diff --git a/.env b/.env
index 8124bba..4a9fe4f 100644
--- a/.env
+++ b/.env
@@ -4,3 +4,4 @@ MYMAIL=MYEMAIL@MYDOMAIN.TLD
MYDATA=/data
LOGIN_TEXT=username
COLLAB_TEXT=Direct share with collaborators is enabled only for activated users!
+ADMIN_IS_SYSADMIN=false
diff --git a/Makefile b/Makefile
index 437b00c..182ccf7 100644
--- a/Makefile
+++ b/Makefile
@@ -3,6 +3,7 @@ include .env
build:
docker build --build-arg login_text="${LOGIN_TEXT}" \
--build-arg collab_text="${COLLAB_TEXT}" \
+ --build-arg admin_is_sysadmin="${ADMIN_IS_SYSADMIN}" \
-t "ldap-overleaf-sl" ldap-overleaf-sl
clean: check_clean
diff --git a/README.md b/README.md
index 30c8f45..322f0a7 100644
--- a/README.md
+++ b/README.md
@@ -63,9 +63,11 @@ MYDATA=/data
```
LOGIN_TEXT=username
COLLAB_TEXT=Direct share with collaborators is enabled only for activated users!
+ADMIN_IS_SYSADMIN=false
```
*LOGIN_TEXT* : displayed instead of email-adress field (login.pug)
-*COLLAB_TEXT* : displayed for email invitation (share.pug)
+*COLLAB_TEXT* : displayed for email invitation (share.pug)
+*ADMIN_IS_SYSADMIN* : false or true (if ``false`` isAdmin group is allowed to add users to sharelatex and post messages. if ``true`` isAdmin group is allowed to logout other users / set maintenance mode)
### LDAP Configuration
diff --git a/ldap-overleaf-sl/Dockerfile b/ldap-overleaf-sl/Dockerfile
index 273bda5..1492432 100644
--- a/ldap-overleaf-sl/Dockerfile
+++ b/ldap-overleaf-sl/Dockerfile
@@ -7,7 +7,8 @@ LABEL version="0.1"
# passed from .env (via make)
ARG collab_text
-ARG login_text
+ARG login_text
+ARG admin_is_sysadmin
# set workdir (might solve issue #2 - see https://stackoverflow.com/questions/57534295/)
WORKDIR /var/www/sharelatex/web
@@ -50,6 +51,9 @@ COPY sharelatex/navbar.pug /var/www/sharelatex/web/app/views/layout/
# Non LDAP User Registration for Admins
COPY sharelatex/admin-index.pug /var/www/sharelatex/web/app/views/admin/index.pug
+COPY sharelatex/admin-sysadmin.pug /tmp/admin-sysadmin.pug
+RUN if [ "${admin_is_sysadmin}" = "true" ] ; then cp /tmp/admin-sysadmin.pug /var/www/sharelatex/web/app/views/admin/index.pug ; else rm /tmp/admin-sysadmin.pug ; fi
+
RUN rm /var/www/sharelatex/web/app/views/admin/register.pug
### To remove comments entirly (bug https://github.com/overleaf/overleaf/issues/678)
diff --git a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
index f4a3fa0..f2c712a 100644
--- a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
+++ b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js
@@ -306,8 +306,8 @@ const AuthenticationManager = {
}
} catch (ex) {
console.log("An Error occured while getting user data during ldapsearch: " + String(ex))
- await client.unbind();
- return callback(null, null)
+ await client.unbind();
+ return callback(null, null)
}
try {
// if admin filter is set - only set admin for user in ldap group
diff --git a/ldap-overleaf-sl/sharelatex/admin-sysadmin.pug b/ldap-overleaf-sl/sharelatex/admin-sysadmin.pug
new file mode 100644
index 0000000..c7131a3
--- /dev/null
+++ b/ldap-overleaf-sl/sharelatex/admin-sysadmin.pug
@@ -0,0 +1,79 @@
+extends ../layout
+
+block content
+ .content.content-alt
+ .container
+ .row
+ .col-xs-12
+ .card(ng-controller="RegisterUsersController")
+ .page-header
+ h1 Admin Panel
+ tabset(ng-cloak)
+ tab(heading="System Messages")
+ each message in systemMessages
+ .alert.alert-info.row-spaced(ng-non-bindable) #{message.content}
+ hr
+ form(method='post', action='/admin/messages')
+ input(name="_csrf", type="hidden", value=csrfToken)
+ .form-group
+ label(for="content")
+ input.form-control(name="content", type="text", placeholder="Message...", required)
+ button.btn.btn-primary(type="submit") Post Message
+ hr
+ form(method='post', action='/admin/messages/clear')
+ input(name="_csrf", type="hidden", value=csrfToken)
+ button.btn.btn-danger(type="submit") Clear all messages
+
+
+ tab(heading="Register non LDAP User")
+ form.form
+ .row
+ .col-md-4.col-xs-8
+ input.form-control(
+ name="email",
+ type="text",
+ placeholder="jane@example.com, joe@example.com",
+ ng-model="inputs.emails",
+ on-enter="registerUsers()"
+ )
+ .col-md-8.col-xs-4
+ button.btn.btn-primary(ng-click="registerUsers()") #{translate("register")}
+
+ .row-spaced(ng-show="error").ng-cloak.text-danger
+ p Sorry, an error occured
+
+ .row-spaced(ng-show="users.length > 0").ng-cloak.text-success
+ p We've sent out welcome emails to the registered users.
+ p You can also manually send them URLs below to allow them to reset their password and log in for the first time.
+ p (Password reset tokens will expire after one week and the user will need registering again).
+
+ hr(ng-show="users.length > 0").ng-cloak
+ table(ng-show="users.length > 0").table.table-striped.ng-cloak
+ tr
+ th #{translate("email")}
+ th Set Password Url
+ tr(ng-repeat="user in users")
+ td {{ user.email }}
+ td(style="word-break: break-all;") {{ user.setNewPasswordUrl }}
+ tab(heading="Open/Close Editor" bookmarkable-tab="open-close-editor")
+ if hasFeature('saas')
+ | The "Open/Close Editor" feature is not available in SAAS.
+ else
+ .row-spaced
+ form(method='post',action='/admin/closeEditor')
+ input(name="_csrf", type="hidden", value=csrfToken)
+ button.btn.btn-danger(type="submit") Close Editor
+ p.small Will stop anyone opening the editor. Will NOT disconnect already connected users.
+
+ .row-spaced
+ form(method='post',action='/admin/disconnectAllUsers')
+ input(name="_csrf", type="hidden", value=csrfToken)
+ button.btn.btn-danger(type="submit") Disconnect all users
+ p.small Will force disconnect all users with the editor open. Make sure to close the editor first to avoid them reconnecting.
+
+ .row-spaced
+ form(method='post',action='/admin/openEditor')
+ input(name="_csrf", type="hidden", value=csrfToken)
+ button.btn.btn-danger(type="submit") Reopen Editor
+ p.small Will reopen the editor after closing.
+