diff --git a/docs/administration/index.rst b/docs/administration/index.rst index 8ac89525..ca9acfbd 100644 --- a/docs/administration/index.rst +++ b/docs/administration/index.rst @@ -233,8 +233,10 @@ Verisign/Symantec and CloudCA Authentication -------------- -Lemur currently supports Basic Authentication and Ping OAuth2, additional flows can be added relatively easily -If you are not using PING you do not need to configure any of these options +Lemur currently supports Basic Authentication and Ping OAuth2 out of the box, additional flows can be added relatively easily +If you are not using Ping you do not need to configure any of these options. + +For more information about how to use social logins, see: `Satellizer `_ .. data:: PING_SECRET :noindex: diff --git a/lemur/auth/views.py b/lemur/auth/views.py index 1ecbdeba..0c55f627 100644 --- a/lemur/auth/views.py +++ b/lemur/auth/views.py @@ -183,10 +183,6 @@ class Ping(Resource): # update their google 'roles' roles = [] - # Legacy edge case - 'admin' has some special privileges associated with it - if 'secops@netflix.com' in profile['googleGroups']: - roles.append(role_service.get_by_name('admin')) - for group in profile['googleGroups']: role = role_service.get_by_name(group) if not role: @@ -196,10 +192,12 @@ class Ping(Resource): # if we get an sso user create them an account # we still pick a random password in case sso is down if not user: - # every user is an operator (tied to the verisignCA) - v = role_service.get_by_name('verisign') - if v: - roles.append(v) + + # every user is an operator (tied to a default role) + if current_app.config.get('LEMUR_DEFAULT_ROLE'): + v = role_service.get_by_name(current_app.config.get('LEMUR_DEFAULT_ROLE')) + if v: + roles.append(v) user = user_service.create( profile['email'], diff --git a/lemur/static/app/angular/app.js b/lemur/static/app/angular/app.js index 2f0cc90a..fd620ffe 100644 --- a/lemur/static/app/angular/app.js +++ b/lemur/static/app/angular/app.js @@ -25,7 +25,7 @@ var lemur = angular }); $authProvider.oauth2({ - name: 'ping', + name: 'example', url: 'http://localhost:5000/api/1/auth/ping', redirectUri: 'http://localhost:3000/', clientId: 'client-id', diff --git a/lemur/static/app/angular/authentication/login/login.tpl.html b/lemur/static/app/angular/authentication/login/login.tpl.html index 894a5e3a..fe69d4be 100644 --- a/lemur/static/app/angular/authentication/login/login.tpl.html +++ b/lemur/static/app/angular/authentication/login/login.tpl.html @@ -3,8 +3,8 @@
-
diff --git a/lemur/static/app/angular/authentication/unlock/unlock.js b/lemur/static/app/angular/authentication/unlock/unlock.js deleted file mode 100644 index 44304997..00000000 --- a/lemur/static/app/angular/authentication/unlock/unlock.js +++ /dev/null @@ -1,18 +0,0 @@ -'use strict'; - -angular.module('lemur') - .config(function config($routeProvider) { - $routeProvider.when('/unlock', { - templateUrl: '/angular/authentication/unlock/unlock.tpl.html', - controller: 'UnlockCtrl' - }); - }) - .controller('UnlockCtrl', function ($scope, $location, lemurRestangular, messageService) { - $scope.unlock = function () { - lemurRestangular.one('unlock').customPOST({'password': $scope.password}) - .then(function (data) { - messageService.addMessage(data); - $location.path('/dashboard'); - }); - }; - }); diff --git a/lemur/static/app/angular/authentication/unlock/unlock.tpl.html b/lemur/static/app/angular/authentication/unlock/unlock.tpl.html deleted file mode 100644 index 40ff5483..00000000 --- a/lemur/static/app/angular/authentication/unlock/unlock.tpl.html +++ /dev/null @@ -1,16 +0,0 @@ -

Unlock Assume 9 is twice 5; how will you write 6 times 5 in the same system of notation?

-
-
-
-
- -
-
-
-
-
- -
-
-
-