2014-08-29 15:16:13 +02:00
|
|
|
<?php
|
2015-02-04 10:46:36 +01:00
|
|
|
/* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
|
2014-08-29 15:16:13 +02:00
|
|
|
|
2014-11-14 10:57:14 +01:00
|
|
|
namespace Icinga\Forms\Config;
|
2014-08-29 15:16:13 +02:00
|
|
|
|
|
|
|
|
use InvalidArgumentException;
|
2014-11-14 10:57:14 +01:00
|
|
|
use Icinga\Forms\ConfigForm;
|
2014-08-29 15:16:13 +02:00
|
|
|
use Icinga\Web\Notification;
|
|
|
|
|
use Icinga\Application\Config;
|
2014-08-29 16:05:56 +02:00
|
|
|
use Icinga\Application\Platform;
|
2014-11-18 13:11:52 +01:00
|
|
|
use Icinga\Data\ConfigObject;
|
2014-10-15 10:46:40 +02:00
|
|
|
use Icinga\Data\ResourceFactory;
|
2014-08-29 15:16:13 +02:00
|
|
|
use Icinga\Exception\ConfigurationError;
|
2015-06-02 09:58:57 +02:00
|
|
|
use Icinga\Forms\Config\UserBackend\DbBackendForm;
|
|
|
|
|
use Icinga\Forms\Config\UserBackend\LdapBackendForm;
|
|
|
|
|
use Icinga\Forms\Config\UserBackend\ExternalBackendForm;
|
2014-08-29 15:16:13 +02:00
|
|
|
|
2015-06-02 09:58:57 +02:00
|
|
|
class UserBackendConfigForm extends ConfigForm
|
2014-08-29 15:16:13 +02:00
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* The available resources split by type
|
|
|
|
|
*
|
|
|
|
|
* @var array
|
|
|
|
|
*/
|
|
|
|
|
protected $resources;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Initialize this form
|
|
|
|
|
*/
|
|
|
|
|
public function init()
|
|
|
|
|
{
|
|
|
|
|
$this->setName('form_config_authbackend');
|
2015-01-19 11:26:23 +01:00
|
|
|
$this->setSubmitLabel($this->translate('Save Changes'));
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set the resource configuration to use
|
|
|
|
|
*
|
|
|
|
|
* @param Config $resources The resource configuration
|
|
|
|
|
*
|
2015-04-07 14:23:26 +02:00
|
|
|
* @return $this
|
2014-08-29 15:16:13 +02:00
|
|
|
*/
|
|
|
|
|
public function setResourceConfig(Config $resourceConfig)
|
|
|
|
|
{
|
|
|
|
|
$resources = array();
|
|
|
|
|
foreach ($resourceConfig as $name => $resource) {
|
|
|
|
|
$resources[strtolower($resource->type)][] = $name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->resources = $resources;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return a form object for the given backend type
|
|
|
|
|
*
|
|
|
|
|
* @param string $type The backend type for which to return a form
|
|
|
|
|
*
|
|
|
|
|
* @return Form
|
|
|
|
|
*/
|
|
|
|
|
public function getBackendForm($type)
|
|
|
|
|
{
|
2015-06-05 17:20:31 +02:00
|
|
|
switch ($type)
|
|
|
|
|
{
|
|
|
|
|
case 'db':
|
|
|
|
|
$form = new DbBackendForm();
|
|
|
|
|
$form->setResources(isset($this->resources['db']) ? $this->resources['db'] : array());
|
|
|
|
|
break;
|
|
|
|
|
case 'ldap':
|
|
|
|
|
case 'msldap':
|
|
|
|
|
$form = new LdapBackendForm();
|
|
|
|
|
$form->setResources(isset($this->resources['ldap']) ? $this->resources['ldap'] : array());
|
|
|
|
|
break;
|
|
|
|
|
case 'external':
|
|
|
|
|
$form = new ExternalBackendForm();
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
throw new InvalidArgumentException(
|
|
|
|
|
sprintf($this->translate('Invalid backend type "%s" provided'), $type)
|
|
|
|
|
);
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $form;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-06-02 09:58:57 +02:00
|
|
|
* Add a particular user backend
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* The backend to add is identified by the array-key `name'.
|
|
|
|
|
*
|
|
|
|
|
* @param array $values The values to extend the configuration with
|
|
|
|
|
*
|
2015-04-07 14:23:26 +02:00
|
|
|
* @return $this
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* @throws InvalidArgumentException In case the backend does already exist
|
|
|
|
|
*/
|
|
|
|
|
public function add(array $values)
|
|
|
|
|
{
|
|
|
|
|
$name = isset($values['name']) ? $values['name'] : '';
|
|
|
|
|
if (! $name) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('User backend name missing'));
|
2014-11-18 13:11:52 +01:00
|
|
|
} elseif ($this->config->hasSection($name)) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('User backend already exists'));
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unset($values['name']);
|
2014-11-18 13:11:52 +01:00
|
|
|
$this->config->setSection($name, $values);
|
2014-08-29 15:16:13 +02:00
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-06-02 09:58:57 +02:00
|
|
|
* Edit a particular user backend
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* @param string $name The name of the backend to edit
|
|
|
|
|
* @param array $values The values to edit the configuration with
|
|
|
|
|
*
|
|
|
|
|
* @return array The edited backend configuration
|
|
|
|
|
*
|
|
|
|
|
* @throws InvalidArgumentException In case the backend does not exist
|
|
|
|
|
*/
|
|
|
|
|
public function edit($name, array $values)
|
|
|
|
|
{
|
|
|
|
|
if (! $name) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('Old user backend name missing'));
|
2014-08-29 15:16:13 +02:00
|
|
|
} elseif (! ($newName = isset($values['name']) ? $values['name'] : '')) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('New user backend name missing'));
|
2014-11-18 13:11:52 +01:00
|
|
|
} elseif (! $this->config->hasSection($name)) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('Unknown user backend provided'));
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
2014-11-18 13:11:52 +01:00
|
|
|
$backendConfig = $this->config->getSection($name);
|
2014-08-29 15:16:13 +02:00
|
|
|
if ($newName !== $name) {
|
|
|
|
|
// Only remove the old entry if it has changed as the order gets screwed when editing backend names
|
2014-11-18 13:11:52 +01:00
|
|
|
$this->config->removeSection($name);
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unset($values['name']);
|
2014-11-18 13:11:52 +01:00
|
|
|
$this->config->setSection($newName, $backendConfig->merge($values));
|
|
|
|
|
return $backendConfig;
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-06-02 09:58:57 +02:00
|
|
|
* Remove the given user backend
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* @param string $name The name of the backend to remove
|
|
|
|
|
*
|
|
|
|
|
* @return array The removed backend configuration
|
|
|
|
|
*
|
|
|
|
|
* @throws InvalidArgumentException In case the backend does not exist
|
|
|
|
|
*/
|
|
|
|
|
public function remove($name)
|
|
|
|
|
{
|
|
|
|
|
if (! $name) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('user backend name missing'));
|
2014-11-18 13:11:52 +01:00
|
|
|
} elseif (! $this->config->hasSection($name)) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('Unknown user backend provided'));
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
2014-11-18 13:11:52 +01:00
|
|
|
$backendConfig = $this->config->getSection($name);
|
|
|
|
|
$this->config->removeSection($name);
|
2014-08-29 15:16:13 +02:00
|
|
|
return $backendConfig;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-06-02 09:58:57 +02:00
|
|
|
* Move the given user backend up or down in order
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* @param string $name The name of the backend to be moved
|
|
|
|
|
* @param int $position The new (absolute) position of the backend
|
|
|
|
|
*
|
2015-04-07 14:23:26 +02:00
|
|
|
* @return $this
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* @throws InvalidArgumentException In case the backend does not exist
|
|
|
|
|
*/
|
|
|
|
|
public function move($name, $position)
|
|
|
|
|
{
|
|
|
|
|
if (! $name) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('User backend name missing'));
|
2014-11-18 13:11:52 +01:00
|
|
|
} elseif (! $this->config->hasSection($name)) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new InvalidArgumentException($this->translate('Unknown user backend provided'));
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$backendOrder = $this->config->keys();
|
|
|
|
|
array_splice($backendOrder, array_search($name, $backendOrder), 1);
|
|
|
|
|
array_splice($backendOrder, $position, 0, $name);
|
|
|
|
|
|
|
|
|
|
$newConfig = array();
|
|
|
|
|
foreach ($backendOrder as $backendName) {
|
2014-11-18 13:11:52 +01:00
|
|
|
$newConfig[$backendName] = $this->config->getSection($backendName);
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
2014-11-18 13:11:52 +01:00
|
|
|
$config = Config::fromArray($newConfig);
|
2014-08-29 15:16:13 +02:00
|
|
|
$this->config = $config->setConfigFile($this->config->getConfigFile());
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-06-02 09:58:57 +02:00
|
|
|
* Add or edit an user backend and save the configuration
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* Performs a connectivity validation using the submitted values. A checkbox is
|
|
|
|
|
* added to the form to skip the check if it fails and redirection is aborted.
|
|
|
|
|
*
|
|
|
|
|
* @see Form::onSuccess()
|
|
|
|
|
*/
|
2014-11-14 14:59:12 +01:00
|
|
|
public function onSuccess()
|
2014-08-29 15:16:13 +02:00
|
|
|
{
|
|
|
|
|
if (($el = $this->getElement('force_creation')) === null || false === $el->isChecked()) {
|
|
|
|
|
$backendForm = $this->getBackendForm($this->getElement('type')->getValue());
|
2015-06-02 09:58:57 +02:00
|
|
|
if (false === $backendForm::isValidUserBackend($this)) {
|
2014-09-02 14:53:15 +02:00
|
|
|
$this->addElement($this->getForceCreationCheckbox());
|
2014-08-29 15:16:13 +02:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-02 09:58:57 +02:00
|
|
|
$authBackend = $this->request->getQuery('backend');
|
2014-08-29 15:16:13 +02:00
|
|
|
try {
|
|
|
|
|
if ($authBackend === null) { // create new backend
|
|
|
|
|
$this->add($this->getValues());
|
2015-06-02 09:58:57 +02:00
|
|
|
$message = $this->translate('User backend "%s" has been successfully created');
|
2014-08-29 15:16:13 +02:00
|
|
|
} else { // edit existing backend
|
|
|
|
|
$this->edit($authBackend, $this->getValues());
|
2015-06-02 09:58:57 +02:00
|
|
|
$message = $this->translate('User backend "%s" has been successfully changed');
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
} catch (InvalidArgumentException $e) {
|
|
|
|
|
Notification::error($e->getMessage());
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->save()) {
|
|
|
|
|
Notification::success(sprintf($message, $this->getElement('name')->getValue()));
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-06-02 09:58:57 +02:00
|
|
|
* Populate the form in case an user backend is being edited
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
2014-09-02 14:35:01 +02:00
|
|
|
* @see Form::onRequest()
|
2014-08-29 15:16:13 +02:00
|
|
|
*
|
|
|
|
|
* @throws ConfigurationError In case the backend name is missing in the request or is invalid
|
|
|
|
|
*/
|
2014-11-14 14:59:12 +01:00
|
|
|
public function onRequest()
|
2014-08-29 15:16:13 +02:00
|
|
|
{
|
2015-06-02 09:58:57 +02:00
|
|
|
$authBackend = $this->request->getQuery('backend');
|
2014-08-29 15:16:13 +02:00
|
|
|
if ($authBackend !== null) {
|
|
|
|
|
if ($authBackend === '') {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new ConfigurationError($this->translate('User backend name missing'));
|
2014-11-18 13:11:52 +01:00
|
|
|
} elseif (! $this->config->hasSection($authBackend)) {
|
2015-06-02 09:58:57 +02:00
|
|
|
throw new ConfigurationError($this->translate('Unknown user backend provided'));
|
2014-11-18 13:11:52 +01:00
|
|
|
} elseif ($this->config->getSection($authBackend)->backend === null) {
|
2015-01-19 11:26:23 +01:00
|
|
|
throw new ConfigurationError(
|
|
|
|
|
sprintf($this->translate('Backend "%s" has no `backend\' setting'), $authBackend)
|
|
|
|
|
);
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
2014-11-18 13:11:52 +01:00
|
|
|
$configValues = $this->config->getSection($authBackend)->toArray();
|
2014-08-29 15:16:13 +02:00
|
|
|
$configValues['type'] = $configValues['backend'];
|
|
|
|
|
$configValues['name'] = $authBackend;
|
|
|
|
|
$this->populate($configValues);
|
2014-10-15 10:51:18 +02:00
|
|
|
} elseif (empty($this->resources)) {
|
2015-01-27 09:49:36 +01:00
|
|
|
$externalBackends = array_filter(
|
2014-10-15 10:51:18 +02:00
|
|
|
$this->config->toArray(),
|
|
|
|
|
function ($authBackendCfg) {
|
2015-01-27 09:49:36 +01:00
|
|
|
return isset($authBackendCfg['backend']) && $authBackendCfg['backend'] === 'external';
|
2014-10-15 10:51:18 +02:00
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
|
2015-01-27 09:49:36 +01:00
|
|
|
if (false === empty($externalBackends)) {
|
2015-01-19 11:26:23 +01:00
|
|
|
throw new ConfigurationError($this->translate('Could not find any resources for authentication'));
|
2014-10-15 10:51:18 +02:00
|
|
|
}
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2014-09-02 14:53:15 +02:00
|
|
|
* Return a checkbox to be displayed at the beginning of the form
|
2014-08-29 15:16:13 +02:00
|
|
|
* which allows the user to skip the connection validation
|
2014-09-02 14:53:15 +02:00
|
|
|
*
|
|
|
|
|
* @return Zend_Form_Element
|
2014-08-29 15:16:13 +02:00
|
|
|
*/
|
2014-09-02 14:53:15 +02:00
|
|
|
protected function getForceCreationCheckbox()
|
2014-08-29 15:16:13 +02:00
|
|
|
{
|
2014-09-02 14:53:15 +02:00
|
|
|
return $this->createElement(
|
2014-08-29 15:16:13 +02:00
|
|
|
'checkbox',
|
|
|
|
|
'force_creation',
|
|
|
|
|
array(
|
2014-09-02 17:03:32 +02:00
|
|
|
'order' => 0,
|
|
|
|
|
'ignore' => true,
|
2015-01-19 11:26:23 +01:00
|
|
|
'label' => $this->translate('Force Changes'),
|
|
|
|
|
'description' => $this->translate('Check this box to enforce changes without connectivity validation')
|
2014-08-29 15:16:13 +02:00
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @see Form::createElements()
|
|
|
|
|
*/
|
|
|
|
|
public function createElements(array $formData)
|
|
|
|
|
{
|
|
|
|
|
$backendTypes = array();
|
2014-10-15 10:48:50 +02:00
|
|
|
$backendType = isset($formData['type']) ? $formData['type'] : null;
|
2014-08-29 15:16:13 +02:00
|
|
|
|
|
|
|
|
if (isset($this->resources['db'])) {
|
2015-01-19 11:26:23 +01:00
|
|
|
$backendTypes['db'] = $this->translate('Database');
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
2014-08-29 16:05:56 +02:00
|
|
|
if (isset($this->resources['ldap']) && ($backendType === 'ldap' || Platform::extensionLoaded('ldap'))) {
|
2014-08-29 15:16:13 +02:00
|
|
|
$backendTypes['ldap'] = 'LDAP';
|
2015-06-05 17:20:31 +02:00
|
|
|
$backendTypes['msldap'] = 'ActiveDirectory';
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
2015-01-27 09:49:36 +01:00
|
|
|
$externalBackends = array_filter(
|
2014-08-29 15:16:13 +02:00
|
|
|
$this->config->toArray(),
|
|
|
|
|
function ($authBackendCfg) {
|
2015-01-27 09:49:36 +01:00
|
|
|
return isset($authBackendCfg['backend']) && $authBackendCfg['backend'] === 'external';
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
);
|
2015-01-27 09:49:36 +01:00
|
|
|
if ($backendType === 'external' || empty($externalBackends)) {
|
|
|
|
|
$backendTypes['external'] = $this->translate('External');
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
|
|
|
|
|
2014-10-15 10:48:50 +02:00
|
|
|
if ($backendType === null) {
|
|
|
|
|
$backendType = key($backendTypes);
|
|
|
|
|
}
|
|
|
|
|
|
2014-09-03 12:21:31 +02:00
|
|
|
$this->addElement(
|
2014-08-29 15:16:13 +02:00
|
|
|
'select',
|
|
|
|
|
'type',
|
|
|
|
|
array(
|
2014-09-02 17:03:32 +02:00
|
|
|
'ignore' => true,
|
|
|
|
|
'required' => true,
|
|
|
|
|
'autosubmit' => true,
|
2015-01-19 11:26:23 +01:00
|
|
|
'label' => $this->translate('Backend Type'),
|
|
|
|
|
'description' => $this->translate(
|
|
|
|
|
'The type of the resource to use for this authenticaton provider'
|
|
|
|
|
),
|
2014-09-02 17:03:32 +02:00
|
|
|
'multiOptions' => $backendTypes
|
2014-08-29 15:16:13 +02:00
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
2014-09-02 14:53:15 +02:00
|
|
|
if (isset($formData['force_creation']) && $formData['force_creation']) {
|
|
|
|
|
// In case another error occured and the checkbox was displayed before
|
2014-09-03 12:21:31 +02:00
|
|
|
$this->addElement($this->getForceCreationCheckbox());
|
2014-09-02 14:53:15 +02:00
|
|
|
}
|
|
|
|
|
|
2014-09-03 12:21:31 +02:00
|
|
|
$this->addElements($this->getBackendForm($backendType)->createElements($formData)->getElements());
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
2014-10-15 10:46:40 +02:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return the configuration for the chosen resource
|
|
|
|
|
*
|
2014-11-18 13:11:52 +01:00
|
|
|
* @return ConfigObject
|
2014-10-15 10:46:40 +02:00
|
|
|
*/
|
|
|
|
|
public function getResourceConfig()
|
|
|
|
|
{
|
|
|
|
|
return ResourceFactory::getResourceConfig($this->getValue('resource'));
|
|
|
|
|
}
|
2014-08-29 15:16:13 +02:00
|
|
|
}
|
