PRovide LDAP sync and authentication

2025-08-05 13:35:25 +02:00 · 2018-09-04 17:19:26 +01:00 · 2018-09-04 17:19:26 +01:00 · 074eea3aeb
commit 074eea3aeb
parent 63b17f9b88
38 changed files with 567 additions and 499 deletions
--- a/gui/app/authenticators/anonymous.js
+++ b/gui/app/authenticators/anonymous.js
@ -1,16 +1,15 @@
 // Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
 //
-// This software (Documize Community Edition) is licensed under 
+// This software (Documize Community Edition) is licensed under
 // GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
 //
 // You can operate outside the AGPL restrictions by purchasing
 // Documize Enterprise Edition and obtaining a commercial license
-// by contacting <sales@documize.com>. 
+// by contacting <sales@documize.com>.
 //
 // https://documize.com

 import { resolve } from 'rsvp';
-
 import Base from 'ember-simple-auth/authenticators/base';

 export default Base.extend({
@ -20,4 +19,4 @@ export default Base.extend({
 	authenticate(data) {
 		return resolve(data);
 	}
-});
+});
--- a/gui/app/authenticators/documize.js
+++ b/gui/app/authenticators/documize.js
@ -1,21 +1,20 @@
 // Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
 //
-// This software (Documize Community Edition) is licensed under 
+// This software (Documize Community Edition) is licensed under
 // GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
 //
 // You can operate outside the AGPL restrictions by purchasing
 // Documize Enterprise Edition and obtaining a commercial license
-// by contacting <sales@documize.com>. 
+// by contacting <sales@documize.com>.
 //
 // https://documize.com

 import { isPresent } from '@ember/utils';
-
 import { reject, resolve } from 'rsvp';
 import { inject as service } from '@ember/service';
-import Base from 'ember-simple-auth/authenticators/base';
 import encodingUtil from '../utils/encoding';
 import netUtil from '../utils/net';
+import Base from 'ember-simple-auth/authenticators/base';

 export default Base.extend({
 	ajax: service(),
@ -27,7 +26,7 @@ export default Base.extend({
 		if (data) {
 			return resolve(data);
 		}
-		
+
 		return reject();
 	},

@ -55,7 +54,7 @@ export default Base.extend({
 	},

 	invalidate() {
-		this.get('localStorage').clearAll();		
+		this.get('localStorage').clearAll();
 		return resolve();
 	}
-});
+});
--- a/gui/app/authenticators/keycloak.js
+++ b/gui/app/authenticators/keycloak.js
@ -10,11 +10,10 @@
 // https://documize.com

 import { isPresent } from '@ember/utils';
-
 import { reject, resolve } from 'rsvp';
 import { inject as service } from '@ember/service';
-import Base from 'ember-simple-auth/authenticators/base';
 import netUtil from '../utils/net';
+import Base from 'ember-simple-auth/authenticators/base';

 export default Base.extend({
 	ajax: service(),
--- a/gui/app/authenticators/ldap.js
+++ b/gui/app/authenticators/ldap.js
@ -0,0 +1,60 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+import { isPresent } from '@ember/utils';
+import { reject, resolve } from 'rsvp';
+import { inject as service } from '@ember/service';
+import encodingUtil from '../utils/encoding';
+import netUtil from '../utils/net';
+import Base from 'ember-simple-auth/authenticators/base';
+
+export default Base.extend({
+	ajax: service(),
+	appMeta: service(),
+	localStorage: service(),
+
+	restore(data) {
+		// TODO: verify authentication data
+		if (data) {
+			return resolve(data);
+		}
+
+		return reject();
+	},
+
+	authenticate(credentials) {
+		let domain = netUtil.getSubdomain();
+		let encoded;
+
+		if (typeof credentials === 'object') {
+			let { password, username } = credentials;
+
+			if (!isPresent(password) || !isPresent(username)) {
+				return reject("invalid");
+			}
+
+			encoded = encodingUtil.Base64.encode(`${domain}:${username}:${password}`);
+		} else if (typeof credentials === 'string') {
+			encoded = credentials;
+		} else {
+			return reject("invalid");
+		}
+
+		let headers = { 'Authorization': 'Basic ' + encoded };
+
+		return this.get('ajax').post('public/authenticate/ldap', { headers });
+	},
+
+	invalidate() {
+		this.get('localStorage').clearAll();
+		return resolve();
+	}
+});
--- a/gui/app/components/customize/auth-settings.js
+++ b/gui/app/components/customize/auth-settings.js
@ -129,6 +129,7 @@ export default Component.extend(ModalMixin, Notifier, {
 				if (is.undefined(ldapConfig) || is.null(ldapConfig) || is.empty(ldapConfig) ) {
 					ldapConfig = {};
 				} else {
+					ldapConfig = JSON.parse(ldapConfig);
 					ldapConfig.defaultPermissionAddSpace = ldapConfig.hasOwnProperty('defaultPermissionAddSpace') ? ldapConfig.defaultPermissionAddSpace : false;
 					ldapConfig.disableLogout = ldapConfig.hasOwnProperty('disableLogout') ? ldapConfig.disableLogout : true;
 				}
@ -240,19 +241,43 @@ export default Component.extend(ModalMixin, Notifier, {
 					config = copy(this.get('ldapConfig'));
 					config.serverHost = config.serverHost.trim();
 					config.serverPort = parseInt(this.get('ldapConfig.serverPort'));
+
+					if (is.not.empty(config.groupFilter) && is.empty(config.attributeGroupMember)) {
+						this.$('#ldap-attributeGroupMember').focus();
+						return;
+					}
+
 					break;
 			}

-			debugger;
-
 			this.showWait();

 			let data = { authProvider: provider, authConfig: JSON.stringify(config) };

 			this.get('onSave')(data).then(() => {
 				// Without sync we cannot log in
+
+				// Keycloak sync process
 				if (data.authProvider === constants.AuthProvider.Keycloak) {
-					this.get('onSync')().then((response) => {
+					this.get('onSyncKeycloak')().then((response) => {
+						if (response.isError) {
+							this.set('keycloakFailure', response.message);
+							console.log(response.message); // eslint-disable-line no-console
+							data.authProvider = constants.AuthProvider.Documize;
+							this.get('onSave')(data).then(() => {});
+						} else {
+							if (data.authProvider === this.get('appMeta.authProvider')) {
+								console.log(response.message); // eslint-disable-line no-console
+							} else {
+								this.get('onChange')(data);
+							}
+						}
+					});
+				}
+
+				// LDAP sync process
+				if (data.authProvider === constants.AuthProvider.LDAP) {
+					this.get('onSyncLDAP')().then((response) => {
 						if (response.isError) {
 							this.set('keycloakFailure', response.message);
 							console.log(response.message); // eslint-disable-line no-console
--- a/gui/app/components/customize/user-list.js
+++ b/gui/app/components/customize/user-list.js
@ -240,8 +240,12 @@ export default Component.extend(AuthProvider, ModalMixin, TooltipMixin, {
 			});
 		},

-		onSync() {
-			this.get('onSync')();
+		onSyncKeycloak() {
+			this.get('onSyncKeycloak')();
+		},
+
+		onSyncLDAP() {
+			this.get('onSyncLDAP')();
 		},

 		onLimit(limit) {
--- a/gui/app/components/forgot-password.js
+++ b/gui/app/components/forgot-password.js
@ -12,8 +12,8 @@
 import $ from 'jquery';
 import { empty, and } from '@ember/object/computed';
 import { set } from '@ember/object';
-import Component from '@ember/component';
 import { isEmpty } from '@ember/utils';
+import Component from '@ember/component';

 export default Component.extend({
 	email: "",
--- a/gui/app/components/layout/top-bar.js
+++ b/gui/app/components/layout/top-bar.js
@ -36,7 +36,7 @@ export default Component.extend(ModalMixin, {

 		this.pins = [];

-		if (this.get('appMeta.authProvider') === constants.AuthProvider.Keycloak) {
+		if (this.get('appMeta.authProvider') !== constants.AuthProvider.Documize) {
 			let config = this.get('appMeta.authConfig');
 			config = JSON.parse(config);
 			this.set('enableLogout', !config.disableLogout);
--- a/gui/app/pods/auth/forgot/controller.js
+++ b/gui/app/pods/auth/forgot/controller.js
@ -10,11 +10,11 @@
 // https://documize.com

 import { inject as service } from '@ember/service';
-
 import Controller from '@ember/controller';

 export default Controller.extend({
 	userService: service('user'),
+	appMeta: service('app-meta'),

 	actions: {
 		forgot: function (email) {
--- a/gui/app/pods/auth/forgot/route.js
+++ b/gui/app/pods/auth/forgot/route.js
@ -19,7 +19,7 @@ export default Route.extend({
 	beforeModel() {
 		let constants = this.get('constants');

-		if (this.get('appMeta.authProvider') === constants.AuthProvider.Keycloak) {
+		if (this.get('appMeta.authProvider') !== constants.AuthProvider.Documize) {
 			this.transitionTo('auth.login');
 		}
 	},
--- a/gui/app/pods/auth/forgot/template.hbs
+++ b/gui/app/pods/auth/forgot/template.hbs
@ -2,6 +2,7 @@
 	<div class="auth-box">
 		<div class="logo">
 			<img src="/assets/img/logo-purple.png" title="Documize" alt="Documize" class="img-fluid" />
+			<div class="url">Authenticate with {{appMeta.appHost}}</div>
 		</div>
 		<div class="login-form">
 			{{forgot-password forgot=(action 'forgot')}}
--- a/gui/app/pods/auth/login/controller.js
+++ b/gui/app/pods/auth/login/controller.js
@ -10,8 +10,8 @@
 // https://documize.com

 import { inject as service } from '@ember/service';
-import Controller from '@ember/controller';
 import AuthProvider from '../../../mixins/auth';
+import Controller from '@ember/controller';

 export default Controller.extend(AuthProvider, {
 	appMeta: service('app-meta'),
@ -19,10 +19,19 @@ export default Controller.extend(AuthProvider, {
 	invalidCredentials: false,

 	reset() {
-		this.setProperties({
-			email: '',
-			password: ''
-		});
+		if (this.get('sAuthProviderDocumize')) {
+			this.setProperties({
+				email: '',
+				password: ''
+			});
+		}
+
+		if (this.get('sAuthProviderLDAP')) {
+			this.setProperties({
+				username: '',
+				password: ''
+			});
+		}

 		let dbhash = document.head.querySelector("[property=dbhash]").content;
 		if (dbhash.length > 0 && dbhash !== "{{.DBhash}}") {
@ -32,14 +41,27 @@ export default Controller.extend(AuthProvider, {

 	actions: {
 		login() {
-			let creds = this.getProperties('email', 'password');
+			if (this.get('isAuthProviderDocumize')) {
+				let creds = this.getProperties('email', 'password');

-			this.get('session').authenticate('authenticator:documize', creds).then((response) => {
-				this.transitionToRoute('folders');
-				return response;
-			}).catch(() => {
-				this.set('invalidCredentials', true);
-			});
+				this.get('session').authenticate('authenticator:documize', creds).then((response) => {
+					this.transitionToRoute('folders');
+					return response;
+				}).catch(() => {
+					this.set('invalidCredentials', true);
+				});
+			}
+
+			if (this.get('isAuthProviderLDAP')) {
+				let creds = this.getProperties('username', 'password');
+
+				this.get('session').authenticate('authenticator:ldap', creds).then((response) => {
+					this.transitionToRoute('folders');
+					return response;
+				}).catch(() => {
+					this.set('invalidCredentials', true);
+				});
+			}
 		}
 	}
 });
--- a/gui/app/pods/auth/login/template.hbs
+++ b/gui/app/pods/auth/login/template.hbs
@ -3,22 +3,27 @@
 		<div class="auth-box">
 			<div class="logo">
 				<img src="/assets/img/logo-purple.png" title="Documize" alt="Documize" class="img-fluid" />
+				<div class="url">Authenticate with {{appMeta.appHost}}</div>
 			</div>
 			<form {{action 'login' on="submit"}}>
 				<div class="form-group">
-					<label for="authEmail">Email</label>
-					{{focus-input type="email" value=email id="authEmail" class="form-control mousetrap" placeholder="" autocomplete="username email"}}
+					{{#if isAuthProviderDocumize}}
+						<label for="authEmail">Email</label>
+						{{focus-input type="email" value=email id="authEmail" class="form-control mousetrap" placeholder="" autocomplete="username email"}}
+					{{/if}}
+					{{#if isAuthProviderLDAP}}
+						<label for="authUsername">Network Username</label>
+						{{focus-input type="text" value=username id="authUsername" class="form-control mousetrap" placeholder="network domain username" autocomplete="username"}}
+					{{/if}}
 				</div>
 				<div class="form-group">
 					<label for="authPassword">Password</label>
-					{{input type="password" value=password id="authPassword" class="form-control" autocomplete="current-password"}}
+					{{input type="password" value=password id="authPassword" class="form-control" placeholder="network password" autocomplete="current-password"}}
 				</div>
 				<button type="submit" class="btn btn-success font-weight-bold text-uppercase mt-4">Sign in</button>
 				<div class="{{unless invalidCredentials "invisible"}} color-red mt-3">Invalid credentials</div>
 				{{#if isAuthProviderDocumize}}
-					<div class="mt-5">
-						{{#link-to 'auth.forgot'}}Forgot your password?{{/link-to}}
-					</div>
+					{{#link-to 'auth.forgot'}}Forgot your password?{{/link-to}}
 				{{/if}}
 			</form>
 		</div>
--- a/gui/app/pods/auth/logout/route.js
+++ b/gui/app/pods/auth/logout/route.js
@ -10,9 +10,7 @@
 // https://documize.com

 import { inject as service } from '@ember/service';
-
 import Route from '@ember/routing/route';
-// import config from 'documize/config/environment';

 export default Route.extend({
 	session: service(),
@ -20,15 +18,6 @@ export default Route.extend({

 	activate: function () {
 		this.get('session').invalidate().then(() => {
-			// if (config.environment === 'test') {
-			// 	this.transitionTo('auth.login');
-			// } else {
-			// 	if (this.get("appMeta.allowAnonymousAccess")) {
-			// 		this.transitionTo('folders');
-			// 	} else {
-			// 		this.transitionTo('auth.login');
-			// 	}
-			// }
 		});
 	}
 });
--- a/gui/app/pods/auth/reset/controller.js
+++ b/gui/app/pods/auth/reset/controller.js
@ -10,11 +10,11 @@
 // https://documize.com

 import { inject as service } from '@ember/service';
-
 import Controller from '@ember/controller';

 export default Controller.extend({
 	userService: service('user'),
+	appMeta: service('app-meta'),
 	password: "",
 	passwordConfirm: "",
 	mustMatch: false,
--- a/gui/app/pods/auth/reset/template.hbs
+++ b/gui/app/pods/auth/reset/template.hbs
@ -2,6 +2,7 @@
 	<div class="auth-box">
 		<div class="logo">
 			<img src="/assets/img/logo-purple.png" title="Documize" alt="Documize" class="img-fluid" />
+			<div class="url">Authenticate with {{appMeta.appHost}}</div>
 		</div>
 		{{password-reset reset=(action 'reset')}}
 	</div>
--- a/gui/app/pods/auth/share/route.js
+++ b/gui/app/pods/auth/share/route.js
@ -1,18 +1,18 @@
 // Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
 //
-// This software (Documize Community Edition) is licensed under 
+// This software (Documize Community Edition) is licensed under
 // GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
 //
 // You can operate outside the AGPL restrictions by purchasing
 // Documize Enterprise Edition and obtaining a commercial license
-// by contacting <sales@documize.com>. 
+// by contacting <sales@documize.com>.
 //
 // https://documize.com

 import $ from 'jquery';
 import { inject as service } from '@ember/service';
-import Route from '@ember/routing/route';
 import AuthenticatedRouteMixin from 'ember-simple-auth/mixins/authenticated-route-mixin';
+import Route from '@ember/routing/route';

 export default Route.extend(AuthenticatedRouteMixin, {
 	session: service(),
@ -42,5 +42,5 @@ export default Route.extend(AuthenticatedRouteMixin, {

 	deactivate() {
 		$('body').removeClass('background-color-off-white');
-	}	
-});
+	}
+});
--- a/gui/app/pods/customize/auth/controller.js
+++ b/gui/app/pods/customize/auth/controller.js
@ -32,7 +32,7 @@ export default Controller.extend(NotifierMixin, {
 			});
 		},

-		onSync() {
+		onSyncKeycloak() {
 			return new EmberPromise((resolve) => {
 				this.get('global').syncKeycloak().then((response) => {
 					resolve(response);
@ -40,6 +40,14 @@ export default Controller.extend(NotifierMixin, {
 			});
 		},

+		onSyncLDAP() {
+			return new EmberPromise((resolve) => {
+				this.get('global').syncLDAP().then((response) => {
+					resolve(response);
+				});
+			});
+		},
+
 		onChange(data) {
 			this.get('session').logout();
 			this.set('appMeta.authProvider', data.authProvider);
--- a/gui/app/pods/customize/auth/route.js
+++ b/gui/app/pods/customize/auth/route.js
@ -33,32 +33,7 @@ export default Route.extend(AuthenticatedRouteMixin, {
 			authConfig: null,
 		};

-		let config = {
-			ServerType:               constants.AuthProvider.ServerTypeLDAP,
-			ServerHost:               "127.0.0.1",
-			ServerPort:               389,
-			EncryptionType:           constants.AuthProvider.EncryptionTypeStartTLS,
-			BaseDN:                   "ou=people,dc=planetexpress,dc=com",
-			BindDN:                   "cn=admin,dc=planetexpress,dc=com",
-			BindPassword:             "GoodNewsEveryone",
-			UserFilter:               "(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))",
-			GroupFilter:              "(&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))",
-			AttributeUserRDN:         "uid",
-			AttributeUserFirstname:   "givenName",
-			AttributeUserLastname:    "sn",
-			AttributeUserEmail:       "mail",
-			AttributeUserDisplayName: "",
-			AttributeUserGroupName:   "",
-			AttributeGroupMember:     "member",
-		};
-
-		this.get('global').previewLDAP(config).then((r) => {
-			console.log(r);
-		});
-
 		return new EmberPromise((resolve) => {
-			let constants = this.get('constants');
-
 			this.get('global').getAuthConfig().then((config) => {
 				switch (data.authProvider) {
 					case constants.AuthProvider.Keycloak:
--- a/gui/app/pods/customize/auth/template.hbs
+++ b/gui/app/pods/customize/auth/template.hbs
@ -1,2 +1,7 @@
-{{customize/auth-settings authProvider=model.authProvider authConfig=model.authConfig
-    onSave=(action 'onSave') onSync=(action 'onSync') onChange=(action 'onChange')}}
+{{customize/auth-settings
+	authProvider=model.authProvider
+	authConfig=model.authConfig
+    onSave=(action 'onSave')
+	onSyncLDAP=(action 'onSyncLDAP')
+	onSyncKeycloak=(action 'onSyncKeycloak')
+	onChange=(action 'onChange')}}
--- a/gui/app/pods/customize/users/controller.js
+++ b/gui/app/pods/customize/users/controller.js
@ -57,12 +57,20 @@ export default Controller.extend({
 			this.loadUsers(filter);
 		},

-		onSync() {
+		onSyncKeycloak() {
 			this.set('syncInProgress', true);
 			this.get('globalSvc').syncKeycloak().then(() => {
 				this.set('syncInProgress', false);
 				this.loadUsers('');
 			});
+		},
+
+		onSyncLDAP() {
+			this.set('syncInProgress', true);
+			this.get('globalSvc').syncLDAP().then(() => {
+				this.set('syncInProgress', false);
+				this.loadUsers('');
+			});
 		}
 	}
 });
--- a/gui/app/pods/customize/users/template.hbs
+++ b/gui/app/pods/customize/users/template.hbs
@ -5,7 +5,8 @@
 {{customize/user-list users=model
 	syncInProgress=syncInProgress
 	userLimit=userLimit
-	onSync=(action "onSync")
+	onSyncKeycloak=(action "onSyncKeycloak")
+	onSyncLDAP=(action "onSyncLDAP")
 	onFilter=(action "onFilter")
 	onDelete=(action "onDelete")
 	onSave=(action "onSave")
--- a/gui/app/routes/application.js
+++ b/gui/app/routes/application.js
@ -9,11 +9,11 @@
 //
 // https://documize.com

-import Route from '@ember/routing/route';
 import { inject as service } from '@ember/service';
 import ApplicationRouteMixin from 'ember-simple-auth/mixins/application-route-mixin';
 import netUtil from '../utils/net';
 import TooltipMixin from '../mixins/tooltip';
+import Route from '@ember/routing/route';

 export default Route.extend(ApplicationRouteMixin, TooltipMixin, {
 	appMeta: service(),
@ -27,7 +27,7 @@ export default Route.extend(ApplicationRouteMixin, TooltipMixin, {
 		let sa = this.get('session.session.authenticator');

 		return this.get('appMeta').boot(transition.targetName, window.location.href).then(data => {
-			if (sa !== "authenticator:documize" && sa !== "authenticator:keycloak" && data.allowAnonymousAccess) {
+			if (sa !== "authenticator:documize" && sa !== "authenticator:keycloak" && sa !== "authenticator:ldap" && data.allowAnonymousAccess) {
 				if (!this.get('appMeta.setupMode') && !this.get('appMeta.secureMode')) {
 					return this.get('session').authenticate('authenticator:anonymous', data);
 				}
--- a/gui/app/services/app-meta.js
+++ b/gui/app/services/app-meta.js
@ -20,6 +20,7 @@ export default Service.extend({
 	ajax: service(),
 	localStorage: service(),
 	kcAuth: service(),
+	appHost: '',
 	apiHost: `${config.apiHost}`,
 	endpoint: `${config.apiHost}/${config.apiNamespace}`,
 	conversionEndpoint: '',
@ -72,6 +73,7 @@ export default Service.extend({
 		return this.get('ajax').request('public/meta').then((response) => {
 			this.setProperties(response);
 			this.set('version', 'v' + this.get('version'));
+			this.set('appHost', window.location.host);

 			if (requestedRoute === 'secure') {
 				this.setProperties({
--- a/gui/app/services/global.js
+++ b/gui/app/services/global.js
@ -96,7 +96,7 @@ export default Service.extend({

 	syncLDAP() {
 		if(this.get('sessionService.isAdmin')) {
-			return this.get('ajax').request(`global/sync/ldap`, {
+			return this.get('ajax').request(`global/ldap/sync`, {
 				method: 'GET'
 			}).then((response) => {
 				return response;
@ -108,7 +108,7 @@ export default Service.extend({

 	previewLDAP(config) {
 		if(this.get('sessionService.isAdmin')) {
-			return this.get('ajax').request(`global/sync/ldap/preview`, {
+			return this.get('ajax').request(`global/ldap/preview`, {
 				method: 'POST',
 				data: JSON.stringify(config)
 			}).then((response) => {
--- a/gui/app/services/kc-auth.js
+++ b/gui/app/services/kc-auth.js
@ -10,8 +10,8 @@
 // https://documize.com

 import { Promise as EmberPromise } from 'rsvp';
-import Service, { inject as service } from '@ember/service';
 import netUtil from '../utils/net';
+import Service, { inject as service } from '@ember/service';

 export default Service.extend({
 	sessionService: service('session'),
@ -59,7 +59,7 @@ export default Service.extend({
                    return resolve();
                }).error(() => {
                    return reject(new Error('login failed'));
-                });            
+                });
            });
        });
    },
--- a/gui/app/styles/view/auth.scss
+++ b/gui/app/styles/view/auth.scss
@ -23,7 +23,13 @@

 		> img {
 			height: 60px;
-			margin: 40px 0;
+			margin: 30px 0 0 0;
+		}
+
+		> .url {
+			margin: 20px 0;
+			color: $color-gray;
+			font-weight: 0.9rem;
 		}
 	}
 }
--- a/gui/app/templates/components/customize/auth-settings.hbs
+++ b/gui/app/templates/components/customize/auth-settings.hbs
@ -9,7 +9,7 @@

 <div class="view-customize">
 	<form class="mt-5">
-		<div class="widget-list-picker widget-list-picker-horiz mb-5">
+		<div class="widget-list-picker widget-list-picker-horiz">
 			<ul class="options">
 				<li class="option {{if isDocumizeProvider 'selected'}}" {{action 'onDocumize'}}>
 					<div class="text-header">Documize</div>
@ -35,6 +35,14 @@
 			</ul>
 		</div>

+		<br/>
+		<br/>
+		<br/>
+
+		{{#if isDocumizeProvider}}
+			<p>There are no settings.</p>
+		{{/if}}
+
 		{{#if isKeycloakProvider}}
 			<div class="form-group row">
 				<label for="keycloak-url" class="col-sm-3 col-form-label">Keycloak Server URL</label>
@ -238,7 +246,7 @@
 				{{#if ldapPreview.isError}}
 					<p class="text-danger">{{ldapPreview.message}}</p>
 				{{else}}
-					<p class="text-success">Connection successful.</p>
+					<p class="text-success">Connection successful, found {{ldapPreview.count}} users.</p>
 					{{#each ldapPreview.users as |user|}}
 						<p>{{user.firstname}} {{user.firstname}} ({{user.email}})</p>
 					{{/each}}
--- a/gui/app/templates/components/customize/user-list.hbs
+++ b/gui/app/templates/components/customize/user-list.hbs
@ -3,7 +3,14 @@
 		{{#if syncInProgress}}
 			<div class="btn btn-secondary mt-3 mb-3">Keycloak user sync running...</div>
 		{{else}}
-			<div class="btn btn-success mt-3 mb-3" {{action 'onSync'}}>Sync with Keycloak</div>
+			<div class="btn btn-success mt-3 mb-3" {{action 'onSyncKeycloak'}}>Sync with Keycloak</div>
+		{{/if}}
+	{{/if}}
+	{{#if isAuthProviderLDAP}}
+		{{#if syncInProgress}}
+			<div class="btn btn-secondary mt-3 mb-3">LDAP user sync running...</div>
+		{{else}}
+			<div class="btn btn-success mt-3 mb-3" {{action 'onSyncLDAP'}}>Sync with LDAP</div>
 		{{/if}}
 	{{/if}}