From a9b6a253ccc1d0d2ec659862aa8f9a449fc4298a Mon Sep 17 00:00:00 2001 From: bearns Date: Wed, 14 Oct 2020 23:44:40 +0300 Subject: [PATCH] Plugin copy --- docker-compose.yml | 46 +++-------------- docker-compose.yml~ | 50 +++---------------- redmine/Dockerfile | 5 +- redmine/Dockerfile~ | 5 +- .../app/models/auth_source_ldap_passwd.rb | 7 ++- .../redmine_ldap_passwd/config/locales/en.yml | 7 ++- redmine/redmine_ldap_passwd/init.rb | 5 ++ 7 files changed, 32 insertions(+), 93 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 755e7ab..f618b28 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,6 +17,7 @@ services: # - db.env volumes: - redmine-files:/usr/src/redmine/files + - redmine-config:/usr/src/redmine/config - redmine-logs:/var/log/redmine depends_on: - db @@ -43,6 +44,11 @@ volumes: type: none device: /tmp/docker/redmine-files o: bind + redmine-config: + driver_opts: + type: none + device: /tmp/docker/redmine-config + o: bind redmine-logs: driver_opts: type: none @@ -50,85 +56,45 @@ volumes: o: bind # openldap: -# # #build: ./ldap -# # image: osixia/openldap:1.4.0 -# # container_name: openldap -# # restart: always -# # environment: -# # LDAP_LOG_LEVEL: "0x380" -# # LDAP_ORGANISATION: "Example Inc." -# # LDAP_DOMAIN: "example.org" -# # LDAP_BASE_DN: "" -# # LDAP_ADMIN_PASSWORD: "admin" -# # LDAP_CONFIG_PASSWORD: "config" -# # LDAP_READONLY_USER: "false" -# # #LDAP_READONLY_USER_USERNAME: "readonly" -# # #LDAP_READONLY_USER_PASSWORD: "readonly" -# # LDAP_RFC2307BIS_SCHEMA: "false" -# # LDAP_BACKEND: "mdb" -# # LDAP_TLS: "true" -# # LDAP_TLS_CRT_FILENAME: "ldap.crt" -# # LDAP_TLS_KEY_FILENAME: "ldap.key" -# # LDAP_TLS_DH_PARAM_FILENAME: "dhparam.pem" -# # LDAP_TLS_CA_CRT_FILENAME: "ca.crt" -# # LDAP_TLS_ENFORCE: "false" -# # LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC" -# # LDAP_TLS_VERIFY_CLIENT: "never" -# # LDAP_REPLICATION: "false" -# # #LDAP_REPLICATION_CONFIG_SYNCPROV: "binddn="cn=admin,cn=config" bindmethod=simple credentials=$$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical" -# # #LDAP_REPLICATION_DB_SYNCPROV: "binddn="cn=admin,$$LDAP_BASE_DN" bindmethod=simple credentials=$$LDAP_ADMIN_PASSWORD searchbase="$$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical" -# # #LDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']" -# # KEEP_EXISTING_CONFIG: "false" -# # LDAP_REMOVE_CONFIG_AFTER_SETUP: "true" -# # LDAP_SSL_HELPER_PREFIX: "ldap" -# # tty: true -# # stdin_open: true -# # volumes: -# # - /srv/docker/ldap/ldap:/var/lib/ldap -# # - /srv/docker/ldap/slap.d:/etc/ldap/slapd.d -# # - /srv/docker/ldap/certs:/container/service/slapd/assets/certs/ -# # ports: -# # - "389:389" -# # - "636:636" # # # For replication to work correctly, domainname and hostname must be diff --git a/docker-compose.yml~ b/docker-compose.yml~ index 575733d..f844fb3 100644 --- a/docker-compose.yml~ +++ b/docker-compose.yml~ @@ -17,6 +17,7 @@ services: # - db.env volumes: - redmine-files:/usr/src/redmine/files + - redmine-config:/usr/src/redmine/config - redmine-logs:/var/log/redmine depends_on: - db @@ -27,8 +28,8 @@ services: restart: always environment: MYSQL_DATABASE: redmine - env_file: - - db.env + #env_file: + # - db.env volumes: - db:/var/lib/mysql @@ -43,6 +44,11 @@ volumes: type: none device: /tmp/docker/redmine-files o: bind + redmine-config: + driver_opts: + type: none + device: /tmp/docker/redmine-config + o: bind redmine-logs: driver_opts: type: none @@ -50,85 +56,45 @@ volumes: o: bind # openldap: -# # #build: ./ldap -# # image: osixia/openldap:1.4.0 -# # container_name: openldap -# # restart: always -# # environment: -# # LDAP_LOG_LEVEL: "0x380" -# # LDAP_ORGANISATION: "Example Inc." -# # LDAP_DOMAIN: "example.org" -# # LDAP_BASE_DN: "" -# # LDAP_ADMIN_PASSWORD: "admin" -# # LDAP_CONFIG_PASSWORD: "config" -# # LDAP_READONLY_USER: "false" -# # #LDAP_READONLY_USER_USERNAME: "readonly" -# # #LDAP_READONLY_USER_PASSWORD: "readonly" -# # LDAP_RFC2307BIS_SCHEMA: "false" -# # LDAP_BACKEND: "mdb" -# # LDAP_TLS: "true" -# # LDAP_TLS_CRT_FILENAME: "ldap.crt" -# # LDAP_TLS_KEY_FILENAME: "ldap.key" -# # LDAP_TLS_DH_PARAM_FILENAME: "dhparam.pem" -# # LDAP_TLS_CA_CRT_FILENAME: "ca.crt" -# # LDAP_TLS_ENFORCE: "false" -# # LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC" -# # LDAP_TLS_VERIFY_CLIENT: "never" -# # LDAP_REPLICATION: "false" -# # #LDAP_REPLICATION_CONFIG_SYNCPROV: "binddn="cn=admin,cn=config" bindmethod=simple credentials=$$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical" -# # #LDAP_REPLICATION_DB_SYNCPROV: "binddn="cn=admin,$$LDAP_BASE_DN" bindmethod=simple credentials=$$LDAP_ADMIN_PASSWORD searchbase="$$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical" -# # #LDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']" -# # KEEP_EXISTING_CONFIG: "false" -# # LDAP_REMOVE_CONFIG_AFTER_SETUP: "true" -# # LDAP_SSL_HELPER_PREFIX: "ldap" -# # tty: true -# # stdin_open: true -# # volumes: -# # - /srv/docker/ldap/ldap:/var/lib/ldap -# # - /srv/docker/ldap/slap.d:/etc/ldap/slapd.d -# # - /srv/docker/ldap/certs:/container/service/slapd/assets/certs/ -# # ports: -# # - "389:389" -# # - "636:636" # # # For replication to work correctly, domainname and hostname must be diff --git a/redmine/Dockerfile b/redmine/Dockerfile index 1cfa06a..ef1e8f9 100644 --- a/redmine/Dockerfile +++ b/redmine/Dockerfile @@ -1,5 +1,2 @@ FROM redmine:latest -#ARG REDMINE_DB_PASSWORD -#RUN echo "testarg=${REDMINE_DB_PASSWORD}" -#ENV REDMINE_DB_PASSWORD=${REDMINE_DB_PASSWORD} -ADD ./redmine_ldap_passwd/ /usr/share/redmine/plugins/ \ No newline at end of file +ADD --chown=999:999 ./redmine_ldap_passwd/ /usr/src/redmine/plugins/redmine_ldap_passwd/ \ No newline at end of file diff --git a/redmine/Dockerfile~ b/redmine/Dockerfile~ index adae00b..89d09bb 100644 --- a/redmine/Dockerfile~ +++ b/redmine/Dockerfile~ @@ -1,5 +1,2 @@ FROM redmine:latest -ARG REDMINE_DB_PASSWORD -RUN echo "testarg=${REDMINE_DB_PASSWORD}" -ENV REDMINE_DB_PASSWORD=${REDMINE_DB_PASSWORD} -ADD ./redmine_ldap_passwd/ /usr/share/redmine/plugins/ \ No newline at end of file +ADD ./redmine_ldap_passwd/ /usr/src/redmine/plugins/redmine_ldap_passwd/ \ No newline at end of file diff --git a/redmine/redmine_ldap_passwd/app/models/auth_source_ldap_passwd.rb b/redmine/redmine_ldap_passwd/app/models/auth_source_ldap_passwd.rb index 2f77ee3..55a55c5 100644 --- a/redmine/redmine_ldap_passwd/app/models/auth_source_ldap_passwd.rb +++ b/redmine/redmine_ldap_passwd/app/models/auth_source_ldap_passwd.rb @@ -8,8 +8,10 @@ class AuthSourceLdapPasswd < AuthSourceLdap attrs = get_user_dn(user.login, password) if attrs && attrs[:dn] - if self.account && self.account.include?("$login") - ldap_con = initialize_ldap_con(self.account.sub("$login", Net::LDAP::DN.escape(user.login)), password) + defaults = Redmine::Plugin::registered_plugins[:redmine_ldap_passwd].settings[:default] + suua = Setting.plugin_redmine_ldap_passwd[:use_user_account].nil? ? defaults[:use_user_account] : Setting.plugin_redmine_ldap_passwd[:use_user_account] + if suua || ( self.account && self.account.include?("$login") ) + ldap_con = initialize_ldap_con(suua ? Net::LDAP::DN.escape(user.login) : self.account.sub("$login", Net::LDAP::DN.escape(user.login)), password) else ldap_con = initialize_ldap_con(self.account, self.account_password) end @@ -24,6 +26,7 @@ class AuthSourceLdapPasswd < AuthSourceLdap return true else + Rails.logger.info "Change password problem: #{result}." return result end end diff --git a/redmine/redmine_ldap_passwd/config/locales/en.yml b/redmine/redmine_ldap_passwd/config/locales/en.yml index 980bf2d..cc6a2fe 100644 --- a/redmine/redmine_ldap_passwd/config/locales/en.yml +++ b/redmine/redmine_ldap_passwd/config/locales/en.yml @@ -1,3 +1,8 @@ en: notice_new_password_and_confirmation_different: The new password is different from the confirmation password - notice_new_password_format: "1. The password should be at least seven characters long. 2. The password should contain characters from at least three of the following four categories: (a) English uppercase characters (A - Z) (b) English lowercase characters (a - z) (c) Base 10 digits (0 - 9) (d) Non-alphanumeric (For example: !, $, or %). 3. The password shouldn't contain three or more characters from the user's account name." \ No newline at end of file + notice_new_password_format: "1. The password should be at least seven characters long. 2. The password should contain characters from at least three of the following four categories: (a) English uppercase characters (A - Z) (b) English lowercase characters (a - z) (c) Base 10 digits (0 - 9) (d) Non-alphanumeric (For example: !, $, or %). 3. The password shouldn't contain three or more characters from the user's account name." + notice_can_t_change_password: "Can`t change password." + notice_account_wrong_password: "Wrong password or username" + notice_new_password_must_be_different: "New password must be different." + notice_account_password_updated: "Account pasword updated." + setting_use_user_account: "Use current user acoount for LDAP:" diff --git a/redmine/redmine_ldap_passwd/init.rb b/redmine/redmine_ldap_passwd/init.rb index 2cdb515..dc89109 100644 --- a/redmine/redmine_ldap_passwd/init.rb +++ b/redmine/redmine_ldap_passwd/init.rb @@ -11,6 +11,11 @@ Redmine::Plugin.register :redmine_ldap_passwd do version '3.0.1' url 'https://github.com/xeagle2/redmine_ldap_passwd' author_url 'https://github.com/xeagle2' + + settings :partial => 'settings/ldap_password', + :default => { + :use_user_account => true + } end require 'dispatcher' unless Rails::VERSION::MAJOR >= 3