1<?php
2/*
3** Zabbix
4** Copyright (C) 2001-2021 Zabbix SIA
5**
6** This program is free software; you can redistribute it and/or modify
7** it under the terms of the GNU General Public License as published by
8** the Free Software Foundation; either version 2 of the License, or
9** (at your option) any later version.
10**
11** This program is distributed in the hope that it will be useful,
12** but WITHOUT ANY WARRANTY; without even the implied warranty of
13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14** GNU General Public License for more details.
15**
16** You should have received a copy of the GNU General Public License
17** along with this program; if not, write to the Free Software
18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19**/
20
21
22$this->includeJSfile('app/views/administration.authentication.edit.js.php');
23
24// Authentication general fields and HTTP authentication fields.
25$auth_tab = (new CFormList('list_auth'))
26	->addRow(new CLabel(_('Default authentication'), 'authentication_type'),
27		(new CRadioButtonList('authentication_type', (int) $data['authentication_type']))
28			->setAttribute('autofocus', 'autofocus')
29			->addValue(_x('Internal', 'authentication'), ZBX_AUTH_INTERNAL)
30			->addValue(_('LDAP'), ZBX_AUTH_LDAP)
31			->setModern(true)
32			->removeId()
33	);
34
35// HTTP Authentication fields.
36$http_tab = (new CFormList('list_http'))
37	->addRow(new CLabel(_('Enable HTTP authentication'), 'http_auth_enabled'),
38		(new CCheckBox('http_auth_enabled', ZBX_AUTH_HTTP_ENABLED))
39			->setChecked($data['http_auth_enabled'] == ZBX_AUTH_HTTP_ENABLED)
40			->setUncheckedValue(ZBX_AUTH_HTTP_DISABLED)
41	)
42	->addRow(new CLabel(_('Default login form'), 'http_login_form'),
43		(new CComboBox('http_login_form', $data['http_login_form'], null, [
44			ZBX_AUTH_FORM_ZABBIX => _('Zabbix login form'),
45			ZBX_AUTH_FORM_HTTP => _('HTTP login form')
46		]))->setEnabled($data['http_auth_enabled'] == ZBX_AUTH_HTTP_ENABLED)
47	)
48	->addRow(new CLabel(_('Remove domain name'), 'http_strip_domains'),
49		(new CTextBox('http_strip_domains', $data['http_strip_domains']))
50			->setEnabled($data['http_auth_enabled'])
51			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
52	)
53	->addRow(new CLabel(_('Case sensitive login'), 'http_case_sensitive'),
54		(new CCheckBox('http_case_sensitive', ZBX_AUTH_CASE_SENSITIVE))
55			->setChecked($data['http_case_sensitive'] == ZBX_AUTH_CASE_SENSITIVE)
56			->setEnabled($data['http_auth_enabled'] == ZBX_AUTH_HTTP_ENABLED)
57			->setUncheckedValue(ZBX_AUTH_CASE_INSENSITIVE)
58);
59
60// LDAP configuration fields.
61if ($data['change_bind_password']) {
62	$password_box = [
63		new CVar('change_bind_password', 1),
64		(new CPassBox('ldap_bind_password', $data['ldap_bind_password']))
65			->setEnabled($data['ldap_enabled'])
66			->setWidth(ZBX_TEXTAREA_SMALL_WIDTH)
67	];
68}
69else {
70	$password_box = [
71		new CVar('action_passw_change', $data['action_passw_change']),
72		(new CButton('change_bind_password', _('Change password')))
73			->setEnabled($data['ldap_enabled'])
74			->addClass(ZBX_STYLE_BTN_GREY)
75	];
76}
77
78$ldap_tab = (new CFormList('list_ldap'))
79	->addRow(new CLabel(_('Enable LDAP authentication'), 'ldap_configured'),
80		$data['ldap_error']
81		? (new CLabel($data['ldap_error']))->addClass(ZBX_STYLE_RED)
82		: (new CCheckBox('ldap_configured', ZBX_AUTH_LDAP_ENABLED))
83			->setChecked($data['ldap_configured'] == ZBX_AUTH_LDAP_ENABLED)
84			->setUncheckedValue(ZBX_AUTH_LDAP_DISABLED)
85	)
86	->addRow((new CLabel(_('LDAP host'), 'ldap_host'))->setAsteriskMark(),
87		(new CTextBox('ldap_host', $data['ldap_host']))
88			->setEnabled($data['ldap_enabled'])
89			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
90			->setAriaRequired()
91	)
92	->addRow((new CLabel(_('Port'), 'ldap_port'))->setAsteriskMark(),
93		(new CNumericBox('ldap_port', $data['ldap_port'], 5))
94			->setEnabled($data['ldap_enabled'])
95			->setWidth(ZBX_TEXTAREA_NUMERIC_STANDARD_WIDTH)
96			->setAriaRequired()
97	)
98	->addRow((new CLabel(_('Base DN'), 'ldap_base_dn'))->setAsteriskMark(),
99		(new CTextBox('ldap_base_dn', $data['ldap_base_dn']))
100			->setEnabled($data['ldap_enabled'])
101			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
102			->setAriaRequired()
103	)
104	->addRow((new CLabel(_('Search attribute'), 'ldap_search_attribute'))->setAsteriskMark(),
105		(new CTextBox('ldap_search_attribute', $data['ldap_search_attribute']))
106			->setEnabled($data['ldap_enabled'])
107			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
108			->setAriaRequired()
109	)
110	->addRow(new CLabel(_('Bind DN'), 'ldap_bind_dn'),
111		(new CTextBox('ldap_bind_dn', $data['ldap_bind_dn']))
112			->setEnabled($data['ldap_enabled'])
113			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
114	)
115	->addRow(new CLabel(_('Case sensitive login'), 'ldap_case_sensitive'),
116		(new CCheckBox('ldap_case_sensitive', ZBX_AUTH_CASE_SENSITIVE))
117			->setChecked($data['ldap_case_sensitive'] == ZBX_AUTH_CASE_SENSITIVE)
118			->setEnabled($data['ldap_configured'] == ZBX_AUTH_LDAP_ENABLED)
119			->setUncheckedValue(ZBX_AUTH_CASE_INSENSITIVE)
120	)
121	->addRow(new CLabel(_('Bind password'), 'ldap_bind_password'), $password_box)
122	->addRow(_('Test authentication'), ' ['._('must be a valid LDAP user').']')
123	->addRow((new CLabel(_('Login'), 'ldap_test_user'))->setAsteriskMark(),
124		(new CTextBox('ldap_test_user', $data['ldap_test_user']))
125			->setEnabled($data['ldap_enabled'])
126			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
127			->setAriaRequired()
128	)
129	->addRow((new CLabel(_('User password'), 'ldap_test_password'))->setAsteriskMark(),
130		(new CPassBox('ldap_test_password', $data['ldap_test_password']))
131			->setEnabled($data['ldap_enabled'])
132			->setWidth(ZBX_TEXTAREA_SMALL_WIDTH)
133			->setAriaRequired()
134);
135
136(new CWidget())
137	->setTitle(_('Authentication'))
138	->addItem((new CForm())
139		->addVar('action', $data['action_submit'])
140		->addVar('db_authentication_type', $data['db_authentication_type'])
141		->setName('form_auth')
142		->setAttribute('aria-labeledby', ZBX_STYLE_PAGE_TITLE)
143		->disablePasswordAutofill()
144		->addItem((new CTabView())
145			->setSelected($data['form_refresh'] ? null : 0)
146			->addTab('auth', _('Authentication'), $auth_tab)
147			->addTab('http', _('HTTP settings'), $http_tab)
148			->addTab('ldap', _('LDAP settings'), $ldap_tab)
149			->setFooter(makeFormFooter(
150				(new CSubmit('update', _('Update'))),
151				[(new CSubmitButton(_('Test'), 'ldap_test', 1))
152					->addStyle(($data['form_refresh'] && get_cookie('tab', 0) == 2) ? '' : 'display: none')
153					->setEnabled($data['ldap_enabled'])
154				]
155			))
156			->onTabChange('jQuery("[name=ldap_test]")[(ui.newTab.index() == 2) ? "show" : "hide"]()')
157))->show();
158