SMusatov
/
zammad
зеркало из https://github.com/zammad/zammad.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
							# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/

class SamlAuth < ActiveRecord::Migration[5.2]
  def up
    # return if it's a new setup
    return if !Setting.exists?(name: 'system_init_done')

    Setting.create_if_not_exists(
      title:       'Authentication via %s',
      name:        'auth_saml',
      area:        'Security::ThirdPartyAuthentication',
      description: 'Enables user authentication via %s.',
      options:     {
        form: [
          {
            display: '',
            null:    true,
            name:    'auth_saml',
            tag:     'boolean',
            options: {
              true  => 'yes',
              false => 'no',
            },
          },
        ],
      },
      preferences: {
        controller:       'SettingsAreaSwitch',
        sub:              ['auth_saml_credentials'],
        title_i18n:       ['SAML'],
        description_i18n: ['SAML'],
        permission:       ['admin.security'],
      },
      state:       false,
      frontend:    true
    )
    Setting.create_if_not_exists(
      title:       'SAML App Credentials',
      name:        'auth_saml_credentials',
      area:        'Security::ThirdPartyAuthentication::SAML',
      description: 'Enables user authentication via SAML.',
      options:     {
        form: [
          {
            display:     'IDP SSO target URL',
            null:        true,
            name:        'idp_sso_target_url',
            tag:         'input',
            placeholder: 'https://capriza.github.io/samling/samling.html',
          },
          {
            display:     'IDP certificate',
            null:        true,
            name:        'idp_cert',
            tag:         'input',
            placeholder: '-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----',
          },
          {
            display:     'IDP certificate fingerprint',
            null:        true,
            name:        'idp_cert_fingerprint',
            tag:         'input',
            placeholder: 'E7:91:B2:E1:...',
          },
          {
            display:     'Name Identifier Format',
            null:        true,
            name:        'name_identifier_format',
            tag:         'input',
            placeholder: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
          },
        ],
      },
      state:       {},
      preferences: {
        permission: ['admin.security'],
      },
      frontend:    false
    )
  end
end