IA update: Update access and control section

This is the fifth commit of the information architecture changes and
has the following changes:

- The icon for access and control has been updated
- Access and control section has been updated to security and
access section
- Security settings page has been updated to policies page and moved to
security and access section
- Client sessions page has been updated to sessions page
- Local user management page has been updated to user management page
- SSL certificates page has been updated to certificates page

Signed-off-by: Sandeepa Singh <sandeepa.singh@ibm.com>
Change-Id: Ie93cee9002742ecf7d33615636f4f159f4395fc4

1 files changed, 275 insertions, 0 deletions

diff --git a/src/store/modules/SecurityAndAccess/LdapStore.js b/src/store/modules/SecurityAndAccess/LdapStore.js
new file mode 100644
index 00000000..5aa31c2d
--- /dev/null
+++ b/src/store/modules/SecurityAndAccess/LdapStore.js
@@ -0,0 +1,275 @@
+import api from '@/store/api';
+import i18n from '@/i18n';
+import { find } from 'lodash';
+
+const LdapStore = {
+  namespaced: true,
+  state: {
+    isServiceEnabled: null,
+    ldap: {
+      serviceEnabled: null,
+      serviceAddress: null,
+      bindDn: null,
+      baseDn: null,
+      userAttribute: null,
+      groupsAttribute: null,
+      roleGroups: [],
+    },
+    activeDirectory: {
+      serviceEnabled: null,
+      serviceAddress: null,
+      bindDn: null,
+      baseDn: null,
+      userAttribute: null,
+      groupsAttribute: null,
+      roleGroups: [],
+    },
+  },
+  getters: {
+    isServiceEnabled: (state) => state.isServiceEnabled,
+    ldap: (state) => state.ldap,
+    activeDirectory: (state) => state.activeDirectory,
+    isActiveDirectoryEnabled: (state) => {
+      return state.activeDirectory.serviceEnabled;
+    },
+    enabledRoleGroups: (state, getters) => {
+      const serviceType = getters.isActiveDirectoryEnabled
+        ? 'activeDirectory'
+        : 'ldap';
+      return state[serviceType].roleGroups;
+    },
+  },
+  mutations: {
+    setServiceEnabled: (state, serviceEnabled) =>
+      (state.isServiceEnabled = serviceEnabled),
+    setLdapProperties: (
+      state,
+      {
+        ServiceEnabled,
+        ServiceAddresses = [],
+        Authentication = {},
+        LDAPService: {
+          SearchSettings: {
+            BaseDistinguishedNames = [],
+            UsernameAttribute,
+            GroupsAttribute,
+          } = {},
+        } = {},
+        RemoteRoleMapping = [],
+      }
+    ) => {
+      state.ldap.serviceAddress = ServiceAddresses[0];
+      state.ldap.serviceEnabled = ServiceEnabled;
+      state.ldap.baseDn = BaseDistinguishedNames[0];
+      state.ldap.bindDn = Authentication.Username;
+      state.ldap.userAttribute = UsernameAttribute;
+      state.ldap.groupsAttribute = GroupsAttribute;
+      state.ldap.roleGroups = RemoteRoleMapping;
+    },
+    setActiveDirectoryProperties: (
+      state,
+      {
+        ServiceEnabled,
+        ServiceAddresses = [],
+        Authentication = {},
+        LDAPService: {
+          SearchSettings: {
+            BaseDistinguishedNames = [],
+            UsernameAttribute,
+            GroupsAttribute,
+          } = {},
+        } = {},
+        RemoteRoleMapping = [],
+      }
+    ) => {
+      state.activeDirectory.serviceEnabled = ServiceEnabled;
+      state.activeDirectory.serviceAddress = ServiceAddresses[0];
+      state.activeDirectory.bindDn = Authentication.Username;
+      state.activeDirectory.baseDn = BaseDistinguishedNames[0];
+      state.activeDirectory.userAttribute = UsernameAttribute;
+      state.activeDirectory.groupsAttribute = GroupsAttribute;
+      state.activeDirectory.roleGroups = RemoteRoleMapping;
+    },
+  },
+  actions: {
+    async getAccountSettings({ commit }) {
+      return await api
+        .get('/redfish/v1/AccountService')
+        .then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => {
+          const ldapEnabled = LDAP.ServiceEnabled;
+          const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled;
+
+          commit('setServiceEnabled', ldapEnabled || activeDirectoryEnabled);
+          commit('setLdapProperties', LDAP);
+          commit('setActiveDirectoryProperties', ActiveDirectory);
+        })
+        .catch((error) => console.log(error));
+    },
+    async saveLdapSettings({ state, dispatch }, properties) {
+      const data = { LDAP: properties };
+      if (state.activeDirectory.serviceEnabled) {
+        // Disable Active Directory service if enabled
+        await api.patch('/redfish/v1/AccountService', {
+          ActiveDirectory: { ServiceEnabled: false },
+        });
+      }
+      return await api
+        .patch('/redfish/v1/AccountService', data)
+        .then(() => dispatch('getAccountSettings'))
+        .then(() => i18n.t('pageLdap.toast.successSaveLdapSettings'))
+        .catch((error) => {
+          console.log(error);
+          throw new Error(i18n.t('pageLdap.toast.errorSaveLdapSettings'));
+        });
+    },
+    async saveActiveDirectorySettings({ state, dispatch }, properties) {
+      const data = { ActiveDirectory: properties };
+      if (state.ldap.serviceEnabled) {
+        // Disable LDAP service if enabled
+        await api.patch('/redfish/v1/AccountService', {
+          LDAP: { ServiceEnabled: false },
+        });
+      }
+      return await api
+        .patch('/redfish/v1/AccountService', data)
+        .then(() => dispatch('getAccountSettings'))
+        .then(() => i18n.t('pageLdap.toast.successSaveActiveDirectorySettings'))
+        .catch((error) => {
+          console.log(error);
+          throw new Error(
+            i18n.t('pageLdap.toast.errorSaveActiveDirectorySettings')
+          );
+        });
+    },
+    async saveAccountSettings(
+      { dispatch },
+      {
+        serviceEnabled,
+        serviceAddress,
+        activeDirectoryEnabled,
+        bindDn,
+        bindPassword,
+        baseDn,
+        userIdAttribute,
+        groupIdAttribute,
+      }
+    ) {
+      const data = {
+        ServiceEnabled: serviceEnabled,
+        ServiceAddresses: [serviceAddress],
+        Authentication: {
+          Username: bindDn,
+          Password: bindPassword,
+        },
+        LDAPService: {
+          SearchSettings: {
+            BaseDistinguishedNames: [baseDn],
+          },
+        },
+      };
+      if (groupIdAttribute)
+        data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute;
+      if (userIdAttribute)
+        data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute;
+
+      if (activeDirectoryEnabled) {
+        return await dispatch('saveActiveDirectorySettings', data);
+      } else {
+        return await dispatch('saveLdapSettings', data);
+      }
+    },
+    async addNewRoleGroup(
+      { dispatch, getters },
+      { groupName, groupPrivilege }
+    ) {
+      const data = {};
+      const enabledRoleGroups = getters['enabledRoleGroups'];
+      const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
+      const RemoteRoleMapping = [
+        ...enabledRoleGroups,
+        {
+          LocalRole: groupPrivilege,
+          RemoteGroup: groupName,
+        },
+      ];
+      if (isActiveDirectoryEnabled) {
+        data.ActiveDirectory = { RemoteRoleMapping };
+      } else {
+        data.LDAP = { RemoteRoleMapping };
+      }
+      return await api
+        .patch('/redfish/v1/AccountService', data)
+        .then(() => dispatch('getAccountSettings'))
+        .then(() =>
+          i18n.t('pageLdap.toast.successAddRoleGroup', {
+            groupName,
+          })
+        )
+        .catch((error) => {
+          console.log(error);
+          throw new Error(i18n.t('pageLdap.toast.errorAddRoleGroup'));
+        });
+    },
+    async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) {
+      const data = {};
+      const enabledRoleGroups = getters['enabledRoleGroups'];
+      const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
+      const RemoteRoleMapping = enabledRoleGroups.map((group) => {
+        if (group.RemoteGroup === groupName) {
+          return {
+            RemoteGroup: groupName,
+            LocalRole: groupPrivilege,
+          };
+        } else {
+          return {};
+        }
+      });
+      if (isActiveDirectoryEnabled) {
+        data.ActiveDirectory = { RemoteRoleMapping };
+      } else {
+        data.LDAP = { RemoteRoleMapping };
+      }
+      return await api
+        .patch('/redfish/v1/AccountService', data)
+        .then(() => dispatch('getAccountSettings'))
+        .then(() =>
+          i18n.t('pageLdap.toast.successSaveRoleGroup', { groupName })
+        )
+        .catch((error) => {
+          console.log(error);
+          throw new Error(i18n.t('pageLdap.toast.errorSaveRoleGroup'));
+        });
+    },
+    async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) {
+      const data = {};
+      const enabledRoleGroups = getters['enabledRoleGroups'];
+      const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
+      const RemoteRoleMapping = enabledRoleGroups.map((group) => {
+        if (find(roleGroups, { groupName: group.RemoteGroup })) {
+          return null;
+        } else {
+          return {};
+        }
+      });
+      if (isActiveDirectoryEnabled) {
+        data.ActiveDirectory = { RemoteRoleMapping };
+      } else {
+        data.LDAP = { RemoteRoleMapping };
+      }
+      return await api
+        .patch('/redfish/v1/AccountService', data)
+        .then(() => dispatch('getAccountSettings'))
+        .then(() =>
+          i18n.tc('pageLdap.toast.successDeleteRoleGroup', roleGroups.length)
+        )
+        .catch((error) => {
+          console.log(error);
+          throw new Error(
+            i18n.tc('pageLdap.toast.errorDeleteRoleGroup', roleGroups.length)
+          );
+        });
+    },
+  },
+};
+
+export default LdapStore;