Fix for #1087 ( Caliblur! Theme button alignment)

cps/admin.py

@@ -547,7 +547,7 @@ def _configuration_update_helper():
     if config.config_login_type == constants.LOGIN_LDAP:
         reboot_required |= _config_string("config_ldap_provider_url")
         reboot_required |= _config_int("config_ldap_port")
-        # _config_string("config_ldap_schema")
+        reboot_required |= _config_int("config_ldap_authentication")
         reboot_required |= _config_string("config_ldap_dn")
         reboot_required |= _config_string("config_ldap_serv_username")
         reboot_required |= _config_string("config_ldap_user_object")
@@ -569,9 +569,13 @@ def _configuration_update_helper():
                 return _configuration_result(_('Please Enter a LDAP Provider, '
                                              'Port, DN and User Object Identifier'), gdriveError)
 
-
-        if not config.config_ldap_serv_username or not bool(config.config_ldap_serv_password):
-            return _configuration_result('Please Enter a LDAP Service Account and Password', gdriveError)
+        if config.config_ldap_authentication > constants.LDAP_AUTH_ANONYMOUS:
+            if config.config_ldap_authentication > constants.LDAP_AUTH_UNAUTHENTICATE:
+                if not config.config_ldap_serv_username:
+                    return _configuration_result('Please Enter a LDAP Service Account', gdriveError)
+            else:
+                if not config.config_ldap_serv_username or not bool(config.config_ldap_serv_password):
+                    return _configuration_result('Please Enter a LDAP Service Account and Password', gdriveError)
 
         #_config_checkbox("config_ldap_use_ssl")
         #_config_checkbox("config_ldap_use_tls")

cps/config_sql.py

@@ -97,12 +97,10 @@ class _Settings(_Base):
 
     config_ldap_provider_url = Column(String, default='example.org')
     config_ldap_port = Column(SmallInteger, default=389)
-    # config_ldap_schema = Column(String, default='ldap')
+    config_ldap_authentication = Column(SmallInteger, default=constants.LDAP_AUTH_SIMPLE)
     config_ldap_serv_username = Column(String, default='cn=admin,dc=example,dc=org')
     config_ldap_serv_password = Column(String, default="")
     config_ldap_encryption = Column(SmallInteger, default=0)
-    # config_ldap_use_tls = Column(Boolean, default=False)
-    # config_ldap_require_cert = Column(Boolean, default=False)
     config_ldap_cert_path = Column(String, default="")
     config_ldap_dn = Column(String, default='dc=example,dc=org')
     config_ldap_user_object = Column(String, default='uid=%s')

cps/constants.py

@@ -92,7 +92,10 @@ AUTO_UPDATE_NIGHTLY = 1 << 2
 LOGIN_STANDARD      = 0
 LOGIN_LDAP          = 1
 LOGIN_OAUTH         = 2
-# LOGIN_OAUTH_GOOGLE  = 3
+
+LDAP_AUTH_ANONYMOUS      = 0
+LDAP_AUTH_UNAUTHENTICATE = 1
+LDAP_AUTH_SIMPLE         = 0
 
 DEFAULT_MAIL_SERVER = "mail.example.org"
 

cps/services/simpleldap.py

@@ -42,11 +42,17 @@ def init_app(app, config):
         app.config['LDAP_SCHEMA'] = 'ldaps'
     else:
         app.config['LDAP_SCHEMA'] = 'ldap'
-    # app.config['LDAP_SCHEMA'] = config.config_ldap_schema
-    app.config['LDAP_USERNAME'] = config.config_ldap_serv_username
-    if config.config_ldap_serv_password is None:
-        config.config_ldap_serv_password = ''
-    app.config['LDAP_PASSWORD'] = base64.b64decode(config.config_ldap_serv_password)
+    if config.config_ldap_authentication > constants.LDAP_AUTH_ANONYMOUS:
+        if config.config_ldap_authentication > constants.LDAP_AUTH_UNAUTHENTICATE:
+            if config.config_ldap_serv_password is None:
+                config.config_ldap_serv_password = ''
+            app.config['LDAP_PASSWORD'] = base64.b64decode(config.config_ldap_serv_password)
+        else:
+            app.config['LDAP_PASSWORD'] = base64.b64decode("''")
+        app.config['LDAP_USERNAME'] = config.config_ldap_serv_username
+    else:
+        app.config['LDAP_USERNAME'] = "''"
+        app.config['LDAP_PASSWORD'] = base64.b64decode("''")
     if bool(config.config_ldap_cert_path):
         app.config['LDAP_REQUIRE_CERT'] = True
         app.config['LDAP_CERT_PATH'] = config.config_ldap_cert_path

cps/templates/config_edit.html

@@ -233,7 +233,6 @@
           <input type="number" min="1" max="65535" class="form-control" id="config_ldap_port" name="config_ldap_port" value="{% if config.config_ldap_port != None %}{{ config.config_ldap_port }}{% endif %}" autocomplete="off" required>
         </div>
         <div class="form-group">
-          <label for="config_ldap_encryption">{{_('LDAP Encryption')}}</label>
           <label for="config_ldap_encryption">{{_('LDAP Encryption')}}</label>
             <select name="config_ldap_encryption" id="config_ldap_encryption" class="form-control" data-controlall="ldap-cert-settings">
                 <option value="0" {% if config.config_ldap_encryption == 0 %}selected{% endif %}>{{ _('None') }}</option>
@@ -247,14 +246,25 @@
             <input type="text" class="form-control" id="config_ldap_cert_path" name="config_ldap_cert_path" value="{% if config.config_ldap_cert_path != None %}{{ config.config_ldap_cert_path }}{% endif %}" autocomplete="off">
           </div>
         </div>
-
         <div class="form-group">
-          <label for="config_ldap_serv_username">{{_('LDAP Administrator Username')}}</label>
-          <input type="text" class="form-control" id="config_ldap_serv_username" name="config_ldap_serv_username" value="{% if config.config_ldap_serv_username != None %}{{ config.config_ldap_serv_username }}{% endif %}" autocomplete="off">
+          <label for="config_ldap_authentication">{{_('LDAP Authentication')}}</label>
+            <select name="config_ldap_authentication" id="config_ldap_authentication" class="form-control" data-control="ldap-auth-password" data-controlall="ldap-auth-settings">
+                <option value="0" {% if config.config_ldap_authentication == 0 %}selected{% endif %}>{{ _('Anonymous') }}</option>
+                <option value="1" {% if config.config_ldap_authentication == 1 %}selected{% endif %}>{{ _('Unauthenticated') }}</option>
+                <option value="2" {% if config.config_ldap_authentication == 2 %}selected{% endif %}>{{ _('Simple') }}</option>
+            </select>
         </div>
-        <div class="form-group">
-          <label for="config_ldap_serv_password">{{_('LDAP Administrator Password')}}</label>
-          <input type="password" class="form-control" id="config_ldap_serv_password" name="config_ldap_serv_password" value="" autocomplete="off">
+        <div data-related="ldap-auth-settings">
+          <div class="form-group">
+            <label for="config_ldap_serv_username">{{_('LDAP Administrator Username')}}</label>
+            <input type="text" class="form-control" id="config_ldap_serv_username" name="config_ldap_serv_username" value="{% if config.config_ldap_serv_username != None %}{{ config.config_ldap_serv_username }}{% endif %}" autocomplete="off">
+          </div>
+        </div>
+        <div data-related="ldap-auth-password-2">
+          <div class="form-group">
+            <label for="config_ldap_serv_password">{{_('LDAP Administrator Password')}}</label>
+            <input type="password" class="form-control" id="config_ldap_serv_password" name="config_ldap_serv_password" value="" autocomplete="off">
+          </div>
         </div>
         <div class="form-group">
           <label for="config_ldap_dn">{{_('LDAP Distinguished Name (DN)')}}</label>

optional-requirements.txt

@@ -17,12 +17,12 @@ goodreads>=0.3.2,<0.4.0
 python-Levenshtein>=0.12.0,<0.13.0
 
 # ldap login
-python_ldap>=3.0.0,<3.3.0
-flask-simpleldap>=1.4.0,<1.5.0
+python-ldap>=3.0.0,<3.3.0
+Flask-SimpleLDAP>=1.4.0,<1.5.0
 
 #oauth
-flask-dance>=1.4.0,<3.1.0
-sqlalchemy_utils>=0.33.5,<0.37.0
+Flask-Dance>=1.4.0,<3.1.0
+SQLAlchemy-Utils>=0.33.5,<0.37.0
 
 # extracting metadata
 lxml>=3.8.0,<4.6.0