Issue #2427123 by snufkin, jacob.embree: [UX] Breaking out the configuration form into tabs

jacob.embree · Balazs Dianiska · commit 232b1a5962eb · 2015-08-18T16:53:22.000+02:00
diff --git a/simplesamlphp_auth.admin.inc b/simplesamlphp_auth.admin.inc
@@ -6,23 +6,16 @@
  */
 
 /**
- * Implements settings for the module.
+ * Basic configuration form.
+ *
+ * Shows the first page of SimpleSAMLphp Authentication's configuration.
+ *
+ * @return array
  */
-function simplesamlphp_auth_settings() {
-  global $_simplesamlphp_auth_saml_version, $base_url;
-
-  if (!empty($_simplesamlphp_auth_saml_version)) {
-    $ver = explode('.', $_simplesamlphp_auth_saml_version);
-    if (!($ver[0] >= 1 && $ver[1] >= 6)) {
-      drupal_set_message(t("Please upgrade SimpleSAMLphp. You are using %ssp_version", array('%ssp_version' => $_simplesamlphp_auth_saml_version)), 'warning');
-    }
-  }
-
-  $roles = user_roles(TRUE);
-
+function simplesamlphp_auth_settings_basic() {
   $form['simplesamlphp_auth_grp_setup'] = array(
     '#type' => 'fieldset',
-    '#title' => t('Basic Setup'),
+    '#title' => t('Basic settings'),
     '#collapsible' => FALSE,
   );
   $form['simplesamlphp_auth_grp_setup']['simplesamlphp_auth_activate'] = array(
@@ -56,54 +49,11 @@ function simplesamlphp_auth_settings() {
     '#description' => t('Path for logging into SAML - Do not include proceeding slash.'),
   );
 
-  $form['simplesamlphp_auth_grp_user'] = array(
-    '#type' => 'fieldset',
-    '#title' => t('User Info and Syncing'),
-    '#collapsible' => FALSE,
-  );
-  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_user_name'] = array(
-    '#type' => 'textfield',
-    '#title' => t("Which attribute from simpleSAMLphp should be used as user's name"),
-    '#default_value' => variable_get('simplesamlphp_auth_user_name', 'eduPersonPrincipalName'),
-    '#description' => t('Example: <i>eduPersonPrincipalName</i> or <i>displayName</i><br />If the attribute is multivalued, the first value will be used.'),
-    '#required' => TRUE,
-  );
-  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_unique_id'] = array(
-    '#type' => 'textfield',
-    '#title' => t('Which attribute from simpleSAMLphp should be used as unique identifier for the user'),
-    '#default_value' => variable_get('simplesamlphp_auth_unique_id', 'eduPersonPrincipalName'),
-    '#description' => t('Example: <i>eduPersonPrincipalName</i> or <i>eduPersonTargetedID</i><br />If the attribute is multivalued, the first value will be used.'),
-    '#required' => TRUE,
-  );
-  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_mailattr'] = array(
-    '#type' => 'textfield',
-    '#title' => t('Which attribute from simpleSAMLphp should be used as user mail address'),
-    '#default_value' => variable_get('simplesamlphp_auth_mailattr', 'mail'),
-    '#description' => t('Example: <i>mail</i><br />If the user attribute is multivalued, the first value will be used.'),
-  );
-  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_rolepopulation'] = array(
-    '#type' => 'textarea',
-    '#title' => t('Automatic role population from simpleSAMLphp attributes'),
-    '#default_value' => variable_get('simplesamlphp_auth_rolepopulation', ''),
-    '#description' => t('A pipe separated list of rules.<br />Example: <i>roleid1:condition1|roleid2:contition2...</i> <br />For instance: <i>1:eduPersonPrincipalName,@=,uninett.no;affiliation,=,employee|2:mail,=,andreas@uninett.no</i>,3:mail,~=,andre'),
-  );
-  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_roleevaleverytime'] = array(
-    '#type' => 'checkbox',
-    '#title' => t('Reevaluate roles every time the user logs in.'),
-    '#default_value' => variable_get('simplesamlphp_auth_roleevaleverytime', 0),
-    '#description' => t('NOTE: This means users could loose any roles that have been assigned manually in Drupal.'),
-  );
-  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_autoenablesaml'] = array(
-    '#type' => 'checkbox',
-    '#title' => t('Automatically enable SAML authentication for existing users upon successful login'),
-    '#default_value' => variable_get('simplesamlphp_auth_autoenablesaml', 0),
-  );
-
   $form['simplesamlphp_auth_grp_reg'] = array(
     '#type' => 'fieldset',
     '#title' => t('User Provisioning'),
-    '#collapsible' => TRUE,
-    '#collapsed' => TRUE,
+    '#collapsible' => FALSE,
+    '#collapsed' => FALSE,
   );
   $form['simplesamlphp_auth_grp_reg']['simplesamlphp_auth_registerusers'] = array(
     '#type' => 'checkbox',
@@ -112,11 +62,21 @@ function simplesamlphp_auth_settings() {
     '#description' => t("Determines wether or not the module should automatically create/register new Drupal accounts for users that authenticate using SimpleSAMLphp. Unless you've done some custom work to provision Drupal accounts with the necessary authmap entries you will want this checked. NOTE: If unchecked each user must already have been provisioned a Drupal account with an appropriate entry in the authmap table before logging in. Otherwise they will receive a notice and be denied access. Be aware that simply creating a Drupal account will not create the necessary entry in the authmap table."),
   );
 
+  return system_settings_form($form);
+}
+
+/**
+ * Configuration form for all local authentication related settings.
+ *
+ * @return array
+ */
+function simplesamlphp_auth_settings_local() {
+  $roles = user_roles(TRUE);
   $form['simplesamlphp_auth_grp_auth'] = array(
     '#type' => 'fieldset',
     '#title' => t('Drupal Authentication'),
-    '#collapsible' => TRUE,
-    '#collapsed' => TRUE,
+    '#collapsible' => FALSE,
+    '#collapsed' => FALSE,
   );
   $form['simplesamlphp_auth_grp_auth']['simplesamlphp_auth_allowdefaultlogin'] = array(
     '#type' => 'checkbox',
@@ -154,23 +114,75 @@ function simplesamlphp_auth_settings() {
     '#type' => 'textfield',
     '#title' => t('Optionally, specify a URL for users to go to after logging out'),
     '#default_value' => variable_get('simplesamlphp_auth_logoutgotourl', ''),
-    '#description' => t('Example: @base_url', array('@base_url' => $base_url)),
+    '#description' => t('Example: @base_url', array('@base_url' => $GLOBALS['base_url'])),
   );
 
-  $form['#submit'][] = 'simplesamlphp_auth_settings_submit';
+  $form['#submit'][] = 'simplesamlphp_auth_settings_local_submit';
+
+  return system_settings_form($form);
+}
+
+/**
+ * Configuration form pertaining to how the data is pulled in from the IdP.
+ *
+ * @return array
+ */
+function simplesamlphp_auth_settings_sync() {
+  $form['simplesamlphp_auth_grp_user'] = array(
+    '#type' => 'fieldset',
+    '#title' => t('User Info and Syncing'),
+    '#collapsible' => FALSE,
+  );
+  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_user_name'] = array(
+    '#type' => 'textfield',
+    '#title' => t("Which attribute from simpleSAMLphp should be used as user's name"),
+    '#default_value' => variable_get('simplesamlphp_auth_user_name', 'eduPersonPrincipalName'),
+    '#description' => t('Example: <i>eduPersonPrincipalName</i> or <i>displayName</i><br />If the attribute is multivalued, the first value will be used.'),
+    '#required' => TRUE,
+  );
+  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_unique_id'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Which attribute from simpleSAMLphp should be used as unique identifier for the user'),
+    '#default_value' => variable_get('simplesamlphp_auth_unique_id', 'eduPersonPrincipalName'),
+    '#description' => t('Example: <i>eduPersonPrincipalName</i> or <i>eduPersonTargetedID</i><br />If the attribute is multivalued, the first value will be used.'),
+    '#required' => TRUE,
+  );
+  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_mailattr'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Which attribute from simpleSAMLphp should be used as user mail address'),
+    '#default_value' => variable_get('simplesamlphp_auth_mailattr', 'mail'),
+    '#description' => t('Example: <i>mail</i><br />If the user attribute is multivalued, the first value will be used.'),
+  );
+  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_rolepopulation'] = array(
+    '#type' => 'textarea',
+    '#title' => t('Automatic role population from simpleSAMLphp attributes'),
+    '#default_value' => variable_get('simplesamlphp_auth_rolepopulation', ''),
+    '#description' => t('A pipe separated list of rules.<br />Example: <i>roleid1:condition1|roleid2:contition2...</i> <br />For instance: <i>1:eduPersonPrincipalName,@=,uninett.no;affiliation,=,employee|2:mail,=,andreas@uninett.no</i>,3:mail,~=,andre'),
+  );
+  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_roleevaleverytime'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Reevaluate roles every time the user logs in.'),
+    '#default_value' => variable_get('simplesamlphp_auth_roleevaleverytime', 0),
+    '#description' => t('NOTE: This means users could loose any roles that have been assigned manually in Drupal.'),
+  );
+  $form['simplesamlphp_auth_grp_user']['simplesamlphp_auth_autoenablesaml'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Automatically enable SAML authentication for existing users upon successful login'),
+    '#default_value' => variable_get('simplesamlphp_auth_autoenablesaml', 0),
+  );
 
   return system_settings_form($form);
 }
 
 /**
- * Additional submission handler for simplesamlphp_auth_settings().
+ * Additional submission handler for simplesamlphp_auth_settings_local().
  *
  * If there is a change in the login path, trigger a menu rebuild.
  *
- * @see simplesamlphp_auth_settings()
+ * @see simplesamlphp_auth_settings_local()
  * @see system_settings_form_submit()
  */
-function simplesamlphp_auth_settings_submit($form, &$form_state) {
+function simplesamlphp_auth_settings_local_submit($form, &$form_state) {
   $old_login_path = variable_get('simplesamlphp_auth_login_path', 'saml_login');
   $new_login_path = $form_state['values']['simplesamlphp_auth_login_path'];
 
diff --git a/simplesamlphp_auth.module b/simplesamlphp_auth.module
@@ -39,11 +39,38 @@ function simplesamlphp_auth_menu() {
     'title' => 'SimpleSAMLphp Auth Settings',
     'description' => 'Control the various settings of the simpleSAMLphp authentication module',
     'page callback' => 'drupal_get_form',
-    'page arguments' => array('simplesamlphp_auth_settings'),
+    'page arguments' => array('simplesamlphp_auth_settings_basic'),
     'access arguments' => array('administer simpleSAMLphp authentication'),
     'file' => 'simplesamlphp_auth.admin.inc',
     'type' => MENU_LOCAL_TASK | MENU_NORMAL_ITEM,
   );
+  $items['admin/config/people/simplesamlphp_auth/basic'] = array(
+    'title' => 'Basic settings',
+    'description' => 'Control the various settings of the simpleSAMLphp authentication module',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('simplesamlphp_auth_settings_basic'),
+    'access arguments' => array('administer simpleSAMLphp authentication'),
+    'file' => 'simplesamlphp_auth.admin.inc',
+    'type' => MENU_DEFAULT_LOCAL_TASK,
+  );
+  $items['admin/config/people/simplesamlphp_auth/sync'] = array(
+    'title' => 'User info and syncing',
+    'description' => 'Control the various settings of the simpleSAMLphp authentication module',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('simplesamlphp_auth_settings_sync'),
+    'access arguments' => array('administer simpleSAMLphp authentication'),
+    'file' => 'simplesamlphp_auth.admin.inc',
+    'type' => MENU_LOCAL_TASK,
+  );
+  $items['admin/config/people/simplesamlphp_auth/local'] = array(
+    'title' => 'Local authentication',
+    'description' => 'Configure local only authentication options',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('simplesamlphp_auth_settings_local'),
+    'access arguments' => array('administer simpleSAMLphp authentication'),
+    'file' => 'simplesamlphp_auth.admin.inc',
+    'type' => MENU_LOCAL_TASK,
+  );
   $items[$login_path] = array(
     'title' => 'Logon to the site',
     'description' => 'Provides a site login page',
