error ('+err.status + ' - ' + err.code+')'); } - this.set('testing', false); - this.set('saving', false); + set(this, 'testing', false); + set(this, 'saving', false); }, showError: function(msg) { - this.set('errors', [msg]); + set(this, 'errors', [msg]); window.scrollY = 0; }, clearError: function() { - this.set('errors', null); + set(this, 'errors', null); }, disable: function() { this.send('clearError'); - var model = this.get('model'); + var model = get(this, 'model'); model.setProperties({ enabled: false, username: "", @@ -121,7 +207,7 @@ export default Controller.extend({ }).catch((err) => { this.send('gotError', err); }).finally(() => { - this.set('confirmDisable', false); + set(this, 'confirmDisable', false); }); }, }, diff --git a/lib/global-admin/addon/security/authentication/azuread/route.js b/lib/global-admin/addon/security/authentication/azuread/route.js index c7fde2c27..35c04d5cc 100644 --- a/lib/global-admin/addon/security/authentication/azuread/route.js +++ b/lib/global-admin/addon/security/authentication/azuread/route.js @@ -1,11 +1,45 @@ import Route from '@ember/routing/route'; +import { inject as service } from '@ember/service'; +import { get, set } from '@ember/object'; +import { hash } from 'rsvp'; export default Route.extend({ - model: function() { - return this.get('globalStore').find('azureadconfig', null, {forceReload: true}).then((collection) => { - let obj = collection.get('firstObject'); - obj.set('accessMode','unrestricted'); - return obj; - }); + // model: function() { + // return this.get('globalStore').find('azureadconfig', null, {forceReload: true}).then((collection) => { + // let obj = collection.get('firstObject'); + // obj.set('accessMode','unrestricted'); + // return obj; + // }); + // }, + globalStore: service(), + + model() { + let gs = get(this, 'globalStore'); + return hash({ + azureADConfig: gs.find('authconfig', 'azuread'), + principals: gs.all('principal') + }).catch( e => e); }, + + afterModel(model) { + return set(model, 'azureADConfig.accessMode', 'unrestricted'); // why? + + }, + + // setupController(controller, model) { + // debugger; + + // let hostname = get(model, 'azureADConfig.hostname') + + // controller.setProperties({ + // model: model, + // confirmDisable: false, + // testing: false, + // organizations: get(this, 'session.orgs')||[], + // errors: null, + // isEnterprise: ( hostname && hostname !== 'github.com' ? true : false), + // }); + + // controller.set('saved',true); + // } }); diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index b702c369e..e6b11509f 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -1,109 +1,160 @@
- {{#if access.enabled}} -

{{t 'authPage.azuread.header.enabled'}}

- {{t 'authPage.azuread.subtext.enabled' appName=settings.appName}} + {{#if isEnabled}} +

{{t (concat 'authPage.azuread.header.enabled.' azureADConfig.accessMode) + appName=settings.appName + groups=numGroups + users=numUsers + htmlSafe=true + }}

{{else}} -

{{t 'authPage.azuread.subtext.disabled' appName=settings.appName}}

+

{{t 'authPage.azuread.header.disabled.warning' appName=settings.appName}}

{{/if}}
-{{#if access.enabled}} -
-

{{t 'authPage.azuread.enabled.header' htmlSafe=true}}

-
-

- {{t 'authPage.azuread.enabled.warning' appName=settings.appName htmlSafe=true}} -

+{{#accordion-list showExpandAll=false as |al expandFn|}} - {{#if confirmDisable}} - - {{else}} - - {{/if}} + {{#if isEnabled}} -
-{{/if}} + {{#accordion-list-item + expand=(action expandFn) + expandAll=al.expandAll + expandOnInit=true + expanded=true + showExpand=false + title=(t 'authPage.github.authenticated.header.text') + }} -{{#unless access.enabled}} -
-

{{t 'authPage.azuread.configure.header'}}

-
+
+
+
+ +
-
-
-
- - {{input type="text" value=model.tenantId placeholder=(t 'authPage.azuread.configure.tenantId.placeholder') classNames="form-control"}} -

{{t 'authPage.azuread.configure.tenantId.help'}}

+

{{t 'authPage.azuread.enabled.warning' appName=settings.appName htmlSafe=true}}

+
+
+ + {{/accordion-list-item}} + + {{#accordion-list-item + classNames="mt-30" + detail=(t 'siteAccess.helpText' appName=settings.appName htmlSafe=true) + expand=(action expandFn) + expandAll=al.expandAll + expandOnInit=true + expanded=true + showExpand=false + title=(t 'siteAccess.header') + }} + + {{site-access + model=azureADConfig + principals=model.principals + collection='siteAccess.organizations' + }} + + {{/accordion-list-item}} + + {{/if}} + + + {{#unless isEnabled}} +
+ +
+
+

{{t 'authPage.azuread.configure.header'}}

+
+
+
+ + +
-
-
- - {{input type="text" value=model.clientId placeholder=(t 'authPage.azuread.configure.clientId.placeholder') classNames="form-control"}} -
-
-
-
- - {{input type="text" value=model.domain placeholder=(t 'authPage.azuread.configure.domain.placeholder') classNames="form-control"}} -
-
-
+
-
-
-
- - {{input type="text" value=model.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}} -

{{t 'authPage.azuread.configure.adminAccountUsername.help'}}

+
+
+
+ + {{input type="text" value=model.tenantId placeholder=(t 'authPage.azuread.configure.tenantId.placeholder') classNames="form-control"}} +

{{t 'authPage.azuread.configure.tenantId.help'}}

+
+
+
+
+ + {{input type="text" value=model.clientId placeholder=(t 'authPage.azuread.configure.clientId.placeholder') classNames="form-control"}} +
+
+ {{#unless (eq mode 'global')}} +
+
+ + {{input type="text" value=model.domain placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}} +
+
+ {{/unless}} +
+
+ + {{input type="text" value=model.domain placeholder=(t 'authPage.azuread.configure.domain.placeholder') classNames="form-control"}} +
-
-
- - {{input type="password" value=model.adminAccountPassword classNames="form-control"}} -
-
-
- -
-

{{t 'authPage.azuread.test.header'}}

-
-

{{t 'authPage.azuread.test.help'}}

- {{top-errors errors=errors}} +
+
+
+ + {{input type="text" value=model.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}} +

{{t 'authPage.azuread.configure.adminAccountUsername.help'}}

+
+
+
+
+ + {{input type="password" value=model.adminAccountPassword classNames="form-control"}} +
+
+
+
-
-
-
- - {{input type="text" value=loginUsername prompt=(t 'authPage.azuread.test.username.placeholder') classNames="form-control"}} +
+

{{t 'authPage.azuread.test.header'}}

+
+

{{t 'authPage.azuread.test.help'}}

+ {{top-errors errors=errors}} + +
+
+
+ + {{input type="text" value=loginUsername prompt=(t 'authPage.azuread.test.username.placeholder') classNames="form-control"}} +
+
+
+
+ + {{input type="password" value=loginPassword classNames="form-control"}} +
-
+
- - {{input type="password" value=loginPassword classNames="form-control"}} -
-
-
-
- -
-
-
-{{/unless}} + + {{/unless}} +{{/accordion-list}} \ No newline at end of file diff --git a/lib/global-admin/addon/security/authentication/controller.js b/lib/global-admin/addon/security/authentication/controller.js index cb6a9b837..dce01fc44 100644 --- a/lib/global-admin/addon/security/authentication/controller.js +++ b/lib/global-admin/addon/security/authentication/controller.js @@ -10,7 +10,7 @@ export default Controller.extend({ drivers: computed(function() { return [ {route: 'security.authentication.activedirectory', label: 'Active Directory', css: 'activedirectory', available: this.hasRecord('activedirectoryconfig') }, - // {route: 'security.authentication.azuread', label: 'Azure AD', css: 'azuread', available: this.hasRecord('azureadconfig') }, + {route: 'security.authentication.azuread', label: 'Azure AD', css: 'azuread', available: this.hasRecord('azureadconfig') }, {route: 'security.authentication.github', label: 'GitHub', css: 'github', available: this.hasRecord('githubconfig') }, // {route: 'security.authentication.localauth', label: 'Local', css: 'local', available: this.hasRecord('localconfig') }, // always on // {route: 'security.authentication.openldap', label: 'OpenLDAP', css: 'openldap', available: this.hasRecord('openldapconfig') }, diff --git a/lib/shared/addon/components/language-dropdown/template.hbs b/lib/shared/addon/components/language-dropdown/template.hbs index 4cfb77181..2a12fd623 100644 --- a/lib/shared/addon/components/language-dropdown/template.hbs +++ b/lib/shared/addon/components/language-dropdown/template.hbs @@ -1,5 +1,4 @@ {{#basic-dropdown - verticalPosition="above" horizontalPosition="right" as |dd| }} @@ -10,7 +9,7 @@ {{selectedLabel}} {{/dd.trigger}} - {{#dd.content class="text-right"}} + {{#dd.content class="text-right lang-select"}} {{#if settings.isRancher}}
  • {{t 'languageContribute'}}
  • diff --git a/translations/en-us.yaml b/translations/en-us.yaml index 4c40ad2f1..4ebaf6108 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -443,11 +443,32 @@ authPage: post: Waiting to hear back from GitHub azuread: header: - enabled: 'Azure AD Authentication is enabled' - disabled: 'Azure AD Authentication is not configured' - subtext: - enabled: '{appName} is configured to allow access to accounts in Azure AD' - disabled: '{appName} can be configured to restrict access to a set of accounts defined in the {appName} database. This is not currently set up, so anybody that reach this page (or the API) has full control over the system.' + enabled: + label: "Azure AD is enabled" + required: | + {appName} is configured to allow access to {groups, plural, + =0 {no groups} + =1 {# group} + other {# groups} + } and {users, plural, + =0 {no users} + =1 {# user} + other {# users} + }. + restricted: | + {appName} is configured to allow access to environment members, {groups, plural, + =0 {no groups} + =1 {# group} + other {# groups} + } and {users, plural, + =0 {no users} + =1 {# user} + other {# users} + }. + unrestricted: "{appName} is configured to allow access to any Azure AD user." + disabled: + label: "Azure AD is not configured" + warning: "{appName} can be configured to restrict access to a set of Azure AD users and groups" enabled: header: 'Danger Zone™' warning: 'Caution: Disabling access control will give complete control over {appName} to anyone that can reach this page or the API.' @@ -455,22 +476,25 @@ authPage: promptDisable: Disable access control configure: header: '1. Configure Azure AD Account' - tenantId: - label: Tenant ID - placeholder: A long UUID string - help: From the Azure AD portal - clientId: - label: Client ID - placeholder: A long UUID string - domain: - label: Domain - placeholder: e.g. youcompany.onmicrosoft.com adminAccountUsername: label: Admin Account Username placeholder: e.g. rancher-admin help: A user that can read information about other users adminAccountPassword: label: Admin Account Password + clientId: + label: Client ID + placeholder: A long UUID string + clientSecret: + label: Client Secret + placeholder: Your Client Secret + domain: + label: Domain + placeholder: e.g. youcompany.onmicrosoft.com + tenantId: + label: Tenant ID + placeholder: A long UUID string + help: From the Azure AD portal test: header: '2. Test and enable authentication' help: 'Check that everything is configured correctly by testing authentication with your account:' From b1407f3e63ce548c99e338da23927a7d23c589e0 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Fri, 11 May 2018 16:27:31 -0700 Subject: [PATCH 04/17] login changes --- .../authentication/azuread/controller.js | 112 +++++++++--------- .../authentication/azuread/template.hbs | 4 +- lib/login/addon/login/template.hbs | 10 ++ 3 files changed, 68 insertions(+), 58 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/controller.js b/lib/global-admin/addon/security/authentication/azuread/controller.js index 0c7cb7448..ab1bde078 100644 --- a/lib/global-admin/addon/security/authentication/azuread/controller.js +++ b/lib/global-admin/addon/security/authentication/azuread/controller.js @@ -54,39 +54,39 @@ export default Controller.extend({ } }, + // test: function() { + + // this.send('clearError'); + + // const model = get(this, 'model'); + + // setProperties(model, { + // enabled: false, + // }); + + // var errors = model.validationErrors(); + + // if ( errors.get('length') ) { + + // set(this, 'errors', errors); + + // } else { + + // set(this, 'testing', true); + + // model.save().then(() => { + + // this.send('authenticate'); + + // }).catch(err => { + + // this.send('gotError', err); + + // }); + // } + // }, + test: function() { - - this.send('clearError'); - - const model = get(this, 'model'); - - setProperties(model, { - enabled: false, - }); - - var errors = model.validationErrors(); - - if ( errors.get('length') ) { - - set(this, 'errors', errors); - - } else { - - set(this, 'testing', true); - - model.save().then(() => { - - this.send('authenticate'); - - }).catch(err => { - - this.send('gotError', err); - - }); - } - }, - - test2: function() { this.send('clearError'); const model = get(this, 'azureADConfig'); @@ -126,34 +126,34 @@ export default Controller.extend({ } }, - authenticate: function() { - this.send('clearError'); - var code = get(this, 'loginUsername')+':'+get(this, 'loginPassword'); - get(this, 'access').login(code).then(res => { - this.send('authenticationSucceeded', res.body); - }).catch(err => { - this.send('gotError', err); - }); - }, + // authenticate: function() { + // this.send('clearError'); + // var code = get(this, 'loginUsername')+':'+get(this, 'loginPassword'); + // get(this, 'access').login(code).then(res => { + // this.send('authenticationSucceeded', res.body); + // }).catch(err => { + // this.send('gotError', err); + // }); + // }, - authenticationSucceeded: function(/*auth*/) { - this.send('clearError'); + // authenticationSucceeded: function(/*auth*/) { + // this.send('clearError'); - // Set this to true so the token will be sent with the request - set(this, 'access.enabled', true); + // // Set this to true so the token will be sent with the request + // set(this, 'access.enabled', true); - var model = get(this, 'model'); - model.setProperties({ - enabled: true, - }); + // var model = get(this, 'model'); + // model.setProperties({ + // enabled: true, + // }); - model.save().then(() => { - this.send('waitAndRefresh'); - }).catch((err) => { - set(this, 'access.enabled', false); - this.send('gotError', err); - }); - }, + // model.save().then(() => { + // this.send('waitAndRefresh'); + // }).catch((err) => { + // set(this, 'access.enabled', false); + // this.send('gotError', err); + // }); + // }, waitAndRefresh: function(url) { $('#loading-underlay, #loading-overlay').removeClass('hide').show(); // eslint-disable-line diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index e6b11509f..f243051ab 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -103,7 +103,7 @@
    - {{input type="text" value=model.domain placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}} + {{input type="text" value=model.clientSecret placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}}
    {{/unless}} @@ -154,7 +154,7 @@
    -
    @@ -119,14 +119,14 @@
    - {{input type="text" value=model.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}} + {{input type="text" value=azureADConfig.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}}

    {{t 'authPage.azuread.configure.adminAccountUsername.help'}}

    - {{input type="password" value=model.adminAccountPassword classNames="form-control"}} + {{input type="password" value=azureADConfig.adminAccountPassword classNames="form-control"}}
    diff --git a/lib/login/addon/components/login-user-pass/component.js b/lib/login/addon/components/login-user-pass/component.js index 30dd519c4..3c0b48cba 100644 --- a/lib/login/addon/components/login-user-pass/component.js +++ b/lib/login/addon/components/login-user-pass/component.js @@ -1,24 +1,72 @@ -import { get, set, computed } from '@ember/object'; +import { get, set, computed, setProperties } from '@ember/object'; import { next } from '@ember/runloop'; import { inject as service } from '@ember/service'; import Component from '@ember/component'; import C from 'ui/utils/constants'; export default Component.extend({ - access: service(), + access: service(), cookies: service(), - isCaas: computed('app.mode', function() { - return this.get('app.mode') === 'caas' ? true : false; - }), - waiting: null, + intl: service(), - username: null, + waiting: null, + username: null, rememberUsername: false, - password: null, - shown: false, - provider: null, + password: null, + shown: false, + provider: null, readableProvider: null, - onlyLocal: null, + onlyLocal: null, + + init() { + this._super(...arguments); + + let username = null; + + if (get(this, 'provider') === 'local') { + + username = get(this, `cookies.${C.COOKIE.USERNAME}`); + + } else { + + username = get(this, `cookies.${get(this, 'provider').toUpperCase()}-USERNAME`); + + } + + if ( username ) { + setProperties(this, { + username: username, + rememberUsername: true, + }); + } + + if (get(this, 'provider') && !get(this,'onlyLocal')) { + + let pv = null; + + switch(get(this, 'provider')) { + + case 'activedirectory': + pv = get(this, 'intl').t('loginPage.readableProviders.ad'); + break; + + case 'azuread': + pv = get(this, 'intl').t('loginPage.readableProviders.azureAd'); + break; + + case 'local': + default: + pv = get(this, 'intl').t('loginPage.readableProviders.local'); + break; + + } + + set(this, 'readableProvider', pv); + + // console.log(this.get('provider')); + } + + }, actions: { showLocal() { @@ -56,39 +104,9 @@ export default Component.extend({ } }, - init() { - this._super(...arguments); - - var username = null; - if (get(this, 'provider') === 'local') { - username = get(this, `cookies.${C.COOKIE.USERNAME}`); - } else { - username = get(this, `cookies.${get(this, 'provider').toUpperCase()}-USERNAME`); - } - - if ( username ) { - set(this, 'username', username); - set(this, 'rememberUsername', true); - } - - if (get(this, 'provider') && !get(this,'onlyLocal')) { - let pv = null; - switch(get(this, 'provider')) { - case 'activedirectory': - pv = 'Active Directory'; - break; - case 'local': - default: - pv = 'a Local User'; - break; - } - - set(this, 'readableProvider', pv); - - // console.log(this.get('provider')); - } - - }, + isCaas: computed('app.mode', function() { + return this.get('app.mode') === 'caas' ? true : false; + }), focusSomething() { if ( this.isDestroyed || this.isDestroying ) { diff --git a/translations/en-us.yaml b/translations/en-us.yaml index 4ebaf6108..f06807939 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -1090,6 +1090,10 @@ loginPage: error: authFailedCreds: "Logging in failed: Check credentials, or your account may not be authorized to log in." authFailed: "Logging in failed: Your account may not be authorized to log in." + readableProviders: + ad: Active Directory + azureAd: Azure AD + local: a Local User machinePage: header: Node Drivers From 7f8b4336eb3ac1989aa5a8d9ccfff300456670cb Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Mon, 14 May 2018 15:56:39 -0700 Subject: [PATCH 06/17] bug fixes for azure ad --- .../authentication/azuread/controller.js | 114 ++++++------------ .../authentication/azuread/template.hbs | 6 +- lib/login/addon/login/controller.js | 3 + lib/login/addon/login/template.hbs | 2 +- 4 files changed, 47 insertions(+), 78 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/controller.js b/lib/global-admin/addon/security/authentication/azuread/controller.js index a506710ac..d0a685dcc 100644 --- a/lib/global-admin/addon/security/authentication/azuread/controller.js +++ b/lib/global-admin/addon/security/authentication/azuread/controller.js @@ -54,37 +54,6 @@ export default Controller.extend({ } }, - // test: function() { - - // this.send('clearError'); - - // const model = get(this, 'model'); - - // setProperties(model, { - // enabled: false, - // }); - - // var errors = model.validationErrors(); - - // if ( errors.get('length') ) { - - // set(this, 'errors', errors); - - // } else { - - // set(this, 'testing', true); - - // model.save().then(() => { - - // this.send('authenticate'); - - // }).catch(err => { - - // this.send('gotError', err); - - // }); - // } - // }, test: function() { this.send('clearError'); @@ -107,11 +76,13 @@ export default Controller.extend({ set(this, 'testing', true); + delete model.enabled; + model.doAction('testAndApply', { - azureADConfig: model, - enabled: true, - username: get(this, 'loginUsername'), - password: get(this, 'loginPassword'), + azureAdConfig: model, + enabled: true, + username: get(this, 'loginUsername'), + password: get(this, 'loginPassword'), }).then( () => { this.send('waitAndRefresh'); @@ -126,90 +97,85 @@ export default Controller.extend({ } }, - // authenticate: function() { - // this.send('clearError'); - // var code = get(this, 'loginUsername')+':'+get(this, 'loginPassword'); - // get(this, 'access').login(code).then(res => { - // this.send('authenticationSucceeded', res.body); - // }).catch(err => { - // this.send('gotError', err); - // }); - // }, - - // authenticationSucceeded: function(/*auth*/) { - // this.send('clearError'); - - // // Set this to true so the token will be sent with the request - // set(this, 'access.enabled', true); - - // var model = get(this, 'model'); - // model.setProperties({ - // enabled: true, - // }); - - // model.save().then(() => { - // this.send('waitAndRefresh'); - // }).catch((err) => { - // set(this, 'access.enabled', false); - // this.send('gotError', err); - // }); - // }, - waitAndRefresh: function(url) { + $('#loading-underlay, #loading-overlay').removeClass('hide').show(); // eslint-disable-line + setTimeout(function() { window.location.href = url || window.location.href; }, 1000); + }, promptDisable: function() { + set(this, 'confirmDisable', true); + later(this, function() { set(this, 'confirmDisable', false); }, 10000); + }, gotError: function(err) { - if ( err.message ) - { + + if ( err.message ) { + this.send('showError', err.message + (err.detail? '('+err.detail+')' : '')); - } - else - { + + } else { + this.send('showError', 'Error ('+err.status + ' - ' + err.code+')'); + } - set(this, 'testing', false); - set(this, 'saving', false); + setProperties(this, { + testing: false, + saving: false, + }); + }, showError: function(msg) { + set(this, 'errors', [msg]); + window.scrollY = 0; + }, clearError: function() { + set(this, 'errors', null); + }, disable: function() { + this.send('clearError'); const model = get(this, 'azureADConfig'); setProperties(model, { - enabled: false, + enabled: false, username: null, password: null, }); - // model.save().then(() => { - model.doAction('disable').then(() => { + model.save().then(() => { + + // model.doAction('disable').then(() => { + this.send('waitAndRefresh'); + }).catch((err) => { + this.send('gotError', err); + }).finally(() => { + set(this, 'confirmDisable', false); + }); }, }, diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index 87a77f406..90cfa5849 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -89,21 +89,21 @@
    - {{input type="text" value=azureADConfig.tenantid placeholder=(t 'authPage.azuread.configure.tenantId.placeholder') classNames="form-control"}} + {{input type="text" value=azureADConfig.tenantId placeholder=(t 'authPage.azuread.configure.tenantId.placeholder') classNames="form-control"}}

    {{t 'authPage.azuread.configure.tenantId.help'}}

    - {{input type="text" value=azureADConfig.clientid placeholder=(t 'authPage.azuread.configure.clientId.placeholder') classNames="form-control"}} + {{input type="text" value=azureADConfig.clientId placeholder=(t 'authPage.azuread.configure.clientId.placeholder') classNames="form-control"}}
    {{#unless (eq mode 'global')}}
    - {{input type="password" value=azureADConfig.clientsecret placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}} + {{input type="password" value=azureADConfig.clientSecret placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}}
    {{/unless}} diff --git a/lib/login/addon/login/controller.js b/lib/login/addon/login/controller.js index b5fcddbb7..98e085f70 100644 --- a/lib/login/addon/login/controller.js +++ b/lib/login/addon/login/controller.js @@ -101,6 +101,9 @@ export default Controller.extend({ case 'activedirectory': this.toggleProperty('adWaiting'); break; + case 'azuread': + this.toggleProperty('azureadWaiting'); + break; case 'shibboleth': this.toggleProperty('shibbolethWaiting'); break; diff --git a/lib/login/addon/login/template.hbs b/lib/login/addon/login/template.hbs index 08f3a1565..cfbf5f044 100644 --- a/lib/login/addon/login/template.hbs +++ b/lib/login/addon/login/template.hbs @@ -42,7 +42,7 @@ classNames="row" provider="azuread" shown=true - waiting=adWaiting + waiting=azureadWaiting }} {{/if}} From 1fe1b071065686af92ce197f1f069a5857b3057a Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Mon, 14 May 2018 19:31:34 -0700 Subject: [PATCH 07/17] change disable --- .../addon/security/authentication/azuread/controller.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/controller.js b/lib/global-admin/addon/security/authentication/azuread/controller.js index d0a685dcc..c5e2c43e8 100644 --- a/lib/global-admin/addon/security/authentication/azuread/controller.js +++ b/lib/global-admin/addon/security/authentication/azuread/controller.js @@ -162,9 +162,9 @@ export default Controller.extend({ password: null, }); - model.save().then(() => { + // model.save().then(() => { - // model.doAction('disable').then(() => { + model.doAction('disable').then(() => { this.send('waitAndRefresh'); From 43912884657adf63adbd6ed4855f02d89e9ed93d Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 10:20:32 -0700 Subject: [PATCH 08/17] disable azure ad until prs are merged --- .../addon/security/authentication/azuread/controller.js | 4 ---- lib/global-admin/addon/security/authentication/controller.js | 3 +-- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/controller.js b/lib/global-admin/addon/security/authentication/azuread/controller.js index c5e2c43e8..2e2d60c1a 100644 --- a/lib/global-admin/addon/security/authentication/azuread/controller.js +++ b/lib/global-admin/addon/security/authentication/azuread/controller.js @@ -158,12 +158,8 @@ export default Controller.extend({ setProperties(model, { enabled: false, - username: null, - password: null, }); - // model.save().then(() => { - model.doAction('disable').then(() => { this.send('waitAndRefresh'); diff --git a/lib/global-admin/addon/security/authentication/controller.js b/lib/global-admin/addon/security/authentication/controller.js index dce01fc44..c516651c4 100644 --- a/lib/global-admin/addon/security/authentication/controller.js +++ b/lib/global-admin/addon/security/authentication/controller.js @@ -10,9 +10,8 @@ export default Controller.extend({ drivers: computed(function() { return [ {route: 'security.authentication.activedirectory', label: 'Active Directory', css: 'activedirectory', available: this.hasRecord('activedirectoryconfig') }, - {route: 'security.authentication.azuread', label: 'Azure AD', css: 'azuread', available: this.hasRecord('azureadconfig') }, + // {route: 'security.authentication.azuread', label: 'Azure AD', css: 'azuread', available: this.hasRecord('azureadconfig') }, {route: 'security.authentication.github', label: 'GitHub', css: 'github', available: this.hasRecord('githubconfig') }, - // {route: 'security.authentication.localauth', label: 'Local', css: 'local', available: this.hasRecord('localconfig') }, // always on // {route: 'security.authentication.openldap', label: 'OpenLDAP', css: 'openldap', available: this.hasRecord('openldapconfig') }, // {route: 'security.authentication.shibboleth', label: 'Shibboleth', css: 'shibboleth', available: this.hasRecord('shibbolethconfig') }, ]; From e47a96f9939584ca711983844fbc191eb6d81a85 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 11:55:22 -0700 Subject: [PATCH 09/17] azure ad add edit --- .../security/authentication/azuread/controller.js | 14 ++++++++++---- .../security/authentication/azuread/template.hbs | 10 +++++++--- .../addon/security/authentication/controller.js | 2 +- translations/en-us.yaml | 2 +- 4 files changed, 19 insertions(+), 9 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/controller.js b/lib/global-admin/addon/security/authentication/azuread/controller.js index 2e2d60c1a..300ed00d6 100644 --- a/lib/global-admin/addon/security/authentication/azuread/controller.js +++ b/lib/global-admin/addon/security/authentication/azuread/controller.js @@ -23,7 +23,7 @@ export default Controller.extend({ //new azureADConfig: alias('model.azureADConfig'), isEnabled: alias('azureADConfig.enabled'), - // isEnabled: true, + editing: false, mode: 'global', modeClass: 'span-4', @@ -36,6 +36,11 @@ export default Controller.extend({ }), actions: { + + edit() { + set(this, 'editing', true); + }, + toggleMode() { if (get(this, 'mode') === 'global') { @@ -59,6 +64,7 @@ export default Controller.extend({ this.send('clearError'); const model = get(this, 'azureADConfig'); + const enabled = get(this, 'azureADConfig.enabled'); model.setProperties({ accessMode: 'unrestricted', @@ -70,13 +76,13 @@ export default Controller.extend({ set(this, 'errors', errors); set(this, 'testing', false); - model.set('enabled', false); + model.set('enabled', enabled); } else { set(this, 'testing', true); - delete model.enabled; + // delete model.enabled; model.doAction('testAndApply', { azureAdConfig: model, @@ -89,7 +95,7 @@ export default Controller.extend({ }).catch((err) => { - set(model, 'enabled', false); + set(model, 'enabled', enabled); this.send('gotError', err); diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index 90cfa5849..91b07b5a7 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -35,7 +35,10 @@
    -
    +
    + @@ -69,7 +72,7 @@ {{/if}} - {{#unless isEnabled}} + {{#if (or (not isEnabled) editing)}}
    @@ -164,5 +167,6 @@
    - {{/unless}} + {{/if}} + {{/accordion-list}} \ No newline at end of file diff --git a/lib/global-admin/addon/security/authentication/controller.js b/lib/global-admin/addon/security/authentication/controller.js index c516651c4..8634b3639 100644 --- a/lib/global-admin/addon/security/authentication/controller.js +++ b/lib/global-admin/addon/security/authentication/controller.js @@ -10,7 +10,7 @@ export default Controller.extend({ drivers: computed(function() { return [ {route: 'security.authentication.activedirectory', label: 'Active Directory', css: 'activedirectory', available: this.hasRecord('activedirectoryconfig') }, - // {route: 'security.authentication.azuread', label: 'Azure AD', css: 'azuread', available: this.hasRecord('azureadconfig') }, + {route: 'security.authentication.azuread', label: 'Azure AD', css: 'azuread', available: this.hasRecord('azureadconfig') }, {route: 'security.authentication.github', label: 'GitHub', css: 'github', available: this.hasRecord('githubconfig') }, // {route: 'security.authentication.openldap', label: 'OpenLDAP', css: 'openldap', available: this.hasRecord('openldapconfig') }, // {route: 'security.authentication.shibboleth', label: 'Shibboleth', css: 'shibboleth', available: this.hasRecord('shibbolethconfig') }, diff --git a/translations/en-us.yaml b/translations/en-us.yaml index f06807939..e342ac355 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -473,7 +473,7 @@ authPage: header: 'Danger Zone™' warning: 'Caution: Disabling access control will give complete control over {appName} to anyone that can reach this page or the API.' reallyDisable: 'Are you sure? Click again to really disable access control' - promptDisable: Disable access control + promptDisable: Disable Azure AD configure: header: '1. Configure Azure AD Account' adminAccountUsername: From d0cfae7aaa2b54b08a588af02a83c628b750fdea Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 12:07:05 -0700 Subject: [PATCH 10/17] markup changes to match other auth drivers --- .../authentication/azuread/template.hbs | 18 ++++++++++++++++++ translations/en-us.yaml | 2 ++ 2 files changed, 20 insertions(+) diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index 91b07b5a7..7fd6a536b 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -46,6 +46,24 @@

    {{t 'authPage.azuread.enabled.warning' appName=settings.appName htmlSafe=true}}

    +
    +
    +
    +

    {{t 'authPage.azuread.enabled.general.header'}}

    +
    + {{t 'authPage.azuread.configure.tenantId.label'}}: {{azureADConfig.tenantId}} +
    +
    + {{t 'authPage.azuread.configure.clientId.label'}}: {{azureADConfig.clientId}} +
    +
    + {{t 'authPage.azuread.configure.domain.label'}}: {{azureADConfig.domain}} +
    +
    + {{t 'authPage.azuread.configure.adminAccountUsername.label'}}: {{azureADConfig.adminAccountUsername}} +
    +
    +
    {{/accordion-list-item}} diff --git a/translations/en-us.yaml b/translations/en-us.yaml index e342ac355..ffeffacf2 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -474,6 +474,8 @@ authPage: warning: 'Caution: Disabling access control will give complete control over {appName} to anyone that can reach this page or the API.' reallyDisable: 'Are you sure? Click again to really disable access control' promptDisable: Disable Azure AD + general: + header: General configure: header: '1. Configure Azure AD Account' adminAccountUsername: From 7a4c9611a5a1b28bf96826d107e067b3c6bc2725 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 12:23:27 -0700 Subject: [PATCH 11/17] more markup changes --- .../authentication/azuread/template.hbs | 168 ++++++++++-------- translations/en-us.yaml | 6 +- 2 files changed, 95 insertions(+), 79 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index 7fd6a536b..e07f28875 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -25,6 +25,7 @@ {{#if isEnabled}} {{#accordion-list-item + detail=(t 'authPage.azuread.configure.help') expand=(action expandFn) expandAll=al.expandAll expandOnInit=true @@ -35,7 +36,7 @@
    -
    +
    @@ -43,8 +44,7 @@ {{t 'authPage.azuread.enabled.promptDisable'}}
    - -

    {{t 'authPage.azuread.enabled.warning' appName=settings.appName htmlSafe=true}}

    + {{t 'authPage.azuread.configure.help'}}
    @@ -91,100 +91,116 @@ {{#if (or (not isEnabled) editing)}} -
    + {{#accordion-list-item + classNames="mt-30" + detail=(t 'authPage.azuread.configure.help') + expand=(action expandFn) + expandAll=al.expandAll + expandOnInit=true + expanded=true + showExpand=false + title=(t 'authPage.azuread.configure.header') + }} -
    -
    -

    {{t 'authPage.azuread.configure.header'}}

    -
    -
    -
    +
    +
    +
    -
    -
    +
    -
    -
    -
    - - {{input type="text" value=azureADConfig.tenantId placeholder=(t 'authPage.azuread.configure.tenantId.placeholder') classNames="form-control"}} -

    {{t 'authPage.azuread.configure.tenantId.help'}}

    -
    -
    -
    -
    - - {{input type="text" value=azureADConfig.clientId placeholder=(t 'authPage.azuread.configure.clientId.placeholder') classNames="form-control"}} -
    -
    - {{#unless (eq mode 'global')}} -
    +
    +
    - - {{input type="password" value=azureADConfig.clientSecret placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}} + + {{input type="text" value=azureADConfig.tenantId placeholder=(t 'authPage.azuread.configure.tenantId.placeholder') classNames="form-control"}} +

    {{t 'authPage.azuread.configure.tenantId.help'}}

    - {{/unless}} -
    -
    - - {{input type="text" value=azureADConfig.domain placeholder=(t 'authPage.azuread.configure.domain.placeholder') classNames="form-control"}} +
    +
    + + {{input type="text" value=azureADConfig.clientId placeholder=(t 'authPage.azuread.configure.clientId.placeholder') classNames="form-control"}} +
    +
    + {{#unless (eq mode 'global')}} +
    +
    + + {{input type="password" value=azureADConfig.clientSecret placeholder=(t 'authPage.azuread.configure.clientSecret.placeholder') classNames="form-control"}} +
    +
    + {{/unless}} +
    +
    + + {{input type="text" value=azureADConfig.domain placeholder=(t 'authPage.azuread.configure.domain.placeholder') classNames="form-control"}} +
    -
    -
    -
    -
    - - {{input type="text" value=azureADConfig.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}} -

    {{t 'authPage.azuread.configure.adminAccountUsername.help'}}

    +
    +
    +
    + + {{input type="text" value=azureADConfig.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}} +

    {{t 'authPage.azuread.configure.adminAccountUsername.help'}}

    +
    +
    +
    +
    + + {{input type="password" value=azureADConfig.adminAccountPassword classNames="form-control"}} +
    -
    -
    - - {{input type="password" value=azureADConfig.adminAccountPassword classNames="form-control"}} -
    -
    -
    -
    +
    -
    -

    {{t 'authPage.azuread.test.header'}}

    -
    -

    {{t 'authPage.azuread.test.help'}}

    - {{top-errors errors=errors}} + {{/accordion-list-item}} -
    -
    -
    - - {{input type="text" value=loginUsername prompt=(t 'authPage.azuread.test.username.placeholder') classNames="form-control"}} + {{#accordion-list-item + classNames="mt-30" + detail=(t 'authPage.azuread.test.help') + expand=(action expandFn) + expandAll=al.expandAll + expandOnInit=true + expanded=true + showExpand=false + title=(t 'authPage.azuread.test.header') + }} + +
    + {{top-errors errors=errors}} +
    +
    +
    + + {{input type="text" value=loginUsername prompt=(t 'authPage.azuread.test.username.placeholder') classNames="form-control"}} +
    +
    +
    +
    + + {{input type="password" value=loginPassword classNames="form-control"}} +
    -
    +
    - - {{input type="password" value=loginPassword classNames="form-control"}} +
    -
    -
    -
    - -
    -
    -
    +
    + + {{/accordion-list-item}} {{/if}} {{/accordion-list}} \ No newline at end of file diff --git a/translations/en-us.yaml b/translations/en-us.yaml index ffeffacf2..a4e354655 100644 --- a/translations/en-us.yaml +++ b/translations/en-us.yaml @@ -471,13 +471,13 @@ authPage: warning: "{appName} can be configured to restrict access to a set of Azure AD users and groups" enabled: header: 'Danger Zone™' - warning: 'Caution: Disabling access control will give complete control over {appName} to anyone that can reach this page or the API.' reallyDisable: 'Are you sure? Click again to really disable access control' promptDisable: Disable Azure AD general: header: General configure: - header: '1. Configure Azure AD Account' + header: 'Configure Azure AD Account' + help: Enter the Tenant ID, Client ID, and Admin user details to connect to your Azure AD auth account. adminAccountUsername: label: Admin Account Username placeholder: e.g. rancher-admin @@ -498,7 +498,7 @@ authPage: placeholder: A long UUID string help: From the Azure AD portal test: - header: '2. Test and enable authentication' + header: 'Test and enable authentication' help: 'Check that everything is configured correctly by testing authentication with your account:' username: label: Login Username From b8cf3982532eea1d64e251bed0d2e5db37cd62f0 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 15:39:27 -0700 Subject: [PATCH 12/17] Fix vertical ellipsis action menu icon in tooltipService rancher/rancher#13420 --- app/styles/components/_tooltip.scss | 6 +++++ .../addon/components/action-menu/component.js | 17 +++++++++++-- .../addon/components/action-menu/template.hbs | 8 +++++- lib/shared/addon/tooltip/service.js | 25 +++++++++++++------ yarn.lock | 6 ++--- 5 files changed, 49 insertions(+), 13 deletions(-) diff --git a/app/styles/components/_tooltip.scss b/app/styles/components/_tooltip.scss index 8380f9a87..e938433d3 100644 --- a/app/styles/components/_tooltip.scss +++ b/app/styles/components/_tooltip.scss @@ -90,6 +90,12 @@ $tooltip-arrow-color : $tooltip-bg !default; background: lighten($primary-dark, 15%); } + .icon-vertical-ellipsis { + position: relative; + top: 50%; + transform: translateY(-50%); + } + .icon-chevron-down { transition: ease all 350ms; } diff --git a/lib/shared/addon/components/action-menu/component.js b/lib/shared/addon/components/action-menu/component.js index e13b08028..c6b332b10 100644 --- a/lib/shared/addon/components/action-menu/component.js +++ b/lib/shared/addon/components/action-menu/component.js @@ -1,7 +1,7 @@ import Component from '@ember/component'; import layout from './template'; import { inject as service } from '@ember/service' -import { computed } from '@ember/object'; +import { computed, get } from '@ember/object'; export default Component.extend({ @@ -17,16 +17,29 @@ export default Component.extend({ size: 'xs', actions: { + clickedAction: function(actionName) { this.get('resourceActions').triggerAction(actionName); }, + closeLater(dd) { dd.actions.close(); return true; }, + preload() { this.get('resourceActions').setActionItems(this.get('model'), this.get('context')); - } + }, + + actionsOpen() { + get(this, 'tooltipService').set('childOpened', true); + }, + + actionsClosed() { + get(this, 'tooltipService').set('childOpened', false); + get(this, 'tooltipService').hide(); + }, + }, sizeClass: computed('size', function() { diff --git a/lib/shared/addon/components/action-menu/template.hbs b/lib/shared/addon/components/action-menu/template.hbs index 63948418c..547c29bb6 100644 --- a/lib/shared/addon/components/action-menu/template.hbs +++ b/lib/shared/addon/components/action-menu/template.hbs @@ -1,4 +1,10 @@ -{{#basic-dropdown as |dd|}} +{{#basic-dropdown + horizontalPosition="right" + verticalPosition="below" + onOpen=(action 'actionsOpen') + onClose=(action 'actionsClosed') + as |dd| +}} {{#dd.trigger ariaLabel=(t 'generic.moreActions') diff --git a/lib/shared/addon/tooltip/service.js b/lib/shared/addon/tooltip/service.js index 048595528..f175c480b 100644 --- a/lib/shared/addon/tooltip/service.js +++ b/lib/shared/addon/tooltip/service.js @@ -1,19 +1,24 @@ import { later, cancel } from '@ember/runloop'; import Service, { inject as service } from '@ember/service'; +import { get } from '@ember/object'; const DELAY = 250; export default Service.extend({ - mouseLeaveTimer: null, - requireClick: false, - tooltipOpts: null, + app: service(), + + mouseLeaveTimer: null, + requireClick: false, + tooltipOpts: null, openedViaContextClick: false, - app: service(), + childOpened: false, startTimer() { + this.set('mouseLeaveTimer', later(() => { this.hide(); }, DELAY)); + }, cancelTimer() { @@ -21,13 +26,19 @@ export default Service.extend({ }, hide() { - this.set('tooltipOpts', null); + + if (!get(this, 'childOpened')) { + this.set('tooltipOpts', null); + } + }, leave() { - if ( !this.get('requireClick') ) - { + + if ( !this.get('requireClick') ) { this.startTimer(); } + }, + }); diff --git a/yarn.lock b/yarn.lock index 17dfab02a..8411bf66a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2604,9 +2604,9 @@ elliptic@^6.0.0: minimalistic-assert "^1.0.0" minimalistic-crypto-utils "^1.0.0" -ember-api-store@^2.6.6: - version "2.6.6" - resolved "https://registry.yarnpkg.com/ember-api-store/-/ember-api-store-2.6.6.tgz#c405ce94f21ca7c5d80568cbf33f99b42403dce0" +ember-api-store@2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/ember-api-store/-/ember-api-store-2.6.8.tgz#fdcc950ea1c8cab7633e0480eb5061534c650d0c" dependencies: broccoli-file-creator "^1.1.1" ember-cli-babel "^6.8.2" From 75486e97748de5af720f7e791c23dd2f52bcb863 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 16:08:31 -0700 Subject: [PATCH 13/17] fix random open hover dropdown remaining open rancher/rancher#13491 --- lib/shared/addon/mixins/hover-dropdowns.js | 29 ++++++++++++++++++---- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/lib/shared/addon/mixins/hover-dropdowns.js b/lib/shared/addon/mixins/hover-dropdowns.js index cdbb2924b..ae4c66890 100644 --- a/lib/shared/addon/mixins/hover-dropdowns.js +++ b/lib/shared/addon/mixins/hover-dropdowns.js @@ -1,26 +1,45 @@ import Mixin from '@ember/object/mixin'; -import { cancel, later } from '@ember/runloop'; +import { next, cancel, later } from '@ember/runloop'; +import { get, set } from '@ember/object'; export default Mixin.create({ + clostTimer: null, + actions: { prevent() { return false; }, open(dropdown) { - if (this.closeTimer) { - cancel(this.closeTimer); - this.closeTimer = null; + const ct = get(this, 'clostTimer'); + + if (ct) { + + next(() => { + cancel(ct); + }); + + set(this, 'clostTimer', null); + } else { - dropdown.actions.open(); + + next(() => { + dropdown.actions.open(); + }); + } }, closeLater(dropdown) { + this.closeTimer = later(() => { + this.closeTimer = null; + dropdown.actions.close(); + }, 200); + } }, From bcb3c70890ecffb5bddd3178e55aef5e24dfb7e9 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 16:16:40 -0700 Subject: [PATCH 14/17] remove admin data from azure ad --- .../security/authentication/azuread/template.hbs | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index e07f28875..78516409b 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -140,22 +140,6 @@
    - -
    -
    -
    - - {{input type="text" value=azureADConfig.adminAccountUsername placeholder=(t 'authPage.azuread.configure.adminAccountUsername.placeholder') classNames="form-control"}} -

    {{t 'authPage.azuread.configure.adminAccountUsername.help'}}

    -
    -
    -
    -
    - - {{input type="password" value=azureADConfig.adminAccountPassword classNames="form-control"}} -
    -
    -
    {{/accordion-list-item}} From e0cd873b867268c8f9b3d63fc4e8c9a125331049 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 16:46:43 -0700 Subject: [PATCH 15/17] revert hover dropdown change --- lib/shared/addon/mixins/hover-dropdowns.js | 24 ++++++++++------------ 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/lib/shared/addon/mixins/hover-dropdowns.js b/lib/shared/addon/mixins/hover-dropdowns.js index ae4c66890..ff133a380 100644 --- a/lib/shared/addon/mixins/hover-dropdowns.js +++ b/lib/shared/addon/mixins/hover-dropdowns.js @@ -3,7 +3,7 @@ import { next, cancel, later } from '@ember/runloop'; import { get, set } from '@ember/object'; export default Mixin.create({ - clostTimer: null, + closeTimer: null, actions: { prevent() { @@ -11,36 +11,34 @@ export default Mixin.create({ }, open(dropdown) { - const ct = get(this, 'clostTimer'); + const ct = get(this, 'closeTimer'); + console.log('open closeTimer: ', this.closeTimer, get(dropdown, 'uniqueId')); if (ct) { - next(() => { - cancel(ct); - }); + cancel(ct); + set(this, 'closeTimer', null); - set(this, 'clostTimer', null); } else { - next(() => { - dropdown.actions.open(); - }); + dropdown.actions.open(); } }, closeLater(dropdown) { - this.closeTimer = later(() => { - - this.closeTimer = null; + set(this, 'closeTimer', later(() => { dropdown.actions.close(); + set(this, 'closeTimer', null); - }, 200); + }, 200)); + console.log('close closeTimer: ', this.closeTimer, get(dropdown, 'uniqueId')); } + }, }); From f2be231ba7441f95d85bb17e77fd945ad23c14d5 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 17:53:04 -0700 Subject: [PATCH 16/17] remove another admin field in azure ad --- .../addon/security/authentication/azuread/template.hbs | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lib/global-admin/addon/security/authentication/azuread/template.hbs b/lib/global-admin/addon/security/authentication/azuread/template.hbs index 78516409b..16bc1d63b 100644 --- a/lib/global-admin/addon/security/authentication/azuread/template.hbs +++ b/lib/global-admin/addon/security/authentication/azuread/template.hbs @@ -48,7 +48,7 @@
    -
    +

    {{t 'authPage.azuread.enabled.general.header'}}

    {{t 'authPage.azuread.configure.tenantId.label'}}: {{azureADConfig.tenantId}} @@ -59,9 +59,6 @@
    {{t 'authPage.azuread.configure.domain.label'}}: {{azureADConfig.domain}}
    -
    - {{t 'authPage.azuread.configure.adminAccountUsername.label'}}: {{azureADConfig.adminAccountUsername}} -
    From c7a8ea06aab79421a845ec39f7203c16677f7ea0 Mon Sep 17 00:00:00 2001 From: Westly Wright Date: Tue, 15 May 2018 17:54:07 -0700 Subject: [PATCH 17/17] lint --- lib/shared/addon/mixins/hover-dropdowns.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/shared/addon/mixins/hover-dropdowns.js b/lib/shared/addon/mixins/hover-dropdowns.js index ff133a380..23f51b64b 100644 --- a/lib/shared/addon/mixins/hover-dropdowns.js +++ b/lib/shared/addon/mixins/hover-dropdowns.js @@ -1,5 +1,5 @@ import Mixin from '@ember/object/mixin'; -import { next, cancel, later } from '@ember/runloop'; +import { cancel, later } from '@ember/runloop'; import { get, set } from '@ember/object'; export default Mixin.create({