tyler.durden/icingaweb2-module-director
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2-module-director.git synced 2025-07-31 01:34:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Group membership: more magic

Browse Source
This commit is contained in:
Thomas Gelf 2015-06-24 11:25:22 +02:00
parent f7270dc2a7
commit f8bd943181
7 changed files with 265 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
library/Director/CoreBeta/ApiStream.php Normal file
View File

@ -0,0 +1,57 @@
<?php
namespace Icinga\Module\Director\CoreBeta;
use Exception;
class ApiClient extends Stream
{
protected $port;
public static function create($peer, $port = 5665)
{
$stream = new static();
}
protected function createClientConnection()
{
$context = $this->createSslContext();
if ($context === false) {
echo "Unable to set SSL options\n";
return false;
}
$conn = stream_socket_client(
'ssl://' . $this->peername . ':' . $this->peerport,
$errno,
$errstr,
15,
STREAM_CLIENT_CONNECT,
$context
);
return $conn;
}
protected function createSslContext()
{
$local = 'ssl://' . $this->local;
$context = stream_context_create();
// Hack, we need key and cert:
$certfile = preg_replace('~\..+$~', '', $this->certname) . '.combi';
$options = array(
'ssl' => array(
'verify_host' => true,
'cafile' => $this->ssldir . '/ca.crt',
'local_cert' => $this->ssldir . '/' . $certfile,
'CN_match' => 'monitor1',
)
);
$result = stream_context_set_option($context, $options);
return $context;
}
}

18
library/Director/CoreBeta/Stream.php Normal file
View File

@ -0,0 +1,18 @@
<?php
namespace Icinga\Module\Director\CoreBeta;
abstract class Stream
{
protected $stream;
protected $buffer = '';
protected $bufferLength = 0;
protected function __construct($stream)
{
$this->stream = $stream;
}
}

89
library/Director/CoreBeta/StreamContext.php Normal file
View File

@ -0,0 +1,89 @@
<?php
namespace Icinga\Module\Director\CoreBeta;
use Icinga\Exception\ProgrammingError;
class StreamContext
{
protected $options = array();
public function ssl()
{
if ($this->ssl === null) {
$this->ssl = new StreamContextSslOptions();
}
return $this->ssl;
}
public function isSsl()
{
return $this->ssl !== null;
}
public function setCA(CA $ca)
{
$this->options
}
protected function createSslContext()
{
$local = 'ssl://' . $this->local;
$context = stream_context_create();
// Hack, we need key and cert:
$certfile = preg_replace('~\..+$~', '', $this->certname) . '.combi';
$options = array(
'ssl' => array(
'verify_host' => true,
'cafile' => $this->ssldir . '/ca.crt',
'local_cert' => $this->ssldir . '/' . $certfile,
'CN_match' => 'monitor1',
)
);
$result = stream_context_set_option($context, $options);
return $context;
}
public function setContextOptions($options)
{
if (array_key_exists('ssl', $options)) {
throw new ProgrammingError('Direct access to ssl options is not allowed');
}
}
protected function reallySetContextOptions($options)
{
if ($this->context === null) {
$this->options = $options;
} else {
stream_context_set_option($this->context, $options);
}
}
protected function lazyContext()
{
if ($this->context === null) {
$this->context = stream_context_create();
$this->setContextOptions($this->getOptions());
stream_context_set_option($this->context
if ($this->isSsl()) {
$this->options['ssl'] = $this->ssl()->getOptions();
}
$result = stream_context_set_option($this->context, $this->options);
}
return $this->context;
}
public function getRawContext()
{
return $this->lazyContext();
}
}

52
library/Director/CoreBeta/StreamContextSslOptions.php Normal file
View File

@ -0,0 +1,52 @@
<?php
namespace Icinga\Module\Director\CoreBeta;
use Icinga\Exception\ProgrammingError;
class StreamContextSslOptions
{
protected $options = array(
'verify_peer' => true,
);
public function setCA(CA $ca)
{
$this->ca = $ca;
}
public function capturePeerCert($capture = true)
{
$this->options['capture_peer_cert'] = (bool) $capture;
return $this;
}
public function capturePeerChain($capture = true)
{
$this->options['capture_peer_chain'] = (bool) $capture;
return $this;
}
public function setCiphers($ciphers)
{
$this->options['ciphers'] = $ciphers;
return $this;
}
public function setPeerName($name)
{
if (version_compare(PHP_VERSION, '5.6.0') >= 0) {
$this->options['peer_name'] = $name;
$this->options['verify_peer_name'] = true;
} else {
$this->options['CN_match'] = $name;
}
return $this;
}
public function getOptions()
{
// TODO: Fail on missing cert
return $this->options;
}
}

19
library/Director/Objects/IcingaObject.php
View File

@ -41,6 +41,10 @@ abstract class IcingaObject extends DbObject implements IcingaConfigRenderer
return true;
}
if ($this->supportsGroups() && $this->groups !== null && $this->groups()->hasBeenModified()) {
return true;
}
return parent::hasBeenModified();
}
@ -126,20 +130,29 @@ abstract class IcingaObject extends DbObject implements IcingaConfigRenderer
public function onInsert()
{
$this->storeCustomVars();
$this->storeCustomVars()->storeGroups();
DirectorActivityLog::logCreation($this, $this->connection);
}
public function onUpdate()
{
$this->storeCustomVars();
$this->storeCustomVars()->storeGroups();
DirectorActivityLog::logModification($this, $this->connection);
}
protected function storeCustomVars()
{
if ($this->supportsCustomVars()) {
$this->vars()->storeToDb($this);
$this->vars !== null && $this->vars()->storeToDb($this);
}
return $this;
}
protected function storeGroups()
{
if ($this->supportsGroups()) {
$this->groups !== null && $this->groups()->store();
}
return $this;

24
library/Director/Objects/IcingaObjectGroups.php
View File

@ -37,6 +37,11 @@ class IcingaObjectGroups implements Iterator, Countable, IcingaConfigRenderer
$this->position = 0;
}
public function hasBeenModified()
{
return $this->modified;
}
public function current()
{
if (! $this->valid()) {
@ -72,8 +77,24 @@ class IcingaObjectGroups implements Iterator, Countable, IcingaConfigRenderer
public function set($group)
{
$this->groups = array();
$existing = array_keys($this->groups);
$new = array();
$class = $this->getGroupClass();
foreach ($group as $g) {
if ($group instanceof $class) {
$new[] = $group->object_name;
} else {
$new[] = $group;
}
}
sort($existing);
sort($new);
if ($existing === $new) {
return $this;
}
$this->groups = array();
return $this->add($group);
}
@ -93,6 +114,7 @@ class IcingaObjectGroups implements Iterator, Countable, IcingaConfigRenderer
unset($this->groups[$group]);
}
$this->modified = true;
$this->refreshIndex();
}

17
library/Director/Web/Form/DirectorObjectForm.php
View File

@ -44,15 +44,19 @@ abstract class DirectorObjectForm extends QuickForm
public function onSuccess()
{
$values = $this->getValues();
$vars = array();
if (array_key_exists('groups', $values)) {
unset($values['groups']);
}
$object = $this->object();
$handled = array();
if ($object->supportsGroups()) {
if (array_key_exists('groups', $values)) {
$object->groups()->set(
preg_split('/\s*,\s*/', $values['groups'], -1, PREG_SPLIT_NO_EMPTY)
);
$handled['groups'] = true;
}
}
if ($this->object->supportsCustomVars()) {
$vars = array();
$newvar = array(
@ -95,7 +99,6 @@ abstract class DirectorObjectForm extends QuickForm
);
$object->store($this->db);
$this->storeGroupMembership();
$this->redirectOnSuccess($msg);
}