thecore_ui_rails_admin 3.5.3 → 3.5.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3dd34d8d6ad24e02e889b0e4892a0fd60764e9472624f3fbb653fce8ec3dd814
-  data.tar.gz: 62c27cd585b7dd4c57aca48cd4bc5eee7b28833df338aab17f56c242a61a1330
+  metadata.gz: ee26f7626aa5d9fe655b1b9adf800507d5ff7628985926577ed12741a9c9243d
+  data.tar.gz: b17ec42cddf7f44951c0234d1d445c968a5d9f35116f4d4c84f5ac4682fe75e8
 SHA512:
-  metadata.gz: c3b3728e02262a11b694b83968904e0effab6bb598791325c06049ffdedf6c14f71a6ea246b9d4384e32d53ae16436cfa38c03d23d1f6e4d7ca679e452899f26
-  data.tar.gz: a391171b59b1a07d6f148004b01db14e701def63fb6603e9aab239e6c0e2b741c8a8a8d7a6ab76bc8af4b221a1656bccd2f815e0118e15fc9c66abff65775687
+  metadata.gz: 7bbce89f9c60dccff3a1fc235166fdbcc2c7d9817336d0982d280b807231f2ae64bc80ae918f6789b1c91e1716296047de6d2c8a20631223ade6578f81b1cae8
+  data.tar.gz: ef4f4b943bbf0437dc89852df5ee0c49db52181242bdd78a3e22983a05bccf894d3c4a5dfe062960ca303eb865f3524211921fdee8c2e9b3c37addc09d87361e

data/app/views/rails_admin/main/test_ldap_server.html.erb

@@ -1,10 +1,68 @@
-<!-- Logic to test LDAP server connection -->
-<% if @ldap_server_test %>
-  <div class="alert alert-success">
-    <%=@message%>
+<!-- Show the LDAP server connection status -->
+<div class="p-3 mb-2 bg-<%=@status%> text-white">
+  <%=@message%>
+</div>
+
+<!-- Show an informative and helpful section with the information about the LDAP server configuration -->
+<!-- The LdapServer has these fields: host, port, admin_dn, admin_password, base_dn, ssl_enabled, auth_field -->
+<div class="card">
+  <div class="card-header">
+    <h5>LDAP Server Configuration</h5>
   </div>
-<% else %>
-  <div class="alert alert-danger">
-    <%=@message%>
+  <div class="card-body">
+    <p><strong>Host:</strong> <%= @ldap.host %></p>
+    <p><strong>Port:</strong> <%= @ldap.port %></p>
+    <p><strong>Admin DN:</strong> <%= @ldap.admin_user %></p>
+    <p><strong>Base DN:</strong> <%= @ldap.base_dn %></p>
+    <p><strong>SSL Enabled:</strong> <%= @ldap.use_ssl ? 'Yes' : 'No' %></p>
+    <p><strong>Authentication Field:</strong> <%= @ldap.auth_field %></p>
   </div>
-<% end %>
+</div>
+
+<!-- Form to test LDAP connection with custom credentials -->
+<div class="card mt-4">
+  <div class="card-header">
+    <h5>Test LDAP Connection with Custom Credentials</h5>
+  </div>
+  <div class="card-body">
+    <%= form_with url: rails_admin.test_ldap_server_path, method: :post, remote: true, local: false do |form| %>
+      <div class="mb-3">
+        <%= form.label :email, 'Email', class: 'form-label' %>
+        <%= form.email_field :email, class: 'form-control', required: true %>
+      </div>
+      <div class="mb-3">
+        <%= form.label :password, 'Password', class: 'form-label' %>
+        <%= form.password_field :password, class: 'form-control', required: true %>
+      </div>
+      <%= form.submit 'Test Connection', class: 'btn btn-primary', id: "test-connection" %>
+    <% end %>
+  </div>
+</div>
+
+<!-- In the @ldap_user variable, if present, show the details of the authenticated user, I'll fill these via JS -->
+<div class="card mt-4 visually-hidden" id="ldap-user-details">
+  <div class="card-header">
+    <h5>Authenticated LDAP User Details</h5>
+  </div>
+  <div class="card-body">
+    <p><strong>DN:</strong> <span id="ldap-user-dn"></span></p>
+    <p><strong>Attributes:</strong></p>
+    <ul id="ldap-user-attributes">
+    </ul>
+  </div>
+</div>
+
+<span id="spinner" class="spinner-grow spinner-grow-sm visually-hidden" role="status" aria-hidden="true"></span>
+
+<script>
+    // This is the javascript that will update the div with the new token //-->
+    document.addEventListener("turbo:load", function() {
+        $('#test-connection').on('click', function(e, data, status, xhr) {
+            $('#spinner').removeClass("visually-hidden");
+            // Clear the previous user details
+            $("#ldap-user-dn").text("");
+            $("#ldap-user-attributes").empty();
+            $("#ldap-user-details").addClass("visually-hidden");
+        });
+    });
+</script>

data/app/views/rails_admin/main/test_ldap_server.js.erb

@@ -0,0 +1,19 @@
+$('#spinner').addClass("visually-hidden");
+
+console.log("LDAP Test: Received response from server.");
+
+// If @ldap_user exists, authentication succeeded, translate the following Ruby code to jQuery
+<% if @ldap_user %>
+    <% @ldap_attributes.each do |key, values| %>
+    $("#ldap-user-attributes").append("<li><strong><%= j key %>:</strong> <%= j values.join(', ') %></li>");
+    <% end %>
+
+    // Remove the visually-hidden class to show the user details section from the #ldap-user-details div
+    $("#ldap-user-details").removeClass("visually-hidden");
+
+    // Set the DN span text to the user's DN
+    $("#ldap-user-dn").text("<%= j @ldap_user.dn %>");
+<% else %>
+    // If no @ldap_user, hide the user details section
+    $("#ldap-user-details").addClass("visually-hidden");
+<% end %>

data/config/initializers/after_initialize.rb

@@ -1,56 +1,56 @@
 Rails.application.configure do
-    config.after_initialize do
-        puts "ThecoreUiRailsAdmin after_initialize"
-
-        RailsAdmin::ApplicationController.send(:include, ConcernCommonApplicationController)
-        ApplicationController.send(:include, ConcernRAApplicationController)
-        RailsAdmin::ApplicationController.send(:include, ConcernRAApplicationController)
-        ## Rails Admin
-        require 'rails_admin_abstract_controller'
-        RailsAdmin::Config.parent_controller = '::RailsAdminAbstractController'
-        ### More at https://github.com/sferik/rails_admin/wiki/Base-configuration
-        ## == Devise ==
-        RailsAdmin::Config.authenticate_with do 
-            warden.authenticate! scope: :user 
-        end
-        RailsAdmin::Config.current_user_method(&:current_user)
-
-        ## == Cancan ==
-        RailsAdmin::Config.authorize_with :cancancan
-
-        RailsAdmin::Config.main_app_name = Proc.new { |controller| [ ((ThecoreSettings::Setting.where(ns: :main, key: :app_name).pluck(:raw).first.presence || ENV["APP_NAME"]) rescue "Thecore"), "" ] }
-
-        RailsAdmin::Config.show_gravatar = false
-
-        RailsAdmin::Config.label_methods.unshift(:display_name)
-
-        RailsAdmin::Config.excluded_models << ActionText::RichText
-        RailsAdmin::Config.excluded_models << ActionText::EncryptedRichText
-        RailsAdmin::Config.excluded_models << ActiveStorage::Blob
-        RailsAdmin::Config.excluded_models << ActiveStorage::Attachment
-        RailsAdmin::Config.excluded_models << ActiveStorage::VariantRecord
-        RailsAdmin::Config.excluded_models << ActionMailbox::InboundEmail
-        RailsAdmin::Config.excluded_models << UsedToken rescue puts "No UsedToken Model it could be normal: maybe model_driven_api is not installed"
-
-        RailsAdmin::Config::Actions::Export.send(:include, ExportConcern)
-        RailsAdmin::Config::Actions::BulkDelete.send(:include, BulkDeleteConcern)
-
-        Role.send :include, ThecoreUiRailsAdminRoleConcern
-        User.send :include, ThecoreUiRailsAdminUserConcern
-        RoleUser.send :include, ThecoreUiRailsAdminRoleUserConcern
-        Action.send :include, ThecoreUiRailsAdminActionConcern
-        PermissionRole.send :include, ThecoreUiRailsAdminPermissionRoleConcern
-        Permission.send :include, ThecoreUiRailsAdminPermissionConcern
-        Predicate.send :include, ThecoreUiRailsAdminPredicateConcern
-        Target.send :include, ThecoreUiRailsAdminTargetConcern
-        ThecoreSettings::Setting.send :include, ThecoreUiRailsAdminSettingsConcern
-
-        require 'root_actions/general_computation'
-        require 'root_actions/active_job_monitor'
-        require 'member_actions/change_password'
-        require 'member_actions/test_ldap_server'
-        require 'member_actions/import_users_from_ldap'
-        require 'collection_actions/save_filters'
-        require 'collection_actions/load_filters'
+  config.after_initialize do
+    puts "ThecoreUiRailsAdmin after_initialize"
+
+    RailsAdmin::ApplicationController.send(:include, ConcernCommonApplicationController)
+    ApplicationController.send(:include, ConcernRAApplicationController)
+    RailsAdmin::ApplicationController.send(:include, ConcernRAApplicationController)
+    ## Rails Admin
+    require "rails_admin_abstract_controller"
+    RailsAdmin::Config.parent_controller = "::RailsAdminAbstractController"
+    ### More at https://github.com/sferik/rails_admin/wiki/Base-configuration
+    ## == Devise ==
+    RailsAdmin::Config.authenticate_with do
+      warden.authenticate! scope: :user
     end
-end
+    RailsAdmin::Config.current_user_method(&:current_user)
+
+    ## == Cancan ==
+    RailsAdmin::Config.authorize_with :cancancan
+
+    RailsAdmin::Config.main_app_name = Proc.new { |controller| [((ThecoreSettings::Setting.where(ns: :main, key: :app_name).pluck(:raw).first.presence || ENV["APP_NAME"]) rescue "Thecore"), ""] }
+
+    RailsAdmin::Config.show_gravatar = false
+
+    RailsAdmin::Config.label_methods.unshift(:display_name)
+
+    RailsAdmin::Config.excluded_models << ActionText::RichText
+    RailsAdmin::Config.excluded_models << ActionText::EncryptedRichText
+    RailsAdmin::Config.excluded_models << ActiveStorage::Blob
+    RailsAdmin::Config.excluded_models << ActiveStorage::Attachment
+    RailsAdmin::Config.excluded_models << ActiveStorage::VariantRecord
+    RailsAdmin::Config.excluded_models << ActionMailbox::InboundEmail
+    RailsAdmin::Config.excluded_models << UsedToken rescue puts "No UsedToken Model it could be normal: maybe model_driven_api is not installed"
+
+    RailsAdmin::Config::Actions::Export.send(:include, ExportConcern)
+    RailsAdmin::Config::Actions::BulkDelete.send(:include, BulkDeleteConcern)
+
+    Role.send :include, ThecoreUiRailsAdminRoleConcern
+    User.send :include, ThecoreUiRailsAdminUserConcern
+    RoleUser.send :include, ThecoreUiRailsAdminRoleUserConcern
+    Action.send :include, ThecoreUiRailsAdminActionConcern
+    PermissionRole.send :include, ThecoreUiRailsAdminPermissionRoleConcern
+    Permission.send :include, ThecoreUiRailsAdminPermissionConcern
+    Predicate.send :include, ThecoreUiRailsAdminPredicateConcern
+    Target.send :include, ThecoreUiRailsAdminTargetConcern
+    ThecoreSettings::Setting.send :include, ThecoreUiRailsAdminSettingsConcern
+
+    require "root_actions/general_computation"
+    require "root_actions/active_job_monitor"
+    require "member_actions/change_password"
+    require "member_actions/test_ldap_server"
+    # require 'member_actions/import_users_from_ldap' # Disabled as it's a bit risky to have it in the UI
+    require "collection_actions/save_filters"
+    require "collection_actions/load_filters"
+  end
+end

data/lib/member_actions/test_ldap_server.rb

@@ -1,30 +1,60 @@
 RailsAdmin::Config::Actions.add_action "test_ldap_server", :base, :member do
-    
-    link_icon 'fas fa-circle-check'
-    
-    http_methods [:get]
-
-    # Visible only for the User model
-    visible do
-        bindings[:object].is_a?(::LdapServer)
-    end
-    # Adding the controller which is needed to compute calls from the ui
-    controller do
-        proc do
-            # From the UI the user can test if the ldap server is reachable and receive a response
-            if request.get?
-                ldap = ::LdapServer.find(@object.id)
-                begin
-                    ldap.test_connection
-                    
-                    flash[:success] = @message = I18n.t("admin.actions.test_ldap_server.success")
-                rescue => e
-                    flash[:error] = @message = I18n.t("admin.actions.test_ldap_server.error", error: e.message)
-                end
-                # Redirect to the object
-                redirect_to index_path(model_name: @abstract_model.to_param)
-            end
-            
+  link_icon "fas fa-circle-check"
+
+  http_methods [:get, :post]
+
+  # Visible only for the User model
+  visible do
+    bindings[:object].is_a?(::LdapServer)
+  end
+  # Adding the controller which is needed to compute calls from the ui
+  controller do
+    proc do
+      @ldap = ::LdapServer.find(@object.id)
+      # begin
+      @ldap.test_connection
+      @status = "success"
+
+      @message = I18n.t("admin.actions.test_ldap_server.success")
+
+      # From the UI the user can test if the ldap server is reachable and receive a response
+      if request.xhr? && request.post? && params[:email].present? && params[:password].present?
+        Rails.logger.debug("LDAP Test: Attempting to authenticate user #{params[:email]}")
+        authenticator = Ldap::Authenticator.new(
+          email: params[:email],
+          password: params[:password],
+        )
+        @ldap_user = authenticator.auth_on_single_server(@ldap)
+        @ldap_attributes = {}
+
+        @ldap_user.each_attribute do |key, values|
+          safe_values = values.map do |v|
+            s = v.to_s
+
+            # 1. Declare UTF-8
+            s.force_encoding("UTF-8")
+
+            # 2. Replace invalid / undefined bytes
+            s.encode!("UTF-8", invalid: :replace, undef: :replace, replace: "�")
+
+            s
+          end
+
+          @ldap_attributes[key] = safe_values
+        end
+        Rails.logger.debug("LDAP Test: Authentication result for user #{params[:email]}: #{@ldap_user.inspect}")
+        if @ldap_user
+          @message += " " + I18n.t("admin.actions.test_ldap_server.auth_success", email: params[:email])
+        else
+          @message += " " + I18n.t("admin.actions.test_ldap_server.auth_failure", email: params[:email])
+          @status = "warning"
         end
+        # else
+        # rescue => e
+        #   @message = I18n.t("admin.actions.test_ldap_server.error", error: e.message)
+        #   @status = "danger"
+        # end
+      end
     end
+  end
 end

data/lib/thecore_ui_rails_admin/version.rb

@@ -1,3 +1,3 @@
 module ThecoreUiRailsAdmin
-  VERSION = "3.5.3".freeze
+  VERSION = "3.5.5".freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: thecore_ui_rails_admin
 version: !ruby/object:Gem::Version
-  version: 3.5.3
+  version: 3.5.5
 platform: ruby
 authors:
 - Gabriele Tassoni
@@ -94,6 +94,7 @@ files:
 - app/views/rails_admin/main/load_filters.html.erb
 - app/views/rails_admin/main/save_filter.html.erb
 - app/views/rails_admin/main/test_ldap_server.html.erb
+- app/views/rails_admin/main/test_ldap_server.js.erb
 - config/initializers/abilities.rb
 - config/initializers/add_to_db_migrations.rb
 - config/initializers/after_initialize.rb