# Django from django.utils.translation import ugettext_lazy as _ # AWX from awx.conf import fields, register from awx.api.fields import OAuth2ProviderField register( 'SESSION_COOKIE_AGE', field_class=fields.IntegerField, min_value=60, label=_('Idle Time Force Log Out'), help_text=_('Number of seconds that a user is inactive before they will need to login again.'), category=_('Authentication'), category_slug='authentication', ) register( 'SESSIONS_PER_USER', field_class=fields.IntegerField, min_value=-1, label=_('Maximum number of simultaneous logged in sessions'), help_text=_('Maximum number of simultaneous logged in sessions a user may have. To disable enter -1.'), category=_('Authentication'), category_slug='authentication', ) register( 'AUTH_BASIC_ENABLED', field_class=fields.BooleanField, label=_('Enable HTTP Basic Auth'), help_text=_('Enable HTTP Basic Auth for the API Browser.'),
# Copyright (c) 2016 Ansible, Inc. # All Rights Reserved. # Django from django.utils.translation import ugettext_lazy as _ # Tower from awx.conf import register, fields from awx.ui.fields import PendoTrackingStateField, CustomLogoField # noqa register( 'PENDO_TRACKING_STATE', field_class=PendoTrackingStateField, choices=[('off', _('Off')), ('anonymous', _('Anonymous')), ('detailed', _('Detailed'))], label=_('User Analytics Tracking State'), help_text=_('Enable or Disable User Analytics Tracking.'), category=_('UI'), category_slug='ui', ) register( 'CUSTOM_LOGIN_INFO', field_class=fields.CharField, allow_blank=True, default='', label=_('Custom Login Info'), help_text=_( 'If needed, you can add specific information (such as a legal ' 'notice or a disclaimer) to a text box in the login modal using ' 'this setting. Any content added must be in plain text or an '
('organization', 'Test Org 2'), ('users', r'/^[^@]+?@test2\.example\.com$/i'), ('remove', False), ])), ]) ############################################################################### # AUTHENTICATION BACKENDS DYNAMIC SETTING ############################################################################### register( 'AUTHENTICATION_BACKENDS', field_class=fields.AuthenticationBackendsField, label=_('Authentication Backends'), help_text=_('List of authentication backends that are enabled based on ' 'license features and other authentication settings.'), read_only=True, depends_on=fields.AuthenticationBackendsField.get_all_required_settings(), category=_('Authentication'), category_slug='authentication', ) register( 'SOCIAL_AUTH_ORGANIZATION_MAP', field_class=fields.SocialOrganizationMapField, allow_null=True, default=None, label=_('Social Auth Organization Map'), help_text=SOCIAL_AUTH_ORGANIZATION_MAP_HELP_TEXT, category=_('Authentication'), category_slug='authentication',
def _register_ldap(append=None): append_str = '_{}'.format(append) if append else '' register( 'AUTH_LDAP{}_SERVER_URI'.format(append_str), field_class=fields.LDAPServerURIField, allow_blank=True, default='', label=_('LDAP Server URI'), help_text= _('URI to connect to LDAP server, such as "ldap://ldap.example.com:389" ' '(non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP ' 'servers may be specified by separating with spaces or commas. LDAP ' 'authentication is disabled if this parameter is empty.'), category=_('LDAP'), category_slug='ldap', placeholder='ldaps://ldap.example.com:636', feature_required='ldap', ) register( 'AUTH_LDAP{}_BIND_DN'.format(append_str), field_class=fields.CharField, allow_blank=True, default='', validators=[validate_ldap_bind_dn], label=_('LDAP Bind DN'), help_text= _('DN (Distinguished Name) of user to bind for all search queries. This' ' is the system user account we will use to login to query LDAP for other' ' user information. Refer to the Ansible Tower documentation for example syntax.' ), category=_('LDAP'), category_slug='ldap', feature_required='ldap', ) register( 'AUTH_LDAP{}_BIND_PASSWORD'.format(append_str), field_class=fields.CharField, allow_blank=True, default='', label=_('LDAP Bind Password'), help_text=_('Password used to bind LDAP user account.'), category=_('LDAP'), category_slug='ldap', feature_required='ldap', encrypted=True, ) register( 'AUTH_LDAP{}_START_TLS'.format(append_str), field_class=fields.BooleanField, default=False, label=_('LDAP Start TLS'), help_text=_( 'Whether to enable TLS when the LDAP connection is not using SSL.' ), category=_('LDAP'), category_slug='ldap', feature_required='ldap', ) register( 'AUTH_LDAP{}_CONNECTION_OPTIONS'.format(append_str), field_class=fields.LDAPConnectionOptionsField, default={ 'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30 }, label=_('LDAP Connection Options'), help_text=_( 'Additional options to set for the LDAP connection. LDAP ' 'referrals are disabled by default (to prevent certain LDAP ' 'queries from hanging with AD). Option names should be strings ' '(e.g. "OPT_REFERRALS"). Refer to ' 'https://www.python-ldap.org/doc/html/ldap.html#options for ' 'possible options and values that can be set.'), category=_('LDAP'), category_slug='ldap', placeholder=collections.OrderedDict([('OPT_REFERRALS', 0), ('OPT_NETWORK_TIMEOUT', 30)]), feature_required='ldap', ) register( 'AUTH_LDAP{}_USER_SEARCH'.format(append_str), field_class=fields.LDAPSearchUnionField, default=[], label=_('LDAP User Search'), help_text=_( 'LDAP search query to find users. Any user that matches the given ' 'pattern will be able to login to Tower. The user should also be ' 'mapped into a Tower organization (as defined in the ' 'AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries ' 'need to be supported use of "LDAPUnion" is possible. See ' 'Tower documentation for details.'), category=_('LDAP'), category_slug='ldap', placeholder=( 'OU=Users,DC=example,DC=com', 'SCOPE_SUBTREE', '(sAMAccountName=%(user)s)', ), feature_required='ldap', ) register( 'AUTH_LDAP{}_USER_DN_TEMPLATE'.format(append_str), field_class=fields.LDAPDNWithUserField, allow_blank=True, allow_null=True, default=None, label=_('LDAP User DN Template'), help_text=_( 'Alternative to user search, if user DNs are all of the same ' 'format. This approach is more efficient for user lookups than ' 'searching if it is usable in your organizational environment. If ' 'this setting has a value it will be used instead of ' 'AUTH_LDAP_USER_SEARCH.'), category=_('LDAP'), category_slug='ldap', placeholder='uid=%(user)s,OU=Users,DC=example,DC=com', feature_required='ldap', ) register( 'AUTH_LDAP{}_USER_ATTR_MAP'.format(append_str), field_class=fields.LDAPUserAttrMapField, default={}, label=_('LDAP User Attribute Map'), help_text= _('Mapping of LDAP user schema to Tower API user attributes. The default' ' setting is valid for ActiveDirectory but users with other LDAP' ' configurations may need to change the values. Refer to the Ansible' ' Tower documentation for additonal details.'), category=_('LDAP'), category_slug='ldap', placeholder=collections.OrderedDict([ ('first_name', 'givenName'), ('last_name', 'sn'), ('email', 'mail'), ]), feature_required='ldap', ) register( 'AUTH_LDAP{}_GROUP_SEARCH'.format(append_str), field_class=fields.LDAPSearchField, default=[], label=_('LDAP Group Search'), help_text= _('Users are mapped to organizations based on their membership in LDAP' ' groups. This setting defines the LDAP search query to find groups. ' 'Unlike the user search, group search does not support LDAPSearchUnion.' ), category=_('LDAP'), category_slug='ldap', placeholder=( 'DC=example,DC=com', 'SCOPE_SUBTREE', '(objectClass=group)', ), feature_required='ldap', ) register( 'AUTH_LDAP{}_GROUP_TYPE'.format(append_str), field_class=fields.LDAPGroupTypeField, label=_('LDAP Group Type'), help_text=_( 'The group type may need to be changed based on the type of the ' 'LDAP server. Values are listed at: ' 'https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups' ), category=_('LDAP'), category_slug='ldap', feature_required='ldap', default='MemberDNGroupType', ) register( 'AUTH_LDAP{}_REQUIRE_GROUP'.format(append_str), field_class=fields.LDAPDNField, allow_blank=True, allow_null=True, default=None, label=_('LDAP Require Group'), help_text=_( 'Group DN required to login. If specified, user must be a member ' 'of this group to login via LDAP. If not set, everyone in LDAP ' 'that matches the user search will be able to login via Tower. ' 'Only one require group is supported.'), category=_('LDAP'), category_slug='ldap', placeholder='CN=Tower Users,OU=Users,DC=example,DC=com', feature_required='ldap', ) register( 'AUTH_LDAP{}_DENY_GROUP'.format(append_str), field_class=fields.LDAPDNField, allow_blank=True, allow_null=True, default=None, label=_('LDAP Deny Group'), help_text=_( 'Group DN denied from login. If specified, user will not be ' 'allowed to login if a member of this group. Only one deny group ' 'is supported.'), category=_('LDAP'), category_slug='ldap', placeholder='CN=Disabled Users,OU=Users,DC=example,DC=com', feature_required='ldap', ) register( 'AUTH_LDAP{}_USER_FLAGS_BY_GROUP'.format(append_str), field_class=fields.LDAPUserFlagsField, default={}, label=_('LDAP User Flags By Group'), help_text= _('Retrieve users from a given group. At this time, superuser and system' ' auditors are the only groups supported. Refer to the Ansible Tower' ' documentation for more detail.'), category=_('LDAP'), category_slug='ldap', placeholder=collections.OrderedDict([ ('is_superuser', 'CN=Domain Admins,CN=Users,DC=example,DC=com'), ('is_system_auditor', 'CN=Domain Auditors,CN=Users,DC=example,DC=com'), ]), feature_required='ldap', ) register( 'AUTH_LDAP{}_ORGANIZATION_MAP'.format(append_str), field_class=fields.LDAPOrganizationMapField, default={}, label=_('LDAP Organization Map'), help_text=_( 'Mapping between organization admins/users and LDAP groups. This ' 'controls which users are placed into which Tower organizations ' 'relative to their LDAP group memberships. Configuration details ' 'are available in the Ansible Tower documentation.'), category=_('LDAP'), category_slug='ldap', placeholder=collections.OrderedDict([ ('Test Org', collections.OrderedDict([ ('admins', 'CN=Domain Admins,CN=Users,DC=example,DC=com'), ('users', ['CN=Domain Users,CN=Users,DC=example,DC=com']), ('remove_users', True), ('remove_admins', True), ])), ('Test Org 2', collections.OrderedDict([ ('admins', 'CN=Administrators,CN=Builtin,DC=example,DC=com'), ('users', True), ('remove_users', True), ('remove_admins', True), ])), ]), feature_required='ldap', ) register( 'AUTH_LDAP{}_TEAM_MAP'.format(append_str), field_class=fields.LDAPTeamMapField, default={}, label=_('LDAP Team Map'), help_text=_( 'Mapping between team members (users) and LDAP groups. Configuration' ' details are available in the Ansible Tower documentation.'), category=_('LDAP'), category_slug='ldap', placeholder=collections.OrderedDict([ ('My Team', collections.OrderedDict([ ('organization', 'Test Org'), ('users', ['CN=Domain Users,CN=Users,DC=example,DC=com']), ('remove', True), ])), ('Other Team', collections.OrderedDict([ ('organization', 'Test Org 2'), ('users', 'CN=Other Users,CN=Users,DC=example,DC=com'), ('remove', False), ])), ]), feature_required='ldap', )
# Django REST Framework from rest_framework import serializers # AWX from awx.conf import fields, register, register_validate from awx.api.fields import OAuth2ProviderField from oauth2_provider.settings import oauth2_settings register( 'SESSION_COOKIE_AGE', field_class=fields.IntegerField, min_value=60, max_value= 30000000000, # approx 1,000 years, higher values give OverflowError label=_('Idle Time Force Log Out'), help_text= _('Number of seconds that a user is inactive before they will need to login again.' ), category=_('Authentication'), category_slug='authentication', unit=_('seconds'), ) register( 'SESSIONS_PER_USER', field_class=fields.IntegerField, min_value=-1, label=_('Maximum number of simultaneous logged in sessions'), help_text= _('Maximum number of simultaneous logged in sessions a user may have. To disable enter -1.' ), category=_('Authentication'),
# Django from django.utils.translation import ugettext_lazy as _ # Django REST Framework from rest_framework import serializers # AWX from awx.conf import fields, register, register_validate from awx.main.models import ExecutionEnvironment logger = logging.getLogger('awx.main.conf') register( 'ACTIVITY_STREAM_ENABLED', field_class=fields.BooleanField, label=_('Enable Activity Stream'), help_text=_('Enable capturing activity for the activity stream.'), category=_('System'), category_slug='system', ) register( 'ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC', field_class=fields.BooleanField, label=_('Enable Activity Stream for Inventory Sync'), help_text= _('Enable capturing activity for the activity stream when running inventory sync.' ), category=_('System'), category_slug='system', )
# Django from django.utils.translation import ugettext_lazy as _ # Django REST Framework from rest_framework import serializers from rest_framework.fields import FloatField # Tower from awx.conf import fields, register, register_validate logger = logging.getLogger('awx.main.conf') register( 'ACTIVITY_STREAM_ENABLED', field_class=fields.BooleanField, label=_('Enable Activity Stream'), help_text=_('Enable capturing activity for the activity stream.'), category=_('System'), category_slug='system', ) register( 'ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC', field_class=fields.BooleanField, label=_('Enable Activity Stream for Inventory Sync'), help_text= _('Enable capturing activity for the activity stream when running inventory sync.' ), category=_('System'), category_slug='system', )
# Django from django.utils.translation import ugettext_lazy as _ # Tower from awx.conf import fields, register register( 'AUTH_TOKEN_EXPIRATION', field_class=fields.IntegerField, min_value=60, label=_('Idle Time Force Log Out'), help_text= _('Number of seconds that a user is inactive before they will need to login again.' ), category=_('Authentication'), category_slug='authentication', ) register( 'AUTH_TOKEN_PER_USER', field_class=fields.IntegerField, min_value=-1, label=_('Maximum number of simultaneous logins'), help_text= _('Maximum number of simultaneous logins a user may have. To disable enter -1.' ), category=_('Authentication'), category_slug='authentication', ) register(
# Django from django.utils.translation import ugettext_lazy as _ # AWX from awx.conf import fields, register from awx.api.fields import OAuth2ProviderField from oauth2_provider.settings import oauth2_settings register( 'SESSION_COOKIE_AGE', field_class=fields.IntegerField, min_value=60, max_value= 30000000000, # approx 1,000 years, higher values give OverflowError label=_('Idle Time Force Log Out'), help_text= _('Number of seconds that a user is inactive before they will need to login again.' ), category=_('Authentication'), category_slug='authentication', ) register( 'SESSIONS_PER_USER', field_class=fields.IntegerField, min_value=-1, label=_('Maximum number of simultaneous logged in sessions'), help_text= _('Maximum number of simultaneous logged in sessions a user may have. To disable enter -1.' ), category=_('Authentication'), category_slug='authentication',
# Django from django.utils.translation import ugettext_lazy as _ # Django REST Framework from rest_framework import serializers # Tower from awx.conf import fields, register, register_validate logger = logging.getLogger('awx.main.conf') register( 'ACTIVITY_STREAM_ENABLED', field_class=fields.BooleanField, label=_('Enable Activity Stream'), help_text=_('Enable capturing activity for the activity stream.'), category=_('System'), category_slug='system', feature_required='activity_streams', ) register( 'ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC', field_class=fields.BooleanField, label=_('Enable Activity Stream for Inventory Sync'), help_text= _('Enable capturing activity for the activity stream when running inventory sync.' ), category=_('System'), category_slug='system', feature_required='activity_streams',
# All Rights Reserved. # Django from django.utils.translation import ugettext_lazy as _ # Tower from awx.conf import register, fields from awx.ui.fields import * # noqa register( 'PENDO_TRACKING_STATE', field_class=PendoTrackingStateField, choices=[ ('off', _('Off')), ('anonymous', _('Anonymous')), ('detailed', _('Detailed')), ], label=_('Analytics Tracking State'), help_text=_('Enable or Disable Analytics Tracking.'), category=_('UI'), category_slug='ui', ) register( 'CUSTOM_LOGIN_INFO', field_class=fields.CharField, allow_blank=True, default='', label=_('Custom Login Info'), help_text=_( 'If needed, you can add specific information (such as a legal '
register( 'ANSIBLE_COW_SELECTION', field_class=fields.ChoiceField, choices=[ ('bud-frogs', _('Bud Frogs')), ('bunny', _('Bunny')), ('cheese', _('Cheese')), ('daemon', _('Daemon')), ('default', _('Default Cow')), ('dragon', _('Dragon')), ('elephant-in-snake', _('Elephant in Snake')), ('elephant', _('Elephant')), ('eyes', _('Eyes')), ('hellokitty', _('Hello Kitty')), ('kitty', _('Kitty')), ('luke-koala', _('Luke Koala')), ('meow', _('Meow')), ('milk', _('Milk')), ('moofasa', _('Moofasa')), ('moose', _('Moose')), ('ren', _('Ren')), ('sheep', _('Sheep')), ('small', _('Small Cow')), ('stegosaurus', _('Stegosaurus')), ('stimpy', _('Stimpy')), ('supermilker', _('Super Milker')), ('three-eyes', _('Three Eyes')), ('turkey', _('Turkey')), ('turtle', _('Turtle')), ('tux', _('Tux')), ('udder', _('Udder')), ('vader-koala', _('Vader Koala')), ('vader', _('Vader')), ('www', _('WWW')), ], default='default', label=_('Cow Selection'), help_text=_('Select which cow to use with cowsay when running jobs.'), category=_('Cows'), # Optional; category_slug will be slugified version of category if not # explicitly provided. category_slug='cows', )