diff options
40 files changed, 501 insertions, 9 deletions
@@ -3,6 +3,7 @@ Version 1.0.18 (unreleased) New features: +* Add Gitlab authentication * Add users and categories filters on the board * Add hide/show columns * Add Gantt chart for projects and tasks diff --git a/app/Auth/Gitlab.php b/app/Auth/Gitlab.php new file mode 100644 index 00000000..336152a5 --- /dev/null +++ b/app/Auth/Gitlab.php @@ -0,0 +1,122 @@ +<?php + +namespace Auth; + +use Event\AuthEvent; + +/** + * Gitlab backend + * + * @package auth + */ +class Gitlab extends Base +{ + /** + * Backend name + * + * @var string + */ + const AUTH_NAME = 'Gitlab'; + + /** + * OAuth2 instance + * + * @access private + * @var \Core\OAuth2 + */ + private $service; + + /** + * Authenticate a Gitlab user + * + * @access public + * @param string $gitlab_id Gitlab user id + * @return boolean + */ + public function authenticate($gitlab_id) + { + $user = $this->user->getByGitlabId($gitlab_id); + + if (! empty($user)) { + $this->userSession->refresh($user); + $this->container['dispatcher']->dispatch('auth.success', new AuthEvent(self::AUTH_NAME, $user['id'])); + return true; + } + + return false; + } + + /** + * Unlink a Gitlab account for a given user + * + * @access public + * @param integer $user_id User id + * @return boolean + */ + public function unlink($user_id) + { + return $this->user->update(array( + 'id' => $user_id, + 'gitlab_id' => '', + )); + } + + /** + * Update the user table based on the Gitlab profile information + * + * @access public + * @param integer $user_id User id + * @param array $profile Gitlab profile + * @return boolean + */ + public function updateUser($user_id, array $profile) + { + $user = $this->user->getById($user_id); + + return $this->user->update(array( + 'id' => $user_id, + 'gitlab_id' => $profile['id'], + 'email' => $profile['email'] ?: $user['email'], + 'name' => $profile['name'] ?: $user['name'], + )); + } + + /** + * Get OAuth2 configured service + * + * @access public + * @return \Core\OAuth2 + */ + public function getService() + { + if (empty($this->service)) { + $this->service = $this->oauth->createService( + GITLAB_CLIENT_ID, + GITLAB_CLIENT_SECRET, + $this->helper->url->to('oauth', 'gitlab', array(), '', true), + GITLAB_OAUTH_AUTHORIZE_URL, + GITLAB_OAUTH_TOKEN_URL, + array() + ); + } + + return $this->service; + } + + /** + * Get Gitlab profile + * + * @access public + * @param string $code + * @return array + */ + public function getProfile($code) + { + $this->getService()->getAccessToken($code); + + return $this->httpClient->getJson( + GITLAB_API_URL.'user', + array($this->getService()->getAuthorizationHeader()) + ); + } +} diff --git a/app/Controller/Oauth.php b/app/Controller/Oauth.php index 8ba5b252..b0f13dc3 100644 --- a/app/Controller/Oauth.php +++ b/app/Controller/Oauth.php @@ -31,6 +31,16 @@ class Oauth extends Base } /** + * Link or authenticate a Gitlab account + * + * @access public + */ + public function gitlab() + { + $this->step1('gitlab'); + } + + /** * Unlink external account * * @access public diff --git a/app/Locale/cs_CZ/translations.php b/app/Locale/cs_CZ/translations.php index f6f51e3f..6eefa33f 100644 --- a/app/Locale/cs_CZ/translations.php +++ b/app/Locale/cs_CZ/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/da_DK/translations.php b/app/Locale/da_DK/translations.php index c157d227..35634be8 100644 --- a/app/Locale/da_DK/translations.php +++ b/app/Locale/da_DK/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/de_DE/translations.php b/app/Locale/de_DE/translations.php index c7986d95..9e3097fd 100644 --- a/app/Locale/de_DE/translations.php +++ b/app/Locale/de_DE/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/es_ES/translations.php b/app/Locale/es_ES/translations.php index 7e8a16f4..43122ea3 100644 --- a/app/Locale/es_ES/translations.php +++ b/app/Locale/es_ES/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/fi_FI/translations.php b/app/Locale/fi_FI/translations.php index cf913461..fc517b0b 100644 --- a/app/Locale/fi_FI/translations.php +++ b/app/Locale/fi_FI/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/fr_FR/translations.php b/app/Locale/fr_FR/translations.php index a7c724f7..c63fb60b 100644 --- a/app/Locale/fr_FR/translations.php +++ b/app/Locale/fr_FR/translations.php @@ -1054,4 +1054,12 @@ return array( 'Link type' => 'Type de lien', 'Change task color when using a specific task link' => 'Changer la couleur de la tâche lorsqu\'un lien spécifique est utilisé', 'Task link creation or modification' => 'Création ou modification d\'un lien sur une tâche', + 'Login with my Gitlab Account' => 'Se connecter avec mon compte Gitlab', + 'Milestone' => 'Étape importante', + 'Gitlab Authentication' => 'Authentification Gitlab', + 'Help on Gitlab authentication' => 'Aide sur l\'authentification Gitlab', + 'Gitlab Id' => 'Identifiant Gitlab', + 'Gitlab Account' => 'Compte Gitlab', + 'Link my Gitlab Account' => 'Lier mon compte Gitlab', + 'Unlink my Gitlab Account' => 'Ne plus utiliser mon compte Gitlab', ); diff --git a/app/Locale/hu_HU/translations.php b/app/Locale/hu_HU/translations.php index a6e2994d..9218c6d3 100644 --- a/app/Locale/hu_HU/translations.php +++ b/app/Locale/hu_HU/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/it_IT/translations.php b/app/Locale/it_IT/translations.php index 64f79d0d..a8b33e8b 100644 --- a/app/Locale/it_IT/translations.php +++ b/app/Locale/it_IT/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/ja_JP/translations.php b/app/Locale/ja_JP/translations.php index 6b3ed32c..1ab82170 100644 --- a/app/Locale/ja_JP/translations.php +++ b/app/Locale/ja_JP/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/nb_NO/translations.php b/app/Locale/nb_NO/translations.php index 3d849c97..dae6507a 100644 --- a/app/Locale/nb_NO/translations.php +++ b/app/Locale/nb_NO/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/nl_NL/translations.php b/app/Locale/nl_NL/translations.php index f32d713f..1f52faae 100644 --- a/app/Locale/nl_NL/translations.php +++ b/app/Locale/nl_NL/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/pl_PL/translations.php b/app/Locale/pl_PL/translations.php index e711f03e..900cf8d9 100644 --- a/app/Locale/pl_PL/translations.php +++ b/app/Locale/pl_PL/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/pt_BR/translations.php b/app/Locale/pt_BR/translations.php index a64a9374..f1cfd43a 100644 --- a/app/Locale/pt_BR/translations.php +++ b/app/Locale/pt_BR/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/pt_PT/translations.php b/app/Locale/pt_PT/translations.php index e88ab3ec..b52ef8fd 100644 --- a/app/Locale/pt_PT/translations.php +++ b/app/Locale/pt_PT/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/ru_RU/translations.php b/app/Locale/ru_RU/translations.php index 339bbd4d..bd2d7c6b 100644 --- a/app/Locale/ru_RU/translations.php +++ b/app/Locale/ru_RU/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/sr_Latn_RS/translations.php b/app/Locale/sr_Latn_RS/translations.php index e8a3caff..2decbd68 100644 --- a/app/Locale/sr_Latn_RS/translations.php +++ b/app/Locale/sr_Latn_RS/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/sv_SE/translations.php b/app/Locale/sv_SE/translations.php index 28928081..79d5ec17 100644 --- a/app/Locale/sv_SE/translations.php +++ b/app/Locale/sv_SE/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/th_TH/translations.php b/app/Locale/th_TH/translations.php index f5cae497..959b5f38 100644 --- a/app/Locale/th_TH/translations.php +++ b/app/Locale/th_TH/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/tr_TR/translations.php b/app/Locale/tr_TR/translations.php index 3d3cd902..45ba9d27 100644 --- a/app/Locale/tr_TR/translations.php +++ b/app/Locale/tr_TR/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Locale/zh_CN/translations.php b/app/Locale/zh_CN/translations.php index ac3eecae..dc36b203 100644 --- a/app/Locale/zh_CN/translations.php +++ b/app/Locale/zh_CN/translations.php @@ -1052,4 +1052,12 @@ return array( // 'Link type' => '', // 'Change task color when using a specific task link' => '', // 'Task link creation or modification' => '', + // 'Login with my Gitlab Account' => '', + // 'Milestone' => '', + // 'Gitlab Authentication' => '', + // 'Help on Gitlab authentication' => '', + // 'Gitlab Id' => '', + // 'Gitlab Account' => '', + // 'Link my Gitlab Account' => '', + // 'Unlink my Gitlab Account' => '', ); diff --git a/app/Model/Acl.php b/app/Model/Acl.php index e93bf1d9..8c28cb1a 100644 --- a/app/Model/Acl.php +++ b/app/Model/Acl.php @@ -23,7 +23,7 @@ class Acl extends Base 'webhook' => '*', 'ical' => '*', 'feed' => '*', - 'oauth' => array('google', 'github'), + 'oauth' => array('google', 'github', 'gitlab'), ); /** diff --git a/app/Model/User.php b/app/Model/User.php index 1a7a0666..8a7eff4a 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -139,6 +139,22 @@ class User extends Base } /** + * Get a specific user by the Gitlab id + * + * @access public + * @param string $gitlab_id Gitlab user id + * @return array|boolean + */ + public function getByGitlabId($gitlab_id) + { + if (empty($gitlab_id)) { + return false; + } + + return $this->db->table(self::TABLE)->eq('gitlab_id', $gitlab_id)->findOne(); + } + + /** * Get a specific user by the username * * @access public diff --git a/app/Schema/Mysql.php b/app/Schema/Mysql.php index 0a8ede18..af7c3c87 100644 --- a/app/Schema/Mysql.php +++ b/app/Schema/Mysql.php @@ -6,7 +6,12 @@ use PDO; use Core\Security; use Model\Link; -const VERSION = 84; +const VERSION = 85; + +function version_85($pdo) +{ + $pdo->exec("ALTER TABLE users ADD COLUMN gitlab_id INT"); +} function version_84($pdo) { diff --git a/app/Schema/Postgres.php b/app/Schema/Postgres.php index a0c71e0c..03f71de0 100644 --- a/app/Schema/Postgres.php +++ b/app/Schema/Postgres.php @@ -6,7 +6,12 @@ use PDO; use Core\Security; use Model\Link; -const VERSION = 64; +const VERSION = 65; + +function version_65($pdo) +{ + $pdo->exec("ALTER TABLE users ADD COLUMN gitlab_id INTEGER"); +} function version_64($pdo) { diff --git a/app/Schema/Sqlite.php b/app/Schema/Sqlite.php index 4fb1819f..b4e4b948 100644 --- a/app/Schema/Sqlite.php +++ b/app/Schema/Sqlite.php @@ -6,7 +6,12 @@ use Core\Security; use PDO; use Model\Link; -const VERSION = 80; +const VERSION = 81; + +function version_81($pdo) +{ + $pdo->exec("ALTER TABLE users ADD COLUMN gitlab_id INTEGER"); +} function version_80($pdo) { diff --git a/app/Template/auth/index.php b/app/Template/auth/index.php index 1ad1b9a4..2ffc53cb 100644 --- a/app/Template/auth/index.php +++ b/app/Template/auth/index.php @@ -15,7 +15,7 @@ <?= $this->form->label(t('Password'), 'password') ?> <?= $this->form->password('password', $values, $errors, array('required')) ?> - <?php if ($captcha): ?> + <?php if (isset($captcha) && $captcha): ?> <?= $this->form->label(t('Enter the text below'), 'captcha') ?> <img src="<?= $this->url->href('auth', 'captcha') ?>"/> <?= $this->form->text('captcha', $values, $errors, array('required')) ?> @@ -31,14 +31,18 @@ </form> <?php endif ?> - <?php if (GOOGLE_AUTH || GITHUB_AUTH): ?> + <?php if (GOOGLE_AUTH || GITHUB_AUTH || GITLAB_AUTH): ?> <ul class="no-bullet"> <?php if (GOOGLE_AUTH): ?> <li><?= $this->url->link(t('Login with my Google Account'), 'oauth', 'google') ?></li> <?php endif ?> <?php if (GITHUB_AUTH): ?> - <li><?= $this->url->link(t('Login with my Github Account'), 'oauth', 'gitHub') ?></li> + <li><?= $this->url->link(t('Login with my Github Account'), 'oauth', 'github') ?></li> + <?php endif ?> + + <?php if (GITLAB_AUTH): ?> + <li><?= $this->url->link(t('Login with my Gitlab Account'), 'oauth', 'gitlab') ?></li> <?php endif ?> </ul> <?php endif ?> diff --git a/app/Template/config/integrations.php b/app/Template/config/integrations.php index 47b45149..ddbd73dd 100644 --- a/app/Template/config/integrations.php +++ b/app/Template/config/integrations.php @@ -18,6 +18,12 @@ <p class="form-help"><a href="http://kanboard.net/documentation/github-authentication" target="_blank"><?= t('Help on Github authentication') ?></a></p> </div> + <h3><img src="<?= $this->url->dir() ?>assets/img/gitlab-icon.png"/> <?= t('Gitlab Authentication') ?></h3> + <div class="listing"> + <input type="text" class="auto-select" readonly="readonly" value="<?= $this->url->href('oauth', 'gitlab', array(), false, '', true) ?>"/><br/> + <p class="form-help"><a href="http://kanboard.net/documentation/gitlab-authentication" target="_blank"><?= t('Help on Gitlab authentication') ?></a></p> + </div> + <h3><img src="<?= $this->url->dir() ?>assets/img/mailgun-icon.png"/> <?= t('Mailgun (incoming emails)') ?></h3> <div class="listing"> <input type="text" class="auto-select" readonly="readonly" value="<?= $this->url->href('webhook', 'mailgun', array('token' => $values['webhook_token']), false, '', true) ?>"/><br/> diff --git a/app/Template/user/authentication.php b/app/Template/user/authentication.php index a62c8f93..20c3d372 100644 --- a/app/Template/user/authentication.php +++ b/app/Template/user/authentication.php @@ -14,6 +14,9 @@ <?= $this->form->label(t('Github Id'), 'github_id') ?> <?= $this->form->text('github_id', $values, $errors) ?> + <?= $this->form->label(t('Gitlab Id'), 'gitlab_id') ?> + <?= $this->form->text('gitlab_id', $values, $errors) ?> + <?= $this->form->checkbox('is_ldap_user', t('Remote user'), 1, isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1) ?> <?= $this->form->checkbox('disable_login_form', t('Disallow login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?> diff --git a/app/Template/user/create_remote.php b/app/Template/user/create_remote.php index 6b3678d3..1d04bc87 100644 --- a/app/Template/user/create_remote.php +++ b/app/Template/user/create_remote.php @@ -25,6 +25,9 @@ <?= $this->form->label(t('Github Id'), 'github_id') ?> <?= $this->form->password('github_id', $values, $errors) ?><br/> + + <?= $this->form->label(t('Gitlab Id'), 'gitlab_id') ?> + <?= $this->form->password('gitlab_id', $values, $errors) ?><br/> </div> <div class="form-column"> diff --git a/app/Template/user/external.php b/app/Template/user/external.php index 3b872e85..9ef0b4d1 100644 --- a/app/Template/user/external.php +++ b/app/Template/user/external.php @@ -34,6 +34,22 @@ </p> <?php endif ?> -<?php if (! GOOGLE_AUTH && ! GITHUB_AUTH): ?> +<?php if (GITHUB_AUTH): ?> + <h3><img src="<?= $this->url->dir() ?>assets/img/gitlab-icon.png"/> <?= t('Gitlab Account') ?></h3> + + <p class="listing"> + <?php if ($this->user->isCurrentUser($user['id'])): ?> + <?php if (empty($user['gitlab_id'])): ?> + <?= $this->url->link(t('Link my Gitlab Account'), 'oauth', 'gitlab', array(), true) ?> + <?php else: ?> + <?= $this->url->link(t('Unlink my Gitlab Account'), 'oauth', 'unlink', array('backend' => 'gitlab'), true) ?> + <?php endif ?> + <?php else: ?> + <?= empty($user['gitlab_id']) ? t('No account linked.') : t('Account linked.') ?> + <?php endif ?> + </p> +<?php endif ?> + +<?php if (! GOOGLE_AUTH && ! GITHUB_AUTH && ! GITLAB_AUTH): ?> <p class="alert"><?= t('No external authentication enabled.') ?></p> <?php endif ?> diff --git a/app/common.php b/app/common.php index b8f5ccd2..8c1074d6 100644 --- a/app/common.php +++ b/app/common.php @@ -146,6 +146,7 @@ if (ENABLE_URL_REWRITE) { // Auth routes $container['router']->addRoute('oauth/google', 'oauth', 'google'); $container['router']->addRoute('oauth/github', 'oauth', 'github'); + $container['router']->addRoute('oauth/gitlab', 'oauth', 'gitlab'); $container['router']->addRoute('login', 'auth', 'login'); $container['router']->addRoute('logout', 'auth', 'logout'); } diff --git a/app/constants.php b/app/constants.php index 99770aba..4f82e343 100644 --- a/app/constants.php +++ b/app/constants.php @@ -50,6 +50,14 @@ defined('GITHUB_OAUTH_AUTHORIZE_URL') or define('GITHUB_OAUTH_AUTHORIZE_URL', 'h defined('GITHUB_OAUTH_TOKEN_URL') or define('GITHUB_OAUTH_TOKEN_URL', 'https://github.com/login/oauth/access_token'); defined('GITHUB_API_URL') or define('GITHUB_API_URL', 'https://api.github.com/'); +// Gitlab authentication +defined('GITLAB_AUTH') or define('GITLAB_AUTH', false); +defined('GITLAB_CLIENT_ID') or define('GITLAB_CLIENT_ID', ''); +defined('GITLAB_CLIENT_SECRET') or define('GITLAB_CLIENT_SECRET', ''); +defined('GITLAB_OAUTH_AUTHORIZE_URL') or define('GITLAB_OAUTH_AUTHORIZE_URL', 'https://gitlab.com/oauth/authorize'); +defined('GITLAB_OAUTH_TOKEN_URL') or define('GITLAB_OAUTH_TOKEN_URL', 'https://gitlab.com/oauth/token'); +defined('GITLAB_API_URL') or define('GITLAB_API_URL', 'https://gitlab.com/api/v3/'); + // Proxy authentication defined('REVERSE_PROXY_AUTH') or define('REVERSE_PROXY_AUTH', false); defined('REVERSE_PROXY_USER_HEADER') or define('REVERSE_PROXY_USER_HEADER', 'REMOTE_USER'); diff --git a/config.default.php b/config.default.php index baa9267d..d5d1b30d 100644 --- a/config.default.php +++ b/config.default.php @@ -139,6 +139,24 @@ define('GITHUB_OAUTH_TOKEN_URL', 'https://github.com/login/oauth/access_token'); // Github API url (don't forget the slash at the end) define('GITHUB_API_URL', 'https://api.github.com/'); +// Enable/disable Gitlab authentication +define('GITLAB_AUTH', false); + +// Gitlab application id +define('GITLAB_CLIENT_ID', ''); + +// Gitlab application secret +define('GITLAB_CLIENT_SECRET', ''); + +// Gitlab oauth2 authorize url +define('GITLAB_OAUTH_AUTHORIZE_URL', 'https://gitlab.com/oauth/authorize'); + +// Gitlab oauth2 token url +define('GITLAB_OAUTH_TOKEN_URL', 'https://gitlab.com/oauth/token'); + +// Gitlab API url endpoint (don't forget the slash at the end) +define('GITLAB_API_URL', 'https://gitlab.com/api/v3/'); + // Enable/disable the reverse proxy authentication define('REVERSE_PROXY_AUTH', false); diff --git a/docs/github-authentication.markdown b/docs/github-authentication.markdown index efefffc0..ba0f371f 100644 --- a/docs/github-authentication.markdown +++ b/docs/github-authentication.markdown @@ -11,7 +11,7 @@ How does this work? The Github authentication in Kanboard uses the [OAuth 2.0](http://oauth.net/2/) protocol, so any user of Kanboard can be linked to a Github account. -That means you can use your Github account to connect to Kanboard. +That means you can use your Github account to login on Kanboard. How to link a Github account ---------------------------- diff --git a/docs/gitlab-authentication.markdown b/docs/gitlab-authentication.markdown new file mode 100644 index 00000000..3cf6d283 --- /dev/null +++ b/docs/gitlab-authentication.markdown @@ -0,0 +1,78 @@ +Gitlab Authentication +===================== + +Requirements +------------ + +- Account on [Gitlab.com](https://gitlab.com) or you own self-hosted Gitlab instance +- Have Kanboard registered as application in Gitlab + +How does this work? +------------------- + +The Gitlab authentication in Kanboard uses the [OAuth 2.0](http://oauth.net/2/) protocol, so any user of Kanboard can be linked to a Gitlab account. + +That means you can use your Gitlab account to login on Kanboard. + +How to link a Gitlab account +---------------------------- + +1. Go to your user profile +2. Click on **External accounts** +3. Click on the link **Link my Gitlab Account** +4. You are redirected to the **Gitlab authorization form** +5. Authorize Kanboard by clicking on the button **Accept** +6. Your account is now linked + +Now, on the login page you can be authenticated in one click with the link **Login with my Gitlab Account**. + +Your name and email are automatically updated from your Gitlab Account if defined. + +Installation instructions +------------------------- + +### Setting up OAuth 2.0 + +- On Gitlab, register a new application by following the [official documentation](http://doc.gitlab.com/ce/integration/oauth_provider.html) +- In Kanboard, you can get the **callback url** in **Settings > Integrations > Gitlab Authentication**, just copy and paste the url + +### Setting up Kanboard + +Either create a new `config.php` file or rename the `config.default.php` file and set the following values: + +```php +// Enable/disable Gitlab authentication +define('GITLAB_AUTH', true); + +// Gitlab application id +define('GITLAB_CLIENT_ID', 'YOUR_APPLICATION_ID'); + +// Gitlab application secret +define('GITLAB_CLIENT_SECRET', 'YOUR_APPLICATION_SECRET'); +``` + +### Custom endpoints for self-hosted Gitlab + +Change these default values if you use a self-hosted instance of Gitlab: + +```php +// Gitlab oauth2 authorize url +define('GITLAB_OAUTH_AUTHORIZE_URL', 'https://gitlab.com/oauth/authorize'); + +// Gitlab oauth2 token url +define('GITLAB_OAUTH_TOKEN_URL', 'https://gitlab.com/oauth/token'); + +// Gitlab API url endpoint (don't forget the slash at the end) +define('GITLAB_API_URL', 'https://gitlab.com/api/v3/'); +``` + +Notes +----- + +Kanboard uses these information from your Gitlab profile: + +- Full name +- Email address +- Gitlab unique id + +The Gitlab unique id is used to link the local user account and the Gitlab account. diff --git a/docs/index.markdown b/docs/index.markdown index e14a6adf..10db316a 100644 --- a/docs/index.markdown +++ b/docs/index.markdown @@ -122,6 +122,7 @@ Technical details - [LDAP authentication](ldap-authentication.markdown) - [Google authentication](google-authentication.markdown) - [Github authentication](github-authentication.markdown) +- [Gitlab authentication](gitlab-authentication.markdown) - [Reverse proxy authentication](reverse-proxy-authentication.markdown) ### Contributors diff --git a/tests/units/UserTest.php b/tests/units/UserTest.php index e3fa5f76..e52f2849 100644 --- a/tests/units/UserTest.php +++ b/tests/units/UserTest.php @@ -47,6 +47,36 @@ class UserTest extends Base $this->assertEmpty($u->getByEmail('')); } + public function testGetByGitlabId() + { + $u = new User($this->container); + $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'gitlab_id' => '1234'))); + $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'gitlab_id' => ''))); + + $this->assertNotEmpty($u->getByGitlabId('1234')); + $this->assertEmpty($u->getByGitlabId('')); + } + + public function testGetByGithubId() + { + $u = new User($this->container); + $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'github_id' => 'plop'))); + $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'github_id' => ''))); + + $this->assertNotEmpty($u->getByGithubId('plop')); + $this->assertEmpty($u->getByGithubId('')); + } + + public function testGetByGoogleId() + { + $u = new User($this->container); + $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'google_id' => '1234'))); + $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'google_id' => ''))); + + $this->assertNotEmpty($u->getByGoogleId('1234')); + $this->assertEmpty($u->getByGoogleId('')); + } + public function testPassword() { $password = 'test123'; |