il y a 6 ans · 6b145bb3cc
--- a/Dockerfile
+++ b/Dockerfile
@@ -70,6 +70,7 @@ ARG LOGOUT_IN
 
				 ARG LOGOUT_ON_HOURS
			
 
				 ARG LOGOUT_ON_MINUTES
			
 
				 ARG CORS
			
 
				+ARG DEFAULT_AUTHENTICATION_METHOD
			
 
				 
			
 
				 # Set the environment variables (defaults where required)
			
 
				 # DOES NOT WORK: paxctl fix for alpine linux: https://github.com/wekan/wekan/issues/1303
			
@@ -142,7 +143,8 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
 
				     LOGOUT_IN="" \
			
 
				     LOGOUT_ON_HOURS="" \
			
 
				     LOGOUT_ON_MINUTES="" \
			
 
				-    CORS=""
			
 
				+    CORS="" \
			
 
				+    DEFAULT_AUTHENTICATION_METHOD=""
			
 
				 
			
 
				 # Copy the app to the image
			
 
				 COPY ${SRC_PATH} /home/wekan/app
			
--- a/docker-compose-build.yml
+++ b/docker-compose-build.yml
@@ -223,6 +223,9 @@ services:
 
				       # LOGOUT_ON_MINUTES : The number of minutes
			
 
				       # example : LOGOUT_ON_MINUTES=55
			
 
				       #- LOGOUT_ON_MINUTES=
			
 
				+      # DEFAULT_AUTHENTICATION_METHOD : The default authentication method used if a user does not exist to create and authenticate him
			
 
				+      # example : DEFAULT_AUTHENTICATION_METHOD=ldap
			
 
				+      #- DEFAULT_AUTHENTICATION_METHOD=
			
 
				 
			
 
				     depends_on:
			
 
				       - wekandb
			
--- a/docker-compose-postgresql.yml
+++ b/docker-compose-postgresql.yml
@@ -245,6 +245,9 @@ services:
 
				       # LOGOUT_ON_MINUTES : The number of minutes
			
 
				       # example : LOGOUT_ON_MINUTES=55
			
 
				       #- LOGOUT_ON_MINUTES=
			
 
				+      # DEFAULT_AUTHENTICATION_METHOD : The default authentication method used if a user does not exist to create and authenticate him
			
 
				+      # example : DEFAULT_AUTHENTICATION_METHOD=ldap
			
 
				+      #- DEFAULT_AUTHENTICATION_METHOD=
			
 
				 
			
 
				     depends_on:
			
 
				       - mongodb
			
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -212,6 +212,9 @@ services:
 
				       # LOGOUT_ON_MINUTES : The number of minutes
			
 
				       # example : LOGOUT_ON_MINUTES=55
			
 
				       #- LOGOUT_ON_MINUTES=
			
 
				+      # DEFAULT_AUTHENTICATION_METHOD : The default authentication method used if a user does not exist to create and authenticate him
			
 
				+      # example : DEFAULT_AUTHENTICATION_METHOD=ldap
			
 
				+      #- DEFAULT_AUTHENTICATION_METHOD=
			
 
				 
			
 
				     depends_on:
			
 
				       - wekandb
			
--- a/models/settings.js
+++ b/models/settings.js
@@ -260,5 +260,9 @@ if (Meteor.isServer) {
 
				         cas: isCasEnabled(),
			
 
				       };
			
 
				     },
			
 
				+
			
 
				+    getDefaultAuthenticationMethod() {
			
 
				+      return process.env.DEFAULT_AUTHENTICATION_METHOD;
			
 
				+    }
			
 
				   });
			
 
				 }
			
--- a/sandstorm-pkgdef.capnp
+++ b/sandstorm-pkgdef.capnp
@@ -254,6 +254,7 @@ const myCommand :Spk.Manifest.Command = (
 
				     (key = "OAUTH2_TOKEN_ENDPOINT", value=""),
			
 
				     (key = "LDAP_ENABLE", value="false"),
			
 
				     (key = "SANDSTORM", value = "1"),
			
 
				-    (key = "METEOR_SETTINGS", value = "{\"public\": {\"sandstorm\": true}}")
			
 
				+    (key = "METEOR_SETTINGS", value = "{\"public\": {\"sandstorm\": true}}"),
			
 
				+    (key = "DEFAULT_AUTHENTICATION_METHOD", value = "")
			
 
				   ]
			
 
				 );
			
--- a/snap-src/bin/config
+++ b/snap-src/bin/config
@@ -3,7 +3,7 @@
 
				 # All supported keys are defined here together with descriptions and default values
			
 
				 
			
 
				 # list of supported keys
			
 
				-keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES"
			
 
				+keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
			
 
				 
			
 
				 # default values
			
 
				 DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\
			
@@ -289,3 +289,8 @@ KEY_LOGOUT_ON_HOURS="logout-on-hours"
 
				 DESCRIPTION_LOGOUT_ON_MINUTES="The number of minutes"
			
 
				 DEFAULT_LOGOUT_ON_MINUTES=""
			
 
				 KEY_LOGOUT_ON_MINUTES="logout-on-minutes"
			
 
				+
			
 
				+
			
 
				+DESCRIPTION_DEFAULT_AUTHENTICATION_METHOD="The default authentication method used if a user does not exist to create and authenticate him"
			
 
				+DEFAULT_DEFAULT_AUTHENTICATION_METHOD=""
			
 
				+KEY_DEFAULT_AUTHENTICATION_METHOD="default-authentication-method"