/*********************************************************************** * * Copyright (C) 2006 Novell, Inc. All Rights Reserved. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; version 2.1 * of the License. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, Novell, Inc. * * To contact Novell about this file by physical or electronic mail, * you may find current contact information at www.novell.com. * ***********************************************************************/ /** * File: include/casa-ats/dialogs.ycp * Package: Configuration of casa-ats * Summary: Dialogs definitions * Authors: Juan Carlos Luciani * Ryan Partridge * * $Id: dialogs.ycp 27914 2006-02-13 14:32:08Z locilka $ */ { textdomain "casa-ats"; import "Label"; import "Popup"; import "Wizard"; import "Confirm"; import "CasaAts"; import "Report"; import "Address"; import "URL"; include "casa-ats/helps.ycp"; include "casa-ats/complex.ycp"; /** * Current authentication realm lists. * */ list realmLdapUrlList = []; list realmSearchRootList = []; /** * Search Root edit dialog * @param id id of the edited context * @param entry edited entry * @return context or nil, if canceled */ define term SearchRootEditDialog(integer id, term currVal) { y2milestone("SearchRootEditDialog Executing"); term context = nil; context = `item(`id(id)); UI::OpenDialog(`opt(`decorated), `VBox( `HSpacing(1), `VBox( `TextEntry(`id(`context), _("&Search Root Context (i.e. cn=users,o=novell)"), currVal[1]:"") ), `HSpacing(1), `HBox( `PushButton(`id(`ok), `opt(`default), Label::OKButton()), `PushButton(`id(`cancel), Label::CancelButton()) ) ) ); UI::SetFocus(`id(`context)); any ret = nil; while (true) { ret = UI::UserInput(); if (ret != `ok) break; string value = (string) UI::QueryWidget(`id(`context), `Value); context = add(context, value); break; } UI::CloseDialog(); y2milestone("SearchRootEditDialog Exiting"); if (ret != `ok) return nil; y2debug("context=%1", context); return context; } /** * Authentication Realm Edit Search Roots dialog * @return dialog result */ any AuthRealmEditSearchRootsDialog() { y2milestone("AuthRealmEditSearchRootsDialog Executing"); string caption = _("CASA Authentication Realm Search Roots Configuration"); /* dialog help 1/2*/ string help = _("

Configure the search roots for the authentication realm in this dialog.

") + /* dialog help 2/2*/ _("

The Search Roots list the LDAP contexts containing entities that may be authenticated by the Authentication Token Server. The order shown in the list matches the order utilized by the server when performing searches while trying to authenticate an entity.

"); integer max = 0; integer items = 0; list table_items = []; list searchRootList = realmSearchRootList; // Read list of search roots already configured for this realm foreach (string value, searchRootList, { term context = `item(`id(items)); context = add(context, value); table_items = add(table_items, context); items = items + 1; max = max + 1; }); /* Dialog contents */ term contents = `HBox( `HSpacing(5), `VBox( `VStretch(), `Frame(_("Search Roots"), `VBox( `Table(`id(`table), `opt(`notify), `header(_("Context")), []), `HBox(`PushButton(`id(`add), _("Ad&d")), `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), `PushButton(`id(`delete), `opt(`disabled), _("De&lete"))))), `VStretch() ), `HSpacing(5) ); Wizard::SetContentsButtons(caption, contents, help, Label::BackButton(), Label::OKButton()); UI::ChangeWidget(`id(`table), `Items, table_items); UI::SetFocus(`id(`table)); any ret = nil; while (true) { UI::ChangeWidget(`id(`edit), `Enabled, items > 0); UI::ChangeWidget(`id(`delete), `Enabled, items > 0); y2milestone("AuthRealmEditSearchRootsDialog waiting for user input"); ret = UI::UserInput(); /* abort? */ if (ret == `abort || ret == `cancel || ret == `back) { if (Popup::ReallyAbort(true)) break; else continue; } /* edit context */ else if (ret == `edit) { y2milestone("Edit Search Root Entry Invoked"); integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); list cur_item = filter(term e, table_items, { return cur == e[0, 0]:nil; }); y2debug("cur=%1", cur); y2debug("cur_item=%1", cur_item); term item = cur_item[0]:nil; item = SearchRootEditDialog(cur, item); if(item == nil) continue; table_items = maplist(term e, table_items, { if(cur == e[0, 0]:-1) return item; return e; }); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, cur); continue; } /* add context */ else if (ret == `add) { y2milestone("Add Search Root Entry Invoked"); term item = SearchRootEditDialog(max, `empty()); if (item == nil) continue; table_items = add(table_items, item); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, max); items = items + 1; max = max + 1; continue; } /* delete context */ else if (ret == `delete) { y2milestone("Delete Search Root Entry Invoked"); items = items - 1; integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); table_items = filter(term e, table_items, { return cur != e[0, 0]:nil; }); UI::ChangeWidget(`id(`table), `Items, table_items); continue; } else if (ret == `next) { realmSearchRootList = []; foreach (term value, table_items,{ realmSearchRootList = add(realmSearchRootList, value[1]:""); }); break; } else { y2error("unexpected retcode: %1", ret); continue; } } y2milestone("AuthRealmEditSearchRootsDialog Exiting"); return ret; } /** * LDAP Url edit dialog * @param id id of the edited url * @param entry edited entry * @return url or nil, if canceled */ define term LDAPUrlEditDialog(integer id, term currVal) { y2milestone("LDAPUrlEditDialog Executing"); term url = nil; url = `item(`id(id)); UI::OpenDialog(`opt(`decorated), `VBox( `HSpacing(1), `VBox( `TextEntry(`id(`url), _("&Url (i.e. ldaps://ats1.novell.com)"), currVal[1]:"") ), `HSpacing(1), `HBox( `PushButton(`id(`ok), `opt(`default), Label::OKButton()), `PushButton(`id(`cancel), Label::CancelButton()) ) )); UI::SetFocus(`id(`url)); any ret = nil; while (true) { ret = UI::UserInput(); if (ret != `ok) break; string value = (string) UI::QueryWidget(`id(`url), `Value); // Check the Url if (URL::Check(value) == true) { map urlComponents = URL::Parse(value); string scheme = tolower(urlComponents["scheme"]:""); if (scheme == "ldaps" || scheme == "ldap") { if (urlComponents["host"]:"" != "") { url = add(url, value); // Report warning if not using SSL if (scheme == "ldap") Report::Warning(_("Not using LDAPS is a security risk")); break; } } } Report::Error(_("URL entered is not valid")); } UI::CloseDialog(); y2milestone("LDAPUrlEditDialog Exiting"); if (ret != `ok) return nil; y2debug("url=%1", url); return url; } /** * Authentication Realm Edit LDAP Urls dialog * @return dialog result */ any AuthRealmEditLDAPUrlsDialog() { y2milestone("AuthRealmEditLDAPUrlsDialog Executing"); string caption = _("CASA Authentication LDAP Server URL Configuration"); /* dialog help 1/2*/ string help = _("

Configure the URLs of the LDAP servers in this dialog.

") + /* dialog help 2/2*/ _("

The LDAP URLs list the URLs of the LDAP Servers that the Authentication Token Server should contact for realm information. Configuring multiple LDAP Server resources improves fault tolerance.

"); integer max = 0; integer items = 0; list table_items = []; list ldapUrlList = realmLdapUrlList; // Read list of ldap urls already configured for this realm foreach (string value, ldapUrlList, { term context = `item(`id(items)); context = add(context, value); table_items = add(table_items, context); items = items + 1; max = max + 1; }); /* Dialog contents */ term contents = `HBox( `HSpacing(5), `VBox( `VStretch(), `Frame(_("LDAP Server URLs"), `VBox( `Table(`id(`table), `opt(`notify), `header(_("Url") + " "), []), `HBox(`PushButton(`id(`add), _("Ad&d")), `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) ) )), `VStretch() ), `HSpacing(5) ); Wizard::SetContentsButtons(caption, contents, help, Label::BackButton(), Label::OKButton()); UI::ChangeWidget(`id(`table), `Items, table_items); UI::SetFocus(`id(`table)); any ret = nil; while (true) { UI::ChangeWidget(`id(`edit), `Enabled, items > 0); UI::ChangeWidget(`id(`delete), `Enabled, items > 0); y2milestone("AuthRealmEditLDAPUrlsDialog waiting for user input"); ret = UI::UserInput(); /* abort? */ if (ret == `abort || ret == `cancel || ret == `back) { if (Popup::ReallyAbort(true)) break; else continue; } /* edit context */ else if (ret == `edit) { y2milestone("Edit LDAP Url Entry Invoked"); integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); list cur_item = filter(term e, table_items, { return cur == e[0, 0]:nil; }); y2debug("cur=%1", cur); y2debug("cur_item=%1", cur_item); term item = cur_item[0]:nil; item = LDAPUrlEditDialog(cur, item); if(item == nil) continue; table_items = maplist(term e, table_items, { if(cur == e[0, 0]:-1) return item; return e; }); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, cur); continue; } else if (ret == `add) { y2milestone("Add LDAP Url Entry Invoked"); term item = LDAPUrlEditDialog(max, `empty()); if (item == nil) continue; table_items = add(table_items, item); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, max); items = items + 1; max = max + 1; continue; } else if (ret == `delete) { y2milestone("Delete LDAP Url Entry Invoked"); items = items - 1; integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); table_items = filter(term e, table_items, { return cur != e[0, 0]:nil; }); UI::ChangeWidget(`id(`table), `Items, table_items); continue; } else if (ret == `next) { realmLdapUrlList = []; foreach (term value, table_items,{ realmLdapUrlList = add(realmLdapUrlList, value[1]:""); }); break; } else { y2error("unexpected retcode: %1", ret); continue; } } y2milestone("AuthRealmEditLDAPUrlsDialog Exiting"); return ret; } /** * Authentication Realm edit dialog * @param currVal current value * @return realm or nil, if canceled */ define map AuthRealmEditDialog(map currVal) { y2milestone("AuthRealmEditDialog Executing"); map realm = $[]; string caption = _("CASA Authentication Realm Setup"); /* dialog help 1/7*/ string help = _("

This dialog configures an Authentication Realm.

") + /* dialog help 2/7*/ _("

The LDAP URLs list the URLs of the LDAP Servers that the Authentication Token Server should contact for realm information. Configuring multiple LDAP Server resources improves fault tolerance.

") + /* dialog help 3/7*/ _("

The Directory Type specifies the type of directory utilized in the realm. This is used to resolve issues related to schema differences.

") + /* dialog help 4/7*/ _("

The Authentication Mechanisms box allows you to configure the mechanisms that can be utilized to authenticate an entity to the realm.

") + /* dialog help 5/7*/ _("

The Proxy User Credentials specify the credentials that the Authentication Token Service should utilize to authenticate to the realm for the purpose of performing searches and obtaining information about authenticated entities. ") + /* dialog help 6/7*/ _("

The LDAP Server Urls button allows you to configure the URLs of the LDAP Servers associated with the realm.

") + /* dialog help 7/7*/ _("

The Search Roots button allows you to configure the LDAP contexts containing entities that can be authenticated.

"); // Setup realm parameters with default values in variables that // can be easily used. string realm_id = ""; boolean edir_type = true; boolean ad_type = false; boolean passwd_mech = true; boolean krb_mech = false; string proxy_username = ""; string proxy_passwd = ""; string reentered_passwd = ""; realmLdapUrlList = []; realmSearchRootList = []; // Update the variables with the parameters passed-in if (currVal != nil) { realm_id = currVal["REALM_ID"]:""; edir_type = currVal["EDIR_TYPE"]:true; ad_type = currVal["AD_TYPE"]:false; passwd_mech = currVal["PASSWD_MECH"]:true; krb_mech = currVal["KRB_MECH"]:true; proxy_username = currVal["PROXY_USERNAME"]:""; proxy_passwd = currVal["PROXY_PASSWD"]:""; reentered_passwd = proxy_passwd; realmLdapUrlList = currVal["LDAP_URL_LIST"]:[]; realmSearchRootList = currVal["SEARCH_ROOT_LIST"]:[]; } /* Dialog contents */ term contents = `HBox( `HSpacing(3), `VBox( `VStretch(), `TextEntry(`id(`realmid), _("Real&m Id"), realm_id), `VSpacing(1), `HBox( `RadioButtonGroup(`id(`rb), `VBox( `Left(`Label("Directory Type?")), `Left(`RadioButton(`id(`edir), "eDirector&y")), `Left(`RadioButton(`id(`ad), "Acti&ve Directory" )) ) ), `VBox( `VStretch(), `Frame(_("Authentication Mechanisms"), `VBox( `Left(`CheckBox(`id(`passwdmech), _("U&sername/Password"))), `Left(`CheckBox(`id(`krbmech), _("&Kerberos V"))) ) ), `VStretch() ) ), `VSpacing(1), `VBox( `Frame(_("Proxy User Credentials"), `VBox( `Left(`TextEntry(`id(`username), _("&Username (i.e. cn=admin,o=novell)"))), `Left(`Password(`id(`passwd), (_("&Password") + " "))), `Left(`Password(`id(`repasswd), (_("&Confirm Password") + " "))) ) ), `VStretch() ), `VSpacing(1), `PushButton(`id(`urls), _("LDAP Server URLs")), `VSpacing(1), `PushButton(`id(`ctxs), _("Search Roots")), `VStretch() ), `HSpacing(3) ); boolean set_initial_focus = true; any ret = nil; while (true) { Wizard::SetContentsButtons(caption, contents, help, Label::BackButton(), Label::OKButton()); UI::ChangeWidget(`id(`realmid), `Value, realm_id); UI::ChangeWidget(`id(`edir), `Value, edir_type); UI::ChangeWidget(`id(`ad), `Value, ad_type); UI::ChangeWidget(`id(`krbmech), `Value, krb_mech); UI::ChangeWidget(`id(`passwdmech), `Value, passwd_mech); UI::ChangeWidget(`id(`username), `Value, proxy_username); UI::ChangeWidget(`id(`passwd), `Value, proxy_passwd); UI::ChangeWidget(`id(`repasswd), `Value, reentered_passwd); if (set_initial_focus == true) { UI::SetFocus(`id(`realmid)); set_initial_focus = false; } y2milestone("AuthRealmEditDialog waiting for user input"); ret = UI::UserInput(); // Refresh the local variables with the information in the widgets realm_id = (string) UI::QueryWidget(`id(`realmid), `Value); edir_type = (boolean) UI::QueryWidget(`id(`edir), `Value); ad_type = (boolean) UI::QueryWidget(`id(`ad), `Value); passwd_mech = (boolean) UI::QueryWidget(`id(`passwdmech), `Value); krb_mech = (boolean) UI::QueryWidget(`id(`krbmech), `Value); proxy_username = (string) UI::QueryWidget(`id(`username), `Value); proxy_passwd = (string) UI::QueryWidget(`id(`passwd), `Value); reentered_passwd = (string) UI::QueryWidget(`id(`repasswd), `Value); /* abort? */ if (ret == `abort || ret == `cancel || ret == `back) { // Update the local variables with if (Popup::ReallyAbort(true)) break; else continue; } else if (ret == `next) { y2milestone("Next entered"); // Do some parameter checking if (realm_id == "") { Report::Error(_("You must specify an Id for the realm.")); continue; } if (size(realmLdapUrlList) == 0) { Report::Error(_("You must at least configure one LDAP URL.")); continue; } if (passwd_mech == false && krb_mech == false) { Report::Error(_("You must specify at least one authentication mechanism.")); continue; } if (proxy_username == "") { Report::Error(_("You must specify a Proxy Username for the realm.")); continue; } if (proxy_passwd == "") { Report::Error(_("You must specify a Proxy Password for the realm.")); continue; } if (proxy_passwd != reentered_passwd) { Report::Error(_("The specified Proxy Passwords do not match.")); proxy_passwd = ""; reentered_passwd = ""; continue; } if (ad_type == true && size(realmSearchRootList) == 0) { Report::Error(_("You must specify a base search root for the realm.")); continue; } break; } else if (ret == `urls) { y2milestone("Edit LDAP Urls Invoked"); /* Invoke the edit ldap urls dialog */ ret = AuthRealmEditLDAPUrlsDialog(); if (ret == `abort || ret == `cancel) break; continue;; } else if (ret == `ctxs) { y2milestone("Edit Search Roots Invoked"); /* Invoke the edit search roots dialog */ ret = AuthRealmEditSearchRootsDialog(); if (ret == `abort || ret == `cancel) break; continue;; } else { y2error("unexpected retcode: %1", ret); continue; } } y2milestone("AuthRealmEditDialog Exiting"); if (ret != `next) { realm = nil; } else { realm["REALM_ID"] = realm_id; realm["EDIR_TYPE"] = edir_type; realm["AD_TYPE"] = ad_type; realm["PASSWD_MECH"] = passwd_mech; realm["KRB_MECH"] = krb_mech; realm["PROXY_USERNAME"] = proxy_username; realm["PROXY_PASSWD"] = proxy_passwd; realm["LDAP_URL_LIST"] = realmLdapUrlList; realm["SEARCH_ROOT_LIST"] = realmSearchRootList; } return realm; } /** * ServerConfig dialog * */ define void ServerConfigDialog() { string caption = _("Casa Authentication Token Server Configuration"); /* dialog help 1/5 */ string help = _("

The CASA Authentication Token Server can be set up in this dialog.

") + /* dialog help 2/5 */ _("

The Authentication Realms list the sources that can be used for authenticating users.

") + /* dialog help 3/5 */ _("

Enable Direct Access to allow clients to contact the server via port 2645. This opens the port through the Firewall. Direct Access requires that you setup the Common Server Certificate. Please note that CASA Authentication Token Clients expect that the Common Server Certificate be issued by a trusted Certificate Authority.

") + /* dialog help 4/5 */ _("

Enable Web Server Access to allow clients to contact the server via the Web Server (port 2645). The Apache Web Server should be installed and enabled for this to work.

") + /* dialog help 5/5 */ _("

The Reconfigure Interval specifies the interval in seconds between attempts by the server to re-read its configuration. A value of zero means that the server only reads its configuration during start up.

"); integer max = 0; integer items = 0; map realms = (map) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:$[]; list table_items = []; boolean direct_access = CasaAts::Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:false; boolean web_access = CasaAts::Settings["CONFIG_CASAATS_WEB_ACCESS"]:false; integer reconfig_interval = CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60; // Read list of search roots already configured for this realm foreach (string key, map realm, realms, { term item = `item(`id(max)); item = add(item, realm["REALM_ID"]:""); table_items = add(table_items, item); items = items + 1; max = max + 1; }); /* Dialog contents */ term contents = nil; if (CasaAts::Settings["WEB_SERVER_AVAILABLE"]:false == true) { contents = `HBox( `HSpacing(5), `VBox( `VStretch(), `Frame(_("Authentication Realms"), `VBox( `Table(`id(`table), `opt(`notify), `header(_("Realm")), []), `HBox(`PushButton(`id(`add), _("Ad&d")), `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) ) ) ), `VSpacing(1), `Left(`CheckBox(`id(`direct), `opt(`notify), _("Direc&t Access"))), `VSpacing(1), `Left(`CheckBox(`id(`web), _("&Web Server Access"))), `VSpacing(1), `Left(`TextEntry(`id(`interval), _("Recon&figure Interval"))), `VStretch() ), `HSpacing(5) ); } else { contents = `HBox( `HSpacing(5), `VBox( `VStretch(), `Frame(_("Authentication Realms"), `VBox( `Table(`id(`table), `opt(`notify), `header(_("Realm")), []), `HBox(`PushButton(`id(`add), _("Ad&d")), `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) ) ) ), `VSpacing(1), `Left(`CheckBox(`id(`direct), `opt(`notify), _("Direc&t Access"))), `VSpacing(1), `Left(`CheckBox(`id(`web), `opt(`disabled), _("&Web Server Access"))), `VSpacing(1), `Left(`TextEntry(`id(`interval), _("Recon&figure Interval"))), `VStretch() ), `HSpacing(5) ); } boolean set_initial_focus = true; any ret = nil; while (true) { Wizard::SetContentsButtons(caption, contents, help, Label::BackButton(), Label::OKButton()); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`direct), `Value, direct_access); UI::ChangeWidget(`id(`web), `Value, web_access); UI::ChangeWidget(`id(`interval), `Value, tostring(reconfig_interval)); if (set_initial_focus == true) { UI::SetFocus(`id(`table)); set_initial_focus = false; } UI::ChangeWidget(`id(`edit), `Enabled, items > 0); UI::ChangeWidget(`id(`delete), `Enabled, items > 0); UI::ChangeWidget(`id(`cert), `Enabled, direct_access); y2milestone("ServerConfig waiting for user input"); ret = UI::UserInput(); // Refresh the local variables with the information in the widgets direct_access = (boolean) UI::QueryWidget(`id(`direct), `Value); web_access = (boolean) UI::QueryWidget(`id(`web), `Value); reconfig_interval = tointeger((string) UI::QueryWidget(`id(`interval), `Value)); if (ret == `abort || ret == `cancel || ret == `back) { y2milestone("Abort, Cancel, or Back Invoked"); if (Popup::ReallyAbort(true)) break; else continue; } else if (ret == `edit) { y2milestone("Edit Authentication Realm Entry Invoked"); integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); list cur_item = filter(term e, table_items, { return cur == e[0, 0]:nil; }); y2debug("cur=%1", cur); y2debug("cur_item=%1", cur_item); term item = cur_item[0]:nil; // Find the realm associated with this item map realm = lookup(realms, item[1]:"", nil); if (realm == nil) continue; y2milestone("Realm id : %1", realm["REALM_ID"]:""); map editedRealm = AuthRealmEditDialog(realm); if (editedRealm == nil) continue; // Update the realm map and the table realms = remove(realms, realm["REALM_ID"]:""); realms = add(realms, editedRealm["REALM_ID"]:"", editedRealm); item[1] = editedRealm["REALM_ID"]:""; table_items = maplist(term e, table_items, { if(cur == e[0, 0]:-1) return item; return e; }); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, cur); continue; } else if (ret == `add) { y2milestone("Add Authentication Realm Entry Invoked"); map realm = AuthRealmEditDialog(nil); if (realm == nil) continue; y2milestone("Realm id : %1", realm["REALM_ID"]:""); // Add the realm to the realm map and the table realms = add(realms, realm["REALM_ID"]:"", realm); term item = nil; item = `item(`id(max)); item = add(item, realm["REALM_ID"]:""); table_items = add(table_items, item); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, max); items = items + 1; max = max + 1; continue; } else if (ret == `delete) { y2milestone("Delete Authentication Realm Entry Invoked"); items = items - 1; integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); list cur_item = filter(term e, table_items, { return cur == e[0, 0]:nil; }); table_items = filter(term e, table_items, { return cur != e[0, 0]:nil; }); term item = cur_item[0]:nil; map realm = lookup(realms, item[1]:"", nil); if (realm == nil) continue; realms = remove(realms, realm["REALM_ID"]:""); UI::ChangeWidget(`id(`table), `Items, table_items); continue; } else if (ret == `next) { y2milestone("Next Invoked"); /* Verify that a valid reconfigure interval has been entered */ reconfig_interval = tointeger(UI::QueryWidget(`id(`interval), `Value)); if (reconfig_interval == nil || reconfig_interval < 0) { Report::Error(_("The reconfigure interval needs to be a non-negative number.")); reconfig_interval = CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60; continue; } /* Verify that the server can be accessed */ if (direct_access != true && web_access != true) { Report::Error(_("Specify server access type.")); continue; } /* Verify that at least one realm has been configured */ if (size(table_items) == 0) { Report::Error(_("You must at least configure one Authentication Realm.")); continue; } // Save the server variables CasaAts::Settings["CONFIG_CASAATS_REALMS"] = realms; CasaAts::Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = direct_access; CasaAts::Settings["CONFIG_CASAATS_WEB_ACCESS"] = web_access; CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = reconfig_interval; CasaAts::Settings["CONFIG_CASAATS_REALMS"] = realms; break; } else { y2error("unexpected retcode: %1", ret); continue; } } } /** * Trusted ATS Address edit dialog * @param id id of the edited address * @param entry edited entry * @return address or nil, if canceled */ define term TrustedATSEditDialog(integer id, term currVal) { y2milestone("TrustedATSEditDialog Executing"); term address = nil; address = `item(`id(id)); UI::OpenDialog(`opt(`decorated),`VBox( `HSpacing(1), `VBox( /* TextEntry label */ `TextEntry(`id(`address), _("D&NS Name or Dotted IP Address"), currVal[1]:"") ), `HSpacing(1), `HBox( `PushButton(`id(`ok), `opt(`default), Label::OKButton()), `PushButton(`id(`cancel), Label::CancelButton()) ) )); UI::SetFocus(`id(`address)); any ret = nil; while (true) { ret = UI::UserInput(); if(ret != `ok) break; string value = (string) UI::QueryWidget(`id(`address), `Value); // Check the address if (Address::Check4(value) == true) { address = add(address, value); break; } Report::Error(_("Address entered is not valid")); } UI::CloseDialog(); y2milestone("TrustedATSEditDialog Exiting"); if (ret != `ok) return nil; y2debug("address=%1", address); return address; } /** * StartConfig dialog * @return dialog result */ any StartConfigDialog() { y2milestone("StartConfigDialog Executing"); string caption = _("Casa Authentication Token Service Configuration"); /* dialog help 1/3*/ string help = _("

The CASA Authentication Token Service can be set up in this dialog.

") + /* dialog help 2/3*/ _("

The Trusted Authentication Token Servers list the addresses of all remote servers that are trusted as authentication token issuers. Configured address names must match the names used by the SSL Certificates of the servers.

") + /* dialog help 3/3*/ _("

Enable Server to allow users to obtain Authentication Tokens from this device. Please, Configure Server if enabled.

"); integer max = 0; integer items = 0; list trustedServerList = CasaAts::Settings["CONFIG_CASAATS_TRUSTED"]:[]; list table_items = []; boolean server_enabled = CasaAts::Settings["CONFIG_CASAATS_ENABLE"]:false; // Ready list of Trusted ATSs already configured to be // used with our table. foreach (string value, trustedServerList, { term address = `item(`id(items)); address = add(address, value); table_items = add(table_items, address); items = items + 1; max = max + 1; }); /* Dialog contents */ term contents = `HBox( `HSpacing(5), `VBox( `VStretch(), `Frame(_("Trusted Authentication Token Servers"), `VBox( `Table(`id(`table), `opt(`notify), `header(_("Address")), []), `HBox( `PushButton(`id(`add), _("Ad&d")), `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) ) )), `VSpacing(1), `HBox( `Left(`CheckBox(`id(`enablesvc),`opt(`notify), _("Enable &Server"))), `PushButton(`id(`srvconfig), `opt(`disabled), _("Confi&gure Server")) ), `VStretch() ), `HSpacing(5) ); boolean set_initial_focus = true; any ret = nil; while (true) { Wizard::SetContentsButtons(caption, contents, help, Label::BackButton(), Label::FinishButton()); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`enablesvc), `Value, server_enabled); if (set_initial_focus == true) { UI::SetFocus(`id(`table)); set_initial_focus = false; } UI::ChangeWidget(`id(`edit), `Enabled, items > 0); UI::ChangeWidget(`id(`delete), `Enabled, items > 0); UI::ChangeWidget(`id(`srvconfig), `Enabled, server_enabled == true); y2milestone("StartConfigDialog waiting for user input"); ret = UI::UserInput(); // Refresh the local variables with the information in the widgets server_enabled = (boolean) UI::QueryWidget(`id(`enablesvc), `Value); if (ret == `abort || ret == `cancel || ret == `back) { y2milestone("Abort, Cancel, or Back Invoked"); if (Popup::ReallyAbort(true)) break; else continue; } else if (ret == `edit) { y2milestone("Edit Trusted ATS Entry Invoked"); integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); list cur_item = filter(term e, table_items, { return cur == e[0, 0]:nil; }); y2debug("cur=%1", cur); y2debug("cur_item=%1", cur_item); term item = cur_item[0]:nil; item = TrustedATSEditDialog(cur, item); if (item == nil) continue; table_items = maplist(term e, table_items, { if(cur == e[0, 0]:-1) return item; return e; }); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, cur); continue; } else if (ret == `add) { y2milestone("Add Trusted ATS Entry Invoked"); term item = TrustedATSEditDialog(max, `empty()); if (item == nil) continue; table_items = add(table_items, item); UI::ChangeWidget(`id(`table), `Items, table_items); UI::ChangeWidget(`id(`table), `CurrentItem, max); items = items + 1; max = max + 1; continue; } else if (ret == `delete) { y2milestone("Delete Trusted ATS Entry Invoked"); items = items - 1; integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); table_items = filter(term e, table_items, { return cur != e[0, 0]:nil; }); UI::ChangeWidget(`id(`table), `Items, table_items); continue; } else if (ret == `enablesvc) { y2milestone("Enabled Server changed"); continue; } else if (ret == `srvconfig) { y2milestone("Config Server Invoked"); ServerConfigDialog(); continue; } else if (ret == `next) { y2milestone("Next Invoked"); // Save the variables trustedServerList = []; foreach (term value, table_items,{ trustedServerList = add(trustedServerList, value[1]:""); }); CasaAts::Settings["CONFIG_CASAATS_TRUSTED"] = trustedServerList; CasaAts::Settings["CONFIG_CASAATS_ENABLE"] = server_enabled; break; } else { y2error("unexpected retcode: %1", ret); continue; } } y2milestone("StartConfigDialog Exiting"); return ret; } /** * Configure1 dialog * @return dialog result */ any Configure1Dialog () { /* CasaAts configure1 dialog caption */ string caption = _("CasaAts Configuration"); /* CasaAts configure1 dialog contents */ term contents = `Label (_("First part of configuration of casa-ats")); Wizard::SetContentsButtons(caption, contents, HELPS["c1"]:"", Label::BackButton(), Label::NextButton()); any ret = nil; while(true) { ret = UI::UserInput(); /* abort? */ if(ret == `abort || ret == `cancel) { if(Popup::ReallyAbort(true)) break; else continue; } else if(ret == `next || ret == `back) { break; } else { y2error("unexpected retcode: %1", ret); continue; } } return ret; } /* EOF */ }