{% extends "cacsremoteservice/views/layouts/master.html" %}

{% block site-nav %}
{% include "cacsremoteservice/views/partials/site-nav.html" with active="configuration" %}
{% endblock %}

{% block scripts %}
<script>
  codescene.views.configurations.authentication.init(
    loginMessage = {{loginmessage|json|safe}}
  );
</script>
{% endblock %}

{% block main %}

{% include "cacsremoteservice/views/configuration/config-header.html" with configuration-tabs=configuration-tabs %}

<div id="page-body" class="configuration-view">
  <div class="text-content">
    <h1>Authentication & User Management</h1>
    <p class="lead text-muted">
      Administer users, roles and authentication providers.
    </p>

    {% if not is-admin %}
    <section>
      <h2>Configure Account</h2>

      {% if can-change-password? %}
      <p>Here you can change your password.</p>
      {% endif %}
    </section>
    {% endif %}

    {% if validation-errors|not-empty %}
    <section>
      <h2 class="validation-errors-heading alert-warning">
        Validation Errors
      </h2>
      <ul class="validation-errors">
        {% for error in validation-errors %}
        <li>
          <i class="fa fa-exclamation-triangle"></i>
          {{error}}
        </li>
        {% endfor %}
      </ul>
    </section>
    {% endif %}

    {% if not is-admin %}
    <section>
      <h2>Change Password</h2>
      <p>You are logged in as <em>{{logged-in-user}}</em>.</p>
      {% if can-change-password? %}
      <form action="{{view-context}}/configuration/user/specific/password" method="post">
        <div class="form-group">
          <input class="form-control" type="password" name="password" placeholder="Current Password" required />
        </div>
        <div class="form-group">
          <input class="form-control" type="password" name="newpassword" placeholder="New Password" required>
        </div>
        <div class="form-group">
          <button class="default-button" type="submit">Change Password</button>
        </div>
      </form>
      {% else %}
      <p>You can't change the password for your user account.</p>
      {% endif %}
    </section>
    {% endif %}

    {% if is-admin %}
    <section>
      <h2 id="login-page-info">Login Page Info Text</h2>
      <p>
        Specify a text to be displayed at the CodeScene login page. This could be any message the you want your users
        to be aware of, such as contact details to the CodeScene administrator.
      </p>
      <form action="{{view-context}}/configuration/frontpage/message" method="post">
        <h3>Configure Login Page Message</h3>
        <div class="form-group">
          <label for="login-message">Message (max {{login-message-max-size}} characters)</label>
          <div class="form-group" id="login-message"></div>
          <input class="form-control"
            id="login-page-message"
            type="hidden"
            name="loginmessage"
            value="{{loginmessage}}"
          />
        </div>
        <button class="default-button" type="submit">Update Message</button>
      </form>
    </section>
    {% endif %}

    {% if not is-admin %}
    <a class="default-button" href="{{view-context}}/configuration/user/token">Personal Access Tokens</a>
    {% endif %}

    {% if is-admin %}
    <section id="configure-internal-user-management">
      <h2>Internal User Management</h2>
      <p>
        You are logged in as an Administrator, which means you have full access
        to add, modify and delete users in the system. Read more about this in
        <a href="{{view-context}}/docs/configuration/users-and-roles.html">Users
          and Roles</a> in the documentation.
      </p>
      <a class="default-button" href="{{view-context}}/configuration/user/token">Personal Access Tokens</a>
      <h3 id="password-policy">Password Policy</h3>
      <form action="{{view-context}}/configuration/password-policy" method="post">
        <div class="form-group">
          <label for="password-minimum-length">Minimum length</label>
          <input class="form-control"
            id="password-minimum-length"
            type="text"
            name="password-minimum-length"
            placeholder="14"
            value="{{password-policy.minimum-length}}"
            required />
        </div>
        <div class="form-group">
          <label>
            <input id="password-simple-complexity" type="checkbox" name="password-simple-complexity" {% if password-policy.simple-complexity-enabled %} checked="" {% endif %}/>
            Enable Simple Complexity
          </label>
          <ul>
            <li>Require at least one uppercase letter from the Latin alphabet (A-Z)</li>
            <li>Require at least one lowercase letter from the Latin alphabet (a-z)</li>
            <li>Require at least one number</li>
          </ul>
        </div>
        <button class="default-button" type="submit">Update Password Policy</button>
      </form>

      <form action="{{view-context}}/configuration/user/add" method="post">
        <h3>Add New User</h3>
        <div class="form-group">
          <label for="new-user-name">User Name</label>
          <input class="form-control"
            id="new-user-name"
            type="text"
            name="username"
            placeholder="jane.doe@example.com"
            required />
        </div>
        <div class="form-group">
          <label for="new-user-password">Password</label>
          <p>NOTE: Leading or trailing spaces will be removed</p>
          <input class="form-control"
            id="new-user-password"
            type="password"
            name="password"
            required />
        </div>
        <button class="default-button" type="submit">Add User</button>
      </form>
      <h3 id="all-users">All Users</h3>
      {% if users|not-empty %}
      <table class="table table-striped all-users">
        <thead>
          <tr>
            <th>User Name</th>
            <th>Role</th>
            <th></th>
          </tr>
        </thead>
        <tbody>
          {% for user in users %}
          <tr data-user-id="{{user.id}}">
            <td>{{user.username}}</td>
            <td>
              <select class="form-control user-role-select"
                data-user-name="{{user.username}}"
                data-user-id="{{user.id}}">
                {% for role in roles %}
                <option value="{{role.id}}"
                  {% ifequal role.id user.role-id %}
                  selected="selected"
                  {% endifequal %}>{{role.name}}</option>
                {% endfor %}
              </select>
            </td>
            <td class="column-actions">
              <button class="default-button user-change-password"
                data-user-id="{{user.id}}"
                data-user-name="{{user.username}}">Change Password</button>
              <button class="default-button danger user-delete"
                data-user-id="{{user.id}}"
                data-user-name="{{user.username}}">Delete</button>
            </td>
          </tr>
          {% endfor %}
        </tbody>
      </table>
      {% else %}
      <p>You haven't defined any users yet. Please add one using the dialog above.</p>
      {% endif %}
    </section>
    {% endif %}

    {% if is-admin %}
    <section>
      <h2>Single Sign-On</h2>
      <p>
        Here you can configure alternative authentication providers for your users.
        Normally, CodeScene uses an internal database of users.
        Alternatively, you can use an external authentication provider like LDAP/Active Directory server,
        which maintains the accounts for your users. This allows you to manage your users' accounts
        at the central authentication server without the need to duplicate users' accounts
        in the CodeScene internal database.
      </p>
      <p>
        Note: Admin will still need to go through the normal authentication process using the license key!
      </p>

      <div id="ldap-auth-provider" class="ldap-auth-provider">
        <h3>LDAP Authentication Provider</h3>
        <hr />
        <p>
          LDAP-enabled directory services like Microsoft's Active Directory can be integrated with CodeScene
          using the following settings:
        </p>
        {% include "cacsremoteservice/views/configuration/ldap-settings.html" %}
      </div>
      <div id="oauth2-auth-provider" class="oauth2-auth-provider">
        <h3>Oauth2 Authentication Provider</h3>
        <hr />
        <p>
          OAuth2 authentication providers can be integrated with CodeScene using the following settings:
        </p>
        {% include "cacsremoteservice/views/configuration/oauth2-settings.html" %}
      </div>
    </section>
    {% endif %}
  </div>
</div>


{% endblock %}