New field in Authentication (#220)

- Add field BASIC_AUTH _Jenkins CSRF Protection (crumb) will be
  BASIC_AUTH_CRUMB in a subscription
- Add help popup for authentication
- Update in documentation and help, and AUTH type name.

Author: Anders Breid

pom.xml

@@ -175,7 +175,7 @@
         <dependency>
             <groupId>com.github.eiffel-community</groupId>
             <artifactId>eiffel-commons</artifactId>
-            <version>0.0.9</version>
+            <version>0.0.12</version>
         </dependency>
     </dependencies>
 

src/main/java/com/ericsson/ei/frontend/WebController.java

@@ -24,7 +24,7 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 
 import com.ericsson.ei.frontend.utils.WebControllerUtils;
-import com.ericsson.eiffelcommons.utils.RegExProvider;
+import com.ericsson.eiffelcommons.helpers.RegExProvider;
 
 @Controller
 public class WebController {

src/main/resources/static/js/subscription.js

@@ -1,12 +1,11 @@
 // Global vars
 var save_method;
 var defaultFormKeyValuePair = { "formkey": "", "formvalue": "" };
-var defaultFormKeyValuePairAuth = { "formkey": "Authorization", "formvalue": "" };
 
 jQuery(document).ready(function () {
 
     $('.modal-dialog').draggable({ handle: ".modal-header", cursor: 'move' });
-    
+
     checkBackendStatus();
 
     function loadSubButtons() {
@@ -175,7 +174,8 @@ jQuery(document).ready(function () {
         ]);
         self.authenticationType_in = ko.observableArray([
             { "text": "NO_AUTH", value: "NO_AUTH" },
-            { "text": "BASIC_AUTH", value: "BASIC_AUTH" }
+            { "text": "BASIC_AUTH", value: "BASIC_AUTH" },
+            { "text": "BASIC_AUTH Jenkins CSRF Protection (crumb)", value: "BASIC_AUTH_JENKINS_CSRF" }
         ]);
         self.repeat_in = ko.observableArray([
             { "value": true, "label": "Activate Repeat" }
@@ -746,7 +746,7 @@ jQuery(document).ready(function () {
             $('#invalidSubscriptionName').text("SubscriptionName must not be empty");
             $('#subscriptionNameInput').addClass("is-invalid");
             error = true;
-        }        
+        }
         // This regular expression is fetched from the Eiffel-Commons. It is same for both front-end and back-end
         var regExpressionFlag = "g";
         var regExpression =  new RegExp(getSubscriptionNameRegex(), regExpressionFlag);

src/main/resources/templates/subscription.html

@@ -261,14 +261,22 @@ <h3 class="modal-title text-center" id="formHeader">Subscription Form</h3>
 
                         <!--  AUTHENTICATION  -->
                         <div class="pt-3 form-group">
-                            <label class="h5 pl-1 control-label font-weight-bold">Authorization</label>
+                            <label class="h5 pl-1 control-label font-weight-bold">Authentication</label>
+                            <img class="cursor-pointer" id="authInfo" alt="Auth Info"
+                                src="assets/images/information.png" data-toggle="tooltip" data-placement="top"
+                                title="This selector enables you to select different authentication methods. <br>
+                                    NO_AUTH: No Authentication used<br>
+                                    BASIC_AUTH: Username and password will be Base 64 encoded<br>
+                                    BASIC_AUTH Jenkins CSRF Protection (crumb): Username and password will be Base 64 encoded.
+                                    A crumb will be fetched automatically before request is made. (Currently default in many Jenkins instances)
+                                    Will work even when CSRF is disabled in Jenkins" />
                             <div>
                                 <select id="selectAuth" title="Choose an authentication type" data-bind="options: $root.authenticationType_in,
                                     optionsText: 'text', optionsValue: 'value', value: authenticationType">
                                 </select>
                             </div>
                         </div>
-                        <div class="p-1 border form-group" data-bind="visible: authenticationType() == 'BASIC_AUTH'">
+                        <div class="p-1 border form-group" data-bind="visible: authenticationType() != 'NO_AUTH'">
                             <label class="pt-1 control-label font-weight-bold">Username</label>
                             <div>
                                 <input id="userNameInput" title="Enter user name" data-bind="textInput:userName"

wiki/markdown/add-subscription.md

@@ -3,7 +3,7 @@
 This form is used to add subscription through front-end GUI. Here is a
 description of the elements available on this form.
 
-<img src="images/subscription_add_form1.png">
+<img border="1" src="images/subscription_add_part1.png">
 </img>
 
 **Load Subscription Template:** In this dropdown list, options are given to
@@ -14,6 +14,9 @@ Mail Trigger.
 **SubscriptionName:** A field to give a name to the current subscription. Only
 letters, underscore and numbers are allowed in this field.
 
+<img border="1" src="images/subscription_add_part2.png">
+</img>
+
 **NotificationType:** There are two options: REST POST and
 Mail Trigger, depending on how a subscriber want to be notified when a
 subscription is fulfilled. If Notification type MAIL is selected an email
@@ -37,23 +40,31 @@ Parameters such as a Jenkins job-token can be included in this field.
 **Note**: The job-token should not be mistaken for the API token that is
 used as a password for authentication against the entire jenkins instance.
 
-<img src="images/subscription_add_form2.png">
+<img border="1" src="images/subscription_add_part3.png">
 </img>
 
-**Authorization:** A list to select authorization type. Currently, only one
-authorization type is supported, which is “BASIC_AUTH”. The option “NO_AUTH”
-implies that authorization is not required.
+**Authentication:** A list to select authentication type.
+* NO_AUTH: _No Authentication used_
+* BASIC_AUTH: _Username and password will be Base 64 encoded_
+* BASIC_AUTH Jenkins CSRF Protection (crumb): _Username and password will
+be Base 64 encoded. A crumb will be fetched automatically before request is made.
+(Currently default in many Jenkins instances). **Note**: Will work even when CSRF
+is disabled in Jenkins._
+
+<img border="1" src="images/subscription_add_part4.png">
+</img>
 
 **Repeat:** It is possible to enable repeat, e.g. whether same subscription
 should be re-triggered for new additions to the aggregated object. If disabled,
 the notification will be triggered only the first time when conditions are
 fulfilled.
 
-**Requirement:** It is used to add a requirement, which need to be fulfilled
-before a subscription is triggered. Requirement is added in the form of a
-condition (with a specific format). More than one conditions may be added under
-one requirement by using “Add Condition” button. It should be noted that
-conditions under one requirement are connected by logical “AND”. Thus all
-conditions udder one requirement need to be satisfied before a subscription is
-triggered. More than one requirements may be added by “Add Requirement” button.
+**Requirement and Conditions:** It is used to add a requirement, which need to
+be fulfilled before a subscription is triggered. Requirement is added in the form
+of a condition (with a specific format). More than one conditions may be added
+under one requirement by using “Add Condition” button. It should be noted
+that conditions under one requirement are connected by logical “AND”.
+Thus all conditions udder one requirement need to be satisfied before a subscription
+is triggered. More than one requirements may be added by “Add Requirement” button.
 Requirements are connected by logical “OR”.
+**_More information about how to write Requirement and Conditions can be found [here](https://github.com/eiffel-community/eiffel-intelligence/blob/master/wiki/markdown/subscriptions.md#writing-requirements-and-conditions)._**