1<?php
2/*
3** Zabbix
4** Copyright (C) 2001-2021 Zabbix SIA
5**
6** This program is free software; you can redistribute it and/or modify
7** it under the terms of the GNU General Public License as published by
8** the Free Software Foundation; either version 2 of the License, or
9** (at your option) any later version.
10**
11** This program is distributed in the hope that it will be useful,
12** but WITHOUT ANY WARRANTY; without even the implied warranty of
13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14** GNU General Public License for more details.
15**
16** You should have received a copy of the GNU General Public License
17** along with this program; if not, write to the Free Software
18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19**/
20
21
22$widget = (new CWidget())->setTitle(_('Authentication'));
23
24// create form
25$authenticationForm = (new CForm())->setName('authenticationForm');
26
27// create form list
28$authenticationFormList = new CFormList('authenticationList');
29
30// append config radio buttons to form list
31$authenticationFormList->addRow(_('Default authentication'),
32	(new CRadioButtonList('config', (int) $this->data['config']['authentication_type']))
33		->addValue(_x('Internal', 'authentication'), ZBX_AUTH_INTERNAL, null, 'submit()')
34		->addValue(_('LDAP'), ZBX_AUTH_LDAP, null, 'submit()')
35		->addValue(_('HTTP'), ZBX_AUTH_HTTP, null, 'submit()')
36		->setModern(true)
37);
38
39// append LDAP fields to form list
40if ($this->data['ldap_extension_enabled'] && $this->data['config']['authentication_type'] == ZBX_AUTH_LDAP) {
41	if ($this->data['user_list']) {
42		$userComboBox = new CComboBox('user', $this->data['user']);
43		foreach ($this->data['user_list'] as $user) {
44			if (check_perm2login($user['userid']) && check_perm2system($user['userid'])) {
45				$userComboBox->addItem($user['alias'], $user['alias']);
46			}
47		}
48	}
49	else {
50		$userComboBox = (new CTextBox('user', $this->data['user'], true))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH);
51	}
52
53	$authenticationFormList->addRow(
54		_('LDAP host'),
55		(new CTextBox('ldap_host', $this->data['config']['ldap_host']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
56	);
57	$authenticationFormList->addRow(
58		_('Port'),
59		(new CNumericBox('ldap_port', $this->data['config']['ldap_port'], 5))
60			->setWidth(ZBX_TEXTAREA_NUMERIC_STANDARD_WIDTH)
61	);
62	$authenticationFormList->addRow(
63		_('Base DN'),
64		(new CTextBox('ldap_base_dn', $this->data['config']['ldap_base_dn']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
65	);
66	$authenticationFormList->addRow(
67		_('Search attribute'),
68		(new CTextBox(
69			'ldap_search_attribute',
70			(zbx_empty($this->data['config']['ldap_search_attribute']) && $this->data['form_refresh'] == 0)
71				? 'uid'
72				: $this->data['config']['ldap_search_attribute'],
73			false,
74			128
75		))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
76	);
77	$authenticationFormList->addRow(
78		_('Bind DN'),
79		(new CTextBox('ldap_bind_dn', $this->data['config']['ldap_bind_dn']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
80	);
81
82	// bind password
83	if (isset($this->data['change_bind_password']) || zbx_empty($this->data['config']['ldap_bind_password'])) {
84		$authenticationForm->addVar('change_bind_password', 1);
85		$authenticationFormList->addRow(
86			_('Bind password'),
87			(new CPassBox('ldap_bind_password', getRequest('ldap_bind_password')))->setWidth(ZBX_TEXTAREA_SMALL_WIDTH)
88		);
89	}
90	else {
91		$authenticationFormList->addRow(
92			_('Bind password'),
93			(new CSimpleButton(_('Change password')))
94				->onClick('javascript: submitFormWithParam('.
95					'"'.$authenticationForm->getName().'", "change_bind_password", "1"'.
96				');')
97				->addClass(ZBX_STYLE_BTN_GREY)
98		);
99	}
100
101	$authenticationFormList->addRow(_('Test authentication'), ' ['._('must be a valid LDAP user').']');
102	$authenticationFormList->addRow(_('Login'), $userComboBox);
103	$authenticationFormList->addRow(_('User password'), (new CPassBox('user_password'))->setWidth(ZBX_TEXTAREA_SMALL_WIDTH));
104}
105
106// append form list to tab
107$authenticationTab = new CTabView();
108$authenticationTab->addTab('authenticationTab', $this->data['title'], $authenticationFormList);
109
110// create save button
111$saveButton = new CSubmit('update', _('Update'));
112if ($this->data['is_authentication_type_changed']) {
113	$saveButton->onClick('javascript: if (confirm('.
114		CJs::encodeJson(_('Switching authentication method will reset all except this session! Continue?')).')) {'.
115		'jQuery("#authenticationForm").submit(); return true; } else { return false; }'
116	);
117}
118elseif ($this->data['config']['authentication_type'] != ZBX_AUTH_LDAP) {
119	$saveButton->setAttribute('disabled', 'true');
120}
121
122// LDAP test button.
123$test_button = new CSubmit('test', _('Test'));
124
125if ($data['config']['authentication_type'] == ZBX_AUTH_LDAP) {
126	$test_button->setEnabled($data['ldap_extension_enabled']);
127	$saveButton->setEnabled($data['ldap_extension_enabled']);
128	$authenticationTab->setFooter(makeFormFooter($saveButton, [$test_button]));
129}
130else {
131	$authenticationTab->setFooter(makeFormFooter($saveButton));
132}
133
134// append tab to form
135$authenticationForm->addItem($authenticationTab);
136
137// append form to widget
138$widget->addItem($authenticationForm);
139
140return $widget;
141