diff --git a/awx/api/conf.py b/awx/api/conf.py
index 493eed6981..f7da952004 100644
--- a/awx/api/conf.py
+++ b/awx/api/conf.py
@@ -16,6 +16,7 @@ register(
help_text=_('Number of seconds that a user is inactive before they will need to login again.'),
category=_('Authentication'),
category_slug='authentication',
+ unit=_('seconds'),
)
register(
'SESSIONS_PER_USER',
@@ -49,6 +50,7 @@ register(
'in the number of seconds.'),
category=_('Authentication'),
category_slug='authentication',
+ unit=_('seconds'),
)
register(
'ALLOW_OAUTH2_FOR_EXTERNAL_USERS',
diff --git a/awx/api/metadata.py b/awx/api/metadata.py
index 847e353890..0b60f9a1ef 100644
--- a/awx/api/metadata.py
+++ b/awx/api/metadata.py
@@ -39,7 +39,7 @@ class Metadata(metadata.SimpleMetadata):
'min_length', 'max_length',
'min_value', 'max_value',
'category', 'category_slug',
- 'defined_in_file'
+ 'defined_in_file', 'unit',
]
for attr in text_attrs:
diff --git a/awx/conf/registry.py b/awx/conf/registry.py
index 63336fc55e..e8e52fe695 100644
--- a/awx/conf/registry.py
+++ b/awx/conf/registry.py
@@ -129,12 +129,14 @@ class SettingsRegistry(object):
placeholder = field_kwargs.pop('placeholder', empty)
encrypted = bool(field_kwargs.pop('encrypted', False))
defined_in_file = bool(field_kwargs.pop('defined_in_file', False))
+ unit = field_kwargs.pop('unit', None)
if getattr(field_kwargs.get('child', None), 'source', None) is not None:
field_kwargs['child'].source = None
field_instance = field_class(**field_kwargs)
field_instance.category_slug = category_slug
field_instance.category = category
field_instance.depends_on = depends_on
+ field_instance.unit = unit
if placeholder is not empty:
field_instance.placeholder = placeholder
field_instance.defined_in_file = defined_in_file
diff --git a/awx/main/conf.py b/awx/main/conf.py
index 7e6d3485fa..3b41c3a19b 100644
--- a/awx/main/conf.py
+++ b/awx/main/conf.py
@@ -148,7 +148,7 @@ register(
default='https://example.com',
schemes=('http', 'https'),
allow_plain_hostname=True, # Allow hostname only without TLD.
- label=_('Automation Analytics upload URL.'),
+ label=_('Automation Analytics upload URL'),
help_text=_('This setting is used to to configure data collection for the Automation Analytics dashboard'),
category=_('System'),
category_slug='system',
@@ -253,6 +253,7 @@ register(
help_text=_('The number of seconds to sleep between status checks for jobs running on isolated instances.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -264,6 +265,7 @@ register(
'This includes the time needed to copy source control files (playbooks) to the isolated instance.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -276,6 +278,7 @@ register(
'Value should be substantially greater than expected network latency.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -497,6 +500,7 @@ register(
'timeout should be imposed. A timeout set on an individual job template will override this.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -509,6 +513,7 @@ register(
'timeout should be imposed. A timeout set on an individual inventory source will override this.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -521,6 +526,7 @@ register(
'timeout should be imposed. A timeout set on an individual project will override this.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -535,6 +541,7 @@ register(
'Use a value of 0 to indicate that no timeout should be imposed.'),
category=_('Jobs'),
category_slug='jobs',
+ unit=_('seconds'),
)
register(
@@ -542,7 +549,7 @@ register(
field_class=fields.IntegerField,
allow_null=False,
default=200,
- label=_('Maximum number of forks per job.'),
+ label=_('Maximum number of forks per job'),
help_text=_('Saving a Job Template with more than this number of forks will result in an error. '
'When set to 0, no limit is applied.'),
category=_('Jobs'),
@@ -672,6 +679,7 @@ register(
'aggregator protocols.'),
category=_('Logging'),
category_slug='logging',
+ unit=_('seconds'),
)
register(
'LOG_AGGREGATOR_VERIFY_CERT',
@@ -752,7 +760,8 @@ register(
default=14400, # every 4 hours
min_value=1800, # every 30 minutes
category=_('System'),
- category_slug='system'
+ category_slug='system',
+ unit=_('seconds'),
)
diff --git a/awx/sso/conf.py b/awx/sso/conf.py
index 7be4f23de1..5f595517cc 100644
--- a/awx/sso/conf.py
+++ b/awx/sso/conf.py
@@ -515,6 +515,7 @@ register(
help_text=_('TACACS+ session timeout value in seconds, 0 disables timeout.'),
category=_('TACACS+'),
category_slug='tacacsplus',
+ unit=_('seconds'),
)
register(
diff --git a/awx/ui_next/src/api/index.js b/awx/ui_next/src/api/index.js
index 3c0d5e3237..dd0f4a811c 100644
--- a/awx/ui_next/src/api/index.js
+++ b/awx/ui_next/src/api/index.js
@@ -24,6 +24,7 @@ import Projects from './models/Projects';
import Roles from './models/Roles';
import Root from './models/Root';
import Schedules from './models/Schedules';
+import Settings from './models/Settings';
import SystemJobs from './models/SystemJobs';
import Teams from './models/Teams';
import Tokens from './models/Tokens';
@@ -61,6 +62,7 @@ const ProjectsAPI = new Projects();
const RolesAPI = new Roles();
const RootAPI = new Root();
const SchedulesAPI = new Schedules();
+const SettingsAPI = new Settings();
const SystemJobsAPI = new SystemJobs();
const TeamsAPI = new Teams();
const TokensAPI = new Tokens();
@@ -99,6 +101,7 @@ export {
RolesAPI,
RootAPI,
SchedulesAPI,
+ SettingsAPI,
SystemJobsAPI,
TeamsAPI,
TokensAPI,
diff --git a/awx/ui_next/src/api/models/Settings.js b/awx/ui_next/src/api/models/Settings.js
new file mode 100644
index 0000000000..cf8de70530
--- /dev/null
+++ b/awx/ui_next/src/api/models/Settings.js
@@ -0,0 +1,26 @@
+import Base from '../Base';
+
+class Settings extends Base {
+ constructor(http) {
+ super(http);
+ this.baseUrl = '/api/v2/settings/';
+ }
+
+ readAllOptions() {
+ return this.http.options(`${this.baseUrl}all/`);
+ }
+
+ updateAll(data) {
+ return this.http.patch(`${this.baseUrl}all/`, data);
+ }
+
+ readCategory(category) {
+ return this.http.get(`${this.baseUrl}${category}/`);
+ }
+
+ readCategoryOptions(category) {
+ return this.http.options(`${this.baseUrl}${category}/`);
+ }
+}
+
+export default Settings;
diff --git a/awx/ui_next/src/components/CodeMirrorInput/VariablesDetail.jsx b/awx/ui_next/src/components/CodeMirrorInput/VariablesDetail.jsx
index 3d02eb43bd..3e83ed8f5e 100644
--- a/awx/ui_next/src/components/CodeMirrorInput/VariablesDetail.jsx
+++ b/awx/ui_next/src/components/CodeMirrorInput/VariablesDetail.jsx
@@ -1,9 +1,10 @@
import 'styled-components/macro';
import React, { useState, useEffect } from 'react';
-import { node, number, oneOfType, shape, string } from 'prop-types';
+import { node, number, oneOfType, shape, string, arrayOf } from 'prop-types';
import { Split, SplitItem, TextListItemVariants } from '@patternfly/react-core';
import { DetailName, DetailValue } from '../DetailList';
import MultiButtonToggle from '../MultiButtonToggle';
+import DetailPopover from '../DetailPopover';
import {
yamlToJson,
jsonToYaml,
@@ -27,7 +28,7 @@ function getValueAsMode(value, mode) {
return mode === YAML_MODE ? jsonToYaml(value) : yamlToJson(value);
}
-function VariablesDetail({ value, label, rows, fullHeight }) {
+function VariablesDetail({ dataCy, helpText, value, label, rows, fullHeight }) {
const [mode, setMode] = useState(
isJsonObject(value) || isJsonString(value) ? JSON_MODE : YAML_MODE
);
@@ -46,9 +47,14 @@ function VariablesDetail({ value, label, rows, fullHeight }) {
/* eslint-disable-next-line react-hooks/exhaustive-deps */
}, [value]);
+ const labelCy = dataCy ? `${dataCy}-label` : null;
+ const valueCy = dataCy ? `${dataCy}-value` : null;
+
return (
<>
{label}
+ {helpText && (
+
+ )}
@@ -84,6 +93,7 @@ function VariablesDetail({ value, label, rows, fullHeight }) {
(
@@ -14,9 +15,11 @@ const DetailName = styled(({ fullWidth, ...props }) => (
`}
`;
-const DetailValue = styled(({ fullWidth, isEncrypted, ...props }) => (
-
-))`
+const DetailValue = styled(
+ ({ fullWidth, isEncrypted, isNotConfigured, ...props }) => (
+
+ )
+)`
word-break: break-all;
${props =>
props.fullWidth &&
@@ -24,9 +27,8 @@ const DetailValue = styled(({ fullWidth, isEncrypted, ...props }) => (
grid-column: 2 / -1;
`}
${props =>
- props.isEncrypted &&
+ (props.isEncrypted || props.isNotConfigured) &&
`
- text-transform: uppercase
color: var(--pf-global--Color--400);
`}
`;
@@ -38,7 +40,9 @@ const Detail = ({
className,
dataCy,
alwaysVisible,
+ helpText,
isEncrypted,
+ isNotConfigured,
}) => {
if (!value && typeof value !== 'number' && !alwaysVisible) {
return null;
@@ -54,8 +58,12 @@ const Detail = ({
component={TextListItemVariants.dt}
fullWidth={fullWidth}
data-cy={labelCy}
+ id={dataCy}
>
{label}
+ {helpText && (
+
+ )}
{value}
@@ -74,11 +83,13 @@ Detail.propTypes = {
value: node,
fullWidth: bool,
alwaysVisible: bool,
+ helpText: string,
};
Detail.defaultProps = {
value: null,
fullWidth: false,
alwaysVisible: false,
+ helpText: null,
};
export default Detail;
diff --git a/awx/ui_next/src/components/DetailPopover/DetailPopover.jsx b/awx/ui_next/src/components/DetailPopover/DetailPopover.jsx
new file mode 100644
index 0000000000..fa4aec9ee8
--- /dev/null
+++ b/awx/ui_next/src/components/DetailPopover/DetailPopover.jsx
@@ -0,0 +1,51 @@
+import React, { useState } from 'react';
+import { node, string } from 'prop-types';
+import { Button as _Button, Popover } from '@patternfly/react-core';
+import { OutlinedQuestionCircleIcon } from '@patternfly/react-icons';
+import styled from 'styled-components';
+
+const Button = styled(_Button)`
+ --pf-c-button--PaddingTop: 0;
+ --pf-c-button--PaddingBottom: 0;
+`;
+
+function DetailPopover({ header, content, id }) {
+ const [showPopover, setShowPopover] = useState(false);
+ if (!content) {
+ return null;
+ }
+ return (
+ setShowPopover(false)}
+ >
+
+
+ );
+}
+
+DetailPopover.propTypes = {
+ content: node,
+ header: node,
+ id: string,
+};
+DetailPopover.defaultProps = {
+ content: null,
+ header: null,
+ id: 'detail-popover',
+};
+
+export default DetailPopover;
diff --git a/awx/ui_next/src/components/DetailPopover/index.js b/awx/ui_next/src/components/DetailPopover/index.js
new file mode 100644
index 0000000000..02b42518c5
--- /dev/null
+++ b/awx/ui_next/src/components/DetailPopover/index.js
@@ -0,0 +1 @@
+export { default } from './DetailPopover';
diff --git a/awx/ui_next/src/components/FormActionGroup/FormActionGroup.jsx b/awx/ui_next/src/components/FormActionGroup/FormActionGroup.jsx
index 07620204eb..0662f145dd 100644
--- a/awx/ui_next/src/components/FormActionGroup/FormActionGroup.jsx
+++ b/awx/ui_next/src/components/FormActionGroup/FormActionGroup.jsx
@@ -5,37 +5,57 @@ import { t } from '@lingui/macro';
import { ActionGroup, Button } from '@patternfly/react-core';
import { FormFullWidthLayout } from '../FormLayout';
-const FormActionGroup = ({ onSubmit, submitDisabled, onCancel, i18n }) => (
-
-
-
-
-
-
-);
+const FormActionGroup = ({
+ onCancel,
+ onRevert,
+ onSubmit,
+ submitDisabled,
+ i18n,
+}) => {
+ return (
+
+
+
+ {onRevert && (
+
+ )}
+
+
+
+ );
+};
FormActionGroup.propTypes = {
onCancel: PropTypes.func.isRequired,
+ onRevert: PropTypes.func,
onSubmit: PropTypes.func.isRequired,
submitDisabled: PropTypes.bool,
};
FormActionGroup.defaultProps = {
+ onRevert: null,
submitDisabled: false,
};
diff --git a/awx/ui_next/src/components/ResourceAccessList/__snapshots__/ResourceAccessListItem.test.jsx.snap b/awx/ui_next/src/components/ResourceAccessList/__snapshots__/ResourceAccessListItem.test.jsx.snap
index d9bb8bed4e..818f2cf945 100644
--- a/awx/ui_next/src/components/ResourceAccessList/__snapshots__/ResourceAccessListItem.test.jsx.snap
+++ b/awx/ui_next/src/components/ResourceAccessList/__snapshots__/ResourceAccessListItem.test.jsx.snap
@@ -74,6 +74,7 @@ exports[` initially renders succesfully 1`] = `
@@ -86,6 +87,7 @@ exports[` initially renders succesfully 1`] = `
initially renders succesfully 1`] = `
@@ -150,6 +153,7 @@ exports[` initially renders succesfully 1`] = `
initially renders succesfully 1`] = `
@@ -237,6 +242,7 @@ exports[` initially renders succesfully 1`] = `
initially renders succesfully 1`] = `
@@ -463,9 +470,9 @@ exports[` initially renders succesfully 1`] = `
"$$typeof": Symbol(react.forward_ref),
"attrs": Array [],
"componentStyle": ComponentStyle {
- "componentId": "sc-htpNat",
+ "componentId": "sc-bxivhb",
"isStatic": false,
- "lastClassName": "iYJcPm",
+ "lastClassName": "gQwVdc",
"rules": Array [
"
font-weight: var(--pf-global--FontWeight--bold);
@@ -478,7 +485,7 @@ exports[` initially renders succesfully 1`] = `
"displayName": "Styled(Component)",
"foldedComponentIds": Array [],
"render": [Function],
- "styledComponentId": "sc-htpNat",
+ "styledComponentId": "sc-bxivhb",
"target": [Function],
"toString": [Function],
"warnTooManyClasses": [Function],
@@ -489,18 +496,18 @@ exports[` initially renders succesfully 1`] = `
fullWidth={false}
>
@@ -523,9 +530,9 @@ exports[` initially renders succesfully 1`] = `
"$$typeof": Symbol(react.forward_ref),
"attrs": Array [],
"componentStyle": ComponentStyle {
- "componentId": "sc-bxivhb",
+ "componentId": "sc-ifAKCX",
"isStatic": false,
- "lastClassName": "gxmPlV",
+ "lastClassName": "boHWLt",
"rules": Array [
"
word-break: break-all;
@@ -541,7 +548,7 @@ exports[` initially renders succesfully 1`] = `
"displayName": "Styled(Component)",
"foldedComponentIds": Array [],
"render": [Function],
- "styledComponentId": "sc-bxivhb",
+ "styledComponentId": "sc-ifAKCX",
"target": [Function],
"toString": [Function],
"warnTooManyClasses": [Function],
@@ -552,18 +559,18 @@ exports[` initially renders succesfully 1`] = `
fullWidth={false}
>
@@ -670,6 +677,7 @@ exports[` initially renders succesfully 1`] = `
initially renders succesfully 1`] = `
"$$typeof": Symbol(react.forward_ref),
"attrs": Array [],
"componentStyle": ComponentStyle {
- "componentId": "sc-htpNat",
+ "componentId": "sc-bxivhb",
"isStatic": false,
- "lastClassName": "iYJcPm",
+ "lastClassName": "gQwVdc",
"rules": Array [
"
font-weight: var(--pf-global--FontWeight--bold);
@@ -718,7 +726,7 @@ exports[` initially renders succesfully 1`] = `
"displayName": "Styled(Component)",
"foldedComponentIds": Array [],
"render": [Function],
- "styledComponentId": "sc-htpNat",
+ "styledComponentId": "sc-bxivhb",
"target": [Function],
"toString": [Function],
"warnTooManyClasses": [Function],
@@ -729,18 +737,18 @@ exports[` initially renders succesfully 1`] = `
fullWidth={false}
>
@@ -763,9 +771,9 @@ exports[` initially renders succesfully 1`] = `
"$$typeof": Symbol(react.forward_ref),
"attrs": Array [],
"componentStyle": ComponentStyle {
- "componentId": "sc-bxivhb",
+ "componentId": "sc-ifAKCX",
"isStatic": false,
- "lastClassName": "gxmPlV",
+ "lastClassName": "boHWLt",
"rules": Array [
"
word-break: break-all;
@@ -781,7 +789,7 @@ exports[` initially renders succesfully 1`] = `
"displayName": "Styled(Component)",
"foldedComponentIds": Array [],
"render": [Function],
- "styledComponentId": "sc-bxivhb",
+ "styledComponentId": "sc-ifAKCX",
"target": [Function],
"toString": [Function],
"warnTooManyClasses": [Function],
@@ -792,18 +800,18 @@ exports[` initially renders succesfully 1`] = `
fullWidth={false}
>
diff --git a/awx/ui_next/src/components/RoutedTabs/RoutedTabs.jsx b/awx/ui_next/src/components/RoutedTabs/RoutedTabs.jsx
index 700077e88c..3b93990417 100644
--- a/awx/ui_next/src/components/RoutedTabs/RoutedTabs.jsx
+++ b/awx/ui_next/src/components/RoutedTabs/RoutedTabs.jsx
@@ -32,11 +32,12 @@ function RoutedTabs(props) {
{tabsArray.map(tab => (
{tab.name}}
+ role="tab"
/>
))}
diff --git a/awx/ui_next/src/contexts/Settings.jsx b/awx/ui_next/src/contexts/Settings.jsx
new file mode 100644
index 0000000000..2a5c0e31e9
--- /dev/null
+++ b/awx/ui_next/src/contexts/Settings.jsx
@@ -0,0 +1,6 @@
+import React, { useContext } from 'react';
+
+export const SettingsContext = React.createContext({});
+export const SettingsProvider = SettingsContext.Provider;
+
+export const useSettings = () => useContext(SettingsContext);
diff --git a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.jsx b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.jsx
index bfdfc6f736..c9640d6bbb 100644
--- a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.jsx
+++ b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.jsx
@@ -1,25 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import ActivityStreamDetail from './ActivityStreamDetail';
import ActivityStreamEdit from './ActivityStreamEdit';
function ActivityStream({ i18n }) {
- const baseUrl = '/settings/activity_stream';
+ const baseURL = '/settings/activity_stream';
return (
- {i18n._(t`Activity stream settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View Activity Stream settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.test.jsx b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.test.jsx
index cb102b3009..90500406b0 100644
--- a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.test.jsx
+++ b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStream.test.jsx
@@ -1,16 +1,59 @@
import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
import ActivityStream from './ActivityStream';
+import { SettingsAPI } from '../../../api';
+
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ ACTIVITY_STREAM_ENABLED: true,
+ ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC: false,
+ },
+});
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('Activity stream settings');
+
+ test('should render activity stream details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/activity_stream/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ActivityStreamDetail').length).toBe(1);
+ });
+
+ test('should render activity stream edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/activity_stream/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ActivityStreamEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/activity_stream/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.jsx b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.jsx
index 58872940c8..1412421ed5 100644
--- a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.jsx
@@ -1,24 +1,99 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { Button } from '@patternfly/react-core';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import { DetailList } from '../../../../components/DetailList';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import useRequest from '../../../../util/useRequest';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import SettingDetail from '../../shared';
function ActivityStreamDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: activityStream } = useRequest(
+ useCallback(async () => {
+ const {
+ data: {
+ ACTIVITY_STREAM_ENABLED,
+ ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC,
+ },
+ } = await SettingsAPI.readCategory('system');
+ return {
+ ACTIVITY_STREAM_ENABLED,
+ ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC,
+ };
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/activity_stream/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && activityStream && (
+
+ {Object.keys(activityStream).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.test.jsx b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.test.jsx
index fe7949a139..1ff8609c78 100644
--- a/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/ActivityStream/ActivityStreamDetail/ActivityStreamDetail.test.jsx
@@ -1,16 +1,88 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import { assertDetail } from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import ActivityStreamDetail from './ActivityStreamDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ ACTIVITY_STREAM_ENABLED: true,
+ ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC: false,
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('ActivityStreamDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'Enable Activity Stream', 'On');
+ assertDetail(wrapper, 'Enable Activity Stream for Inventory Sync', 'Off');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.jsx b/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.jsx
index ab2f23e4a9..2158a407d8 100644
--- a/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.jsx
+++ b/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import AzureADDetail from './AzureADDetail';
import AzureADEdit from './AzureADEdit';
function AzureAD({ i18n }) {
- const baseUrl = '/settings/azure';
-
+ const baseURL = '/settings/azure';
return (
- {i18n._(t`Azure AD settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View Azure AD settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.test.jsx b/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.test.jsx
index 84d21a712e..fbb6e88b5c 100644
--- a/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.test.jsx
+++ b/awx/ui_next/src/screens/Setting/AzureAD/AzureAD.test.jsx
@@ -1,16 +1,56 @@
import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import AzureAD from './AzureAD';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('Azure AD settings');
+
+ test('should render azure details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/azure/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('AzureADDetail').length).toBe(1);
+ });
+
+ test('should render azure edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/azure/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('AzureADEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/azure/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.jsx b/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.jsx
index d4d15d4213..cb97d182a1 100644
--- a/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.jsx
@@ -1,24 +1,91 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import { DetailList } from '../../../../components/DetailList';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import useRequest from '../../../../util/useRequest';
+import { SettingsAPI } from '../../../../api';
+import SettingDetail from '../../shared';
function AzureADDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: azure } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('azuread-oauth2');
+ return data;
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/azure/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && azure && (
+
+ {Object.keys(azure).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.test.jsx b/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.test.jsx
index 192cb20d15..3478f97ca6 100644
--- a/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/AzureAD/AzureADDetail/AzureADDetail.test.jsx
@@ -1,16 +1,110 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import AzureADDetail from './AzureADDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ SOCIAL_AUTH_AZUREAD_OAUTH2_CALLBACK_URL:
+ 'https://towerhost/sso/complete/azuread-oauth2/',
+ SOCIAL_AUTH_AZUREAD_OAUTH2_KEY: 'mock key',
+ SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET: '$encrypted$',
+ SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP: {},
+ SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP: {
+ 'My Team': {
+ users: [],
+ },
+ },
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('AzureADDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(
+ wrapper,
+ 'Azure AD OAuth2 Callback URL',
+ 'https://towerhost/sso/complete/azuread-oauth2/'
+ );
+ assertDetail(wrapper, 'Azure AD OAuth2 Key', 'mock key');
+ assertDetail(wrapper, 'Azure AD OAuth2 Secret', 'Encrypted');
+ assertVariableDetail(wrapper, 'Azure AD OAuth2 Organization Map', '{}');
+ assertVariableDetail(
+ wrapper,
+ 'Azure AD OAuth2 Team Map',
+ '{\n "My Team": {\n "users": []\n }\n}'
+ );
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/GitHub/GitHub.jsx b/awx/ui_next/src/screens/Setting/GitHub/GitHub.jsx
index bd2a2fd121..c134adca9c 100644
--- a/awx/ui_next/src/screens/Setting/GitHub/GitHub.jsx
+++ b/awx/ui_next/src/screens/Setting/GitHub/GitHub.jsx
@@ -1,26 +1,44 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch, useRouteMatch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import GitHubDetail from './GitHubDetail';
import GitHubEdit from './GitHubEdit';
function GitHub({ i18n }) {
- const baseUrl = '/settings/github';
+ const baseURL = '/settings/github';
+ const baseRoute = useRouteMatch({ path: '/settings/github', exact: true });
+ const categoryRoute = useRouteMatch({
+ path: '/settings/github/:category',
+ exact: true,
+ });
return (
- {i18n._(t`GitHub settings`)}
-
-
+ {baseRoute && }
+ {categoryRoute && (
+
+ )}
+
-
+
+
+
+
+ {i18n._(t`View GitHub Settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/GitHub/GitHub.test.jsx b/awx/ui_next/src/screens/Setting/GitHub/GitHub.test.jsx
index 25ea0d5ca0..37a1c62a67 100644
--- a/awx/ui_next/src/screens/Setting/GitHub/GitHub.test.jsx
+++ b/awx/ui_next/src/screens/Setting/GitHub/GitHub.test.jsx
@@ -1,16 +1,61 @@
import React from 'react';
-import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../testUtils/enzymeHelpers';
import GitHub from './GitHub';
+import { SettingsAPI } from '../../../api';
+
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('GitHub settings');
+
+ test('should render github details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/github/'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('GitHubDetail').length).toBe(1);
+ });
+
+ test('should render github edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/github/default/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('GitHubEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/github/foo/bar'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.jsx b/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.jsx
index de8ad5ec52..0b70e09d70 100644
--- a/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.jsx
@@ -1,24 +1,127 @@
-import React from 'react';
-import { Link } from 'react-router-dom';
+import React, { useEffect, useCallback } from 'react';
+import { Link, Redirect, useRouteMatch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentError from '../../../../components/ContentError';
+import ContentLoading from '../../../../components/ContentLoading';
+import { DetailList } from '../../../../components/DetailList';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import useRequest from '../../../../util/useRequest';
+import { SettingsAPI } from '../../../../api';
+import SettingDetail from '../../shared';
function GitHubDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const baseURL = '/settings/github';
+ const {
+ path,
+ params: { category },
+ } = useRouteMatch(`${baseURL}/:category/details`);
+
+ const { isLoading, error, request, result: gitHubDetails } = useRequest(
+ useCallback(async () => {
+ const [
+ { data: gitHubDefault },
+ { data: gitHubOrganization },
+ { data: gitHubTeam },
+ ] = await Promise.all([
+ SettingsAPI.readCategory('github'),
+ SettingsAPI.readCategory('github-org'),
+ SettingsAPI.readCategory('github-team'),
+ ]);
+ return {
+ default: gitHubDefault,
+ organization: gitHubOrganization,
+ team: gitHubTeam,
+ };
+ }, []),
+ {
+ default: null,
+ organization: null,
+ team: null,
+ }
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`GitHub Default`),
+ link: `${baseURL}/default/details`,
+ id: 0,
+ },
+ {
+ name: i18n._(t`GitHub Organization`),
+ link: `${baseURL}/organization/details`,
+ id: 1,
+ },
+ {
+ name: i18n._(t`GitHub Team`),
+ link: `${baseURL}/team/details`,
+ id: 2,
+ },
+ ];
+
+ if (!Object.keys(gitHubDetails).includes(category)) {
+ return ;
+ }
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && !Object.values(gitHubDetails)?.includes(null) && (
+
+ {Object.keys(gitHubDetails[category]).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.test.jsx b/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.test.jsx
index d75fd60ea1..11db4b57f0 100644
--- a/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/GitHub/GitHubDetail/GitHubDetail.test.jsx
@@ -1,16 +1,257 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { useRouteMatch } from 'react-router-dom';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import GitHubDetail from './GitHubDetail';
+jest.mock('react-router-dom', () => ({
+ ...jest.requireActual('react-router-dom'),
+ useRouteMatch: jest.fn(),
+}));
+jest.mock('../../../../api/models/Settings');
+
+const mockDefault = {
+ data: {
+ SOCIAL_AUTH_GITHUB_CALLBACK_URL: 'https://towerhost/sso/complete/github/',
+ SOCIAL_AUTH_GITHUB_KEY: 'mock github key',
+ SOCIAL_AUTH_GITHUB_SECRET: '$encrypted$',
+ SOCIAL_AUTH_GITHUB_ORGANIZATION_MAP: null,
+ SOCIAL_AUTH_GITHUB_TEAM_MAP: null,
+ },
+};
+const mockOrg = {
+ data: {
+ SOCIAL_AUTH_GITHUB_ORG_CALLBACK_URL:
+ 'https://towerhost/sso/complete/github-org/',
+ SOCIAL_AUTH_GITHUB_ORG_KEY: '',
+ SOCIAL_AUTH_GITHUB_ORG_SECRET: '$encrypted$',
+ SOCIAL_AUTH_GITHUB_ORG_NAME: '',
+ SOCIAL_AUTH_GITHUB_ORG_ORGANIZATION_MAP: null,
+ SOCIAL_AUTH_GITHUB_ORG_TEAM_MAP: null,
+ },
+};
+const mockTeam = {
+ data: {
+ SOCIAL_AUTH_GITHUB_TEAM_CALLBACK_URL:
+ 'https://towerhost/sso/complete/github-team/',
+ SOCIAL_AUTH_GITHUB_TEAM_KEY: 'OAuth2 key (Client ID)',
+ SOCIAL_AUTH_GITHUB_TEAM_SECRET: '$encrypted$',
+ SOCIAL_AUTH_GITHUB_TEAM_ID: 'team_id',
+ SOCIAL_AUTH_GITHUB_TEAM_ORGANIZATION_MAP: {},
+ SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP: {},
+ },
+};
+
describe('', () => {
- let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+ describe('Default', () => {
+ let wrapper;
+
+ beforeAll(async () => {
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockDefault);
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockOrg);
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockTeam);
+ useRouteMatch.mockImplementation(() => ({
+ url: '/settings/github/default/details',
+ path: '/settings/github/:category/details',
+ params: { category: 'default' },
+ }));
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ });
+
+ afterAll(() => {
+ wrapper.unmount();
+ jest.clearAllMocks();
+ });
+
+ test('initially renders without crashing', () => {
+ expect(wrapper.find('GitHubDetail').length).toBe(1);
+ });
+
+ test('should render expected tabs', () => {
+ const expectedTabs = [
+ 'Back to Settings',
+ 'GitHub Default',
+ 'GitHub Organization',
+ 'GitHub Team',
+ ];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(
+ wrapper,
+ 'GitHub OAuth2 Callback URL',
+ 'https://towerhost/sso/complete/github/'
+ );
+ assertDetail(wrapper, 'GitHub OAuth2 Key', 'mock github key');
+ assertDetail(wrapper, 'GitHub OAuth2 Secret', 'Encrypted');
+ assertVariableDetail(wrapper, 'GitHub OAuth2 Organization Map', '{}');
+ assertVariableDetail(wrapper, 'GitHub OAuth2 Team Map', '{}');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
- afterEach(() => {
- wrapper.unmount();
+
+ describe('Organization', () => {
+ let wrapper;
+
+ beforeAll(async () => {
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockDefault);
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockOrg);
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockTeam);
+ useRouteMatch.mockImplementation(() => ({
+ url: '/settings/github/organization/details',
+ path: '/settings/github/:category/details',
+ params: { category: 'organization' },
+ }));
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ });
+
+ afterAll(() => {
+ wrapper.unmount();
+ jest.clearAllMocks();
+ });
+
+ test('should render expected details', () => {
+ assertDetail(
+ wrapper,
+ 'GitHub Organization OAuth2 Callback URL',
+ 'https://towerhost/sso/complete/github-org/'
+ );
+ assertDetail(wrapper, 'GitHub Organization OAuth2 Key', 'Not configured');
+ assertDetail(wrapper, 'GitHub Organization OAuth2 Secret', 'Encrypted');
+ assertDetail(wrapper, 'GitHub Organization Name', 'Not configured');
+ assertVariableDetail(
+ wrapper,
+ 'GitHub Organization OAuth2 Organization Map',
+ '{}'
+ );
+ assertVariableDetail(
+ wrapper,
+ 'GitHub Organization OAuth2 Team Map',
+ '{}'
+ );
+ });
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('GitHubDetail').length).toBe(1);
+
+ describe('Team', () => {
+ let wrapper;
+
+ beforeAll(async () => {
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockDefault);
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockOrg);
+ SettingsAPI.readCategory.mockResolvedValueOnce(mockTeam);
+ useRouteMatch.mockImplementation(() => ({
+ url: '/settings/github/team/details',
+ path: '/settings/github/:category/details',
+ params: { category: 'team' },
+ }));
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ });
+
+ afterAll(() => {
+ wrapper.unmount();
+ jest.clearAllMocks();
+ });
+
+ test('should render expected details', () => {
+ assertDetail(
+ wrapper,
+ 'GitHub Team OAuth2 Callback URL',
+ 'https://towerhost/sso/complete/github-team/'
+ );
+ assertDetail(wrapper, 'GitHub Team OAuth2 Key', 'OAuth2 key (Client ID)');
+ assertDetail(wrapper, 'GitHub Team OAuth2 Secret', 'Encrypted');
+ assertDetail(wrapper, 'GitHub Team ID', 'team_id');
+ assertVariableDetail(
+ wrapper,
+ 'GitHub Team OAuth2 Organization Map',
+ '{}'
+ );
+ assertVariableDetail(wrapper, 'GitHub Team OAuth2 Team Map', '{}');
+ });
+ });
+
+ describe('Redirect', () => {
+ test('should render redirect when user navigates to erroneous category', async () => {
+ let wrapper;
+ useRouteMatch.mockImplementation(() => ({
+ url: '/settings/github/foo/details',
+ path: '/settings/github/:category/details',
+ params: { category: 'foo' },
+ }));
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'Redirect');
+ });
});
});
diff --git a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.jsx b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.jsx
index 1a64384cb5..a12441811d 100644
--- a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.jsx
+++ b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import GoogleOAuth2Detail from './GoogleOAuth2Detail';
import GoogleOAuth2Edit from './GoogleOAuth2Edit';
function GoogleOAuth2({ i18n }) {
- const baseUrl = '/settings/google_oauth2';
-
+ const baseURL = '/settings/google_oauth2';
return (
- {i18n._(t`Google OAuth 2.0 settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View Google OAuth 2.0 settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.test.jsx b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.test.jsx
index 582e2680c5..7b7b330aec 100644
--- a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.test.jsx
+++ b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2.test.jsx
@@ -1,16 +1,57 @@
import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
import GoogleOAuth2 from './GoogleOAuth2';
+import { SettingsAPI } from '../../../api';
+
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('Google OAuth 2.0 settings');
+
+ test('should render Google OAuth 2.0 details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/google_oauth2/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('GoogleOAuth2Detail').length).toBe(1);
+ });
+
+ test('should render Google OAuth 2.0 edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/google_oauth2/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('GoogleOAuth2Edit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/google_oauth2/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.jsx b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.jsx
index 84188ccf3c..bbf512249c 100644
--- a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.jsx
+++ b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.jsx
@@ -1,24 +1,91 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { DetailList } from '../../../../components/DetailList';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
function GoogleOAuth2Detail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: googleOAuth2 } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('google-oauth2');
+ return data;
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/google_oauth2/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && googleOAuth2 && (
+
+ {Object.keys(googleOAuth2).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.test.jsx b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.test.jsx
index a5408a8af6..ab4ce44ce3 100644
--- a/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/GoogleOAuth2/GoogleOAuth2Detail/GoogleOAuth2Detail.test.jsx
@@ -1,16 +1,119 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import GoogleOAuth2Detail from './GoogleOAuth2Detail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ SOCIAL_AUTH_GOOGLE_OAUTH2_CALLBACK_URL:
+ 'https://towerhost/sso/complete/google-oauth2/',
+ SOCIAL_AUTH_GOOGLE_OAUTH2_KEY: 'mock key',
+ SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET: '$encrypted$',
+ SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS: [
+ 'example.com',
+ 'example_2.com',
+ ],
+ SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS: {},
+ SOCIAL_AUTH_GOOGLE_OAUTH2_ORGANIZATION_MAP: {
+ Default: {},
+ },
+ SOCIAL_AUTH_GOOGLE_OAUTH2_TEAM_MAP: {},
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('GoogleOAuth2Detail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(
+ wrapper,
+ 'Google OAuth2 Callback URL',
+ 'https://towerhost/sso/complete/google-oauth2/'
+ );
+ assertDetail(wrapper, 'Google OAuth2 Key', 'mock key');
+ assertDetail(wrapper, 'Google OAuth2 Secret', 'Encrypted');
+ assertVariableDetail(
+ wrapper,
+ 'Google OAuth2 Allowed Domains',
+ '[\n "example.com",\n "example_2.com"\n]'
+ );
+ assertVariableDetail(wrapper, 'Google OAuth2 Extra Arguments', '{}');
+ assertVariableDetail(
+ wrapper,
+ 'Google OAuth2 Organization Map',
+ '{\n "Default": {}\n}'
+ );
+ assertVariableDetail(wrapper, 'Google OAuth2 Team Map', '{}');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/Jobs/Jobs.jsx b/awx/ui_next/src/screens/Setting/Jobs/Jobs.jsx
index 33a52f7771..4e46c1d7b2 100644
--- a/awx/ui_next/src/screens/Setting/Jobs/Jobs.jsx
+++ b/awx/ui_next/src/screens/Setting/Jobs/Jobs.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import JobsDetail from './JobsDetail';
import JobsEdit from './JobsEdit';
function Jobs({ i18n }) {
- const baseUrl = '/settings/jobs';
-
+ const baseURL = '/settings/jobs';
return (
- {i18n._(t`Jobs settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View Jobs settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/Jobs/Jobs.test.jsx b/awx/ui_next/src/screens/Setting/Jobs/Jobs.test.jsx
index 7a2e767743..d0529ab483 100644
--- a/awx/ui_next/src/screens/Setting/Jobs/Jobs.test.jsx
+++ b/awx/ui_next/src/screens/Setting/Jobs/Jobs.test.jsx
@@ -1,16 +1,57 @@
import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
import Jobs from './Jobs';
+import { SettingsAPI } from '../../../api';
+
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('Jobs settings');
+
+ test('should render jobs details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/jobs/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('JobsDetail').length).toBe(1);
+ });
+
+ test('should render jobs edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/jobs/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('JobsEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/jobs/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.jsx b/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.jsx
index 4ecb0eb5df..5b099a802a 100644
--- a/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.jsx
@@ -1,24 +1,108 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentError from '../../../../components/ContentError';
+import ContentLoading from '../../../../components/ContentLoading';
+import { DetailList } from '../../../../components/DetailList';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import useRequest from '../../../../util/useRequest';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import { sortNestedDetails } from '../../shared/settingUtils';
+import SettingDetail from '../../shared';
function JobsDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: jobs } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('jobs');
+
+ const {
+ ALLOW_JINJA_IN_EXTRA_VARS,
+ AWX_ISOLATED_KEY_GENERATION,
+ AWX_ISOLATED_PRIVATE_KEY,
+ AWX_ISOLATED_PUBLIC_KEY,
+ STDOUT_MAX_BYTES_DISPLAY,
+ EVENT_STDOUT_MAX_BYTES_DISPLAY,
+ ...jobsData
+ } = data;
+
+ const mergedData = {};
+ Object.keys(jobsData).forEach(key => {
+ mergedData[key] = options[key];
+ mergedData[key].value = jobsData[key];
+ });
+
+ return sortNestedDetails(mergedData);
+ }, [options]),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/jobs/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && jobs && (
+
+ {jobs.map(([key, detail]) => {
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.test.jsx b/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.test.jsx
index 80ab5f4795..02ec0b8118 100644
--- a/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/Jobs/JobsDetail/JobsDetail.test.jsx
@@ -1,16 +1,122 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
+import mockJobSettings from '../../shared/data.jobSettings.json';
import JobsDetail from './JobsDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: mockJobSettings,
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('JobsDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'Enable job isolation', 'On');
+ assertDetail(wrapper, 'Job execution path', '/tmp');
+ assertDetail(wrapper, 'Isolated status check interval', '1 seconds');
+ assertDetail(wrapper, 'Isolated launch timeout', '600 seconds');
+ assertDetail(wrapper, 'Isolated connection timeout', '10 seconds');
+ assertDetail(wrapper, 'Isolated host key checking', 'Off');
+ assertDetail(
+ wrapper,
+ 'Enable detailed resource profiling on all playbook runs',
+ 'Off'
+ );
+ assertDetail(wrapper, 'Run Project Updates With Higher Verbosity', 'Off');
+ assertDetail(wrapper, 'Enable Role Download', 'On');
+ assertDetail(wrapper, 'Enable Collection(s) Download', 'On');
+ assertDetail(wrapper, 'Follow symlinks', 'Off');
+ assertDetail(
+ wrapper,
+ 'Ignore Ansible Galaxy SSL Certificate Verification',
+ 'Off'
+ );
+ assertDetail(wrapper, 'Maximum Scheduled Jobs', '10');
+ assertDetail(wrapper, 'Default Job Timeout', '0 seconds');
+ assertDetail(wrapper, 'Default Inventory Update Timeout', '0 seconds');
+ assertDetail(wrapper, 'Default Project Update Timeout', '0 seconds');
+ assertDetail(wrapper, 'Per-Host Ansible Fact Cache Timeout', '0 seconds');
+ assertDetail(wrapper, 'Maximum number of forks per job', '200');
+ assertVariableDetail(
+ wrapper,
+ 'Ansible Modules Allowed for Ad Hoc Jobs',
+ '[\n "command"\n]'
+ );
+ assertVariableDetail(wrapper, 'Paths to hide from isolated jobs', '[]');
+ assertVariableDetail(wrapper, 'Paths to expose to isolated jobs', '[]');
+ assertVariableDetail(wrapper, 'Extra Environment Variables', '{}');
+ assertVariableDetail(wrapper, 'Ansible Callback Plugins', '[]');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/LDAP/LDAP.jsx b/awx/ui_next/src/screens/Setting/LDAP/LDAP.jsx
index f5e9d1b454..722127079c 100644
--- a/awx/ui_next/src/screens/Setting/LDAP/LDAP.jsx
+++ b/awx/ui_next/src/screens/Setting/LDAP/LDAP.jsx
@@ -1,26 +1,44 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch, useRouteMatch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import LDAPDetail from './LDAPDetail';
import LDAPEdit from './LDAPEdit';
function LDAP({ i18n }) {
- const baseUrl = '/settings/ldap';
+ const baseURL = '/settings/ldap';
+ const baseRoute = useRouteMatch({ path: '/settings/ldap', exact: true });
+ const categoryRoute = useRouteMatch({
+ path: '/settings/ldap/:category',
+ exact: true,
+ });
return (
- {i18n._(t`LDAP settings`)}
-
-
+ {baseRoute && }
+ {categoryRoute && (
+
+ )}
+
-
+
+
+
+
+ {i18n._(t`View LDAP Settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/LDAP/LDAP.test.jsx b/awx/ui_next/src/screens/Setting/LDAP/LDAP.test.jsx
index f67a4dc108..bcc6c60be0 100644
--- a/awx/ui_next/src/screens/Setting/LDAP/LDAP.test.jsx
+++ b/awx/ui_next/src/screens/Setting/LDAP/LDAP.test.jsx
@@ -1,16 +1,61 @@
import React from 'react';
-import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import LDAP from './LDAP';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('LDAP settings');
+
+ test('should render ldap details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/ldap/'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('LDAPDetail').length).toBe(1);
+ });
+
+ test('should render ldap edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/ldap/default/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('LDAPEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/ldap/foo/bar'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.jsx b/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.jsx
index 63e5cfb9b1..dd881572e2 100644
--- a/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.jsx
@@ -1,24 +1,172 @@
-import React from 'react';
-import { Link } from 'react-router-dom';
+import React, { useEffect, useCallback } from 'react';
+import { Link, Redirect, useRouteMatch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentError from '../../../../components/ContentError';
+import ContentLoading from '../../../../components/ContentLoading';
+import { DetailList } from '../../../../components/DetailList';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
+import { sortNestedDetails } from '../../shared/settingUtils';
+
+function filterByPrefix(data, prefix) {
+ return Object.keys(data)
+ .filter(key => key.includes(prefix))
+ .reduce((obj, key) => {
+ obj[key] = data[key];
+ return obj;
+ }, {});
+}
function LDAPDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+ const {
+ path,
+ params: { category },
+ } = useRouteMatch('/settings/ldap/:category/details');
+
+ const { isLoading, error, request, result: LDAPDetails } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('ldap');
+
+ const mergedData = {};
+ Object.keys(data).forEach(key => {
+ if (key.includes('_CONNECTION_OPTIONS')) {
+ return;
+ }
+ mergedData[key] = options[key];
+ mergedData[key].value = data[key];
+ });
+
+ const ldap1 = filterByPrefix(mergedData, 'AUTH_LDAP_1_');
+ const ldap2 = filterByPrefix(mergedData, 'AUTH_LDAP_2_');
+ const ldap3 = filterByPrefix(mergedData, 'AUTH_LDAP_3_');
+ const ldap4 = filterByPrefix(mergedData, 'AUTH_LDAP_4_');
+ const ldap5 = filterByPrefix(mergedData, 'AUTH_LDAP_5_');
+ const ldapDefault = Object.assign({}, mergedData);
+ Object.keys({ ...ldap1, ...ldap2, ...ldap3, ...ldap4, ...ldap5 }).forEach(
+ keyToOmit => {
+ delete ldapDefault[keyToOmit];
+ }
+ );
+
+ return {
+ default: sortNestedDetails(ldapDefault),
+ 1: sortNestedDetails(ldap1),
+ 2: sortNestedDetails(ldap2),
+ 3: sortNestedDetails(ldap3),
+ 4: sortNestedDetails(ldap4),
+ 5: sortNestedDetails(ldap5),
+ };
+ }, [options]),
+ {
+ default: null,
+ 1: null,
+ 2: null,
+ 3: null,
+ 4: null,
+ 5: null,
+ }
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const baseURL = '/settings/ldap';
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Default`),
+ link: `${baseURL}/default/details`,
+ id: 0,
+ },
+ {
+ name: i18n._(t`LDAP1`),
+ link: `${baseURL}/1/details`,
+ id: 1,
+ },
+ {
+ name: i18n._(t`LDAP2`),
+ link: `${baseURL}/2/details`,
+ id: 2,
+ },
+ {
+ name: i18n._(t`LDAP3`),
+ link: `${baseURL}/3/details`,
+ id: 3,
+ },
+ {
+ name: i18n._(t`LDAP4`),
+ link: `${baseURL}/4/details`,
+ id: 4,
+ },
+ {
+ name: i18n._(t`LDAP5`),
+ link: `${baseURL}/5/details`,
+ id: 5,
+ },
+ ];
+
+ if (!Object.keys(LDAPDetails).includes(category)) {
+ return ;
+ }
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ <>
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && !Object.values(LDAPDetails)?.includes(null) && (
+
+ {LDAPDetails[category].map(([key, detail]) => {
+ return (
+
+ );
+ })}
+
+ )}
+
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.test.jsx b/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.test.jsx
index f4440ace38..e688882a20 100644
--- a/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/LDAP/LDAPDetail/LDAPDetail.test.jsx
@@ -1,16 +1,151 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { useRouteMatch } from 'react-router-dom';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
+import mockLDAP from '../../shared/data.ldapSettings.json';
import LDAPDetail from './LDAPDetail';
+jest.mock('react-router-dom', () => ({
+ ...jest.requireActual('react-router-dom'),
+ useRouteMatch: jest.fn(),
+}));
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({ data: mockLDAP });
+
describe('', () => {
- let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+ describe('Default', () => {
+ let wrapper;
+
+ beforeAll(async () => {
+ useRouteMatch.mockImplementation(() => ({
+ url: '/settings/ldap/default/details',
+ path: '/settings/ldap/:category/details',
+ params: { category: 'default' },
+ }));
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ });
+
+ afterAll(() => {
+ wrapper.unmount();
+ jest.clearAllMocks();
+ });
+
+ test('initially renders without crashing', () => {
+ expect(wrapper.find('LDAPDetail').length).toBe(1);
+ });
+
+ test('should render expected tabs', () => {
+ const expectedTabs = [
+ 'Back to Settings',
+ 'Default',
+ 'LDAP1',
+ 'LDAP2',
+ 'LDAP3',
+ 'LDAP4',
+ 'LDAP5',
+ ];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'LDAP Server URI', 'ldap://ldap.example.com');
+ assertDetail(wrapper, 'LDAP Bind DN', 'cn=eng_user');
+ assertDetail(wrapper, 'LDAP Bind Password', 'Encrypted');
+ assertDetail(wrapper, 'LDAP Start TLS', 'Off');
+ assertDetail(
+ wrapper,
+ 'LDAP User DN Template',
+ 'uid=%(user)s,OU=Users,DC=example,DC=com'
+ );
+ assertDetail(wrapper, 'LDAP Group Type', 'MemberDNGroupType');
+ assertDetail(
+ wrapper,
+ 'LDAP Require Group',
+ 'CN=Tower Users,OU=Users,DC=example,DC=com'
+ );
+ assertDetail(wrapper, 'LDAP Deny Group', 'Not configured');
+ assertVariableDetail(wrapper, 'LDAP User Search', '[]');
+ assertVariableDetail(wrapper, 'LDAP User Attribute Map', '{}');
+ assertVariableDetail(wrapper, 'LDAP Group Search', '[]');
+ assertVariableDetail(
+ wrapper,
+ 'LDAP Group Type Parameters',
+ '{\n "name_attr": "cn",\n "member_attr": "member"\n}'
+ );
+ assertVariableDetail(wrapper, 'LDAP User Flags By Group', '{}');
+ assertVariableDetail(wrapper, 'LDAP Organization Map', '{}');
+ assertVariableDetail(wrapper, 'LDAP Team Map', '{}');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
- afterEach(() => {
- wrapper.unmount();
- });
- test('initially renders without crashing', () => {
- expect(wrapper.find('LDAPDetail').length).toBe(1);
+
+ describe('Redirect', () => {
+ test('should render redirect when user navigates to erroneous category', async () => {
+ let wrapper;
+ useRouteMatch.mockImplementation(() => ({
+ url: '/settings/ldap/foo/details',
+ path: '/settings/ldap/:category/details',
+ params: { category: 'foo' },
+ }));
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'Redirect');
+ });
});
});
diff --git a/awx/ui_next/src/screens/Setting/Logging/Logging.jsx b/awx/ui_next/src/screens/Setting/Logging/Logging.jsx
index cd8e9aa81d..cc54dd81d1 100644
--- a/awx/ui_next/src/screens/Setting/Logging/Logging.jsx
+++ b/awx/ui_next/src/screens/Setting/Logging/Logging.jsx
@@ -1,26 +1,30 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import LoggingDetail from './LoggingDetail';
import LoggingEdit from './LoggingEdit';
function Logging({ i18n }) {
- const baseUrl = '/settings/logging';
-
+ const baseURL = '/settings/logging';
return (
- {i18n._(t`Logging settings`)}
-
-
+
+
-
+
+
+
+ {i18n._(t`View Logging settings`)}
+
+
diff --git a/awx/ui_next/src/screens/Setting/Logging/Logging.test.jsx b/awx/ui_next/src/screens/Setting/Logging/Logging.test.jsx
index 2486d42b59..87cf62dd7a 100644
--- a/awx/ui_next/src/screens/Setting/Logging/Logging.test.jsx
+++ b/awx/ui_next/src/screens/Setting/Logging/Logging.test.jsx
@@ -1,16 +1,61 @@
import React from 'react';
-import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import Logging from './Logging';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('Logging settings');
+
+ test('should render logging details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/logging/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('LoggingDetail').length).toBe(1);
+ });
+
+ test('should render logging edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/logging/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('LoggingEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/logging/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.jsx b/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.jsx
index 8b10e37e82..11fe55ddfc 100644
--- a/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.jsx
@@ -1,24 +1,112 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { DetailList } from '../../../../components/DetailList';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
+import { sortNestedDetails, pluck } from '../../shared/settingUtils';
function LoggingDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: logging } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('logging');
+
+ const loggingData = pluck(
+ data,
+ 'LOG_AGGREGATOR_ENABLED',
+ 'LOG_AGGREGATOR_HOST',
+ 'LOG_AGGREGATOR_INDIVIDUAL_FACTS',
+ 'LOG_AGGREGATOR_LEVEL',
+ 'LOG_AGGREGATOR_LOGGERS',
+ 'LOG_AGGREGATOR_PASSWORD',
+ 'LOG_AGGREGATOR_PORT',
+ 'LOG_AGGREGATOR_PROTOCOL',
+ 'LOG_AGGREGATOR_TCP_TIMEOUT',
+ 'LOG_AGGREGATOR_TYPE',
+ 'LOG_AGGREGATOR_USERNAME',
+ 'LOG_AGGREGATOR_VERIFY_CERT'
+ );
+
+ const mergedData = {};
+ Object.keys(loggingData).forEach(key => {
+ mergedData[key] = options[key];
+ mergedData[key].value = loggingData[key];
+ });
+
+ return sortNestedDetails(mergedData);
+ }, [options]),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/logging/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && logging && (
+
+ {logging.map(([key, detail]) => (
+
+ ))}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.test.jsx b/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.test.jsx
index 384d3b148c..dc669252d7 100644
--- a/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/Logging/LoggingDetail/LoggingDetail.test.jsx
@@ -1,16 +1,107 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
+import mockLogSettings from '../../shared/data.logSettings.json';
import LoggingDetail from './LoggingDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: mockLogSettings,
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('LoggingDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'Enable External Logging', 'Off');
+ assertDetail(wrapper, 'Logging Aggregator', 'https://mocklog');
+ assertDetail(wrapper, 'Logging Aggregator Port', '1234');
+ assertDetail(wrapper, 'Logging Aggregator Type', 'logstash');
+ assertDetail(wrapper, 'Logging Aggregator Username', 'logging_name');
+ assertDetail(wrapper, 'Logging Aggregator Password/Token', 'Encrypted');
+ assertDetail(wrapper, 'Log System Tracking Facts Individually', 'Off');
+ assertDetail(wrapper, 'Logging Aggregator Protocol', 'https');
+ assertDetail(wrapper, 'TCP Connection Timeout', '5 seconds');
+ assertDetail(wrapper, 'Logging Aggregator Level Threshold', 'INFO');
+ assertDetail(
+ wrapper,
+ 'Enable/disable HTTPS certificate verification',
+ 'On'
+ );
+ assertVariableDetail(
+ wrapper,
+ 'Loggers Sending Data to Log Aggregator Form',
+ '[\n "activity_stream",\n "system_tracking"\n]'
+ );
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.jsx b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.jsx
index 9a15087680..450c788477 100644
--- a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.jsx
+++ b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import MiscSystemDetail from './MiscSystemDetail';
import MiscSystemEdit from './MiscSystemEdit';
function MiscSystem({ i18n }) {
- const baseUrl = '/settings/miscellaneous_system';
-
+ const baseURL = '/settings/miscellaneous_system';
return (
- {i18n._(t`Miscellaneous system settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View Miscellaneous System settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.test.jsx b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.test.jsx
index 4ac180a6ac..5ccc70487b 100644
--- a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.test.jsx
+++ b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystem.test.jsx
@@ -1,18 +1,61 @@
import React from 'react';
-import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import MiscSystem from './MiscSystem';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain(
- 'Miscellaneous system settings'
- );
+
+ test('should render miscellaneous system details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/miscellaneous_system/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('MiscSystemDetail').length).toBe(1);
+ });
+
+ test('should render miscellaneous system edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/miscellaneous_system/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('MiscSystemEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/miscellaneous_system/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.jsx b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.jsx
index 9784f2bdc6..a8fcdf411d 100644
--- a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.jsx
@@ -1,24 +1,153 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentError from '../../../../components/ContentError';
+import ContentLoading from '../../../../components/ContentLoading';
+import { DetailList } from '../../../../components/DetailList';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
+import { sortNestedDetails, pluck } from '../../shared/settingUtils';
function MiscSystemDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: allOptions } = useSettings();
+
+ const { isLoading, error, request, result: system } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('all');
+
+ const {
+ OAUTH2_PROVIDER: {
+ ACCESS_TOKEN_EXPIRE_SECONDS,
+ REFRESH_TOKEN_EXPIRE_SECONDS,
+ AUTHORIZATION_CODE_EXPIRE_SECONDS,
+ },
+ ...pluckedSystemData
+ } = pluck(
+ data,
+ 'ALLOW_OAUTH2_FOR_EXTERNAL_USERS',
+ 'AUTH_BASIC_ENABLED',
+ 'AUTOMATION_ANALYTICS_GATHER_INTERVAL',
+ 'AUTOMATION_ANALYTICS_URL',
+ 'CUSTOM_VENV_PATHS',
+ 'INSIGHTS_TRACKING_STATE',
+ 'LOGIN_REDIRECT_OVERRIDE',
+ 'MANAGE_ORGANIZATION_AUTH',
+ 'OAUTH2_PROVIDER',
+ 'ORG_ADMINS_CAN_SEE_ALL_USERS',
+ 'REDHAT_PASSWORD',
+ 'REDHAT_USERNAME',
+ 'REMOTE_HOST_HEADERS',
+ 'SESSIONS_PER_USER',
+ 'SESSION_COOKIE_AGE',
+ 'TOWER_URL_BASE'
+ );
+
+ const systemData = {
+ ...pluckedSystemData,
+ ACCESS_TOKEN_EXPIRE_SECONDS,
+ REFRESH_TOKEN_EXPIRE_SECONDS,
+ AUTHORIZATION_CODE_EXPIRE_SECONDS,
+ };
+
+ const {
+ OAUTH2_PROVIDER: OAUTH2_PROVIDER_OPTIONS,
+ ...options
+ } = allOptions;
+
+ const systemOptions = {
+ ...options,
+ ACCESS_TOKEN_EXPIRE_SECONDS: {
+ ...OAUTH2_PROVIDER_OPTIONS,
+ type: OAUTH2_PROVIDER_OPTIONS.child.type,
+ label: i18n._(t`Access Token Expiration`),
+ },
+ REFRESH_TOKEN_EXPIRE_SECONDS: {
+ ...OAUTH2_PROVIDER_OPTIONS,
+ type: OAUTH2_PROVIDER_OPTIONS.child.type,
+ label: i18n._(t`Refresh Token Expiration`),
+ },
+ AUTHORIZATION_CODE_EXPIRE_SECONDS: {
+ ...OAUTH2_PROVIDER_OPTIONS,
+ type: OAUTH2_PROVIDER_OPTIONS.child.type,
+ label: i18n._(t`Authorization Code Expiration`),
+ },
+ };
+
+ const mergedData = {};
+ Object.keys(systemData).forEach(key => {
+ mergedData[key] = systemOptions[key];
+ mergedData[key].value = systemData[key];
+ });
+ return sortNestedDetails(mergedData);
+ }, [allOptions, i18n]),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/miscellaneous_system/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && system && (
+
+ {system.map(([key, detail]) => (
+
+ ))}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.test.jsx b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.test.jsx
index c6dba5b869..8437930be2 100644
--- a/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.test.jsx
@@ -1,16 +1,148 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import MiscSystemDetail from './MiscSystemDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ ALLOW_OAUTH2_FOR_EXTERNAL_USERS: false,
+ AUTH_BASIC_ENABLED: true,
+ AUTOMATION_ANALYTICS_GATHER_INTERVAL: 14400,
+ AUTOMATION_ANALYTICS_URL: 'https://example.com',
+ CUSTOM_VENV_PATHS: [],
+ INSIGHTS_TRACKING_STATE: false,
+ LOGIN_REDIRECT_OVERRIDE: 'https://redirect.com',
+ MANAGE_ORGANIZATION_AUTH: true,
+ OAUTH2_PROVIDER: {
+ ACCESS_TOKEN_EXPIRE_SECONDS: 1,
+ AUTHORIZATION_CODE_EXPIRE_SECONDS: 2,
+ REFRESH_TOKEN_EXPIRE_SECONDS: 3,
+ },
+ ORG_ADMINS_CAN_SEE_ALL_USERS: true,
+ REDHAT_PASSWORD: '$encrypted$',
+ REDHAT_USERNAME: 'mock name',
+ REMOTE_HOST_HEADERS: [],
+ SESSIONS_PER_USER: -1,
+ SESSION_COOKIE_AGE: 30000000000,
+ TOWER_URL_BASE: 'https://towerhost',
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
test('initially renders without crashing', () => {
expect(wrapper.find('MiscSystemDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'Access Token Expiration', '1 seconds');
+ assertDetail(wrapper, 'All Users Visible to Organization Admins', 'On');
+ assertDetail(
+ wrapper,
+ 'Allow External Users to Create OAuth2 Tokens',
+ 'Off'
+ );
+ assertDetail(wrapper, 'Authorization Code Expiration', '2 seconds');
+ assertDetail(
+ wrapper,
+ 'Automation Analytics Gather Interval',
+ '14400 seconds'
+ );
+ assertDetail(
+ wrapper,
+ 'Automation Analytics upload URL',
+ 'https://example.com'
+ );
+ assertDetail(wrapper, 'Base URL of the Tower host', 'https://towerhost');
+ assertDetail(wrapper, 'Enable HTTP Basic Auth', 'On');
+ assertDetail(wrapper, 'Gather data for Automation Analytics', 'Off');
+ assertDetail(wrapper, 'Idle Time Force Log Out', '30000000000 seconds');
+ assertDetail(
+ wrapper,
+ 'Login redirect override URL',
+ 'https://redirect.com'
+ );
+ assertDetail(
+ wrapper,
+ 'Maximum number of simultaneous logged in sessions',
+ '-1'
+ );
+ assertDetail(
+ wrapper,
+ 'Organization Admins Can Manage Users and Teams',
+ 'On'
+ );
+ assertDetail(wrapper, 'Red Hat customer password', 'Encrypted');
+ assertDetail(wrapper, 'Red Hat customer username', 'mock name');
+ assertDetail(wrapper, 'Refresh Token Expiration', '3 seconds');
+ assertVariableDetail(wrapper, 'Remote Host Headers', '[]');
+ assertVariableDetail(wrapper, 'Custom virtual environment paths', '[]');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/RADIUS.jsx b/awx/ui_next/src/screens/Setting/RADIUS/RADIUS.jsx
new file mode 100644
index 0000000000..a15ca69440
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUS.jsx
@@ -0,0 +1,36 @@
+import React from 'react';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
+import { withI18n } from '@lingui/react';
+import { t } from '@lingui/macro';
+import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
+import RADIUSDetail from './RADIUSDetail';
+import RADIUSEdit from './RADIUSEdit';
+
+function RADIUS({ i18n }) {
+ const baseURL = '/settings/radius';
+ return (
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {i18n._(t`View RADIUS settings`)}
+
+
+
+
+
+
+ );
+}
+
+export default withI18n()(RADIUS);
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/RADIUS.test.jsx b/awx/ui_next/src/screens/Setting/RADIUS/RADIUS.test.jsx
new file mode 100644
index 0000000000..a275e74d95
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUS.test.jsx
@@ -0,0 +1,56 @@
+import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
+import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import RADIUS from './RADIUS';
+import { SettingsAPI } from '../../../api';
+
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
+describe('', () => {
+ let wrapper;
+
+ afterEach(() => {
+ wrapper.unmount();
+ jest.clearAllMocks();
+ });
+
+ test('should render RADIUS details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/radius/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('RADIUSDetail').length).toBe(1);
+ });
+
+ test('should render RADIUS edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/radius/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('RADIUSEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/radius/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
+});
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/RADIUSDetail.jsx b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/RADIUSDetail.jsx
new file mode 100644
index 0000000000..d1d8a4e6f6
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/RADIUSDetail.jsx
@@ -0,0 +1,92 @@
+import React, { useEffect, useCallback } from 'react';
+import { Link } from 'react-router-dom';
+import { withI18n } from '@lingui/react';
+import { t } from '@lingui/macro';
+import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
+import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { DetailList } from '../../../../components/DetailList';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
+
+function RADIUSDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: radius } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('radius');
+ return data;
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/radius/details`,
+ id: 0,
+ },
+ ];
+
+ return (
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && radius && (
+
+ {Object.keys(radius).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
+ );
+}
+
+export default withI18n()(RADIUSDetail);
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/RADIUSDetail.test.jsx b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/RADIUSDetail.test.jsx
new file mode 100644
index 0000000000..105bc0bc99
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/RADIUSDetail.test.jsx
@@ -0,0 +1,90 @@
+import React from 'react';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import { assertDetail } from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
+import RADIUSDetail from './RADIUSDetail';
+
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ RADIUS_SERVER: 'example.org',
+ RADIUS_PORT: 1812,
+ RADIUS_SECRET: '$encrypted$',
+ },
+});
+
+describe('', () => {
+ let wrapper;
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ });
+
+ afterAll(() => {
+ wrapper.unmount();
+ jest.clearAllMocks();
+ });
+
+ test('initially renders without crashing', () => {
+ expect(wrapper.find('RADIUSDetail').length).toBe(1);
+ });
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'RADIUS Server', 'example.org');
+ assertDetail(wrapper, 'RADIUS Port', '1812');
+ assertDetail(wrapper, 'RADIUS Secret', 'Encrypted');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
+});
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/index.js b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/index.js
new file mode 100644
index 0000000000..5d56ddc5c2
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSDetail/index.js
@@ -0,0 +1 @@
+export { default } from './RADIUSDetail';
diff --git a/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/RadiusEdit.jsx b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/RADIUSEdit.jsx
similarity index 89%
rename from awx/ui_next/src/screens/Setting/Radius/RadiusEdit/RadiusEdit.jsx
rename to awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/RADIUSEdit.jsx
index 62448ead15..624a624f06 100644
--- a/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/RadiusEdit.jsx
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/RADIUSEdit.jsx
@@ -5,7 +5,7 @@ import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
import { CardBody, CardActionsRow } from '../../../../components/Card';
-function RadiusEdit({ i18n }) {
+function RADIUSEdit({ i18n }) {
return (
{i18n._(t`Edit form coming soon :)`)}
@@ -22,4 +22,4 @@ function RadiusEdit({ i18n }) {
);
}
-export default withI18n()(RadiusEdit);
+export default withI18n()(RADIUSEdit);
diff --git a/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/RadiusEdit.test.jsx b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/RADIUSEdit.test.jsx
similarity index 59%
rename from awx/ui_next/src/screens/Setting/Radius/RadiusEdit/RadiusEdit.test.jsx
rename to awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/RADIUSEdit.test.jsx
index bfb517dcbb..934aeb3825 100644
--- a/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/RadiusEdit.test.jsx
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/RADIUSEdit.test.jsx
@@ -1,16 +1,16 @@
import React from 'react';
import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
-import RadiusEdit from './RadiusEdit';
+import RADIUSEdit from './RADIUSEdit';
-describe('', () => {
+describe('', () => {
let wrapper;
beforeEach(() => {
- wrapper = mountWithContexts();
+ wrapper = mountWithContexts();
});
afterEach(() => {
wrapper.unmount();
});
test('initially renders without crashing', () => {
- expect(wrapper.find('RadiusEdit').length).toBe(1);
+ expect(wrapper.find('RADIUSEdit').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/index.js b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/index.js
new file mode 100644
index 0000000000..37681b7983
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/RADIUSEdit/index.js
@@ -0,0 +1 @@
+export { default } from './RADIUSEdit';
diff --git a/awx/ui_next/src/screens/Setting/RADIUS/index.js b/awx/ui_next/src/screens/Setting/RADIUS/index.js
new file mode 100644
index 0000000000..2c1e616310
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/RADIUS/index.js
@@ -0,0 +1 @@
+export { default } from './RADIUS';
diff --git a/awx/ui_next/src/screens/Setting/Radius/Radius.jsx b/awx/ui_next/src/screens/Setting/Radius/Radius.jsx
deleted file mode 100644
index a3b4780c72..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/Radius.jsx
+++ /dev/null
@@ -1,30 +0,0 @@
-import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
-import { withI18n } from '@lingui/react';
-import { t } from '@lingui/macro';
-import { PageSection, Card } from '@patternfly/react-core';
-import RadiusDetail from './RadiusDetail';
-import RadiusEdit from './RadiusEdit';
-
-function Radius({ i18n }) {
- const baseUrl = '/settings/radius';
-
- return (
-
-
- {i18n._(t`Radius settings`)}
-
-
-
-
-
-
-
-
-
-
-
- );
-}
-
-export default withI18n()(Radius);
diff --git a/awx/ui_next/src/screens/Setting/Radius/Radius.test.jsx b/awx/ui_next/src/screens/Setting/Radius/Radius.test.jsx
deleted file mode 100644
index 0337cd3593..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/Radius.test.jsx
+++ /dev/null
@@ -1,16 +0,0 @@
-import React from 'react';
-import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
-import Radius from './Radius';
-
-describe('', () => {
- let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
- afterEach(() => {
- wrapper.unmount();
- });
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('Radius settings');
- });
-});
diff --git a/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/RadiusDetail.jsx b/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/RadiusDetail.jsx
deleted file mode 100644
index 1453f87573..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/RadiusDetail.jsx
+++ /dev/null
@@ -1,25 +0,0 @@
-import React from 'react';
-import { Link } from 'react-router-dom';
-import { withI18n } from '@lingui/react';
-import { t } from '@lingui/macro';
-import { Button } from '@patternfly/react-core';
-import { CardBody, CardActionsRow } from '../../../../components/Card';
-
-function RadiusDetail({ i18n }) {
- return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
- );
-}
-
-export default withI18n()(RadiusDetail);
diff --git a/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/RadiusDetail.test.jsx b/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/RadiusDetail.test.jsx
deleted file mode 100644
index 84d329116e..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/RadiusDetail.test.jsx
+++ /dev/null
@@ -1,16 +0,0 @@
-import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
-import RadiusDetail from './RadiusDetail';
-
-describe('', () => {
- let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
- afterEach(() => {
- wrapper.unmount();
- });
- test('initially renders without crashing', () => {
- expect(wrapper.find('RadiusDetail').length).toBe(1);
- });
-});
diff --git a/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/index.js b/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/index.js
deleted file mode 100644
index cf4fdebfea..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/RadiusDetail/index.js
+++ /dev/null
@@ -1 +0,0 @@
-export { default } from './RadiusDetail';
diff --git a/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/index.js b/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/index.js
deleted file mode 100644
index bb00543488..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/RadiusEdit/index.js
+++ /dev/null
@@ -1 +0,0 @@
-export { default } from './RadiusEdit';
diff --git a/awx/ui_next/src/screens/Setting/Radius/index.js b/awx/ui_next/src/screens/Setting/Radius/index.js
deleted file mode 100644
index 4bf959792b..0000000000
--- a/awx/ui_next/src/screens/Setting/Radius/index.js
+++ /dev/null
@@ -1 +0,0 @@
-export { default } from './Radius';
diff --git a/awx/ui_next/src/screens/Setting/SAML/SAML.jsx b/awx/ui_next/src/screens/Setting/SAML/SAML.jsx
index 51db443691..964bef71a7 100644
--- a/awx/ui_next/src/screens/Setting/SAML/SAML.jsx
+++ b/awx/ui_next/src/screens/Setting/SAML/SAML.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import SAMLDetail from './SAMLDetail';
import SAMLEdit from './SAMLEdit';
function SAML({ i18n }) {
- const baseUrl = '/settings/saml';
-
+ const baseURL = '/settings/saml';
return (
- {i18n._(t`SAML settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View SAML settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/SAML/SAML.test.jsx b/awx/ui_next/src/screens/Setting/SAML/SAML.test.jsx
index ed6f945835..0c662fd927 100644
--- a/awx/ui_next/src/screens/Setting/SAML/SAML.test.jsx
+++ b/awx/ui_next/src/screens/Setting/SAML/SAML.test.jsx
@@ -1,16 +1,56 @@
import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import SAML from './SAML';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('SAML settings');
+
+ test('should render SAML details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/saml/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('SAMLDetail').length).toBe(1);
+ });
+
+ test('should render SAML edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/saml/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('SAMLEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/saml/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.jsx b/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.jsx
index 1cf5606f61..e6694d8591 100644
--- a/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.jsx
@@ -1,24 +1,91 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { DetailList } from '../../../../components/DetailList';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
function SAMLDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: saml } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('saml');
+ return data;
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/saml/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && saml && (
+
+ {Object.keys(saml).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.test.jsx b/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.test.jsx
index a420e32e9c..1afaee4e24 100644
--- a/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/SAML/SAMLDetail/SAMLDetail.test.jsx
@@ -1,16 +1,148 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import {
+ assertDetail,
+ assertVariableDetail,
+} from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import SAMLDetail from './SAMLDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ SOCIAL_AUTH_SAML_CALLBACK_URL: 'https://towerhost/sso/complete/saml/',
+ SOCIAL_AUTH_SAML_METADATA_URL: 'https://towerhost/sso/metadata/saml/',
+ SOCIAL_AUTH_SAML_SP_ENTITY_ID: 'mock_id',
+ SOCIAL_AUTH_SAML_SP_PUBLIC_CERT: 'mock_cert',
+ SOCIAL_AUTH_SAML_SP_PRIVATE_KEY: '',
+ SOCIAL_AUTH_SAML_ORG_INFO: {},
+ SOCIAL_AUTH_SAML_TECHNICAL_CONTACT: {},
+ SOCIAL_AUTH_SAML_SUPPORT_CONTACT: {},
+ SOCIAL_AUTH_SAML_ENABLED_IDPS: {},
+ SOCIAL_AUTH_SAML_SECURITY_CONFIG: {},
+ SOCIAL_AUTH_SAML_SP_EXTRA: {},
+ SOCIAL_AUTH_SAML_EXTRA_DATA: [],
+ SOCIAL_AUTH_SAML_ORGANIZATION_MAP: {},
+ SOCIAL_AUTH_SAML_TEAM_MAP: {},
+ SOCIAL_AUTH_SAML_ORGANIZATION_ATTR: {},
+ SOCIAL_AUTH_SAML_TEAM_ATTR: {},
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('SAMLDetail').length).toBe(1);
});
+
+ test('should render expected details', () => {
+ assertDetail(
+ wrapper,
+ 'SAML Assertion Consumer Service (ACS) URL',
+ 'https://towerhost/sso/complete/saml/'
+ );
+ assertDetail(
+ wrapper,
+ 'SAML Service Provider Metadata URL',
+ 'https://towerhost/sso/metadata/saml/'
+ );
+ assertDetail(wrapper, 'SAML Service Provider Entity ID', 'mock_id');
+ assertDetail(
+ wrapper,
+ 'SAML Service Provider Public Certificate',
+ 'mock_cert'
+ );
+ assertDetail(
+ wrapper,
+ 'SAML Service Provider Private Key',
+ 'Not configured'
+ );
+ assertVariableDetail(
+ wrapper,
+ 'SAML Service Provider Organization Info',
+ '{}'
+ );
+ assertVariableDetail(
+ wrapper,
+ 'SAML Service Provider Technical Contact',
+ '{}'
+ );
+ assertVariableDetail(
+ wrapper,
+ 'SAML Service Provider Support Contact',
+ '{}'
+ );
+ assertVariableDetail(wrapper, 'SAML Enabled Identity Providers', '{}');
+ assertVariableDetail(wrapper, 'SAML Security Config', '{}');
+ assertVariableDetail(
+ wrapper,
+ 'SAML Service Provider extra configuration data',
+ '{}'
+ );
+ assertVariableDetail(
+ wrapper,
+ 'SAML IDP to extra_data attribute mapping',
+ '[]'
+ );
+ assertVariableDetail(wrapper, 'SAML Organization Map', '{}');
+ assertVariableDetail(wrapper, 'SAML Team Map', '{}');
+ assertVariableDetail(wrapper, 'SAML Organization Attribute Mapping', '{}');
+ assertVariableDetail(wrapper, 'SAML Team Attribute Mapping', '{}');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/SettingList.jsx b/awx/ui_next/src/screens/Setting/SettingList.jsx
index 9f0e6ffe64..3284d48a7f 100644
--- a/awx/ui_next/src/screens/Setting/SettingList.jsx
+++ b/awx/ui_next/src/screens/Setting/SettingList.jsx
@@ -75,7 +75,7 @@ function SettingList({ i18n }) {
path: '/settings/ldap',
},
{
- title: i18n._(t`Radius settings`),
+ title: i18n._(t`RADIUS settings`),
path: '/settings/radius',
},
{
@@ -107,11 +107,11 @@ function SettingList({ i18n }) {
id: 'system',
routes: [
{
- title: i18n._(t`Miscellaneous system settings`),
+ title: i18n._(t`Miscellaneous System settings`),
path: '/settings/miscellaneous_system',
},
{
- title: i18n._(t`Activity stream settings`),
+ title: i18n._(t`Activity Stream settings`),
path: '/settings/activity_stream',
},
{
@@ -121,15 +121,15 @@ function SettingList({ i18n }) {
],
},
{
- header: i18n._(t`User interface`),
+ header: i18n._(t`User Interface`),
description: i18n._(
t`Set preferences for data collection, logos, and logins`
),
- id: 'user_interface',
+ id: 'ui',
routes: [
{
- title: i18n._(t`User interface settings`),
- path: '/settings/user_interface',
+ title: i18n._(t`User Interface settings`),
+ path: '/settings/ui',
},
],
},
diff --git a/awx/ui_next/src/screens/Setting/Settings.jsx b/awx/ui_next/src/screens/Setting/Settings.jsx
index 4d8d49830d..ae3356f950 100644
--- a/awx/ui_next/src/screens/Setting/Settings.jsx
+++ b/awx/ui_next/src/screens/Setting/Settings.jsx
@@ -1,9 +1,10 @@
-import React from 'react';
+import React, { useCallback, useEffect } from 'react';
import { Link, Route, Switch, Redirect } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
import ContentError from '../../components/ContentError';
+import ContentLoading from '../../components/ContentLoading';
import Breadcrumbs from '../../components/Breadcrumbs';
import ActivityStream from './ActivityStream';
import AzureAD from './AzureAD';
@@ -14,34 +15,120 @@ import LDAP from './LDAP';
import License from './License';
import Logging from './Logging';
import MiscSystem from './MiscSystem';
-import Radius from './Radius';
+import RADIUS from './RADIUS';
import SAML from './SAML';
import SettingList from './SettingList';
import TACACS from './TACACS';
import UI from './UI';
+import { SettingsProvider } from '../../contexts/Settings';
import { useConfig } from '../../contexts/Config';
+import { SettingsAPI } from '../../api';
+import useRequest from '../../util/useRequest';
function Settings({ i18n }) {
- const { license_info = {} } = useConfig();
+ const { license_info = {}, me } = useConfig();
+
+ const { request, result, isLoading, error } = useRequest(
+ useCallback(async () => {
+ const response = await SettingsAPI.readAllOptions();
+ return response.data.actions;
+ }, [])
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
const breadcrumbConfig = {
'/settings': i18n._(t`Settings`),
- '/settings/activity_stream': i18n._(t`Activity stream`),
+ '/settings/activity_stream': i18n._(t`Activity Stream`),
+ '/settings/activity_stream/details': i18n._(t`Details`),
+ '/settings/activity_stream/edit': i18n._(t`Edit Details`),
'/settings/azure': i18n._(t`Azure AD`),
- '/settings/github': i18n._(t`GitHub`),
+ '/settings/azure/details': i18n._(t`Details`),
+ '/settings/azure/edit': i18n._(t`Edit Details`),
+ '/settings/github': null,
+ '/settings/github/default': i18n._(t`GitHub Default`),
+ '/settings/github/default/details': i18n._(t`Details`),
+ '/settings/github/default/edit': i18n._(t`Edit Details`),
+ '/settings/github/organization': i18n._(t`GitHub Organization`),
+ '/settings/github/organization/details': i18n._(t`Details`),
+ '/settings/github/organization/edit': i18n._(t`Edit Details`),
+ '/settings/github/team': i18n._(t`GitHub Team`),
+ '/settings/github/team/details': i18n._(t`Details`),
+ '/settings/github/team/edit': i18n._(t`Edit Details`),
'/settings/google_oauth2': i18n._(t`Google OAuth2`),
+ '/settings/google_oauth2/details': i18n._(t`Details`),
+ '/settings/google_oauth2/edit': i18n._(t`Edit Details`),
'/settings/jobs': i18n._(t`Jobs`),
- '/settings/ldap': i18n._(t`LDAP`),
+ '/settings/jobs/details': i18n._(t`Details`),
+ '/settings/jobs/edit': i18n._(t`Edit Details`),
+ '/settings/ldap': null,
+ '/settings/ldap/default': i18n._(t`LDAP Default`),
+ '/settings/ldap/1': i18n._(t`LDAP 1`),
+ '/settings/ldap/2': i18n._(t`LDAP 2`),
+ '/settings/ldap/3': i18n._(t`LDAP 3`),
+ '/settings/ldap/4': i18n._(t`LDAP 4`),
+ '/settings/ldap/5': i18n._(t`LDAP 5`),
+ '/settings/ldap/default/details': i18n._(t`Details`),
+ '/settings/ldap/1/details': i18n._(t`Details`),
+ '/settings/ldap/2/details': i18n._(t`Details`),
+ '/settings/ldap/3/details': i18n._(t`Details`),
+ '/settings/ldap/4/details': i18n._(t`Details`),
+ '/settings/ldap/5/details': i18n._(t`Details`),
+ '/settings/ldap/default/edit': i18n._(t`Edit Details`),
+ '/settings/ldap/1/edit': i18n._(t`Edit Details`),
+ '/settings/ldap/2/edit': i18n._(t`Edit Details`),
+ '/settings/ldap/3/edit': i18n._(t`Edit Details`),
+ '/settings/ldap/4/edit': i18n._(t`Edit Details`),
+ '/settings/ldap/5/edit': i18n._(t`Edit Details`),
'/settings/license': i18n._(t`License`),
'/settings/logging': i18n._(t`Logging`),
- '/settings/miscellaneous_system': i18n._(t`Miscellaneous system`),
- '/settings/radius': i18n._(t`Radius`),
+ '/settings/logging/details': i18n._(t`Details`),
+ '/settings/logging/edit': i18n._(t`Edit Details`),
+ '/settings/miscellaneous_system': i18n._(t`Miscellaneous System`),
+ '/settings/miscellaneous_system/details': i18n._(t`Details`),
+ '/settings/miscellaneous_system/edit': i18n._(t`Edit Details`),
+ '/settings/radius': i18n._(t`RADIUS`),
+ '/settings/radius/details': i18n._(t`Details`),
+ '/settings/radius/edit': i18n._(t`Edit Details`),
'/settings/saml': i18n._(t`SAML`),
+ '/settings/saml/details': i18n._(t`Details`),
+ '/settings/saml/edit': i18n._(t`Edit Details`),
'/settings/tacacs': i18n._(t`TACACS+`),
- '/settings/user_interface': i18n._(t`User interface`),
+ '/settings/tacacs/details': i18n._(t`Details`),
+ '/settings/tacacs/edit': i18n._(t`Edit Details`),
+ '/settings/ui': i18n._(t`User Interface`),
+ '/settings/ui/details': i18n._(t`Details`),
+ '/settings/ui/edit': i18n._(t`Edit Details`),
};
+ if (error) {
+ return (
+
+
+
+
+
+ );
+ }
+
+ if (isLoading || !result || !me) {
+ return (
+
+
+
+
+
+ );
+ }
+
+ if (!me?.is_superuser && !me?.is_system_auditor) {
+ return ;
+ }
+
return (
- <>
+
@@ -76,7 +163,7 @@ function Settings({ i18n }) {
-
+
@@ -84,7 +171,7 @@ function Settings({ i18n }) {
-
+
@@ -100,7 +187,7 @@ function Settings({ i18n }) {
-
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/TACACS/TACACS.jsx b/awx/ui_next/src/screens/Setting/TACACS/TACACS.jsx
index 2ba6e62a3d..99a5da7868 100644
--- a/awx/ui_next/src/screens/Setting/TACACS/TACACS.jsx
+++ b/awx/ui_next/src/screens/Setting/TACACS/TACACS.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import TACACSDetail from './TACACSDetail';
import TACACSEdit from './TACACSEdit';
function TACACS({ i18n }) {
- const baseUrl = '/settings/tacacs';
-
+ const baseURL = '/settings/tacacs';
return (
- {i18n._(t`TACACS+ settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View TACACS+ settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/TACACS/TACACS.test.jsx b/awx/ui_next/src/screens/Setting/TACACS/TACACS.test.jsx
index ccf384382d..ec3c69aed0 100644
--- a/awx/ui_next/src/screens/Setting/TACACS/TACACS.test.jsx
+++ b/awx/ui_next/src/screens/Setting/TACACS/TACACS.test.jsx
@@ -1,16 +1,56 @@
import React from 'react';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import TACACS from './TACACS';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('TACACS+ settings');
+
+ test('should render TACACS+ details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/tacacs/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('TACACSDetail').length).toBe(1);
+ });
+
+ test('should render TACACS+ edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/tacacs/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('TACACSEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/tacacs/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.jsx b/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.jsx
index 97568bb63d..de85665808 100644
--- a/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.jsx
@@ -1,24 +1,91 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { DetailList } from '../../../../components/DetailList';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import SettingDetail from '../../shared';
function TACACSDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: tacacs } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('tacacsplus');
+ return data;
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/tacacs/details`,
+ id: 0,
+ },
+ ];
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && tacacs && (
+
+ {Object.keys(tacacs).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.test.jsx b/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.test.jsx
index 0f88fa78fa..66e673b2e0 100644
--- a/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/TACACS/TACACSDetail/TACACSDetail.test.jsx
@@ -1,16 +1,94 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import { assertDetail } from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import TACACSDetail from './TACACSDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ TACACSPLUS_HOST: 'mockhost',
+ TACACSPLUS_PORT: 49,
+ TACACSPLUS_SECRET: '$encrypted$',
+ TACACSPLUS_SESSION_TIMEOUT: 5,
+ TACACSPLUS_AUTH_PROTOCOL: 'ascii',
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('TACACSDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'TACACS+ Server', 'mockhost');
+ assertDetail(wrapper, 'TACACS+ Port', '49');
+ assertDetail(wrapper, 'TACACS+ Secret', 'Encrypted');
+ assertDetail(wrapper, 'TACACS+ Auth Session Timeout', '5 seconds');
+ assertDetail(wrapper, 'TACACS+ Authentication Protocol', 'ascii');
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/UI/UI.jsx b/awx/ui_next/src/screens/Setting/UI/UI.jsx
index f7f0136e1e..d7c308166d 100644
--- a/awx/ui_next/src/screens/Setting/UI/UI.jsx
+++ b/awx/ui_next/src/screens/Setting/UI/UI.jsx
@@ -1,26 +1,32 @@
import React from 'react';
-import { Redirect, Route, Switch } from 'react-router-dom';
+import { Link, Redirect, Route, Switch } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { PageSection, Card } from '@patternfly/react-core';
+import ContentError from '../../../components/ContentError';
import UIDetail from './UIDetail';
import UIEdit from './UIEdit';
function UI({ i18n }) {
- const baseUrl = '/settings/ui';
-
+ const baseURL = '/settings/ui';
return (
- {i18n._(t`User interface settings`)}
-
-
+
+
-
+
+
+
+
+ {i18n._(t`View User Interface settings`)}
+
+
+
diff --git a/awx/ui_next/src/screens/Setting/UI/UI.test.jsx b/awx/ui_next/src/screens/Setting/UI/UI.test.jsx
index 5d62f597e3..ac7a31d608 100644
--- a/awx/ui_next/src/screens/Setting/UI/UI.test.jsx
+++ b/awx/ui_next/src/screens/Setting/UI/UI.test.jsx
@@ -1,16 +1,61 @@
import React from 'react';
-import { mountWithContexts } from '../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import { createMemoryHistory } from 'history';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../testUtils/enzymeHelpers';
+import { SettingsAPI } from '../../../api';
import UI from './UI';
+jest.mock('../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {},
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
- });
+
afterEach(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
- test('initially renders without crashing', () => {
- expect(wrapper.find('Card').text()).toContain('User interface settings');
+
+ test('should render user interface details', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/ui/details'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('UIDetail').length).toBe(1);
+ });
+
+ test('should render user interface edit', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/ui/edit'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('UIEdit').length).toBe(1);
+ });
+
+ test('should show content error when user navigates to erroneous route', async () => {
+ const history = createMemoryHistory({
+ initialEntries: ['/settings/ui/foo'],
+ });
+ await act(async () => {
+ wrapper = mountWithContexts(, {
+ context: { router: { history } },
+ });
+ });
+ expect(wrapper.find('ContentError').length).toBe(1);
});
});
diff --git a/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.jsx b/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.jsx
index 8f031eb7b3..2d4e475006 100644
--- a/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.jsx
+++ b/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.jsx
@@ -1,24 +1,106 @@
-import React from 'react';
+import React, { useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { withI18n } from '@lingui/react';
import { t } from '@lingui/macro';
import { Button } from '@patternfly/react-core';
+import { CaretLeftIcon } from '@patternfly/react-icons';
import { CardBody, CardActionsRow } from '../../../../components/Card';
+import ContentLoading from '../../../../components/ContentLoading';
+import ContentError from '../../../../components/ContentError';
+import RoutedTabs from '../../../../components/RoutedTabs';
+import { SettingsAPI } from '../../../../api';
+import useRequest from '../../../../util/useRequest';
+import { DetailList } from '../../../../components/DetailList';
+import { useConfig } from '../../../../contexts/Config';
+import { useSettings } from '../../../../contexts/Settings';
+import { pluck } from '../../shared/settingUtils';
+import SettingDetail from '../../shared';
function UIDetail({ i18n }) {
+ const { me } = useConfig();
+ const { GET: options } = useSettings();
+
+ const { isLoading, error, request, result: ui } = useRequest(
+ useCallback(async () => {
+ const { data } = await SettingsAPI.readCategory('ui');
+
+ const uiData = pluck(
+ data,
+ 'PENDO_TRACKING_STATE',
+ 'CUSTOM_LOGO',
+ 'CUSTOM_LOGIN_INFO'
+ );
+
+ return uiData;
+ }, []),
+ null
+ );
+
+ useEffect(() => {
+ request();
+ }, [request]);
+
+ const tabsArray = [
+ {
+ name: (
+ <>
+
+ {i18n._(t`Back to Settings`)}
+
+ ),
+ link: `/settings`,
+ id: 99,
+ },
+ {
+ name: i18n._(t`Details`),
+ link: `/settings/ui/details`,
+ id: 0,
+ },
+ ];
+
+ // Change CUSTOM_LOGO type from string to image
+ // to help SettingDetail render it as an ![]()
+ if (options?.CUSTOM_LOGO) {
+ options.CUSTOM_LOGO.type = 'image';
+ }
+
return (
-
- {i18n._(t`Detail coming soon :)`)}
-
-
-
-
+ <>
+
+
+ {isLoading && }
+ {!isLoading && error && }
+ {!isLoading && ui && (
+
+ {Object.keys(ui).map(key => {
+ const record = options?.[key];
+ return (
+
+ );
+ })}
+
+ )}
+ {me?.is_superuser && (
+
+
+
+ )}
+
+
);
}
diff --git a/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.test.jsx b/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.test.jsx
index 7cb27b17a8..69a33b673b 100644
--- a/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.test.jsx
+++ b/awx/ui_next/src/screens/Setting/UI/UIDetail/UIDetail.test.jsx
@@ -1,16 +1,93 @@
import React from 'react';
-import { mountWithContexts } from '../../../../../testUtils/enzymeHelpers';
+import { act } from 'react-dom/test-utils';
+import {
+ mountWithContexts,
+ waitForElement,
+} from '../../../../../testUtils/enzymeHelpers';
+import { SettingsProvider } from '../../../../contexts/Settings';
+import { SettingsAPI } from '../../../../api';
+import { assertDetail } from '../../shared/settingTestUtils';
+import mockAllOptions from '../../shared/data.allSettingOptions.json';
import UIDetail from './UIDetail';
+jest.mock('../../../../api/models/Settings');
+SettingsAPI.readCategory.mockResolvedValue({
+ data: {
+ CUSTOM_LOGIN_INFO: 'mock info',
+ CUSTOM_LOGO: 'data:image/png',
+ PENDO_TRACKING_STATE: 'off',
+ },
+});
+
describe('', () => {
let wrapper;
- beforeEach(() => {
- wrapper = mountWithContexts();
+
+ beforeAll(async () => {
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
});
- afterEach(() => {
+
+ afterAll(() => {
wrapper.unmount();
+ jest.clearAllMocks();
});
+
test('initially renders without crashing', () => {
expect(wrapper.find('UIDetail').length).toBe(1);
});
+
+ test('should render expected tabs', () => {
+ const expectedTabs = ['Back to Settings', 'Details'];
+ wrapper.find('RoutedTabs li').forEach((tab, index) => {
+ expect(tab.text()).toEqual(expectedTabs[index]);
+ });
+ });
+
+ test('should render expected details', () => {
+ assertDetail(wrapper, 'User Analytics Tracking State', 'off');
+ assertDetail(wrapper, 'Custom Login Info', 'mock info');
+ expect(wrapper.find('Detail[label="Custom Logo"] dt').text()).toBe(
+ 'Custom Logo'
+ );
+ expect(wrapper.find('Detail[label="Custom Logo"] dd img').length).toBe(1);
+ });
+
+ test('should hide edit button from non-superusers', async () => {
+ const config = {
+ me: {
+ is_superuser: false,
+ },
+ };
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+ ,
+ {
+ context: { config },
+ }
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('Button[aria-label="Edit"]').exists()).toBeFalsy();
+ });
+
+ test('should display content error when api throws error on initial render', async () => {
+ SettingsAPI.readCategory.mockRejectedValue(new Error());
+ await act(async () => {
+ wrapper = mountWithContexts(
+
+
+
+ );
+ });
+ await waitForElement(wrapper, 'ContentLoading', el => el.length === 0);
+ expect(wrapper.find('ContentError').length).toBe(1);
+ });
});
diff --git a/awx/ui_next/src/screens/Setting/shared/SettingDetail.jsx b/awx/ui_next/src/screens/Setting/shared/SettingDetail.jsx
new file mode 100644
index 0000000000..56a4e42d2d
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/SettingDetail.jsx
@@ -0,0 +1,117 @@
+import React from 'react';
+import { withI18n } from '@lingui/react';
+import { t } from '@lingui/macro';
+import { Detail } from '../../../components/DetailList';
+import { VariablesDetail } from '../../../components/CodeMirrorInput';
+// import DetailPopover from '../../../components/DetailList/DetailPopover';
+
+export default withI18n()(
+ ({ i18n, helpText, id, label, type, unit = '', value }) => {
+ const dataType = value === '$encrypted$' ? 'encrypted' : type;
+ let detail = null;
+
+ switch (dataType) {
+ case 'nested object':
+ detail = (
+
+ );
+ break;
+ case 'list':
+ detail = (
+
+ );
+ break;
+ case 'image':
+ detail = (
+
+ )
+ }
+ />
+ );
+ break;
+ case 'encrypted':
+ detail = (
+
+ );
+ break;
+ case 'boolean':
+ detail = (
+
+ );
+ break;
+ case 'choice':
+ detail = (
+
+ );
+ break;
+ case 'integer':
+ detail = (
+
+ );
+ break;
+ case 'string':
+ detail = (
+
+ );
+ break;
+ default:
+ detail = null;
+ }
+ return detail;
+ }
+);
diff --git a/awx/ui_next/src/screens/Setting/shared/data.allSettingOptions.json b/awx/ui_next/src/screens/Setting/shared/data.allSettingOptions.json
new file mode 100644
index 0000000000..4587e845d8
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/data.allSettingOptions.json
@@ -0,0 +1,6500 @@
+{
+ "name": "Setting Detail",
+ "actions": {
+ "GET": {
+ "ACTIVITY_STREAM_ENABLED": {
+ "type": "boolean",
+ "label": "Enable Activity Stream",
+ "help_text": "Enable capturing activity for the activity stream.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC": {
+ "type": "boolean",
+ "label": "Enable Activity Stream for Inventory Sync",
+ "help_text": "Enable capturing activity for the activity stream when running inventory sync.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "ORG_ADMINS_CAN_SEE_ALL_USERS": {
+ "type": "boolean",
+ "label": "All Users Visible to Organization Admins",
+ "help_text": "Controls whether any Organization Admin can view all users and teams, even those not associated with their Organization.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "MANAGE_ORGANIZATION_AUTH": {
+ "type": "boolean",
+ "label": "Organization Admins Can Manage Users and Teams",
+ "help_text": "Controls whether any Organization Admin has the privileges to create and manage users and teams. You may want to disable this ability if you are using an LDAP or SAML integration.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "TOWER_URL_BASE": {
+ "type": "string",
+ "label": "Base URL of the Tower host",
+ "help_text": "This setting is used by services like notifications to render a valid url to the Tower host.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "REMOTE_HOST_HEADERS": {
+ "type": "list",
+ "label": "Remote Host Headers",
+ "help_text": "HTTP headers and meta keys to search to determine remote host name or IP. Add additional items to this list, such as \"HTTP_X_FORWARDED_FOR\", if behind a reverse proxy. See the \"Proxy Support\" section of the Adminstrator guide for more details.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "PROXY_IP_ALLOWED_LIST": {
+ "type": "list",
+ "label": "Proxy IP Allowed List",
+ "help_text": "If Tower is behind a reverse proxy/load balancer, use this setting to configure the proxy IP addresses from which Tower should trust custom REMOTE_HOST_HEADERS header values. If this setting is an empty list (the default), the headers specified by REMOTE_HOST_HEADERS will be trusted unconditionally')",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "LICENSE": {
+ "type": "nested object",
+ "label": "License",
+ "help_text": "The license controls which features and functionality are enabled. Use /api/v2/config/ to update or change the license.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "REDHAT_USERNAME": {
+ "type": "string",
+ "label": "Red Hat customer username",
+ "help_text": "This username is used to retrieve license information and to send Automation Analytics",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "REDHAT_PASSWORD": {
+ "type": "string",
+ "label": "Red Hat customer password",
+ "help_text": "This password is used to retrieve license information and to send Automation Analytics",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "AUTOMATION_ANALYTICS_URL": {
+ "type": "string",
+ "label": "Automation Analytics upload URL",
+ "help_text": "This setting is used to to configure data collection for the Automation Analytics dashboard",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "INSTALL_UUID": {
+ "type": "string",
+ "label": "Unique identifier for an AWX/Tower installation",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "CUSTOM_VENV_PATHS": {
+ "type": "list",
+ "label": "Custom virtual environment paths",
+ "help_text": "Paths where Tower will look for custom virtual environments (in addition to /var/lib/awx/venv/). Enter one path per line.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AD_HOC_COMMANDS": {
+ "type": "list",
+ "label": "Ansible Modules Allowed for Ad Hoc Jobs",
+ "help_text": "List of modules allowed to be used by ad-hoc jobs.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "ALLOW_JINJA_IN_EXTRA_VARS": {
+ "type": "choice",
+ "label": "When can extra variables contain Jinja templates?",
+ "help_text": "Ansible allows variable substitution via the Jinja2 templating language for --extra-vars. This poses a potential security risk where Tower users with the ability to specify extra vars at job launch time can use Jinja2 templates to run arbitrary Python. It is recommended that this value be set to \"template\" or \"never\".",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "always",
+ "Always"
+ ],
+ [
+ "never",
+ "Never"
+ ],
+ [
+ "template",
+ "Only On Job Template Definitions"
+ ]
+ ]
+ },
+ "AWX_PROOT_ENABLED": {
+ "type": "boolean",
+ "label": "Enable job isolation",
+ "help_text": "Isolates an Ansible job from protected parts of the system to prevent exposing sensitive information.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_PROOT_BASE_PATH": {
+ "type": "string",
+ "label": "Job execution path",
+ "help_text": "The directory in which Tower will create new temporary directories for job execution and isolation (such as credential files and custom inventory scripts).",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_PROOT_HIDE_PATHS": {
+ "type": "list",
+ "label": "Paths to hide from isolated jobs",
+ "help_text": "Additional paths to hide from isolated processes. Enter one path per line.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AWX_PROOT_SHOW_PATHS": {
+ "type": "list",
+ "label": "Paths to expose to isolated jobs",
+ "help_text": "List of paths that would otherwise be hidden to expose to isolated jobs. Enter one path per line.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AWX_ISOLATED_CHECK_INTERVAL": {
+ "type": "integer",
+ "label": "Isolated status check interval",
+ "help_text": "The number of seconds to sleep between status checks for jobs running on isolated instances.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "AWX_ISOLATED_LAUNCH_TIMEOUT": {
+ "type": "integer",
+ "label": "Isolated launch timeout",
+ "help_text": "The timeout (in seconds) for launching jobs on isolated instances. This includes the time needed to copy source control files (playbooks) to the isolated instance.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "AWX_ISOLATED_CONNECTION_TIMEOUT": {
+ "type": "integer",
+ "label": "Isolated connection timeout",
+ "help_text": "Ansible SSH connection timeout (in seconds) to use when communicating with isolated instances. Value should be substantially greater than expected network latency.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "AWX_ISOLATED_HOST_KEY_CHECKING": {
+ "type": "boolean",
+ "label": "Isolated host key checking",
+ "help_text": "When set to True, AWX will enforce strict host key checking for communication with isolated nodes.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_ISOLATED_KEY_GENERATION": {
+ "type": "boolean",
+ "label": "Generate RSA keys for isolated instances",
+ "help_text": "If set, a random RSA key will be generated and distributed to isolated instances. To disable this behavior and manage authentication for isolated instances outside of Tower, disable this setting.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_ISOLATED_PRIVATE_KEY": {
+ "type": "string",
+ "label": "The RSA private key for SSH traffic to isolated instances",
+ "help_text": "The RSA private key for SSH traffic to isolated instances",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_ISOLATED_PUBLIC_KEY": {
+ "type": "string",
+ "label": "The RSA public key for SSH traffic to isolated instances",
+ "help_text": "The RSA public key for SSH traffic to isolated instances",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_RESOURCE_PROFILING_ENABLED": {
+ "type": "boolean",
+ "label": "Enable detailed resource profiling on all playbook runs",
+ "help_text": "If set, detailed resource profiling data will be collected on all jobs. This data can be gathered with `sosreport`.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_RESOURCE_PROFILING_CPU_POLL_INTERVAL": {
+ "type": "float",
+ "label": "Interval (in seconds) between polls for cpu usage.",
+ "help_text": "Interval (in seconds) between polls for cpu usage. Setting this lower than the default will affect playbook performance.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_RESOURCE_PROFILING_MEMORY_POLL_INTERVAL": {
+ "type": "float",
+ "label": "Interval (in seconds) between polls for memory usage.",
+ "help_text": "Interval (in seconds) between polls for memory usage. Setting this lower than the default will affect playbook performance.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_RESOURCE_PROFILING_PID_POLL_INTERVAL": {
+ "type": "float",
+ "label": "Interval (in seconds) between polls for PID count.",
+ "help_text": "Interval (in seconds) between polls for PID count. Setting this lower than the default will affect playbook performance.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_TASK_ENV": {
+ "type": "nested object",
+ "label": "Extra Environment Variables",
+ "help_text": "Additional environment variables set for playbook runs, inventory updates, project updates, and notification sending.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "INSIGHTS_TRACKING_STATE": {
+ "type": "boolean",
+ "label": "Gather data for Automation Analytics",
+ "help_text": "Enables Tower to gather data on automation and send it to Red Hat.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "PROJECT_UPDATE_VVV": {
+ "type": "boolean",
+ "label": "Run Project Updates With Higher Verbosity",
+ "help_text": "Adds the CLI -vvv flag to ansible-playbook runs of project_update.yml used for project updates.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_ROLES_ENABLED": {
+ "type": "boolean",
+ "label": "Enable Role Download",
+ "help_text": "Allows roles to be dynamically downloaded from a requirements.yml file for SCM projects.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_COLLECTIONS_ENABLED": {
+ "type": "boolean",
+ "label": "Enable Collection(s) Download",
+ "help_text": "Allows collections to be dynamically downloaded from a requirements.yml file for SCM projects.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_SHOW_PLAYBOOK_LINKS": {
+ "type": "boolean",
+ "label": "Follow symlinks",
+ "help_text": "Follow symbolic links when scanning for playbooks. Be aware that setting this to True can lead to infinite recursion if a link points to a parent directory of itself.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "GALAXY_IGNORE_CERTS": {
+ "type": "boolean",
+ "label": "Ignore Ansible Galaxy SSL Certificate Verification",
+ "help_text": "If set to true, certificate validation will not be done when installing content from any Galaxy server.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "STDOUT_MAX_BYTES_DISPLAY": {
+ "type": "integer",
+ "label": "Standard Output Maximum Display Size",
+ "help_text": "Maximum Size of Standard Output in bytes to display before requiring the output be downloaded.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "EVENT_STDOUT_MAX_BYTES_DISPLAY": {
+ "type": "integer",
+ "label": "Job Event Standard Output Maximum Display Size",
+ "help_text": "Maximum Size of Standard Output in bytes to display for a single job or ad hoc command event. `stdout` will end with `…` when truncated.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "SCHEDULE_MAX_JOBS": {
+ "type": "integer",
+ "label": "Maximum Scheduled Jobs",
+ "help_text": "Maximum number of the same job template that can be waiting to run when launching from a schedule before no more are created.",
+ "min_value": 1,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "AWX_ANSIBLE_CALLBACK_PLUGINS": {
+ "type": "list",
+ "label": "Ansible Callback Plugins",
+ "help_text": "List of paths to search for extra callback plugins to be used when running jobs. Enter one path per line.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "DEFAULT_JOB_TIMEOUT": {
+ "type": "integer",
+ "label": "Default Job Timeout",
+ "help_text": "Maximum time in seconds to allow jobs to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual job template will override this.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "DEFAULT_INVENTORY_UPDATE_TIMEOUT": {
+ "type": "integer",
+ "label": "Default Inventory Update Timeout",
+ "help_text": "Maximum time in seconds to allow inventory updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual inventory source will override this.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "DEFAULT_PROJECT_UPDATE_TIMEOUT": {
+ "type": "integer",
+ "label": "Default Project Update Timeout",
+ "help_text": "Maximum time in seconds to allow project updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual project will override this.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "ANSIBLE_FACT_CACHE_TIMEOUT": {
+ "type": "integer",
+ "label": "Per-Host Ansible Fact Cache Timeout",
+ "help_text": "Maximum time, in seconds, that stored Ansible facts are considered valid since the last time they were modified. Only valid, non-stale, facts will be accessible by a playbook. Note, this does not influence the deletion of ansible_facts from the database. Use a value of 0 to indicate that no timeout should be imposed.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "MAX_FORKS": {
+ "type": "integer",
+ "label": "Maximum number of forks per job",
+ "help_text": "Saving a Job Template with more than this number of forks will result in an error. When set to 0, no limit is applied.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_HOST": {
+ "type": "string",
+ "label": "Logging Aggregator",
+ "help_text": "Hostname/IP where external logs will be sent to.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_PORT": {
+ "type": "integer",
+ "label": "Logging Aggregator Port",
+ "help_text": "Port on Logging Aggregator to send logs to (if required and not provided in Logging Aggregator).",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_TYPE": {
+ "type": "choice",
+ "label": "Logging Aggregator Type",
+ "help_text": "Format messages for the chosen log aggregator.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false,
+ "choices": [
+ [
+ null,
+ "---------"
+ ],
+ [
+ "logstash",
+ "logstash"
+ ],
+ [
+ "splunk",
+ "splunk"
+ ],
+ [
+ "loggly",
+ "loggly"
+ ],
+ [
+ "sumologic",
+ "sumologic"
+ ],
+ [
+ "other",
+ "other"
+ ]
+ ]
+ },
+ "LOG_AGGREGATOR_USERNAME": {
+ "type": "string",
+ "label": "Logging Aggregator Username",
+ "help_text": "Username for external log aggregator (if required; HTTP/s only).",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_PASSWORD": {
+ "type": "string",
+ "label": "Logging Aggregator Password/Token",
+ "help_text": "Password or authentication token for external log aggregator (if required; HTTP/s only).",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_LOGGERS": {
+ "type": "list",
+ "label": "Loggers Sending Data to Log Aggregator Form",
+ "help_text": "List of loggers that will send HTTP logs to the collector, these can include any or all of: \nawx - service logs\nactivity_stream - activity stream records\njob_events - callback data from Ansible job events\nsystem_tracking - facts gathered from scan jobs.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "LOG_AGGREGATOR_INDIVIDUAL_FACTS": {
+ "type": "boolean",
+ "label": "Log System Tracking Facts Individually",
+ "help_text": "If set, system tracking facts will be sent for each package, service, or other item found in a scan, allowing for greater search query granularity. If unset, facts will be sent as a single dictionary, allowing for greater efficiency in fact processing.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_ENABLED": {
+ "type": "boolean",
+ "label": "Enable External Logging",
+ "help_text": "Enable sending logs to external log aggregator.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_TOWER_UUID": {
+ "type": "string",
+ "label": "Cluster-wide Tower unique identifier.",
+ "help_text": "Useful to uniquely identify Tower instances.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_PROTOCOL": {
+ "type": "choice",
+ "label": "Logging Aggregator Protocol",
+ "help_text": "Protocol used to communicate with log aggregator. HTTPS/HTTP assumes HTTPS unless http:// is explicitly used in the Logging Aggregator hostname.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "https",
+ "HTTPS/HTTP"
+ ],
+ [
+ "tcp",
+ "TCP"
+ ],
+ [
+ "udp",
+ "UDP"
+ ]
+ ]
+ },
+ "LOG_AGGREGATOR_TCP_TIMEOUT": {
+ "type": "integer",
+ "label": "TCP Connection Timeout",
+ "help_text": "Number of seconds for a TCP connection to external log aggregator to timeout. Applies to HTTPS and TCP log aggregator protocols.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "LOG_AGGREGATOR_VERIFY_CERT": {
+ "type": "boolean",
+ "label": "Enable/disable HTTPS certificate verification",
+ "help_text": "Flag to control enable/disable of certificate verification when LOG_AGGREGATOR_PROTOCOL is \"https\". If enabled, Tower's log handler will verify certificate sent by external log aggregator before establishing connection.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_LEVEL": {
+ "type": "choice",
+ "label": "Logging Aggregator Level Threshold",
+ "help_text": "Level threshold used by log handler. Severities from lowest to highest are DEBUG, INFO, WARNING, ERROR, CRITICAL. Messages less severe than the threshold will be ignored by log handler. (messages under category awx.anlytics ignore this setting)",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "DEBUG",
+ "DEBUG"
+ ],
+ [
+ "INFO",
+ "INFO"
+ ],
+ [
+ "WARNING",
+ "WARNING"
+ ],
+ [
+ "ERROR",
+ "ERROR"
+ ],
+ [
+ "CRITICAL",
+ "CRITICAL"
+ ]
+ ]
+ },
+ "LOG_AGGREGATOR_MAX_DISK_USAGE_GB": {
+ "type": "integer",
+ "label": "Maximum disk persistance for external log aggregation (in GB)",
+ "help_text": "Amount of data to store (in gigabytes) during an outage of the external log aggregator (defaults to 1). Equivalent to the rsyslogd queue.maxdiskspace setting.",
+ "min_value": 1,
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_MAX_DISK_USAGE_PATH": {
+ "type": "string",
+ "label": "File system location for rsyslogd disk persistence",
+ "help_text": "Location to persist logs that should be retried after an outage of the external log aggregator (defaults to /var/lib/awx). Equivalent to the rsyslogd queue.spoolDirectory setting.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "LOG_AGGREGATOR_RSYSLOGD_DEBUG": {
+ "type": "boolean",
+ "label": "Enable rsyslogd debugging",
+ "help_text": "Enabled high verbosity debugging for rsyslogd. Useful for debugging connection issues for external log aggregation.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "defined_in_file": false
+ },
+ "AUTOMATION_ANALYTICS_LAST_GATHER": {
+ "type": "datetime",
+ "label": "Last gather date for Automation Analytics.",
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false
+ },
+ "AUTOMATION_ANALYTICS_GATHER_INTERVAL": {
+ "type": "integer",
+ "label": "Automation Analytics Gather Interval",
+ "help_text": "Interval (in seconds) between data gathering.",
+ "min_value": 1800,
+ "category": "System",
+ "category_slug": "system",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "SESSION_COOKIE_AGE": {
+ "type": "integer",
+ "label": "Idle Time Force Log Out",
+ "help_text": "Number of seconds that a user is inactive before they will need to login again.",
+ "min_value": 60,
+ "max_value": 30000000000,
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "SESSIONS_PER_USER": {
+ "type": "integer",
+ "label": "Maximum number of simultaneous logged in sessions",
+ "help_text": "Maximum number of simultaneous logged in sessions a user may have. To disable enter -1.",
+ "min_value": -1,
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false
+ },
+ "AUTH_BASIC_ENABLED": {
+ "type": "boolean",
+ "label": "Enable HTTP Basic Auth",
+ "help_text": "Enable HTTP Basic Auth for the API Browser.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false
+ },
+ "OAUTH2_PROVIDER": {
+ "type": "nested object",
+ "label": "OAuth 2 Timeout Settings",
+ "help_text": "Dictionary for customizing OAuth 2 timeouts, available items are `ACCESS_TOKEN_EXPIRE_SECONDS`, the duration of access tokens in the number of seconds, `AUTHORIZATION_CODE_EXPIRE_SECONDS`, the duration of authorization codes in the number of seconds, and `REFRESH_TOKEN_EXPIRE_SECONDS`, the duration of refresh tokens, after expired access tokens, in the number of seconds.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false,
+ "unit": "seconds",
+ "child": {
+ "type": "integer",
+ "min_value": 1
+ }
+ },
+ "ALLOW_OAUTH2_FOR_EXTERNAL_USERS": {
+ "type": "boolean",
+ "label": "Allow External Users to Create OAuth2 Tokens",
+ "help_text": "For security reasons, users from external auth providers (LDAP, SAML, SSO, Radius, and others) are not allowed to create OAuth2 tokens. To change this behavior, enable this setting. Existing tokens will not be deleted when this setting is toggled off.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false
+ },
+ "LOGIN_REDIRECT_OVERRIDE": {
+ "type": "string",
+ "label": "Login redirect override URL",
+ "help_text": "URL to which unauthorized users will be redirected to log in. If blank, users will be sent to the Tower login page.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false
+ },
+ "PENDO_TRACKING_STATE": {
+ "type": "choice",
+ "label": "User Analytics Tracking State",
+ "help_text": "Enable or Disable User Analytics Tracking.",
+ "category": "UI",
+ "category_slug": "ui",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "off",
+ "Off"
+ ],
+ [
+ "anonymous",
+ "Anonymous"
+ ],
+ [
+ "detailed",
+ "Detailed"
+ ]
+ ]
+ },
+ "CUSTOM_LOGIN_INFO": {
+ "type": "string",
+ "label": "Custom Login Info",
+ "help_text": "If needed, you can add specific information (such as a legal notice or a disclaimer) to a text box in the login modal using this setting. Any content added must be in plain text or an HTML fragment, as other markup languages are not supported.",
+ "category": "UI",
+ "category_slug": "ui",
+ "defined_in_file": false
+ },
+ "CUSTOM_LOGO": {
+ "type": "string",
+ "label": "Custom Logo",
+ "help_text": "To set up a custom logo, provide a file that you create. For the custom logo to look its best, use a .png file with a transparent background. GIF, PNG and JPEG formats are supported.",
+ "category": "UI",
+ "category_slug": "ui",
+ "defined_in_file": false
+ },
+ "MAX_UI_JOB_EVENTS": {
+ "type": "integer",
+ "label": "Max Job Events Retrieved by UI",
+ "help_text": "Maximum number of job events for the UI to retrieve within a single request.",
+ "min_value": 100,
+ "category": "UI",
+ "category_slug": "ui",
+ "defined_in_file": false
+ },
+ "UI_LIVE_UPDATES_ENABLED": {
+ "type": "boolean",
+ "label": "Enable Live Updates in the UI",
+ "help_text": "If disabled, the page will not refresh when events are received. Reloading the page will be required to get the latest details.",
+ "category": "UI",
+ "category_slug": "ui",
+ "defined_in_file": false
+ },
+ "AUTHENTICATION_BACKENDS": {
+ "type": "list",
+ "label": "Authentication Backends",
+ "help_text": "List of authentication backends that are enabled based on license features and other authentication settings.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "SOCIAL_AUTH_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "Social Auth Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_TEAM_MAP": {
+ "type": "nested object",
+ "label": "Social Auth Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_USER_FIELDS": {
+ "type": "list",
+ "label": "Social Auth User Fields",
+ "help_text": "When set to an empty list `[]`, this setting prevents new user accounts from being created. Only users who have previously logged in using social auth or have a user account with a matching email address will be able to login.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_SERVER_URI": {
+ "type": "string",
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_BIND_DN": {
+ "type": "string",
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_BIND_PASSWORD": {
+ "type": "string",
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_START_TLS": {
+ "type": "boolean",
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_USER_SEARCH": {
+ "type": "list",
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_USER_DN_TEMPLATE": {
+ "type": "string",
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_USER_ATTR_MAP": {
+ "type": "nested object",
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_GROUP_SEARCH": {
+ "type": "list",
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_GROUP_TYPE": {
+ "type": "choice",
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_REQUIRE_GROUP": {
+ "type": "string",
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_DENY_GROUP": {
+ "type": "string",
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "list",
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_TEAM_MAP": {
+ "type": "nested object",
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_1_SERVER_URI": {
+ "type": "string",
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_BIND_DN": {
+ "type": "string",
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_BIND_PASSWORD": {
+ "type": "string",
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_START_TLS": {
+ "type": "boolean",
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_1_USER_SEARCH": {
+ "type": "list",
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_1_USER_DN_TEMPLATE": {
+ "type": "string",
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_USER_ATTR_MAP": {
+ "type": "nested object",
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_1_GROUP_SEARCH": {
+ "type": "list",
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_1_GROUP_TYPE": {
+ "type": "choice",
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_1_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_1_REQUIRE_GROUP": {
+ "type": "string",
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_DENY_GROUP": {
+ "type": "string",
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_1_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "list",
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_1_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_1_TEAM_MAP": {
+ "type": "nested object",
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_2_SERVER_URI": {
+ "type": "string",
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_BIND_DN": {
+ "type": "string",
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_BIND_PASSWORD": {
+ "type": "string",
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_START_TLS": {
+ "type": "boolean",
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_2_USER_SEARCH": {
+ "type": "list",
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_2_USER_DN_TEMPLATE": {
+ "type": "string",
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_USER_ATTR_MAP": {
+ "type": "nested object",
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_2_GROUP_SEARCH": {
+ "type": "list",
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_2_GROUP_TYPE": {
+ "type": "choice",
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_2_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_2_REQUIRE_GROUP": {
+ "type": "string",
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_DENY_GROUP": {
+ "type": "string",
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_2_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "list",
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_2_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_2_TEAM_MAP": {
+ "type": "nested object",
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_3_SERVER_URI": {
+ "type": "string",
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_BIND_DN": {
+ "type": "string",
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_BIND_PASSWORD": {
+ "type": "string",
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_START_TLS": {
+ "type": "boolean",
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_3_USER_SEARCH": {
+ "type": "list",
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_3_USER_DN_TEMPLATE": {
+ "type": "string",
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_USER_ATTR_MAP": {
+ "type": "nested object",
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_3_GROUP_SEARCH": {
+ "type": "list",
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_3_GROUP_TYPE": {
+ "type": "choice",
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_3_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_3_REQUIRE_GROUP": {
+ "type": "string",
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_DENY_GROUP": {
+ "type": "string",
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_3_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "list",
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_3_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_3_TEAM_MAP": {
+ "type": "nested object",
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_4_SERVER_URI": {
+ "type": "string",
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_BIND_DN": {
+ "type": "string",
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_BIND_PASSWORD": {
+ "type": "string",
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_START_TLS": {
+ "type": "boolean",
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_4_USER_SEARCH": {
+ "type": "list",
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_4_USER_DN_TEMPLATE": {
+ "type": "string",
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_USER_ATTR_MAP": {
+ "type": "nested object",
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_4_GROUP_SEARCH": {
+ "type": "list",
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_4_GROUP_TYPE": {
+ "type": "choice",
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_4_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_4_REQUIRE_GROUP": {
+ "type": "string",
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_DENY_GROUP": {
+ "type": "string",
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_4_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "list",
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_4_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_4_TEAM_MAP": {
+ "type": "nested object",
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_5_SERVER_URI": {
+ "type": "string",
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_BIND_DN": {
+ "type": "string",
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_BIND_PASSWORD": {
+ "type": "string",
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_START_TLS": {
+ "type": "boolean",
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_5_USER_SEARCH": {
+ "type": "list",
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_5_USER_DN_TEMPLATE": {
+ "type": "string",
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_USER_ATTR_MAP": {
+ "type": "nested object",
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "AUTH_LDAP_5_GROUP_SEARCH": {
+ "type": "list",
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_5_GROUP_TYPE": {
+ "type": "choice",
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_5_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "AUTH_LDAP_5_REQUIRE_GROUP": {
+ "type": "string",
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_DENY_GROUP": {
+ "type": "string",
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false
+ },
+ "AUTH_LDAP_5_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "list",
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_5_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_5_TEAM_MAP": {
+ "type": "nested object",
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "RADIUS_SERVER": {
+ "type": "string",
+ "label": "RADIUS Server",
+ "help_text": "Hostname/IP of RADIUS server. RADIUS authentication is disabled if this setting is empty.",
+ "category": "RADIUS",
+ "category_slug": "radius",
+ "defined_in_file": false
+ },
+ "RADIUS_PORT": {
+ "type": "integer",
+ "label": "RADIUS Port",
+ "help_text": "Port of RADIUS server.",
+ "min_value": 1,
+ "max_value": 65535,
+ "category": "RADIUS",
+ "category_slug": "radius",
+ "defined_in_file": false
+ },
+ "RADIUS_SECRET": {
+ "type": "string",
+ "label": "RADIUS Secret",
+ "help_text": "Shared secret for authenticating to RADIUS server.",
+ "category": "RADIUS",
+ "category_slug": "radius",
+ "defined_in_file": false
+ },
+ "TACACSPLUS_HOST": {
+ "type": "string",
+ "label": "TACACS+ Server",
+ "help_text": "Hostname of TACACS+ server.",
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "defined_in_file": false
+ },
+ "TACACSPLUS_PORT": {
+ "type": "integer",
+ "label": "TACACS+ Port",
+ "help_text": "Port number of TACACS+ server.",
+ "min_value": 1,
+ "max_value": 65535,
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "defined_in_file": false
+ },
+ "TACACSPLUS_SECRET": {
+ "type": "string",
+ "label": "TACACS+ Secret",
+ "help_text": "Shared secret for authenticating to TACACS+ server.",
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "defined_in_file": false
+ },
+ "TACACSPLUS_SESSION_TIMEOUT": {
+ "type": "integer",
+ "label": "TACACS+ Auth Session Timeout",
+ "help_text": "TACACS+ session timeout value in seconds, 0 disables timeout.",
+ "min_value": 0,
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "defined_in_file": false,
+ "unit": "seconds"
+ },
+ "TACACSPLUS_AUTH_PROTOCOL": {
+ "type": "choice",
+ "label": "TACACS+ Authentication Protocol",
+ "help_text": "Choose the authentication protocol used by TACACS+ client.",
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "defined_in_file": false,
+ "choices": [
+ [
+ "ascii",
+ "ascii"
+ ],
+ [
+ "pap",
+ "pap"
+ ]
+ ]
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_CALLBACK_URL": {
+ "type": "string",
+ "label": "Google OAuth2 Callback URL",
+ "help_text": "Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_KEY": {
+ "type": "string",
+ "label": "Google OAuth2 Key",
+ "help_text": "The OAuth2 key from your web application.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET": {
+ "type": "string",
+ "label": "Google OAuth2 Secret",
+ "help_text": "The OAuth2 secret from your web application.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS": {
+ "type": "list",
+ "label": "Google OAuth2 Allowed Domains",
+ "help_text": "Update this setting to restrict the domains who are allowed to login using Google OAuth2.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false,
+ "child": {
+ "type": "string"
+ }
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS": {
+ "type": "nested object",
+ "label": "Google OAuth2 Extra Arguments",
+ "help_text": "Extra arguments for Google OAuth2 login. You can restrict it to only allow a single domain to authenticate, even if the user is logged in with multple Google accounts. Refer to the Ansible Tower documentation for more detail.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "Google OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_TEAM_MAP": {
+ "type": "nested object",
+ "label": "Google OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_CALLBACK_URL": {
+ "type": "string",
+ "label": "GitHub OAuth2 Callback URL",
+ "help_text": "Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_KEY": {
+ "type": "string",
+ "label": "GitHub OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your GitHub developer application.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_SECRET": {
+ "type": "string",
+ "label": "GitHub OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your GitHub developer application.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "GitHub OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_MAP": {
+ "type": "nested object",
+ "label": "GitHub OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_CALLBACK_URL": {
+ "type": "string",
+ "label": "GitHub Organization OAuth2 Callback URL",
+ "help_text": "Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_KEY": {
+ "type": "string",
+ "label": "GitHub Organization OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your GitHub organization application.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_SECRET": {
+ "type": "string",
+ "label": "GitHub Organization OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your GitHub organization application.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_NAME": {
+ "type": "string",
+ "label": "GitHub Organization Name",
+ "help_text": "The name of your GitHub organization, as used in your organization's URL: https://github.com//.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "GitHub Organization OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_TEAM_MAP": {
+ "type": "nested object",
+ "label": "GitHub Organization OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_CALLBACK_URL": {
+ "type": "string",
+ "label": "GitHub Team OAuth2 Callback URL",
+ "help_text": "Create an organization-owned application at https://github.com/organizations//settings/applications and obtain an OAuth2 key (Client ID) and secret (Client Secret). Provide this URL as the callback URL for your application.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_KEY": {
+ "type": "string",
+ "label": "GitHub Team OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your GitHub organization application.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_SECRET": {
+ "type": "string",
+ "label": "GitHub Team OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your GitHub organization application.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_ID": {
+ "type": "string",
+ "label": "GitHub Team ID",
+ "help_text": "Find the numeric team ID using the Github API: http://fabian-kostadinov.github.io/2015/01/16/how-to-find-a-github-team-id/.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "GitHub Team OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP": {
+ "type": "nested object",
+ "label": "GitHub Team OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_CALLBACK_URL": {
+ "type": "string",
+ "label": "Azure AD OAuth2 Callback URL",
+ "help_text": "Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail. ",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_KEY": {
+ "type": "string",
+ "label": "Azure AD OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your Azure AD application.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET": {
+ "type": "string",
+ "label": "Azure AD OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your Azure AD application.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "Azure AD OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP": {
+ "type": "nested object",
+ "label": "Azure AD OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SAML_AUTO_CREATE_OBJECTS": {
+ "type": "boolean",
+ "label": "Automatically Create Organizations and Teams on SAML Login",
+ "help_text": "When enabled (the default), mapped Organizations and Teams will be created automatically on successful SAML login.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_SAML_CALLBACK_URL": {
+ "type": "string",
+ "label": "SAML Assertion Consumer Service (ACS) URL",
+ "help_text": "Register Tower as a service provider (SP) with each identity provider (IdP) you have configured. Provide your SP Entity ID and this ACS URL for your application.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_SAML_METADATA_URL": {
+ "type": "string",
+ "label": "SAML Service Provider Metadata URL",
+ "help_text": "If your identity provider (IdP) allows uploading an XML metadata file, you can download one from this URL.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_SAML_SP_ENTITY_ID": {
+ "type": "string",
+ "label": "SAML Service Provider Entity ID",
+ "help_text": "The application-defined unique identifier used as the audience of the SAML service provider (SP) configuration. This is usually the URL for Tower.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_SAML_SP_PUBLIC_CERT": {
+ "type": "string",
+ "label": "SAML Service Provider Public Certificate",
+ "help_text": "Create a keypair for Tower to use as a service provider (SP) and include the certificate content here.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_SAML_SP_PRIVATE_KEY": {
+ "type": "string",
+ "label": "SAML Service Provider Private Key",
+ "help_text": "Create a keypair for Tower to use as a service provider (SP) and include the private key content here.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false
+ },
+ "SOCIAL_AUTH_SAML_ORG_INFO": {
+ "type": "nested object",
+ "label": "SAML Service Provider Organization Info",
+ "help_text": "Provide the URL, display name, and the name of your app. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_TECHNICAL_CONTACT": {
+ "type": "nested object",
+ "label": "SAML Service Provider Technical Contact",
+ "help_text": "Provide the name and email address of the technical contact for your service provider. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_SAML_SUPPORT_CONTACT": {
+ "type": "nested object",
+ "label": "SAML Service Provider Support Contact",
+ "help_text": "Provide the name and email address of the support contact for your service provider. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_SAML_ENABLED_IDPS": {
+ "type": "nested object",
+ "label": "SAML Enabled Identity Providers",
+ "help_text": "Configure the Entity ID, SSO URL and certificate for each identity provider (IdP) in use. Multiple SAML IdPs are supported. Some IdPs may provide user data using attribute names that differ from the default OIDs. Attribute names may be overridden for each IdP. Refer to the Ansible documentation for additional details and syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_SECURITY_CONFIG": {
+ "type": "nested object",
+ "label": "SAML Security Config",
+ "help_text": "A dict of key value pairs that are passed to the underlying python-saml security setting https://github.com/onelogin/python-saml#settings",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_SAML_SP_EXTRA": {
+ "type": "nested object",
+ "label": "SAML Service Provider extra configuration data",
+ "help_text": "A dict of key value pairs to be passed to the underlying python-saml Service Provider configuration setting.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_SAML_EXTRA_DATA": {
+ "type": "list",
+ "label": "SAML IDP to extra_data attribute mapping",
+ "help_text": "A list of tuples that maps IDP attributes to extra_attributes. Each attribute will be a list of values, even if only 1 value.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_SAML_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "label": "SAML Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_TEAM_MAP": {
+ "type": "nested object",
+ "label": "SAML Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "nested object",
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_ORGANIZATION_ATTR": {
+ "type": "nested object",
+ "label": "SAML Organization Attribute Mapping",
+ "help_text": "Used to translate user organization membership into Tower.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "SOCIAL_AUTH_SAML_TEAM_ATTR": {
+ "type": "nested object",
+ "label": "SAML Team Attribute Mapping",
+ "help_text": "Used to translate user team membership into Tower.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "NAMED_URL_FORMATS": {
+ "type": "nested object",
+ "label": "Formats of all available named urls",
+ "help_text": "Read-only list of key-value pairs that shows the standard format of all available named URLs.",
+ "category": "Named URL",
+ "category_slug": "named-url",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ },
+ "NAMED_URL_GRAPH_NODES": {
+ "type": "nested object",
+ "label": "List of all named url graph nodes.",
+ "help_text": "Read-only list of key-value pairs that exposes named URL graph topology. Use this list to programmatically generate named URLs for resources",
+ "category": "Named URL",
+ "category_slug": "named-url",
+ "defined_in_file": false,
+ "child": {
+ "type": "field"
+ }
+ }
+ },
+ "PUT": {
+ "ACTIVITY_STREAM_ENABLED": {
+ "type": "boolean",
+ "required": true,
+ "label": "Enable Activity Stream",
+ "help_text": "Enable capturing activity for the activity stream.",
+ "category": "System",
+ "category_slug": "system",
+ "default": true
+ },
+ "ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC": {
+ "type": "boolean",
+ "required": true,
+ "label": "Enable Activity Stream for Inventory Sync",
+ "help_text": "Enable capturing activity for the activity stream when running inventory sync.",
+ "category": "System",
+ "category_slug": "system",
+ "default": false
+ },
+ "ORG_ADMINS_CAN_SEE_ALL_USERS": {
+ "type": "boolean",
+ "required": true,
+ "label": "All Users Visible to Organization Admins",
+ "help_text": "Controls whether any Organization Admin can view all users and teams, even those not associated with their Organization.",
+ "category": "System",
+ "category_slug": "system",
+ "default": true
+ },
+ "MANAGE_ORGANIZATION_AUTH": {
+ "type": "boolean",
+ "required": true,
+ "label": "Organization Admins Can Manage Users and Teams",
+ "help_text": "Controls whether any Organization Admin has the privileges to create and manage users and teams. You may want to disable this ability if you are using an LDAP or SAML integration.",
+ "category": "System",
+ "category_slug": "system",
+ "default": true
+ },
+ "TOWER_URL_BASE": {
+ "type": "string",
+ "required": true,
+ "label": "Base URL of the Tower host",
+ "help_text": "This setting is used by services like notifications to render a valid url to the Tower host.",
+ "category": "System",
+ "category_slug": "system",
+ "default": "https://localhost:8043"
+ },
+ "REMOTE_HOST_HEADERS": {
+ "type": "list",
+ "required": true,
+ "label": "Remote Host Headers",
+ "help_text": "HTTP headers and meta keys to search to determine remote host name or IP. Add additional items to this list, such as \"HTTP_X_FORWARDED_FOR\", if behind a reverse proxy. See the \"Proxy Support\" section of the Adminstrator guide for more details.",
+ "category": "System",
+ "category_slug": "system",
+ "default": [
+ "REMOTE_ADDR",
+ "REMOTE_HOST"
+ ],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "PROXY_IP_ALLOWED_LIST": {
+ "type": "list",
+ "required": true,
+ "label": "Proxy IP Allowed List",
+ "help_text": "If Tower is behind a reverse proxy/load balancer, use this setting to configure the proxy IP addresses from which Tower should trust custom REMOTE_HOST_HEADERS header values. If this setting is an empty list (the default), the headers specified by REMOTE_HOST_HEADERS will be trusted unconditionally')",
+ "category": "System",
+ "category_slug": "system",
+ "default": [],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "REDHAT_USERNAME": {
+ "type": "string",
+ "required": false,
+ "label": "Red Hat customer username",
+ "help_text": "This username is used to retrieve license information and to send Automation Analytics",
+ "category": "System",
+ "category_slug": "system",
+ "default": ""
+ },
+ "REDHAT_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "Red Hat customer password",
+ "help_text": "This password is used to retrieve license information and to send Automation Analytics",
+ "category": "System",
+ "category_slug": "system",
+ "default": ""
+ },
+ "AUTOMATION_ANALYTICS_URL": {
+ "type": "string",
+ "required": false,
+ "label": "Automation Analytics upload URL",
+ "help_text": "This setting is used to to configure data collection for the Automation Analytics dashboard",
+ "category": "System",
+ "category_slug": "system",
+ "default": "https://example.com"
+ },
+ "CUSTOM_VENV_PATHS": {
+ "type": "list",
+ "required": false,
+ "label": "Custom virtual environment paths",
+ "help_text": "Paths where Tower will look for custom virtual environments (in addition to /var/lib/awx/venv/). Enter one path per line.",
+ "category": "System",
+ "category_slug": "system",
+ "default": [],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AD_HOC_COMMANDS": {
+ "type": "list",
+ "required": false,
+ "label": "Ansible Modules Allowed for Ad Hoc Jobs",
+ "help_text": "List of modules allowed to be used by ad-hoc jobs.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": [
+ "command",
+ "shell",
+ "yum",
+ "apt",
+ "apt_key",
+ "apt_repository",
+ "apt_rpm",
+ "service",
+ "group",
+ "user",
+ "mount",
+ "ping",
+ "selinux",
+ "setup",
+ "win_ping",
+ "win_service",
+ "win_updates",
+ "win_group",
+ "win_user"
+ ],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "ALLOW_JINJA_IN_EXTRA_VARS": {
+ "type": "choice",
+ "required": true,
+ "label": "When can extra variables contain Jinja templates?",
+ "help_text": "Ansible allows variable substitution via the Jinja2 templating language for --extra-vars. This poses a potential security risk where Tower users with the ability to specify extra vars at job launch time can use Jinja2 templates to run arbitrary Python. It is recommended that this value be set to \"template\" or \"never\".",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": "template",
+ "choices": [
+ [
+ "always",
+ "Always"
+ ],
+ [
+ "never",
+ "Never"
+ ],
+ [
+ "template",
+ "Only On Job Template Definitions"
+ ]
+ ]
+ },
+ "AWX_PROOT_ENABLED": {
+ "type": "boolean",
+ "required": true,
+ "label": "Enable job isolation",
+ "help_text": "Isolates an Ansible job from protected parts of the system to prevent exposing sensitive information.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": true
+ },
+ "AWX_PROOT_BASE_PATH": {
+ "type": "string",
+ "required": true,
+ "label": "Job execution path",
+ "help_text": "The directory in which Tower will create new temporary directories for job execution and isolation (such as credential files and custom inventory scripts).",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": "/tmp"
+ },
+ "AWX_PROOT_HIDE_PATHS": {
+ "type": "list",
+ "required": false,
+ "label": "Paths to hide from isolated jobs",
+ "help_text": "Additional paths to hide from isolated processes. Enter one path per line.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": [],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AWX_PROOT_SHOW_PATHS": {
+ "type": "list",
+ "required": false,
+ "label": "Paths to expose to isolated jobs",
+ "help_text": "List of paths that would otherwise be hidden to expose to isolated jobs. Enter one path per line.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": [],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AWX_ISOLATED_CHECK_INTERVAL": {
+ "type": "integer",
+ "required": true,
+ "label": "Isolated status check interval",
+ "help_text": "The number of seconds to sleep between status checks for jobs running on isolated instances.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 1
+ },
+ "AWX_ISOLATED_LAUNCH_TIMEOUT": {
+ "type": "integer",
+ "required": true,
+ "label": "Isolated launch timeout",
+ "help_text": "The timeout (in seconds) for launching jobs on isolated instances. This includes the time needed to copy source control files (playbooks) to the isolated instance.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 600
+ },
+ "AWX_ISOLATED_CONNECTION_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "Isolated connection timeout",
+ "help_text": "Ansible SSH connection timeout (in seconds) to use when communicating with isolated instances. Value should be substantially greater than expected network latency.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 10
+ },
+ "AWX_ISOLATED_HOST_KEY_CHECKING": {
+ "type": "boolean",
+ "required": false,
+ "label": "Isolated host key checking",
+ "help_text": "When set to True, AWX will enforce strict host key checking for communication with isolated nodes.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": false
+ },
+ "AWX_RESOURCE_PROFILING_ENABLED": {
+ "type": "boolean",
+ "required": false,
+ "label": "Enable detailed resource profiling on all playbook runs",
+ "help_text": "If set, detailed resource profiling data will be collected on all jobs. This data can be gathered with `sosreport`.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": false
+ },
+ "AWX_RESOURCE_PROFILING_CPU_POLL_INTERVAL": {
+ "type": "float",
+ "required": false,
+ "label": "Interval (in seconds) between polls for cpu usage.",
+ "help_text": "Interval (in seconds) between polls for cpu usage. Setting this lower than the default will affect playbook performance.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 0.25
+ },
+ "AWX_RESOURCE_PROFILING_MEMORY_POLL_INTERVAL": {
+ "type": "float",
+ "required": false,
+ "label": "Interval (in seconds) between polls for memory usage.",
+ "help_text": "Interval (in seconds) between polls for memory usage. Setting this lower than the default will affect playbook performance.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 0.25
+ },
+ "AWX_RESOURCE_PROFILING_PID_POLL_INTERVAL": {
+ "type": "float",
+ "required": false,
+ "label": "Interval (in seconds) between polls for PID count.",
+ "help_text": "Interval (in seconds) between polls for PID count. Setting this lower than the default will affect playbook performance.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 0.25
+ },
+ "AWX_TASK_ENV": {
+ "type": "nested object",
+ "required": false,
+ "label": "Extra Environment Variables",
+ "help_text": "Additional environment variables set for playbook runs, inventory updates, project updates, and notification sending.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "placeholder": {
+ "HTTP_PROXY": "myproxy.local:8080"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "INSIGHTS_TRACKING_STATE": {
+ "type": "boolean",
+ "required": false,
+ "label": "Gather data for Automation Analytics",
+ "help_text": "Enables Tower to gather data on automation and send it to Red Hat.",
+ "category": "System",
+ "category_slug": "system",
+ "default": false
+ },
+ "PROJECT_UPDATE_VVV": {
+ "type": "boolean",
+ "required": true,
+ "label": "Run Project Updates With Higher Verbosity",
+ "help_text": "Adds the CLI -vvv flag to ansible-playbook runs of project_update.yml used for project updates.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": false
+ },
+ "AWX_ROLES_ENABLED": {
+ "type": "boolean",
+ "required": false,
+ "label": "Enable Role Download",
+ "help_text": "Allows roles to be dynamically downloaded from a requirements.yml file for SCM projects.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": true
+ },
+ "AWX_COLLECTIONS_ENABLED": {
+ "type": "boolean",
+ "required": false,
+ "label": "Enable Collection(s) Download",
+ "help_text": "Allows collections to be dynamically downloaded from a requirements.yml file for SCM projects.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": true
+ },
+ "AWX_SHOW_PLAYBOOK_LINKS": {
+ "type": "boolean",
+ "required": false,
+ "label": "Follow symlinks",
+ "help_text": "Follow symbolic links when scanning for playbooks. Be aware that setting this to True can lead to infinite recursion if a link points to a parent directory of itself.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": false
+ },
+ "GALAXY_IGNORE_CERTS": {
+ "type": "boolean",
+ "required": false,
+ "label": "Ignore Ansible Galaxy SSL Certificate Verification",
+ "help_text": "If set to true, certificate validation will not be done when installing content from any Galaxy server.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": false
+ },
+ "STDOUT_MAX_BYTES_DISPLAY": {
+ "type": "integer",
+ "required": true,
+ "label": "Standard Output Maximum Display Size",
+ "help_text": "Maximum Size of Standard Output in bytes to display before requiring the output be downloaded.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 1048576
+ },
+ "EVENT_STDOUT_MAX_BYTES_DISPLAY": {
+ "type": "integer",
+ "required": true,
+ "label": "Job Event Standard Output Maximum Display Size",
+ "help_text": "Maximum Size of Standard Output in bytes to display for a single job or ad hoc command event. `stdout` will end with `…` when truncated.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 1024
+ },
+ "SCHEDULE_MAX_JOBS": {
+ "type": "integer",
+ "required": true,
+ "label": "Maximum Scheduled Jobs",
+ "help_text": "Maximum number of the same job template that can be waiting to run when launching from a schedule before no more are created.",
+ "min_value": 1,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 10
+ },
+ "AWX_ANSIBLE_CALLBACK_PLUGINS": {
+ "type": "list",
+ "required": false,
+ "label": "Ansible Callback Plugins",
+ "help_text": "List of paths to search for extra callback plugins to be used when running jobs. Enter one path per line.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": [],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "DEFAULT_JOB_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "Default Job Timeout",
+ "help_text": "Maximum time in seconds to allow jobs to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual job template will override this.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 0
+ },
+ "DEFAULT_INVENTORY_UPDATE_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "Default Inventory Update Timeout",
+ "help_text": "Maximum time in seconds to allow inventory updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual inventory source will override this.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 0
+ },
+ "DEFAULT_PROJECT_UPDATE_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "Default Project Update Timeout",
+ "help_text": "Maximum time in seconds to allow project updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual project will override this.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 0
+ },
+ "ANSIBLE_FACT_CACHE_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "Per-Host Ansible Fact Cache Timeout",
+ "help_text": "Maximum time, in seconds, that stored Ansible facts are considered valid since the last time they were modified. Only valid, non-stale, facts will be accessible by a playbook. Note, this does not influence the deletion of ansible_facts from the database. Use a value of 0 to indicate that no timeout should be imposed.",
+ "min_value": 0,
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "unit": "seconds",
+ "default": 0
+ },
+ "MAX_FORKS": {
+ "type": "integer",
+ "required": false,
+ "label": "Maximum number of forks per job",
+ "help_text": "Saving a Job Template with more than this number of forks will result in an error. When set to 0, no limit is applied.",
+ "category": "Jobs",
+ "category_slug": "jobs",
+ "default": 200
+ },
+ "LOG_AGGREGATOR_HOST": {
+ "type": "string",
+ "required": false,
+ "label": "Logging Aggregator",
+ "help_text": "Hostname/IP where external logs will be sent to.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": null
+ },
+ "LOG_AGGREGATOR_PORT": {
+ "type": "integer",
+ "required": false,
+ "label": "Logging Aggregator Port",
+ "help_text": "Port on Logging Aggregator to send logs to (if required and not provided in Logging Aggregator).",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": null
+ },
+ "LOG_AGGREGATOR_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "Logging Aggregator Type",
+ "help_text": "Format messages for the chosen log aggregator.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": null,
+ "choices": [
+ [
+ null,
+ "---------"
+ ],
+ [
+ "logstash",
+ "logstash"
+ ],
+ [
+ "splunk",
+ "splunk"
+ ],
+ [
+ "loggly",
+ "loggly"
+ ],
+ [
+ "sumologic",
+ "sumologic"
+ ],
+ [
+ "other",
+ "other"
+ ]
+ ]
+ },
+ "LOG_AGGREGATOR_USERNAME": {
+ "type": "string",
+ "required": false,
+ "label": "Logging Aggregator Username",
+ "help_text": "Username for external log aggregator (if required; HTTP/s only).",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": ""
+ },
+ "LOG_AGGREGATOR_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "Logging Aggregator Password/Token",
+ "help_text": "Password or authentication token for external log aggregator (if required; HTTP/s only).",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": ""
+ },
+ "LOG_AGGREGATOR_LOGGERS": {
+ "type": "list",
+ "required": false,
+ "label": "Loggers Sending Data to Log Aggregator Form",
+ "help_text": "List of loggers that will send HTTP logs to the collector, these can include any or all of: \nawx - service logs\nactivity_stream - activity stream records\njob_events - callback data from Ansible job events\nsystem_tracking - facts gathered from scan jobs.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": [
+ "awx",
+ "activity_stream",
+ "job_events",
+ "system_tracking"
+ ],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "LOG_AGGREGATOR_INDIVIDUAL_FACTS": {
+ "type": "boolean",
+ "required": false,
+ "label": "Log System Tracking Facts Individually",
+ "help_text": "If set, system tracking facts will be sent for each package, service, or other item found in a scan, allowing for greater search query granularity. If unset, facts will be sent as a single dictionary, allowing for greater efficiency in fact processing.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": false
+ },
+ "LOG_AGGREGATOR_ENABLED": {
+ "type": "boolean",
+ "required": false,
+ "label": "Enable External Logging",
+ "help_text": "Enable sending logs to external log aggregator.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": false
+ },
+ "LOG_AGGREGATOR_TOWER_UUID": {
+ "type": "string",
+ "required": false,
+ "label": "Cluster-wide Tower unique identifier.",
+ "help_text": "Useful to uniquely identify Tower instances.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": ""
+ },
+ "LOG_AGGREGATOR_PROTOCOL": {
+ "type": "choice",
+ "required": false,
+ "label": "Logging Aggregator Protocol",
+ "help_text": "Protocol used to communicate with log aggregator. HTTPS/HTTP assumes HTTPS unless http:// is explicitly used in the Logging Aggregator hostname.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": "https",
+ "choices": [
+ [
+ "https",
+ "HTTPS/HTTP"
+ ],
+ [
+ "tcp",
+ "TCP"
+ ],
+ [
+ "udp",
+ "UDP"
+ ]
+ ]
+ },
+ "LOG_AGGREGATOR_TCP_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "TCP Connection Timeout",
+ "help_text": "Number of seconds for a TCP connection to external log aggregator to timeout. Applies to HTTPS and TCP log aggregator protocols.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "unit": "seconds",
+ "default": 5
+ },
+ "LOG_AGGREGATOR_VERIFY_CERT": {
+ "type": "boolean",
+ "required": false,
+ "label": "Enable/disable HTTPS certificate verification",
+ "help_text": "Flag to control enable/disable of certificate verification when LOG_AGGREGATOR_PROTOCOL is \"https\". If enabled, Tower's log handler will verify certificate sent by external log aggregator before establishing connection.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": true
+ },
+ "LOG_AGGREGATOR_LEVEL": {
+ "type": "choice",
+ "required": false,
+ "label": "Logging Aggregator Level Threshold",
+ "help_text": "Level threshold used by log handler. Severities from lowest to highest are DEBUG, INFO, WARNING, ERROR, CRITICAL. Messages less severe than the threshold will be ignored by log handler. (messages under category awx.anlytics ignore this setting)",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": "INFO",
+ "choices": [
+ [
+ "DEBUG",
+ "DEBUG"
+ ],
+ [
+ "INFO",
+ "INFO"
+ ],
+ [
+ "WARNING",
+ "WARNING"
+ ],
+ [
+ "ERROR",
+ "ERROR"
+ ],
+ [
+ "CRITICAL",
+ "CRITICAL"
+ ]
+ ]
+ },
+ "LOG_AGGREGATOR_MAX_DISK_USAGE_GB": {
+ "type": "integer",
+ "required": false,
+ "label": "Maximum disk persistance for external log aggregation (in GB)",
+ "help_text": "Amount of data to store (in gigabytes) during an outage of the external log aggregator (defaults to 1). Equivalent to the rsyslogd queue.maxdiskspace setting.",
+ "min_value": 1,
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": 1
+ },
+ "LOG_AGGREGATOR_MAX_DISK_USAGE_PATH": {
+ "type": "string",
+ "required": false,
+ "label": "File system location for rsyslogd disk persistence",
+ "help_text": "Location to persist logs that should be retried after an outage of the external log aggregator (defaults to /var/lib/awx). Equivalent to the rsyslogd queue.spoolDirectory setting.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": "/var/lib/awx"
+ },
+ "LOG_AGGREGATOR_RSYSLOGD_DEBUG": {
+ "type": "boolean",
+ "required": false,
+ "label": "Enable rsyslogd debugging",
+ "help_text": "Enabled high verbosity debugging for rsyslogd. Useful for debugging connection issues for external log aggregation.",
+ "category": "Logging",
+ "category_slug": "logging",
+ "default": false
+ },
+ "AUTOMATION_ANALYTICS_LAST_GATHER": {
+ "type": "datetime",
+ "required": true,
+ "label": "Last gather date for Automation Analytics.",
+ "category": "System",
+ "category_slug": "system",
+ "default": null
+ },
+ "AUTOMATION_ANALYTICS_GATHER_INTERVAL": {
+ "type": "integer",
+ "required": false,
+ "label": "Automation Analytics Gather Interval",
+ "help_text": "Interval (in seconds) between data gathering.",
+ "min_value": 1800,
+ "category": "System",
+ "category_slug": "system",
+ "unit": "seconds",
+ "default": 14400
+ },
+ "SESSION_COOKIE_AGE": {
+ "type": "integer",
+ "required": true,
+ "label": "Idle Time Force Log Out",
+ "help_text": "Number of seconds that a user is inactive before they will need to login again.",
+ "min_value": 60,
+ "max_value": 30000000000,
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "unit": "seconds",
+ "default": 1800
+ },
+ "SESSIONS_PER_USER": {
+ "type": "integer",
+ "required": true,
+ "label": "Maximum number of simultaneous logged in sessions",
+ "help_text": "Maximum number of simultaneous logged in sessions a user may have. To disable enter -1.",
+ "min_value": -1,
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "default": -1
+ },
+ "AUTH_BASIC_ENABLED": {
+ "type": "boolean",
+ "required": true,
+ "label": "Enable HTTP Basic Auth",
+ "help_text": "Enable HTTP Basic Auth for the API Browser.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "default": true
+ },
+ "OAUTH2_PROVIDER": {
+ "type": "nested object",
+ "required": false,
+ "label": "OAuth 2 Timeout Settings",
+ "help_text": "Dictionary for customizing OAuth 2 timeouts, available items are `ACCESS_TOKEN_EXPIRE_SECONDS`, the duration of access tokens in the number of seconds, `AUTHORIZATION_CODE_EXPIRE_SECONDS`, the duration of authorization codes in the number of seconds, and `REFRESH_TOKEN_EXPIRE_SECONDS`, the duration of refresh tokens, after expired access tokens, in the number of seconds.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "unit": "seconds",
+ "default": {
+ "ACCESS_TOKEN_EXPIRE_SECONDS": 31536000000,
+ "AUTHORIZATION_CODE_EXPIRE_SECONDS": 600,
+ "REFRESH_TOKEN_EXPIRE_SECONDS": 2628000
+ },
+ "child": {
+ "type": "integer",
+ "required": true,
+ "read_only": false,
+ "min_value": 1
+ }
+ },
+ "ALLOW_OAUTH2_FOR_EXTERNAL_USERS": {
+ "type": "boolean",
+ "required": false,
+ "label": "Allow External Users to Create OAuth2 Tokens",
+ "help_text": "For security reasons, users from external auth providers (LDAP, SAML, SSO, Radius, and others) are not allowed to create OAuth2 tokens. To change this behavior, enable this setting. Existing tokens will not be deleted when this setting is toggled off.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "default": false
+ },
+ "LOGIN_REDIRECT_OVERRIDE": {
+ "type": "string",
+ "required": false,
+ "label": "Login redirect override URL",
+ "help_text": "URL to which unauthorized users will be redirected to log in. If blank, users will be sent to the Tower login page.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "default": ""
+ },
+ "CUSTOM_LOGIN_INFO": {
+ "type": "string",
+ "required": false,
+ "label": "Custom Login Info",
+ "help_text": "If needed, you can add specific information (such as a legal notice or a disclaimer) to a text box in the login modal using this setting. Any content added must be in plain text or an HTML fragment, as other markup languages are not supported.",
+ "category": "UI",
+ "category_slug": "ui",
+ "default": ""
+ },
+ "CUSTOM_LOGO": {
+ "type": "string",
+ "required": false,
+ "label": "Custom Logo",
+ "help_text": "To set up a custom logo, provide a file that you create. For the custom logo to look its best, use a .png file with a transparent background. GIF, PNG and JPEG formats are supported.",
+ "category": "UI",
+ "category_slug": "ui",
+ "placeholder": "data:image/gif;base64,R0lGODlhAQABAIABAP///wAAACwAAAAAAQABAAACAkQBADs=",
+ "default": ""
+ },
+ "MAX_UI_JOB_EVENTS": {
+ "type": "integer",
+ "required": true,
+ "label": "Max Job Events Retrieved by UI",
+ "help_text": "Maximum number of job events for the UI to retrieve within a single request.",
+ "min_value": 100,
+ "category": "UI",
+ "category_slug": "ui",
+ "default": 4000
+ },
+ "UI_LIVE_UPDATES_ENABLED": {
+ "type": "boolean",
+ "required": true,
+ "label": "Enable Live Updates in the UI",
+ "help_text": "If disabled, the page will not refresh when events are received. Reloading the page will be required to get the latest details.",
+ "category": "UI",
+ "category_slug": "ui",
+ "default": true
+ },
+ "SOCIAL_AUTH_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "Social Auth Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "Social Auth Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_USER_FIELDS": {
+ "type": "list",
+ "required": false,
+ "label": "Social Auth User Fields",
+ "help_text": "When set to an empty list `[]`, this setting prevents new user accounts from being created. Only users who have previously logged in using social auth or have a user account with a matching email address will be able to login.",
+ "category": "Authentication",
+ "category_slug": "authentication",
+ "placeholder": [
+ "username",
+ "email"
+ ],
+ "default": null,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_SERVER_URI": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "ldaps://ldap.example.com:636",
+ "default": ""
+ },
+ "AUTH_LDAP_BIND_DN": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_BIND_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_START_TLS": {
+ "type": "boolean",
+ "required": false,
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": false
+ },
+ "AUTH_LDAP_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "default": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_USER_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "OU=Users,DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(sAMAccountName=%(user)s)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_USER_DN_TEMPLATE": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_USER_ATTR_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_GROUP_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(objectClass=group)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_GROUP_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": "MemberDNGroupType",
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "ldap_group_user_attr": "legacyuid",
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "default": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_REQUIRE_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_DENY_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Disabled Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "is_superuser": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "is_system_auditor": "CN=Domain Auditors,CN=Users,DC=example,DC=com"
+ },
+ "default": {},
+ "child": {
+ "type": "list",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "Test Org": {
+ "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "auditors": "CN=Domain Auditors,CN=Users,DC=example,DC=com",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove_users": true,
+ "remove_admins": true
+ },
+ "Test Org 2": {
+ "admins": "CN=Administrators,CN=Builtin,DC=example,DC=com",
+ "users": true,
+ "remove_users": true,
+ "remove_admins": true
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "CN=Other Users,CN=Users,DC=example,DC=com",
+ "remove": false
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_1_SERVER_URI": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "ldaps://ldap.example.com:636",
+ "default": ""
+ },
+ "AUTH_LDAP_1_BIND_DN": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_1_BIND_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_1_START_TLS": {
+ "type": "boolean",
+ "required": false,
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": false
+ },
+ "AUTH_LDAP_1_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "default": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_1_USER_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "OU=Users,DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(sAMAccountName=%(user)s)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_1_USER_DN_TEMPLATE": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_1_USER_ATTR_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_1_GROUP_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(objectClass=group)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_1_GROUP_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": "MemberDNGroupType",
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_1_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "ldap_group_user_attr": "legacyuid",
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "default": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_1_REQUIRE_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_1_DENY_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Disabled Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_1_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "is_superuser": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "is_system_auditor": "CN=Domain Auditors,CN=Users,DC=example,DC=com"
+ },
+ "default": {},
+ "child": {
+ "type": "list",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_1_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "Test Org": {
+ "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "auditors": "CN=Domain Auditors,CN=Users,DC=example,DC=com",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove_users": true,
+ "remove_admins": true
+ },
+ "Test Org 2": {
+ "admins": "CN=Administrators,CN=Builtin,DC=example,DC=com",
+ "users": true,
+ "remove_users": true,
+ "remove_admins": true
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_1_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "CN=Other Users,CN=Users,DC=example,DC=com",
+ "remove": false
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_2_SERVER_URI": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "ldaps://ldap.example.com:636",
+ "default": ""
+ },
+ "AUTH_LDAP_2_BIND_DN": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_2_BIND_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_2_START_TLS": {
+ "type": "boolean",
+ "required": false,
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": false
+ },
+ "AUTH_LDAP_2_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "default": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_2_USER_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "OU=Users,DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(sAMAccountName=%(user)s)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_2_USER_DN_TEMPLATE": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_2_USER_ATTR_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_2_GROUP_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(objectClass=group)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_2_GROUP_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": "MemberDNGroupType",
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_2_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "ldap_group_user_attr": "legacyuid",
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "default": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_2_REQUIRE_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_2_DENY_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Disabled Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_2_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "is_superuser": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "is_system_auditor": "CN=Domain Auditors,CN=Users,DC=example,DC=com"
+ },
+ "default": {},
+ "child": {
+ "type": "list",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_2_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "Test Org": {
+ "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "auditors": "CN=Domain Auditors,CN=Users,DC=example,DC=com",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove_users": true,
+ "remove_admins": true
+ },
+ "Test Org 2": {
+ "admins": "CN=Administrators,CN=Builtin,DC=example,DC=com",
+ "users": true,
+ "remove_users": true,
+ "remove_admins": true
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_2_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "CN=Other Users,CN=Users,DC=example,DC=com",
+ "remove": false
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_3_SERVER_URI": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "ldaps://ldap.example.com:636",
+ "default": ""
+ },
+ "AUTH_LDAP_3_BIND_DN": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_3_BIND_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_3_START_TLS": {
+ "type": "boolean",
+ "required": false,
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": false
+ },
+ "AUTH_LDAP_3_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "default": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_3_USER_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "OU=Users,DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(sAMAccountName=%(user)s)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_3_USER_DN_TEMPLATE": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_3_USER_ATTR_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_3_GROUP_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(objectClass=group)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_3_GROUP_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": "MemberDNGroupType",
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_3_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "ldap_group_user_attr": "legacyuid",
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "default": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_3_REQUIRE_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_3_DENY_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Disabled Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_3_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "is_superuser": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "is_system_auditor": "CN=Domain Auditors,CN=Users,DC=example,DC=com"
+ },
+ "default": {},
+ "child": {
+ "type": "list",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_3_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "Test Org": {
+ "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "auditors": "CN=Domain Auditors,CN=Users,DC=example,DC=com",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove_users": true,
+ "remove_admins": true
+ },
+ "Test Org 2": {
+ "admins": "CN=Administrators,CN=Builtin,DC=example,DC=com",
+ "users": true,
+ "remove_users": true,
+ "remove_admins": true
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_3_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "CN=Other Users,CN=Users,DC=example,DC=com",
+ "remove": false
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_4_SERVER_URI": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "ldaps://ldap.example.com:636",
+ "default": ""
+ },
+ "AUTH_LDAP_4_BIND_DN": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_4_BIND_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_4_START_TLS": {
+ "type": "boolean",
+ "required": false,
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": false
+ },
+ "AUTH_LDAP_4_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "default": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_4_USER_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "OU=Users,DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(sAMAccountName=%(user)s)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_4_USER_DN_TEMPLATE": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_4_USER_ATTR_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_4_GROUP_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(objectClass=group)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_4_GROUP_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": "MemberDNGroupType",
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_4_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "ldap_group_user_attr": "legacyuid",
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "default": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_4_REQUIRE_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_4_DENY_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Disabled Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_4_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "is_superuser": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "is_system_auditor": "CN=Domain Auditors,CN=Users,DC=example,DC=com"
+ },
+ "default": {},
+ "child": {
+ "type": "list",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_4_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "Test Org": {
+ "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "auditors": "CN=Domain Auditors,CN=Users,DC=example,DC=com",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove_users": true,
+ "remove_admins": true
+ },
+ "Test Org 2": {
+ "admins": "CN=Administrators,CN=Builtin,DC=example,DC=com",
+ "users": true,
+ "remove_users": true,
+ "remove_admins": true
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_4_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "CN=Other Users,CN=Users,DC=example,DC=com",
+ "remove": false
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_5_SERVER_URI": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Server URI",
+ "help_text": "URI to connect to LDAP server, such as \"ldap://ldap.example.com:389\" (non-SSL) or \"ldaps://ldap.example.com:636\" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "ldaps://ldap.example.com:636",
+ "default": ""
+ },
+ "AUTH_LDAP_5_BIND_DN": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind DN",
+ "help_text": "DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_5_BIND_PASSWORD": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Bind Password",
+ "help_text": "Password used to bind LDAP user account.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": ""
+ },
+ "AUTH_LDAP_5_START_TLS": {
+ "type": "boolean",
+ "required": false,
+ "label": "LDAP Start TLS",
+ "help_text": "Whether to enable TLS when the LDAP connection is not using SSL.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": false
+ },
+ "AUTH_LDAP_5_CONNECTION_OPTIONS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Connection Options",
+ "help_text": "Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. \"OPT_REFERRALS\"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "default": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_5_USER_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP User Search",
+ "help_text": "LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of \"LDAPUnion\" is possible. See Tower documentation for details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "OU=Users,DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(sAMAccountName=%(user)s)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_5_USER_DN_TEMPLATE": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP User DN Template",
+ "help_text": "Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_5_USER_ATTR_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Attribute Map",
+ "help_text": "Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+ },
+ "default": {},
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_5_GROUP_SEARCH": {
+ "type": "list",
+ "required": false,
+ "label": "LDAP Group Search",
+ "help_text": "Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": [
+ "DC=example,DC=com",
+ "SCOPE_SUBTREE",
+ "(objectClass=group)"
+ ],
+ "default": [],
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_5_GROUP_TYPE": {
+ "type": "choice",
+ "required": false,
+ "label": "LDAP Group Type",
+ "help_text": "The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "default": "MemberDNGroupType",
+ "choices": [
+ [
+ "PosixGroupType",
+ "PosixGroupType"
+ ],
+ [
+ "GroupOfNamesType",
+ "GroupOfNamesType"
+ ],
+ [
+ "GroupOfUniqueNamesType",
+ "GroupOfUniqueNamesType"
+ ],
+ [
+ "ActiveDirectoryGroupType",
+ "ActiveDirectoryGroupType"
+ ],
+ [
+ "OrganizationalRoleGroupType",
+ "OrganizationalRoleGroupType"
+ ],
+ [
+ "MemberDNGroupType",
+ "MemberDNGroupType"
+ ],
+ [
+ "NestedGroupOfNamesType",
+ "NestedGroupOfNamesType"
+ ],
+ [
+ "NestedGroupOfUniqueNamesType",
+ "NestedGroupOfUniqueNamesType"
+ ],
+ [
+ "NestedActiveDirectoryGroupType",
+ "NestedActiveDirectoryGroupType"
+ ],
+ [
+ "NestedOrganizationalRoleGroupType",
+ "NestedOrganizationalRoleGroupType"
+ ],
+ [
+ "NestedMemberDNGroupType",
+ "NestedMemberDNGroupType"
+ ],
+ [
+ "PosixUIDGroupType",
+ "PosixUIDGroupType"
+ ]
+ ]
+ },
+ "AUTH_LDAP_5_GROUP_TYPE_PARAMS": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Group Type Parameters",
+ "help_text": "Key value parameters to send the chosen group type init method.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "ldap_group_user_attr": "legacyuid",
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "default": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "AUTH_LDAP_5_REQUIRE_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Require Group",
+ "help_text": "Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_5_DENY_GROUP": {
+ "type": "string",
+ "required": false,
+ "label": "LDAP Deny Group",
+ "help_text": "Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": "CN=Disabled Users,OU=Users,DC=example,DC=com",
+ "default": null
+ },
+ "AUTH_LDAP_5_USER_FLAGS_BY_GROUP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP User Flags By Group",
+ "help_text": "Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "is_superuser": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "is_system_auditor": "CN=Domain Auditors,CN=Users,DC=example,DC=com"
+ },
+ "default": {},
+ "child": {
+ "type": "list",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_5_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Organization Map",
+ "help_text": "Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "Test Org": {
+ "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
+ "auditors": "CN=Domain Auditors,CN=Users,DC=example,DC=com",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove_users": true,
+ "remove_admins": true
+ },
+ "Test Org 2": {
+ "admins": "CN=Administrators,CN=Builtin,DC=example,DC=com",
+ "users": true,
+ "remove_users": true,
+ "remove_admins": true
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "AUTH_LDAP_5_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "LDAP Team Map",
+ "help_text": "Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation.",
+ "category": "LDAP",
+ "category_slug": "ldap",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "CN=Domain Users,CN=Users,DC=example,DC=com"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "CN=Other Users,CN=Users,DC=example,DC=com",
+ "remove": false
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "RADIUS_SERVER": {
+ "type": "string",
+ "required": false,
+ "label": "RADIUS Server",
+ "help_text": "Hostname/IP of RADIUS server. RADIUS authentication is disabled if this setting is empty.",
+ "category": "RADIUS",
+ "category_slug": "radius",
+ "placeholder": "radius.example.com",
+ "default": ""
+ },
+ "RADIUS_PORT": {
+ "type": "integer",
+ "required": false,
+ "label": "RADIUS Port",
+ "help_text": "Port of RADIUS server.",
+ "min_value": 1,
+ "max_value": 65535,
+ "category": "RADIUS",
+ "category_slug": "radius",
+ "default": 1812
+ },
+ "RADIUS_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "RADIUS Secret",
+ "help_text": "Shared secret for authenticating to RADIUS server.",
+ "category": "RADIUS",
+ "category_slug": "radius",
+ "default": ""
+ },
+ "TACACSPLUS_HOST": {
+ "type": "string",
+ "required": false,
+ "label": "TACACS+ Server",
+ "help_text": "Hostname of TACACS+ server.",
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "default": ""
+ },
+ "TACACSPLUS_PORT": {
+ "type": "integer",
+ "required": false,
+ "label": "TACACS+ Port",
+ "help_text": "Port number of TACACS+ server.",
+ "min_value": 1,
+ "max_value": 65535,
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "default": 49
+ },
+ "TACACSPLUS_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "TACACS+ Secret",
+ "help_text": "Shared secret for authenticating to TACACS+ server.",
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "default": ""
+ },
+ "TACACSPLUS_SESSION_TIMEOUT": {
+ "type": "integer",
+ "required": false,
+ "label": "TACACS+ Auth Session Timeout",
+ "help_text": "TACACS+ session timeout value in seconds, 0 disables timeout.",
+ "min_value": 0,
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "unit": "seconds",
+ "default": 5
+ },
+ "TACACSPLUS_AUTH_PROTOCOL": {
+ "type": "choice",
+ "required": false,
+ "label": "TACACS+ Authentication Protocol",
+ "help_text": "Choose the authentication protocol used by TACACS+ client.",
+ "category": "TACACS+",
+ "category_slug": "tacacsplus",
+ "default": "ascii",
+ "choices": [
+ [
+ "ascii",
+ "ascii"
+ ],
+ [
+ "pap",
+ "pap"
+ ]
+ ]
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_KEY": {
+ "type": "string",
+ "required": false,
+ "label": "Google OAuth2 Key",
+ "help_text": "The OAuth2 key from your web application.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "placeholder": "528620852399-gm2dt4hrl2tsj67fqamk09k1e0ad6gd8.apps.googleusercontent.com",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "Google OAuth2 Secret",
+ "help_text": "The OAuth2 secret from your web application.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "placeholder": "q2fMVCmEregbg-drvebPp8OW",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS": {
+ "type": "list",
+ "required": false,
+ "label": "Google OAuth2 Allowed Domains",
+ "help_text": "Update this setting to restrict the domains who are allowed to login using Google OAuth2.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "placeholder": [
+ "example.com"
+ ],
+ "default": [],
+ "child": {
+ "type": "string",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS": {
+ "type": "nested object",
+ "required": false,
+ "label": "Google OAuth2 Extra Arguments",
+ "help_text": "Extra arguments for Google OAuth2 login. You can restrict it to only allow a single domain to authenticate, even if the user is logged in with multple Google accounts. Refer to the Ansible Tower documentation for more detail.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "placeholder": {
+ "hd": "example.com"
+ },
+ "default": {},
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "Google OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GOOGLE_OAUTH2_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "Google OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "Google OAuth2",
+ "category_slug": "google-oauth2",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_KEY": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your GitHub developer application.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your GitHub developer application.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "GitHub OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "GitHub OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "GitHub OAuth2",
+ "category_slug": "github",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_KEY": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub Organization OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your GitHub organization application.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub Organization OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your GitHub organization application.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_NAME": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub Organization Name",
+ "help_text": "The name of your GitHub organization, as used in your organization's URL: https://github.com//.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "GitHub Organization OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_ORG_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "GitHub Organization OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "GitHub Organization OAuth2",
+ "category_slug": "github-org",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_KEY": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub Team OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your GitHub organization application.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub Team OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your GitHub organization application.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_ID": {
+ "type": "string",
+ "required": false,
+ "label": "GitHub Team ID",
+ "help_text": "Find the numeric team ID using the Github API: http://fabian-kostadinov.github.io/2015/01/16/how-to-find-a-github-team-id/.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "default": ""
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "GitHub Team OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "GitHub Team OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "GitHub Team OAuth2",
+ "category_slug": "github-team",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_KEY": {
+ "type": "string",
+ "required": false,
+ "label": "Azure AD OAuth2 Key",
+ "help_text": "The OAuth2 key (Client ID) from your Azure AD application.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "default": ""
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET": {
+ "type": "string",
+ "required": false,
+ "label": "Azure AD OAuth2 Secret",
+ "help_text": "The OAuth2 secret (Client Secret) from your Azure AD application.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "default": ""
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "Azure AD OAuth2 Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "Azure AD OAuth2 Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "Azure AD OAuth2",
+ "category_slug": "azuread-oauth2",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SAML_AUTO_CREATE_OBJECTS": {
+ "type": "boolean",
+ "required": false,
+ "label": "Automatically Create Organizations and Teams on SAML Login",
+ "help_text": "When enabled (the default), mapped Organizations and Teams will be created automatically on successful SAML login.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "default": true
+ },
+ "SOCIAL_AUTH_SAML_SP_ENTITY_ID": {
+ "type": "string",
+ "required": false,
+ "label": "SAML Service Provider Entity ID",
+ "help_text": "The application-defined unique identifier used as the audience of the SAML service provider (SP) configuration. This is usually the URL for Tower.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "default": ""
+ },
+ "SOCIAL_AUTH_SAML_SP_PUBLIC_CERT": {
+ "type": "string",
+ "required": true,
+ "label": "SAML Service Provider Public Certificate",
+ "help_text": "Create a keypair for Tower to use as a service provider (SP) and include the certificate content here.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "default": ""
+ },
+ "SOCIAL_AUTH_SAML_SP_PRIVATE_KEY": {
+ "type": "string",
+ "required": true,
+ "label": "SAML Service Provider Private Key",
+ "help_text": "Create a keypair for Tower to use as a service provider (SP) and include the private key content here.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "default": ""
+ },
+ "SOCIAL_AUTH_SAML_ORG_INFO": {
+ "type": "nested object",
+ "required": true,
+ "label": "SAML Service Provider Organization Info",
+ "help_text": "Provide the URL, display name, and the name of your app. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "en-US": {
+ "name": "example",
+ "displayname": "Example",
+ "url": "http://www.example.com"
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_TECHNICAL_CONTACT": {
+ "type": "nested object",
+ "required": true,
+ "label": "SAML Service Provider Technical Contact",
+ "help_text": "Provide the name and email address of the technical contact for your service provider. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "givenName": "Technical Contact",
+ "emailAddress": "techsup@example.com"
+ },
+ "default": {},
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_SAML_SUPPORT_CONTACT": {
+ "type": "nested object",
+ "required": true,
+ "label": "SAML Service Provider Support Contact",
+ "help_text": "Provide the name and email address of the support contact for your service provider. Refer to the Ansible Tower documentation for example syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "givenName": "Support Contact",
+ "emailAddress": "support@example.com"
+ },
+ "default": {},
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_SAML_ENABLED_IDPS": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Enabled Identity Providers",
+ "help_text": "Configure the Entity ID, SSO URL and certificate for each identity provider (IdP) in use. Multiple SAML IdPs are supported. Some IdPs may provide user data using attribute names that differ from the default OIDs. Attribute names may be overridden for each IdP. Refer to the Ansible documentation for additional details and syntax.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "Okta": {
+ "entity_id": "http://www.okta.com/HHniyLkaxk9e76wD0Thh",
+ "url": "https://dev-123456.oktapreview.com/app/ansibletower/HHniyLkaxk9e76wD0Thh/sso/saml",
+ "x509cert": "MIIDpDCCAoygAwIBAgIGAVVZ4rPzMA0GCSqGSIb3...",
+ "attr_user_permanent_id": "username",
+ "attr_first_name": "first_name",
+ "attr_last_name": "last_name",
+ "attr_username": "username",
+ "attr_email": "email"
+ },
+ "OneLogin": {
+ "entity_id": "https://app.onelogin.com/saml/metadata/123456",
+ "url": "https://example.onelogin.com/trust/saml2/http-post/sso/123456",
+ "x509cert": "MIIEJjCCAw6gAwIBAgIUfuSD54OPSBhndDHh3gZo...",
+ "attr_user_permanent_id": "name_id",
+ "attr_first_name": "User.FirstName",
+ "attr_last_name": "User.LastName",
+ "attr_username": "User.email",
+ "attr_email": "User.email"
+ }
+ },
+ "default": {},
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_SECURITY_CONFIG": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Security Config",
+ "help_text": "A dict of key value pairs that are passed to the underlying python-saml security setting https://github.com/onelogin/python-saml#settings",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "nameIdEncrypted": false,
+ "authnRequestsSigned": false,
+ "logoutRequestSigned": false,
+ "logoutResponseSigned": false,
+ "signMetadata": false,
+ "wantMessagesSigned": false,
+ "wantAssertionsSigned": false,
+ "wantAssertionsEncrypted": false,
+ "wantNameId": true,
+ "wantNameIdEncrypted": false,
+ "wantAttributeStatement": true,
+ "requestedAuthnContext": true,
+ "requestedAuthnContextComparison": "exact",
+ "metadataValidUntil": "2015-06-26T20:00:00Z",
+ "metadataCacheDuration": "PT518400S",
+ "signatureAlgorithm": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+ "digestAlgorithm": "http://www.w3.org/2000/09/xmldsig#sha1"
+ },
+ "default": {
+ "requestedAuthnContext": false
+ },
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_SAML_SP_EXTRA": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Service Provider extra configuration data",
+ "help_text": "A dict of key value pairs to be passed to the underlying python-saml Service Provider configuration setting.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {},
+ "default": null,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_SAML_EXTRA_DATA": {
+ "type": "list",
+ "required": false,
+ "label": "SAML IDP to extra_data attribute mapping",
+ "help_text": "A list of tuples that maps IDP attributes to extra_attributes. Each attribute will be a list of values, even if only 1 value.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": [
+ [
+ "attribute_name",
+ "extra_data_name_for_attribute"
+ ],
+ [
+ "department",
+ "department"
+ ],
+ [
+ "manager_full_name",
+ "manager_full_name"
+ ]
+ ],
+ "default": null,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_SAML_ORGANIZATION_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Organization Map",
+ "help_text": "Mapping to organization admins/users from social auth accounts. This setting\ncontrols which users are placed into which Tower organizations based on their\nusername and email address. Configuration details are available in the Ansible\nTower documentation.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "Default": {
+ "users": true
+ },
+ "Test Org": {
+ "admins": [
+ "admin@example.com"
+ ],
+ "auditors": [
+ "auditor@example.com"
+ ],
+ "users": true
+ },
+ "Test Org 2": {
+ "admins": [
+ "admin@example.com",
+ "/^tower-[^@]+*?@.*$/"
+ ],
+ "remove_admins": true,
+ "users": "/^[^@].*?@example\\.com$/i",
+ "remove_users": true
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_TEAM_MAP": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Team Map",
+ "help_text": "Mapping of team members (users) from social auth accounts. Configuration\ndetails are available in Tower documentation.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "My Team": {
+ "organization": "Test Org",
+ "users": [
+ "/^[^@]+?@test\\.example\\.com$/"
+ ],
+ "remove": true
+ },
+ "Other Team": {
+ "organization": "Test Org 2",
+ "users": "/^[^@]+?@test2\\.example\\.com$/i",
+ "remove": false
+ }
+ },
+ "default": null,
+ "child": {
+ "type": "nested object",
+ "required": true,
+ "read_only": false,
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ },
+ "SOCIAL_AUTH_SAML_ORGANIZATION_ATTR": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Organization Attribute Mapping",
+ "help_text": "Used to translate user organization membership into Tower.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "saml_attr": "organization",
+ "saml_admin_attr": "organization_admin",
+ "saml_auditor_attr": "organization_auditor",
+ "remove": true,
+ "remove_admins": true,
+ "remove_auditors": true
+ },
+ "default": {},
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ },
+ "SOCIAL_AUTH_SAML_TEAM_ATTR": {
+ "type": "nested object",
+ "required": false,
+ "label": "SAML Team Attribute Mapping",
+ "help_text": "Used to translate user team membership into Tower.",
+ "category": "SAML",
+ "category_slug": "saml",
+ "placeholder": {
+ "saml_attr": "team",
+ "remove": true,
+ "team_org_map": [
+ {
+ "team": "Marketing",
+ "organization": "Red Hat"
+ },
+ {
+ "team": "Human Resources",
+ "organization": "Red Hat"
+ },
+ {
+ "team": "Engineering",
+ "organization": "Red Hat"
+ },
+ {
+ "team": "Engineering",
+ "organization": "Ansible"
+ },
+ {
+ "team": "Quality Engineering",
+ "organization": "Ansible"
+ },
+ {
+ "team": "Sales",
+ "organization": "Ansible"
+ }
+ ]
+ },
+ "default": {},
+ "child": {
+ "type": "field",
+ "required": true,
+ "read_only": false
+ }
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/awx/ui_next/src/screens/Setting/shared/data.jobSettings.json b/awx/ui_next/src/screens/Setting/shared/data.jobSettings.json
new file mode 100644
index 0000000000..190a346560
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/data.jobSettings.json
@@ -0,0 +1,37 @@
+
+{
+ "AD_HOC_COMMANDS": [
+ "command"
+ ],
+ "ALLOW_JINJA_IN_EXTRA_VARS": "template",
+ "AWX_PROOT_ENABLED": true,
+ "AWX_PROOT_BASE_PATH": "/tmp",
+ "AWX_PROOT_HIDE_PATHS": [],
+ "AWX_PROOT_SHOW_PATHS": [],
+ "AWX_ISOLATED_CHECK_INTERVAL": 1,
+ "AWX_ISOLATED_LAUNCH_TIMEOUT": 600,
+ "AWX_ISOLATED_CONNECTION_TIMEOUT": 10,
+ "AWX_ISOLATED_HOST_KEY_CHECKING": false,
+ "AWX_ISOLATED_KEY_GENERATION": true,
+ "AWX_ISOLATED_PRIVATE_KEY": "",
+ "AWX_ISOLATED_PUBLIC_KEY": "",
+ "AWX_RESOURCE_PROFILING_ENABLED": false,
+ "AWX_RESOURCE_PROFILING_CPU_POLL_INTERVAL": 0.25,
+ "AWX_RESOURCE_PROFILING_MEMORY_POLL_INTERVAL": 0.25,
+ "AWX_RESOURCE_PROFILING_PID_POLL_INTERVAL": 0.25,
+ "AWX_TASK_ENV": {},
+ "PROJECT_UPDATE_VVV": false,
+ "AWX_ROLES_ENABLED": true,
+ "AWX_COLLECTIONS_ENABLED": true,
+ "AWX_SHOW_PLAYBOOK_LINKS": false,
+ "GALAXY_IGNORE_CERTS": false,
+ "STDOUT_MAX_BYTES_DISPLAY": 1048576,
+ "EVENT_STDOUT_MAX_BYTES_DISPLAY": 1024,
+ "SCHEDULE_MAX_JOBS": 10,
+ "AWX_ANSIBLE_CALLBACK_PLUGINS": [],
+ "DEFAULT_JOB_TIMEOUT": 0,
+ "DEFAULT_INVENTORY_UPDATE_TIMEOUT": 0,
+ "DEFAULT_PROJECT_UPDATE_TIMEOUT": 0,
+ "ANSIBLE_FACT_CACHE_TIMEOUT": 0,
+ "MAX_FORKS": 200
+}
\ No newline at end of file
diff --git a/awx/ui_next/src/screens/Setting/shared/data.ldapSettings.json b/awx/ui_next/src/screens/Setting/shared/data.ldapSettings.json
new file mode 100644
index 0000000000..161a96b8c5
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/data.ldapSettings.json
@@ -0,0 +1,134 @@
+{
+ "AUTH_LDAP_SERVER_URI": "ldap://ldap.example.com",
+ "AUTH_LDAP_BIND_DN": "cn=eng_user",
+ "AUTH_LDAP_BIND_PASSWORD": "$encrypted$",
+ "AUTH_LDAP_START_TLS": false,
+ "AUTH_LDAP_CONNECTION_OPTIONS": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "AUTH_LDAP_USER_SEARCH": [],
+ "AUTH_LDAP_USER_DN_TEMPLATE": "uid=%(user)s,OU=Users,DC=example,DC=com",
+ "AUTH_LDAP_USER_ATTR_MAP": {},
+ "AUTH_LDAP_GROUP_SEARCH": [],
+ "AUTH_LDAP_GROUP_TYPE": "MemberDNGroupType",
+ "AUTH_LDAP_GROUP_TYPE_PARAMS": {
+ "name_attr": "cn",
+ "member_attr": "member"
+ },
+ "AUTH_LDAP_REQUIRE_GROUP": "CN=Tower Users,OU=Users,DC=example,DC=com",
+ "AUTH_LDAP_DENY_GROUP": null,
+ "AUTH_LDAP_USER_FLAGS_BY_GROUP": {},
+ "AUTH_LDAP_ORGANIZATION_MAP": {},
+ "AUTH_LDAP_TEAM_MAP": {},
+ "AUTH_LDAP_1_SERVER_URI": "",
+ "AUTH_LDAP_1_BIND_DN": "",
+ "AUTH_LDAP_1_BIND_PASSWORD": "",
+ "AUTH_LDAP_1_START_TLS": true,
+ "AUTH_LDAP_1_CONNECTION_OPTIONS": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "AUTH_LDAP_1_USER_SEARCH": [],
+ "AUTH_LDAP_1_USER_DN_TEMPLATE": null,
+ "AUTH_LDAP_1_USER_ATTR_MAP": {},
+ "AUTH_LDAP_1_GROUP_SEARCH": [],
+ "AUTH_LDAP_1_GROUP_TYPE": "MemberDNGroupType",
+ "AUTH_LDAP_1_GROUP_TYPE_PARAMS": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "AUTH_LDAP_1_REQUIRE_GROUP": null,
+ "AUTH_LDAP_1_DENY_GROUP": "CN=Disabled1",
+ "AUTH_LDAP_1_USER_FLAGS_BY_GROUP": {},
+ "AUTH_LDAP_1_ORGANIZATION_MAP": {},
+ "AUTH_LDAP_1_TEAM_MAP": {},
+ "AUTH_LDAP_2_SERVER_URI": "",
+ "AUTH_LDAP_2_BIND_DN": "",
+ "AUTH_LDAP_2_BIND_PASSWORD": "",
+ "AUTH_LDAP_2_START_TLS": false,
+ "AUTH_LDAP_2_CONNECTION_OPTIONS": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "AUTH_LDAP_2_USER_SEARCH": [],
+ "AUTH_LDAP_2_USER_DN_TEMPLATE": null,
+ "AUTH_LDAP_2_USER_ATTR_MAP": {},
+ "AUTH_LDAP_2_GROUP_SEARCH": [],
+ "AUTH_LDAP_2_GROUP_TYPE": "MemberDNGroupType",
+ "AUTH_LDAP_2_GROUP_TYPE_PARAMS": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "AUTH_LDAP_2_REQUIRE_GROUP": null,
+ "AUTH_LDAP_2_DENY_GROUP": "CN=Disabled2",
+ "AUTH_LDAP_2_USER_FLAGS_BY_GROUP": {},
+ "AUTH_LDAP_2_ORGANIZATION_MAP": {},
+ "AUTH_LDAP_2_TEAM_MAP": {},
+ "AUTH_LDAP_3_SERVER_URI": "",
+ "AUTH_LDAP_3_BIND_DN": "",
+ "AUTH_LDAP_3_BIND_PASSWORD": "",
+ "AUTH_LDAP_3_START_TLS": false,
+ "AUTH_LDAP_3_CONNECTION_OPTIONS": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "AUTH_LDAP_3_USER_SEARCH": [],
+ "AUTH_LDAP_3_USER_DN_TEMPLATE": null,
+ "AUTH_LDAP_3_USER_ATTR_MAP": {},
+ "AUTH_LDAP_3_GROUP_SEARCH": [],
+ "AUTH_LDAP_3_GROUP_TYPE": "MemberDNGroupType",
+ "AUTH_LDAP_3_GROUP_TYPE_PARAMS": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "AUTH_LDAP_3_REQUIRE_GROUP": null,
+ "AUTH_LDAP_3_DENY_GROUP": null,
+ "AUTH_LDAP_3_USER_FLAGS_BY_GROUP": {},
+ "AUTH_LDAP_3_ORGANIZATION_MAP": {},
+ "AUTH_LDAP_3_TEAM_MAP": {},
+ "AUTH_LDAP_4_SERVER_URI": "",
+ "AUTH_LDAP_4_BIND_DN": "",
+ "AUTH_LDAP_4_BIND_PASSWORD": "",
+ "AUTH_LDAP_4_START_TLS": false,
+ "AUTH_LDAP_4_CONNECTION_OPTIONS": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "AUTH_LDAP_4_USER_SEARCH": [],
+ "AUTH_LDAP_4_USER_DN_TEMPLATE": null,
+ "AUTH_LDAP_4_USER_ATTR_MAP": {},
+ "AUTH_LDAP_4_GROUP_SEARCH": [],
+ "AUTH_LDAP_4_GROUP_TYPE": "MemberDNGroupType",
+ "AUTH_LDAP_4_GROUP_TYPE_PARAMS": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "AUTH_LDAP_4_REQUIRE_GROUP": null,
+ "AUTH_LDAP_4_DENY_GROUP": null,
+ "AUTH_LDAP_4_USER_FLAGS_BY_GROUP": {},
+ "AUTH_LDAP_4_ORGANIZATION_MAP": {},
+ "AUTH_LDAP_4_TEAM_MAP": {},
+ "AUTH_LDAP_5_SERVER_URI": "",
+ "AUTH_LDAP_5_BIND_DN": "",
+ "AUTH_LDAP_5_BIND_PASSWORD": "",
+ "AUTH_LDAP_5_START_TLS": false,
+ "AUTH_LDAP_5_CONNECTION_OPTIONS": {
+ "OPT_REFERRALS": 0,
+ "OPT_NETWORK_TIMEOUT": 30
+ },
+ "AUTH_LDAP_5_USER_SEARCH": [],
+ "AUTH_LDAP_5_USER_DN_TEMPLATE": null,
+ "AUTH_LDAP_5_USER_ATTR_MAP": {},
+ "AUTH_LDAP_5_GROUP_SEARCH": [],
+ "AUTH_LDAP_5_GROUP_TYPE": "MemberDNGroupType",
+ "AUTH_LDAP_5_GROUP_TYPE_PARAMS": {
+ "member_attr": "member",
+ "name_attr": "cn"
+ },
+ "AUTH_LDAP_5_REQUIRE_GROUP": null,
+ "AUTH_LDAP_5_DENY_GROUP": null,
+ "AUTH_LDAP_5_USER_FLAGS_BY_GROUP": {},
+ "AUTH_LDAP_5_ORGANIZATION_MAP": {},
+ "AUTH_LDAP_5_TEAM_MAP": {}
+}
\ No newline at end of file
diff --git a/awx/ui_next/src/screens/Setting/shared/data.logSettings.json b/awx/ui_next/src/screens/Setting/shared/data.logSettings.json
new file mode 100644
index 0000000000..d976bdc6e0
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/data.logSettings.json
@@ -0,0 +1,21 @@
+{
+ "LOG_AGGREGATOR_HOST": "https://mocklog",
+ "LOG_AGGREGATOR_PORT": 1234,
+ "LOG_AGGREGATOR_TYPE": "logstash",
+ "LOG_AGGREGATOR_USERNAME": "logging_name",
+ "LOG_AGGREGATOR_PASSWORD": "$encrypted$",
+ "LOG_AGGREGATOR_LOGGERS": [
+ "activity_stream",
+ "system_tracking"
+ ],
+ "LOG_AGGREGATOR_INDIVIDUAL_FACTS": false,
+ "LOG_AGGREGATOR_ENABLED": false,
+ "LOG_AGGREGATOR_TOWER_UUID": "",
+ "LOG_AGGREGATOR_PROTOCOL": "https",
+ "LOG_AGGREGATOR_TCP_TIMEOUT": 5,
+ "LOG_AGGREGATOR_VERIFY_CERT": true,
+ "LOG_AGGREGATOR_LEVEL": "INFO",
+ "LOG_AGGREGATOR_MAX_DISK_USAGE_GB": 1,
+ "LOG_AGGREGATOR_MAX_DISK_USAGE_PATH": "/var/lib/awx",
+ "LOG_AGGREGATOR_RSYSLOGD_DEBUG": false
+}
\ No newline at end of file
diff --git a/awx/ui_next/src/screens/Setting/shared/index.js b/awx/ui_next/src/screens/Setting/shared/index.js
new file mode 100644
index 0000000000..3668a539bf
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/index.js
@@ -0,0 +1 @@
+export { default } from './SettingDetail';
diff --git a/awx/ui_next/src/screens/Setting/shared/settingTestUtils.js b/awx/ui_next/src/screens/Setting/shared/settingTestUtils.js
new file mode 100644
index 0000000000..31fe98a754
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/settingTestUtils.js
@@ -0,0 +1,15 @@
+export function assertDetail(wrapper, label, value) {
+ expect(wrapper.find(`Detail[label="${label}"] dt`).text()).toBe(label);
+ expect(wrapper.find(`Detail[label="${label}"] dd`).text()).toBe(value);
+}
+
+export function assertVariableDetail(wrapper, label, value) {
+ expect(
+ wrapper.find(`VariablesDetail[label="${label}"] .pf-c-form__label`).text()
+ ).toBe(label);
+ expect(
+ wrapper
+ .find(`VariablesDetail[label="${label}"] CodeMirrorInput`)
+ .prop('value')
+ ).toBe(value);
+}
diff --git a/awx/ui_next/src/screens/Setting/shared/settingUtils.js b/awx/ui_next/src/screens/Setting/shared/settingUtils.js
new file mode 100644
index 0000000000..78d27142aa
--- /dev/null
+++ b/awx/ui_next/src/screens/Setting/shared/settingUtils.js
@@ -0,0 +1,17 @@
+export function sortNestedDetails(obj = {}) {
+ const nestedTypes = ['nested object', 'list'];
+ const notNested = Object.entries(obj).filter(
+ ([, value]) => !nestedTypes.includes(value.type)
+ );
+ const nestedList = Object.entries(obj).filter(
+ ([, value]) => value.type === 'list'
+ );
+ const nestedObject = Object.entries(obj).filter(
+ ([, value]) => value.type === 'nested object'
+ );
+ return [...notNested, ...nestedList, ...nestedObject];
+}
+
+export function pluck(sourceObject, ...keys) {
+ return Object.assign({}, ...keys.map(key => ({ [key]: sourceObject[key] })));
+}