From 6968581e5ba7846738cb2aff51d5891c9387f7eb Mon Sep 17 00:00:00 2001
From: McMatts <matt@documize.com>
Date: Thu, 3 Mar 2022 14:38:27 -0500
Subject: [PATCH] i18n admin strings

---
 .../components/customize/auth-settings.hbs    | 107 +++++++++---------
 gui/public/i18n/en-US.json                    |  90 +++++++++++----
 2 files changed, 122 insertions(+), 75 deletions(-)

diff --git a/gui/app/templates/components/customize/auth-settings.hbs b/gui/app/templates/components/customize/auth-settings.hbs
index ed235616..b28b0241 100644
--- a/gui/app/templates/components/customize/auth-settings.hbs
+++ b/gui/app/templates/components/customize/auth-settings.hbs
@@ -37,64 +37,63 @@
 
 		{{#if isKeycloakProvider}}
 			<div class="form-group">
-				<label for="keycloak-url">Keycloak Server URL</label>
+				<label for="keycloak-url">{{localize 'auth_keycloak_url'}}</label>
 				{{focus-input id="keycloak-url" type="text" value=keycloakConfig.url class=(if KeycloakUrlError "form-control is-invalid" "form-control")}}
 				<small class="form-text text-muted">e.g. http://localhost:8888/auth</small>
 			</div>
 			<div class="form-group">
-				<label for="keycloak-realm">Keycloak Realm</label>
+				<label for="keycloak-realm">{{localize 'auth_keycloak_realm'}}</label>
 				{{input id="keycloak-realm" type="text" value=keycloakConfig.realm class=(if KeycloakRealmError "form-control is-invalid" "form-control")}}
 				<small class="form-text text-muted">e.g. main</small>
 			</div>
 			<div class="form-group">
-				<label for="keycloak-publicKey">Keycloak Realm Public Key</label>
+				<label for="keycloak-publicKey">{{localize 'auth_keycloak_pk'}}</label>
 				{{textarea id="keycloak-publicKey" type="text" value=keycloakConfig.publicKey rows=7 class=(if KeycloakPublicKeyError "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Copy the RSA Public Key from Realm Settings &rarr; Keys</small>
+				<small class="form-text text-muted">{{localize 'auth_keylcloak_pk_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="keycloak-clientId">Keycloak OIDC Client ID</label>
+				<label for="keycloak-clientId">{{localize 'auth_keycloak_oidc'}}</label>
 				{{input id="keycloak-clientId" type="text" value=keycloakConfig.clientId class=(if KeycloakClientIdError "form-control is-invalid" "form-control")}}
 				<small class="form-text text-muted">e.g. account</small>
 			</div>
 			<div class="form-group">
-				<label for="keycloak-group">Keycloak Group ID (Optional)</label>
+				<label for="keycloak-group">{{localize 'auth_keycloak_group'}}</label>
 				{{input id="keycloak-group" type="text" value=keycloakConfig.group class="form-control"}}
-				<small class="form-text text-muted">If you want to sync users in a particular Group (e.g. "Documize Community Users"), provide the Group ID (e.g. 511d8b61-1ec8-45f6-bc8d-5de64d54c9d2)</small>
+				<small class="form-text text-muted">{{localize 'auth_keycloak_group_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="keycloak-admin-user">Keycloak Username</label>
+				<label for="keycloak-admin-user">{{localize 'auth_keycloak_username'}}</label>
 				{{input id="keycloak-admin-user" type="text" value=keycloakConfig.adminUser class=(if KeycloakAdminUserError "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Used to connect with Keycloak and sync users with Documize (create user under Master Realm and assign 'view-users' role
-					against Realm specified above)</small>
+				<small class="form-text text-muted">{{localize 'auth_keycloak_username_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="keycloak-admin-password">Keycloak Password</label>
+				<label for="keycloak-admin-password">{{localize 'auth_keycloak_password'}}</label>
 				{{input id="keycloak-admin-password" type="password" value=keycloakConfig.adminPassword class=(if KeycloakAdminPasswordError "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Used to connect with Keycloak and sync users with Documize</small>
+				<small class="form-text text-muted">{{localize 'auth_keycloak_password_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label>Disable Logout</label>
+				<label>{{localize 'auth_disable_logout'}}</label>
 				{{x-toggle value=keycloakConfig.disableLogout size="medium" theme="light" onToggle=(action (mut keycloakConfig.disableLogout))}}
 			</div>
 			<div class="form-group">
-				<label for="ldap-defaultPermissionAddSpace">Can Create Spaces</label>
+				<label for="ldap-defaultPermissionAddSpace">{{localize 'auth_role_space'}}</label>
 				{{x-toggle value=keycloakConfig.defaultPermissionAddSpace size="medium" theme="light" onToggle=(action (mut keycloakConfig.defaultPermissionAddSpace))}}
 			</div>
 		{{/if}}
 
 		{{#if isLDAPProvider}}
 			<div class="form-group">
-				<label for="ldap-host">LDAP Server</label>
+				<label for="ldap-host">{{localize 'auth_ldap_server'}}</label>
 				{{focus-input id="ldap-host" type="text" value=ldapConfig.serverHost class=(if ldapErrorServerHost "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">IP or host address, e.g. ldap.example.org, 127.0.0.1</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_server_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-port">LDAP Server Port</label>
+				<label for="ldap-port">{{localize 'auth_ldap_port'}}</label>
 				{{input id="ldap-port" type="number" value=ldapConfig.serverPort class=(if ldapErrorServerPort "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Port number, e.g. 389</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_port_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-encryption">Encryption</label>
+				<label for="ldap-encryption">{{localize 'encryption'}}</label>
 				<select onchange={{action "onLDAPEncryption" value="target.value"}} class="form-control">
 					<option value={{constants.AuthProvider.EncryptionTypeNone}} selected={{is-equal ldapConfig.encryptionType constants.AuthProvider.EncryptionTypeNone}}>
 						{{constants.AuthProvider.EncryptionTypeNone}}
@@ -105,86 +104,86 @@
 				</select>
 			</div>
 			<div class="form-group">
-				<label for="ldap-baseDN">Base DN</label>
+				<label for="ldap-baseDN">{{localize 'auth_ldap_base'}}</label>
 				{{input id="ldap-baseDN" type="text" value=ldapConfig.baseDN class="form-control"}}
-				<small class="form-text text-muted">Starting point for search filters, e.g. ou=users,dc=example,dc=com</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_base_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-bindDN">Bind DN</label>
+				<label for="ldap-bindDN">{{localize 'auth_ldap_bind'}}</label>
 				{{input id="ldap-bindDN" type="text" value=ldapConfig.bindDN class=(if ldapErrorBindDN "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">login credentials for LDAP server</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_bind_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-bindPassword">Bind Password</label>
+				<label for="ldap-bindPassword">{{localize 'auth_ldap_password'}}</label>
 				{{input id="ldap-bindPassword" type="password" value=ldapConfig.bindPassword class=(if ldapErrorBindPassword "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">login credentials for LDAP server</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_bind_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-userFilter">User Filter</label>
+				<label for="ldap-userFilter">{{localize 'auth_ldap_filter_user'}}</label>
 				{{input id="ldap-userFilter" type="text" value=ldapConfig.userFilter class=(if ldapErrorNoFilter "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Search filter for finding users, e.g. (|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))</small>
-				<small class="form-text text-muted highlight">Specify User Filter and/or Group Filter</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_filter_user_explain1'}}</small>
+				<small class="form-text text-muted highlight">{{localize 'auth_ldap_filter_user_explain2'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-groupFilter">Group Filter</label>
+				<label for="ldap-groupFilter">{{localize 'auth_ldap_filter_group'}}</label>
 				{{input id="ldap-groupFilter" type="text" value=ldapConfig.groupFilter class=(if ldapErrorNoFilter "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Search filter for finding users via groups, e.g. (&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_filter_group_explain'}}</small>
 			</div>
 
 			<div class="form-group">
-				<label for="ldap-attributeUserRDN">User Attribute RDN</label>
+				<label for="ldap-attributeUserRDN">{{localize 'auth_ldap_rdn'}}</label>
 				{{input id="ldap-attributeUserRDN" type="text" value=ldapConfig.attributeUserRDN class=(if ldapErrorAttributeUserRDN "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Username/login attribute, e.g. uid in LDAP, sAMAccountName in Active Directory</small>
-				<small class="form-text text-muted highlight">User Attributes used to retreive data when using User Filter</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_rdn_explain1'}}</small>
+				<small class="form-text text-muted highlight">{{localize 'auth_ldap_rdn_explain2'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-attributeUserFirstname">User Attribute Firstname</label>
+				<label for="ldap-attributeUserFirstname">{{localize 'auth_ldap_firstname'}}</label>
 				{{input id="ldap-attributeUserFirstname" type="text" value=ldapConfig.attributeUserFirstname class=(if ldapErrorAttributeUserFirstname "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Firstname attribute, e.g. givenName</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_firstname_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-attributeUserLastname">User Attribute Lastname</label>
+				<label for="ldap-attributeUserLastname">{{localize 'auth_ldap_lastname'}}</label>
 				{{input id="ldap-attributeUserLastname" type="text" value=ldapConfig.attributeUserLastname class=(if ldapErrorAttributeUserLastname "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Lastname attribute, e.g. sn</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_lastname_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-attributeUserEmail">User Attribute Email</label>
+				<label for="ldap-attributeUserEmail">{{localize 'auth_ldap_email'}}</label>
 				{{input id="ldap-attributeUserEmail" type="text" value=ldapConfig.attributeUserEmail class=(if ldapErrorAttributeUserEmail "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Email attribute, e.g. mail</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_email_explain'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-attributeGroupMember">Group Attribute Member</label>
+				<label for="ldap-attributeGroupMember">{{localize 'auth_ldap_group'}}</label>
 				{{input id="ldap-attributeGroupMember" type="text" value=ldapConfig.attributeGroupMember class=(if ldapErrorAttributeGroupMember "form-control is-invalid" "form-control")}}
-				<small class="form-text text-muted">Attribute that identifies individual group member, e.g. member or uniqueMember</small>
-				<small class="form-text text-muted highlight">Group Attributes used to retreive data when using Group Filter</small>
+				<small class="form-text text-muted">{{localize 'auth_ldap_group_explain1'}}</small>
+				<small class="form-text text-muted highlight">{{localize 'auth_ldap_group_explain2'}}</small>
 			</div>
 			<div class="form-group">
-				<label for="ldap-disableLogout">Disable Logout</label>
+				<label for="ldap-disableLogout">{{localize 'auth_disable_logout'}}</label>
 				{{x-toggle value=ldapConfig.disableLogout size="medium" theme="light" onToggle=(action (mut ldapConfig.disableLogout))}}
 			</div>
 			<div class="form-group">
-				<label for="ldap-defaultPermissionAddSpace">Can Create Spaces</label>
+				<label for="ldap-defaultPermissionAddSpace">{{localize 'auth_role_space'}}</label>
 				{{x-toggle value=ldapConfig.defaultPermissionAddSpace size="medium" theme="light" onToggle=(action (mut ldapConfig.defaultPermissionAddSpace))}}
 			</div>
 			<div class="form-group">
-				<label for="ldap-allowFormsAuth">Dual Login</label>
+				<label for="ldap-allowFormsAuth">{{localize 'auth_dual_login'}}</label>
 				{{x-toggle value=ldapConfig.allowFormsAuth size="medium" theme="light" onToggle=(action (mut ldapConfig.allowFormsAuth))}}
-				<small class="form-text text-muted">Enable login via LDAP and regular Documize email/password (useful for testing LDAP)</small>
+				<small class="form-text text-muted">{{localize 'auth_dual_login_explain'}}</small>
 			</div>
-			{{ui/ui-button color=constants.Color.Yellow light=true label="Test →" onClick=(action "onLDAPPreview")}}
+			{{ui/ui-button color=constants.Color.Yellow light=true label=(localize 'test') onClick=(action "onLDAPPreview")}}
 			{{ui/ui-button-gap}}
 		{{/if}}
 
 		{{#if isCASProvider}}
             <div class="form-group">
-                <label for="cas-url">CAS Server URL</label>
+                <label for="cas-url">{{localize 'auth_cas_url'}}</label>
                 {{focus-input id="cas-url" type="text" value=casConfig.url class=(if casErrorUrl "form-control is-invalid" "form-control")}}
-                <small class="form-text text-muted">e.g. http://localhost:8888/auth</small>
+                <small class="form-text text-muted">{{localize 'auth_cas_url_explain'}}</small>
             </div>
             <div class="form-group">
-                <label for="cas-redirect-url">Documize CAS URL</label>
+                <label for="cas-redirect-url">{{localize 'auth_cas_back_url'}}</label>
                 {{focus-input id="cas-redirect-url" type="text" value=casConfig.redirectUrl class=(if casErrorRedirectUrl "form-control is-invalid" "form-control")}}
-                <small class="form-text text-muted">e.g. http://DocumizeURL/auth/cas</small>
+                <small class="form-text text-muted">{{localize 'auth_cas_back_url_explain'}}</small>
             </div>
         {{/if}}
 
@@ -192,19 +191,19 @@
 	</form>
 
 	{{#if (gt keycloakFailure.length 0)}}
-		<p class="admin-setting-failure my-3">Keycloak connection failed: {{keycloakFailure}}</p>
+		<p class="admin-setting-failure my-3">{{localize 'error'}} :: {{keycloakFailure}}</p>
 	{{/if}}
 </div>
 
 <div id="ldap-preview-modal" class="modal" tabindex="-1" role="dialog">
 	<div class="modal-dialog" role="document">
 		<div class="modal-content">
-			<div class="modal-header">LDAP Preview</div>
+			<div class="modal-header">{{localize 'auth_ldap_preview'}}</div>
 			<div class="modal-body">
 				{{#if ldapPreview.isError}}
 					<p class="text-danger">{{ldapPreview.message}}</p>
 				{{else}}
-					<p class="text-success">Connection successful, found {{ldapPreview.count}} users.</p>
+					<p class="text-success">{{localize 'auth_ldap_preview_result' ldapPreview.count}}</p>
 					{{#each ldapPreview.users as |user|}}
 						<p>{{user.firstname}} {{user.lastname}} ({{user.email}})</p>
 					{{/each}}
diff --git a/gui/public/i18n/en-US.json b/gui/public/i18n/en-US.json
index 758cb5e7..64072e45 100644
--- a/gui/public/i18n/en-US.json
+++ b/gui/public/i18n/en-US.json
@@ -14,6 +14,8 @@
     "edit": "Edit",
     "import": "Import",
     "export": "Export",
+    "test": "Test",
+    "error": "Error",
     "file": "File",
     "insert": "Insert",
     "invite": "Invite",
@@ -60,6 +62,7 @@
     "email": "Email",
     "password": "Password",
     "password_confirm": "Confirm Password",
+    "encryption": "Encryption",
 
     "filter": "Filter",
     "all": "All",
@@ -91,27 +94,6 @@
     "template_published": "Published Template",
     "block_published": "Published Block",
 
-    "auth_email_password": "Built-in email/password",
-    "auth_connect_keycloak": "Connect to authentication server",
-    "auth_connect_ldap": "Connect to LDAP/Active Directory",
-    "auth_connect_cas": "Connect to Central Authentication Server",
-    "auth_keycloak_running": "Keycloak user sync running...",
-    "auth_keycloak_sync": "Sync with Keycloak",
-    "auth_ldap_running": "LDAP user sync running...",
-    "auth_ldap_sync": "Sync with LDAP",
-    "permissions": "Permissions",
-    "permission_spaces": "Spaces",
-    "permission_spaces_explain": "Can add spaces, both personal and shared with others",
-    "permission_visible": "Visible",
-    "permission_visible_explain": "Can see names of users and groups, can disable for external users like customers/partners",
-    "permission_admin": "Admin",
-    "permission_admin_explain": "Can manage all aspects of Documize Community, like this screen",
-    "permission_analytics": "Analytics",
-    "permission_analytics_explain": "Can view analytical reports",
-    "permission_active": "Active",
-    "permission_active_explain": "Can login and use Documize Community",
-
-
     "backup_explain1": "Documize Community is a multi-tenanted application enabling both 'tech.mycompany.com' and 'sales.mycompany.com' to run using the same executable/database. As a Documize Community Global Administrator, you will be performing a complete system-wide backup across all tenants. The Documize Community Tenant Administrator can login to perform a tenant-level backup (e.g. marketing.mycompany.com).",
     "backup_explain2": "Documize Community is a multi-tenanted application enabling both 'tech.mycompany.com' and 'sales.mycompany.com' to run using the same executable/database. A Documize Community Global Administrator, you will be performing a complete system-wide backup across all tenants. As a Documize Community Tenant Administrator you can perform a tenant-level backup (e.g. marketing.mycompany.com).",
     "backup_explain3": "It can take several minutes to complete the backup process -- please be patient while the backup operation is in progress.",
@@ -209,7 +191,73 @@
     "user_delete_confirm": "Are you sure you want to delete user {1}?",
     "user_selected_delete_confirm": "Are you sure you want to delete selected users?",
     "user_delete": "Delete User",
+    "permissions": "Permissions",
+    "permission_spaces": "Spaces",
+    "permission_spaces_explain": "Can add spaces, both personal and shared with others",
+    "permission_visible": "Visible",
+    "permission_visible_explain": "Can see names of users and groups, can disable for external users like customers/partners",
+    "permission_admin": "Admin",
+    "permission_admin_explain": "Can manage all aspects of Documize Community, like this screen",
+    "permission_analytics": "Analytics",
+    "permission_analytics_explain": "Can view analytical reports",
+    "permission_active": "Active",
+    "permission_active_explain": "Can login and use Documize Community",
 
+    "auth_role_space": "Can Create Spaces",
+    "auth_disable_logout": "Disable Logout",
+    "auth_dual_login": "Dual Login",
+    "auth_dual_login_explain": "Enable login via LDAP and regular email/password (useful for testing LDAP)",
+    "auth_email_password": "Built-in email/password",
+    "auth_connect_keycloak": "Connect to authentication server",
+    "auth_connect_ldap": "Connect to LDAP/Active Directory",
+    "auth_connect_cas": "Connect to Central Authentication Server",
+    "auth_keycloak_running": "Keycloak user sync running...",
+    "auth_keycloak_sync": "Sync with Keycloak",
+    "auth_ldap_running": "LDAP user sync running...",
+    "auth_ldap_sync": "Sync with LDAP",
+    "auth_keycloak_url": "Keycloak Server URL",
+    "auth_keycloak_realm": "Keycloak Realm",
+    "auth_keycloak_pk": "Keycloak Realm Public Key",
+    "auth_keycloak_pk_explain": "Copy the RSA Public Key from Realm Settings > Keys",
+    "auth_keycloak_oidc": "Keycloak OIDC Client ID",
+    "auth_keycloak_group": "Keycloak Group ID (Optional)",
+    "auth_keycloak_group_explain": "If you want to sync users in a particular Group (e.g. 'Documize Community Users'), provide the Group ID (e.g. 511d8b61-1ec8-45f6-bc8d-5de64d54c9d2)",
+    "auth_keycloak_username": "Keycloak Username",
+    "auth_keycloak_username_explain": "Used to connect with Keycloak and sync users with Documize Community (create user under Master Realm and assign 'view-users' role against Realm specified above)",
+    "auth_keycloak_password": "Keycloak Password",
+    "auth_keycloak_password_explain": "Used to connect with Keycloak and sync users with Documize Community",
+    "auth_ldap_server": "LDAP Server",
+    "auth_ldap_server_explain": "IP or host address, e.g. ldap.example.org, 127.0.0.1",
+    "auth_ldap_port": "LDAP Server Port",
+    "auth_ldap_port_explain": "Port number, e.g. 389",
+    "auth_ldap_base": "Base DN",
+    "auth_ldap_base_explain": "Starting point for search filters, e.g. ou=users,dc=example,dc=com",
+    "auth_ldap_bind": "Bind DN",
+    "auth_ldap_bind_explain": "Login credentials for LDAP server",
+    "auth_ldap_password": "Bind Password",
+    "auth_ldap_filter_user": "User Filter",
+    "auth_ldap_filter_user_explain1": "Search filter for finding users, e.g. (|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))",
+    "auth_ldap_filter_user_explain2": "Specify User Filter and/or Group Filter",
+    "auth_ldap_filter_group": "Group Filter",
+    "auth_ldap_filter_group_explain": "Search filter for finding users via groups, e.g. (&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))",
+    "auth_ldap_rdn": "User Attribute RDN",
+    "auth_ldap_rdn_explain1": "Username/login attribute, e.g. uid in LDAP, sAMAccountName in Active Directory",
+    "auth_ldap_rdn_explain2": "User Attributes used to retreive data when using User Filter",
+    "auth_ldap_firstname": "User Attribute Firstname",
+    "auth_ldap_firstname_explain": "Firstname attribute, e.g. givenName",
+    "auth_ldap_lastname": "User Attribute Lastname",
+    "auth_ldap_lastname_explain": "Lastname attribute, e.g. sn",
+    "auth_ldap_email": "User Attribute Email",
+    "auth_ldap_email_explain": "Email attribute, e.g. mail",
+    "auth_ldap_group": "Group Attribute Member",
+    "auth_ldap_group_explain1": "Attribute that identifies individual group member, e.g. member or uniqueMember",
+    "auth_ldap_group_explain2": "Group Attributes used to retreive data when using Group Filter",
+    "auth_ldap_preview": "LDAP Preview",
+    "auth_ldap_preview_result": "Connection successful, found {1} users.",
+    "auth_cas_url": "CAS Server URL",
+    "auth_cas_url_explain": "e.g. http://localhost:8888/auth",
+    "auth_cas_back_url": "Documize CAS URL",
+    "auth_cas_back_url_explain": "e.g. http://Documize-URL/auth/cas",
 
 
     "---": "---"