Allow users to set login shell in profile

2021-03-10 19:43:51 -06:00 · 2021-03-10 19:43:51 -06:00 · 91fc8a65a2
commit 91fc8a65a2
parent 2d31eaa148
5 changed files with 30 additions and 5 deletions
--- a/app/assets/app/dash/profile/EditProfile.component.js
+++ b/app/assets/app/dash/profile/EditProfile.component.js
@ -77,6 +77,20 @@ const template = `
                        >
                    </div>
                </div>
+                <div class="row">
+                    <h4 style="margin-left: 15px">{{ t['profile.advanced_header'] }}</h4>
+                    <div class="col-12 form-group">
+                        <label for="coreid-profile-shell-input">{{ t['profile.advanced_shell'] }}</label>
+                        <input
+                            type="text"
+                            class="form-control"
+                            id="coreid-profile-shell-input"
+                            v-model="profile_shell"
+                            @keyup="on_key_up($event)"
+                            placeholder="/bin/bash"
+                        >
+                    </div>
+                </div>
            </li>
            <li class="list-group-item text-right font-italic text-muted">
                {{ form_message }}
@ -202,6 +216,7 @@ export default class EditProfileComponent extends Component {
        this.profile_last = ''
        this.profile_email = ''
        this.profile_tagline = ''
+        this.profile_shell = ''
        this.last_reset = ''
        this.mfa_enable_date = ''

@ -271,7 +286,9 @@ export default class EditProfileComponent extends Component {
            'profile.app_key',
            'profile.example_gateway_url',
            'profile.save_notify',
-            'profile.test_notify'
+            'profile.test_notify',
+            'profile.advanced_header',
+            'profile.advanced_shell'
        )

        this.app_name = session.get('app.name')
@ -292,6 +309,7 @@ export default class EditProfileComponent extends Component {
            last_name: this.profile_last,
            email: this.profile_email,
            tagline: this.profile_tagline,
+            login_shell: this.profile_shell,
            user_id: this.user_id || 'me',
        }
    }
@ -340,6 +358,7 @@ export default class EditProfileComponent extends Component {
        this.profile_last = result.last_name
        this.profile_email = result.email
        this.profile_tagline = result.tagline
+        this.profile_shell = result.login_shell

        const notify_config = await profile_service.get_notify(this.user_id || 'me')
        if ( !notify_config || !notify_config.has_config ) {
--- a/app/assets/app/service/Profile.service.js
+++ b/app/assets/app/service/Profile.service.js
@ -10,8 +10,8 @@ class ProfileService {
        if ( results && results.data && results.data.data ) return results.data.data
    }

-    async update_profile({ user_id, first_name, last_name, email, tagline = undefined }) {
-        await axios.patch(`/api/v1/profile/${user_id}`, { first_name, last_name, email, tagline })
+    async update_profile({ user_id, first_name, last_name, email, login_shell = undefined, tagline = undefined }) {
+        await axios.patch(`/api/v1/profile/${user_id}`, { first_name, last_name, email, tagline, login_shell })
    }

    async update_notify({ user_id = 'me', app_key, gateway_url }) {
--- a/app/controllers/api/v1/Profile.controller.js
+++ b/app/controllers/api/v1/Profile.controller.js
@ -24,8 +24,9 @@ class ProfileController extends Controller {
            last_name: user.last_name,
            email: user.email,
            uid: user.uid,
-            tagline: user.tagline,
+            tagline: user.tagline || '',
            user_id: user.id,
+            login_shell: user.login_shell || '',
            ...(user.notify_config ? { notify_config: await user.notify_config.to_api() } : {})
        })
    }
@ -158,6 +159,7 @@ class ProfileController extends Controller {
        user.last_name = req.body.last_name
        user.email = req.body.email
        user.tagline = req.body.tagline
+        user.login_shell = req.body.login_shell

        // Save the record
        await user.save()
--- a/app/models/auth/User.model.js
+++ b/app/models/auth/User.model.js
@ -39,6 +39,7 @@ class User extends AuthUser {
            trap: String,
            notify_config: NotifyConfig,
            uid_number: Number,
+            login_shell: String,
        }}
    }

@ -190,7 +191,7 @@ class User extends AuthUser {
        const Policy = this.models.get('iam:Policy')

        const uid_number = await this.get_uid_number()
-        const shell = this.configs.get('ldap:server.schema.default_shell')
+        const shell = this.login_shell || this.configs.get('ldap:server.schema.default_shell')
        const domain = this.configs.get('ldap:server.schema.base_dc').split(',').map(x => x.replace('dc=', '')).join('.')

        const ldap_data = {
--- a/locale/en_US/profile.locale.js
+++ b/locale/en_US/profile.locale.js
@ -51,4 +51,7 @@ module.exports = exports = {

    mfa_1: 'MFA is a good-practice security measure that requires you to provide a second factor of identification when you sign in from a service or device that makes use of APP_NAME.',
    mfa_2: 'Once enabled, APP_NAME will prompt you to enter a code when you sign-in with the APP_NAME web interface from a new device. It will also require you to append the code to your password when signing in to a service that uses APP_NAME as a backend.',
+
+    advanced_header: 'Advanced',
+    advanced_shell: 'Default Login Shell',
 }