mirror of
https://github.com/opnsense/plugins.git
synced 2026-02-03 20:40:37 -05:00
net/freeradius: Add LDAP Groups (#4989)
This commit is contained in:
Michael
GitHub
parent
095ab23c68
commit
8b3741f591
10 changed files with 469 additions and 2 deletions
|
|
@ -1,6 +1,5 @@
|
|||
PLUGIN_NAME= freeradius
|
||||
PLUGIN_VERSION= 1.9.27
|
||||
PLUGIN_REVISION= 1
|
||||
PLUGIN_VERSION= 1.9.28
|
||||
PLUGIN_COMMENT= RADIUS Authentication, Authorization and Accounting Server
|
||||
PLUGIN_DEPENDS= freeradius3
|
||||
PLUGIN_MAINTAINER= m.muenz@gmail.com
|
||||
|
|
|
|||
|
|
@ -17,6 +17,11 @@ WWW: https://www.freeradius.org
|
|||
Plugin Changelog
|
||||
================
|
||||
|
||||
1.9.28
|
||||
|
||||
* Add Groups for VLAN assignment
|
||||
* Add Fallback PPSK
|
||||
|
||||
1.9.27
|
||||
|
||||
* Allow EAP-TLS with multiple CAs (contributed by RasAlGhul)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,203 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Copyright (C) 2015-2017 Deciso B.V.
|
||||
* Copyright (C) 2025 Michael Muenz <m.muenz@gmail.com>
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright notice,
|
||||
* this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
||||
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
namespace OPNsense\Freeradius\Api;
|
||||
|
||||
use OPNsense\Freeradius\Ldapgroup;
|
||||
use OPNsense\Core\Config;
|
||||
use OPNsense\Base\ApiMutableModelControllerBase;
|
||||
use OPNsense\Base\UIModelGrid;
|
||||
|
||||
class LdapgroupController extends ApiMutableModelControllerBase
|
||||
{
|
||||
protected static $internalModelName = 'Ldapgroup';
|
||||
protected static $internalModelClass = '\OPNsense\Freeradius\Ldapgroup';
|
||||
|
||||
public function getAction()
|
||||
{
|
||||
// define list of configurable settings
|
||||
$result = array();
|
||||
if ($this->request->isGet()) {
|
||||
$mdlLdapgroup = new Ldapgroup();
|
||||
$result['ldapgroup'] = $mdlLdapgroup->getNodes();
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function setAction()
|
||||
{
|
||||
$result = array("result" => "failed");
|
||||
if ($this->request->isPost()) {
|
||||
// load model and update with provided data
|
||||
$mdlLdapgroup = new Ldapgroup();
|
||||
$mdlLdapgroup->setNodes($this->request->getPost("ldapgroup"));
|
||||
// perform validation
|
||||
$valMsgs = $mdlLdapgroup->performValidation();
|
||||
foreach ($valMsgs as $field => $msg) {
|
||||
if (!array_key_exists("validations", $result)) {
|
||||
$result["validations"] = array();
|
||||
}
|
||||
$result["validations"]["ldapgroup." . $msg->getField()] = $msg->getMessage();
|
||||
}
|
||||
// serialize model to config and save
|
||||
if ($valMsgs->count() == 0) {
|
||||
$mdlLdapgroup->serializeToConfig();
|
||||
Config::getInstance()->save();
|
||||
$result["result"] = "saved";
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function searchLdapgroupAction()
|
||||
{
|
||||
$mdlLdapgroup = $this->getModel();
|
||||
$grid = new UIModelGrid($mdlLdapgroup->ldapgroups->ldapgroup);
|
||||
return $grid->fetchBindRequest(
|
||||
$this->request,
|
||||
array("enabled", "ldapgroupname", "vlan" )
|
||||
);
|
||||
}
|
||||
|
||||
public function getLdapgroupAction($uuid = null)
|
||||
{
|
||||
$mdlLdapgroup = $this->getModel();
|
||||
if ($uuid != null) {
|
||||
$node = $mdlLdapgroup->getNodeByReference('ldapgroups.ldapgroup.' . $uuid);
|
||||
if ($node != null) {
|
||||
// return node
|
||||
return array("ldapgroup" => $node->getNodes());
|
||||
}
|
||||
} else {
|
||||
$node = $mdlLdapgroup->ldapgroups->ldapgroup->add();
|
||||
return array("ldapgroup" => $node->getNodes());
|
||||
}
|
||||
return array();
|
||||
}
|
||||
|
||||
public function addLdapgroupAction()
|
||||
{
|
||||
$result = array("result" => "failed");
|
||||
if ($this->request->isPost() && $this->request->hasPost("ldapgroup")) {
|
||||
$result = array("result" => "failed", "validations" => array());
|
||||
$mdlLdapgroup = $this->getModel();
|
||||
$node = $mdlLdapgroup->ldapgroups->ldapgroup->Add();
|
||||
$node->setNodes($this->request->getPost("ldapgroup"));
|
||||
$valMsgs = $mdlLdapgroup->performValidation();
|
||||
foreach ($valMsgs as $field => $msg) {
|
||||
$fieldnm = str_replace($node->__reference, "ldapgroup", $msg->getField());
|
||||
$result["validations"][$fieldnm] = $msg->getMessage();
|
||||
}
|
||||
if (count($result['validations']) == 0) {
|
||||
unset($result['validations']);
|
||||
// save config if validated correctly
|
||||
$mdlLdapgroup->serializeToConfig();
|
||||
Config::getInstance()->save();
|
||||
unset($result['validations']);
|
||||
$result["result"] = "saved";
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function delLdapgroupAction($uuid)
|
||||
{
|
||||
$result = array("result" => "failed");
|
||||
if ($this->request->isPost()) {
|
||||
$mdlLdapgroup = $this->getModel();
|
||||
if ($uuid != null) {
|
||||
if ($mdlLdapgroup->ldapgroups->ldapgroup->del($uuid)) {
|
||||
$mdlLdapgroup->serializeToConfig();
|
||||
Config::getInstance()->save();
|
||||
$result['result'] = 'deleted';
|
||||
} else {
|
||||
$result['result'] = 'not found';
|
||||
}
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function setLdapgroupAction($uuid)
|
||||
{
|
||||
if ($this->request->isPost() && $this->request->hasPost("ldapgroup")) {
|
||||
$mdlSetting = $this->getModel();
|
||||
if ($uuid != null) {
|
||||
$node = $mdlSetting->getNodeByReference('ldapgroups.ldapgroup.' . $uuid);
|
||||
if ($node != null) {
|
||||
$result = array("result" => "failed", "validations" => array());
|
||||
$ldapgroupInfo = $this->request->getPost("ldapgroup");
|
||||
$node->setNodes($ldapgroupInfo);
|
||||
$valMsgs = $mdlSetting->performValidation();
|
||||
foreach ($valMsgs as $field => $msg) {
|
||||
$fieldnm = str_replace($node->__reference, "ldapgroup", $msg->getField());
|
||||
$result["validations"][$fieldnm] = $msg->getMessage();
|
||||
}
|
||||
if (count($result['validations']) == 0) {
|
||||
// save config if validated correctly
|
||||
$mdlSetting->serializeToConfig();
|
||||
Config::getInstance()->save();
|
||||
$result = array("result" => "saved");
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
return array("result" => "failed");
|
||||
}
|
||||
|
||||
public function toggle_handler($uuid, $elements, $element)
|
||||
{
|
||||
$result = array("result" => "failed");
|
||||
if ($this->request->isPost()) {
|
||||
$mdlSetting = $this->getModel();
|
||||
if ($uuid != null) {
|
||||
$node = $mdlSetting->getNodeByReference($elements . '.' . $element . '.' . $uuid);
|
||||
if ($node != null) {
|
||||
if ($node->enabled->__toString() == "1") {
|
||||
$result['result'] = "Disabled";
|
||||
$node->enabled = "0";
|
||||
} else {
|
||||
$result['result'] = "Enabled";
|
||||
$node->enabled = "1";
|
||||
}
|
||||
// if item has toggled, serialize to config and save
|
||||
$mdlSetting->serializeToConfig();
|
||||
Config::getInstance()->save();
|
||||
}
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function toggleLdapgroupAction($uuid)
|
||||
{
|
||||
return $this->toggle_handler($uuid, 'ldapgroups', 'ldapgroup');
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Copyright (C) 2025 Michael Muenz <m.muenz@gmail.com>
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright notice,
|
||||
* this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
||||
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
namespace OPNsense\Freeradius;
|
||||
|
||||
class LdapgroupController extends \OPNsense\Base\IndexController
|
||||
{
|
||||
public function indexAction()
|
||||
{
|
||||
$this->view->formDialogEditFreeRADIUSLdapgroup = $this->getForm("dialogEditFreeRADIUSLdapgroup");
|
||||
$this->view->pick('OPNsense/Freeradius/ldapgroup');
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
<form>
|
||||
<field>
|
||||
<id>ldapgroup.enabled</id>
|
||||
<label>Enabled</label>
|
||||
<type>checkbox</type>
|
||||
<help>This will enable or disable the user account.</help>
|
||||
</field>
|
||||
<field>
|
||||
<id>ldapgroup.ldapgroupname</id>
|
||||
<label>LDAP Group Name</label>
|
||||
<type>text</type>
|
||||
<help>The complete LDAP DN.</help>
|
||||
</field>
|
||||
<field>
|
||||
<id>ldapgroup.vlan</id>
|
||||
<label>VLAN ID</label>
|
||||
<type>text</type>
|
||||
<help>VLAN ID for the specific LDAP group.</help>
|
||||
</field>
|
||||
</form>
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
|
||||
namespace OPNsense\Freeradius;
|
||||
|
||||
use OPNsense\Base\BaseModel;
|
||||
|
||||
/*
|
||||
Copyright (C) 2025 Michael Muenz <m.muenz@gmail.com>
|
||||
All rights reserved.
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are met:
|
||||
1. Redistributions of source code must retain the above copyright notice,
|
||||
this list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
||||
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
class Ldapgroup extends BaseModel
|
||||
{
|
||||
}
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
<model>
|
||||
<mount>//OPNsense/freeradius/ldapgroup</mount>
|
||||
<description>FreeRADIUS ldapgroup configuration</description>
|
||||
<version>1.0.0</version>
|
||||
<items>
|
||||
<ldapgroups>
|
||||
<ldapgroup type="ArrayField">
|
||||
<enabled type="BooleanField">
|
||||
<Default>1</Default>
|
||||
<Required>Y</Required>
|
||||
</enabled>
|
||||
<ldapgroupname type="TextField">
|
||||
<Required>Y</Required>
|
||||
</ldapgroupname>
|
||||
<vlan type="IntegerField">
|
||||
<Required>N</Required>
|
||||
<MinimumValue>1</MinimumValue>
|
||||
<MaximumValue>4096</MaximumValue>
|
||||
</vlan>
|
||||
</ldapgroup>
|
||||
</ldapgroups>
|
||||
</items>
|
||||
</model>
|
||||
|
|
@ -8,6 +8,7 @@
|
|||
<Lease VisibleName="DHCP Leases" url="/ui/freeradius/lease/index" order="36"/>
|
||||
<EAP url="/ui/freeradius/eap/index" order="40"/>
|
||||
<LDAP url="/ui/freeradius/ldap/index" order="50"/>
|
||||
<LDAPGroup VisibleName="LDAP Group" url="/ui/freeradius/ldapgroup/index" order="55"/>
|
||||
<Proxy url="/ui/freeradius/proxy/index" order="60">
|
||||
<Homeservers url="/ui/freeradius#homeservers"/>
|
||||
<Homeserverpools url="/ui/freeradius#homeserverpools"/>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,135 @@
|
|||
{#
|
||||
|
||||
OPNsense® is Copyright © 2014 – 2017 by Deciso B.V.
|
||||
Copyright (C) 2017 - 2025 Michael Muenz <m.muenz@gmail.com>
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright notice,
|
||||
this list of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright notice,
|
||||
this list of conditions and the following disclaimer in the documentation
|
||||
and/or other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
||||
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
#}
|
||||
|
||||
<script>
|
||||
|
||||
$( document ).ready(function() {
|
||||
updateServiceControlUI('freeradius');
|
||||
|
||||
$("#grid-ldapgroups").UIBootgrid(
|
||||
{ 'search':'/api/freeradius/ldapgroup/search_ldapgroup',
|
||||
'get':'/api/freeradius/ldapgroup/get_ldapgroup/',
|
||||
'set':'/api/freeradius/ldapgroup/set_ldapgroup/',
|
||||
'add':'/api/freeradius/ldapgroup/add_ldapgroup/',
|
||||
'del':'/api/freeradius/ldapgroup/del_ldapgroup/',
|
||||
'toggle':'/api/freeradius/ldapgroup/toggle_ldapgroup/'
|
||||
}
|
||||
);
|
||||
|
||||
/*************************************************************************************************************
|
||||
* Commands
|
||||
*************************************************************************************************************/
|
||||
|
||||
/**
|
||||
* Reconfigure
|
||||
*/
|
||||
$("#reconfigureAct").click(function(){
|
||||
$("#reconfigureAct_progress").addClass("fa fa-spinner fa-pulse");
|
||||
ajaxCall(url="/api/freeradius/service/reconfigure", sendData={}, callback=function(data,status) {
|
||||
// when done, disable progress animation.
|
||||
$("#reconfigureAct_progress").removeClass("fa fa-spinner fa-pulse");
|
||||
updateServiceControlUI('freeradius');
|
||||
if (status != "success" || data['status'] != 'ok') {
|
||||
BootstrapDialog.show({
|
||||
type: BootstrapDialog.TYPE_WARNING,
|
||||
title: "{{ lang._('Error reconfiguring FreeRADIUS') }}",
|
||||
message: data['status'],
|
||||
draggable: true
|
||||
});
|
||||
} else {
|
||||
ajaxCall(url="/api/freeradius/service/reconfigure", sendData={});
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
/*************************************************************************************************************
|
||||
* context driven input dialogs
|
||||
*************************************************************************************************************/
|
||||
ajaxGet(url='/api/freeradius/general/get', sendData={}, callback=function(data,status){
|
||||
// since our general data doesn't change during input of new ldapgroups, we can control the dialog inputs
|
||||
// at once after load. No need for an "onShow" type of event here,
|
||||
// since our changes aren't driven by the dialog form itself.
|
||||
if (data.general != undefined) {
|
||||
$("#frm_dialogEditFreeRADIUSLdapgroup tr").each(function () {
|
||||
var this_item_name = $(this).attr('id');
|
||||
var this_item = $(this);
|
||||
if (this_item_name != undefined) {
|
||||
$.each(data.general, function(setting_key, setting_value){
|
||||
var search_item = 'row_ldapgroup.' + setting_key +'_';
|
||||
if (this_item_name.startsWith(search_item) && setting_value == '0') {
|
||||
// since our form tr rows are visible by default, we only have to hide what isn't needed
|
||||
this_item.hide();
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
|
||||
</script>
|
||||
|
||||
<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
|
||||
<li class="active"><a data-toggle="tab" href="#ldapgroups">{{ lang._('LDAP Group') }}</a></li>
|
||||
</ul>
|
||||
|
||||
<div class="tab-content content-box tab-content">
|
||||
<div id="ldapgroups" class="tab-pane fade in active">
|
||||
<table id="grid-ldapgroups" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="dialogEditFreeRADIUSLdapgroup">
|
||||
<thead>
|
||||
<tr>
|
||||
<th data-column-id="enabled" data-type="string" data-formatter="rowtoggle">{{ lang._('Enabled') }}</th>
|
||||
<th data-column-id="ldapgroupname" data-type="string" data-visible="true">{{ lang._('Groupname') }}</th>
|
||||
<th data-column-id="vlan" data-type="string" data-visible="false">{{ lang._('VLAN ID') }}</th>
|
||||
<th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
|
||||
<th data-column-id="commands" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th> </tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
</tbody>
|
||||
<tfoot>
|
||||
<tr>
|
||||
<td></td>
|
||||
<td>
|
||||
<button data-action="add" type="button" class="btn btn-xs btn-default"><span class="fa fa-plus"></span></button>
|
||||
<button data-action="deleteSelected" type="button" class="btn btn-xs btn-default"><span class="fa fa-trash-o"></span></button>
|
||||
</td>
|
||||
</tr>
|
||||
</tfoot>
|
||||
</table>
|
||||
</div>
|
||||
<div class="col-md-12">
|
||||
<hr/>
|
||||
<button class="btn btn-primary" id="reconfigureAct" type="button"><b>{{ lang._('Apply') }}</b> <i id="reconfigureAct_progress" class=""></i></button>
|
||||
<br/><br/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{ partial("layout_partials/base_dialog",['fields':formDialogEditFreeRADIUSLdapgroup,'id':'dialogEditFreeRADIUSLdapgroup','label':lang._('Edit LDAP Group')])}}
|
||||
|
|
@ -101,6 +101,18 @@ DEFAULT Hint == "CSLIP"
|
|||
|
||||
DEFAULT Hint == "SLIP"
|
||||
Framed-Protocol = SLIP
|
||||
|
||||
{% if helpers.exists('OPNsense.freeradius.ldapgroup.ldapgroups.ldapgroup') %}
|
||||
{% for ldapgroup_list in helpers.toList('OPNsense.freeradius.ldapgroup.ldapgroups.ldapgroup') %}
|
||||
{% if ldapgroup_list.enabled == '1' %}
|
||||
DEFAULT Ldap-Group == "{{ ldapgroup_list.ldapgroupname }}"
|
||||
Tunnel-Type = VLAN,
|
||||
Tunnel-Medium-Type = IEEE-802,
|
||||
Tunnel-Private-Group-Id = "{{ ldapgroup_list.vlan }}"
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{% if helpers.exists('OPNsense.freeradius.general.fallbackvlan_enabled') and OPNsense.freeradius.general.fallbackvlan_enabled == '1' %}
|
||||
|
||||
DEFAULT Auth-Type := Accept
|
||||
|
|
|
|||
Loading…
Reference in a new issue