Auth: Load user groups using the new user group backends
This commit is contained in:
Eric Lippmann
parent
2b67683e00
commit
424cee6b4a
|
|
@ -6,14 +6,14 @@ namespace Icinga\Authentication;
|
||||||
|
|
||||||
use Exception;
|
use Exception;
|
||||||
use Zend_Config;
|
use Zend_Config;
|
||||||
use Icinga\User;
|
use Icinga\Application\Config;
|
||||||
use Icinga\Web\Session;
|
use Icinga\Exception\IcingaException;
|
||||||
use Icinga\Logger\Logger;
|
|
||||||
use Icinga\Exception\NotReadableError;
|
use Icinga\Exception\NotReadableError;
|
||||||
use Icinga\Application\Config as IcingaConfig;
|
use Icinga\Logger\Logger;
|
||||||
|
use Icinga\User;
|
||||||
use Icinga\User\Preferences;
|
use Icinga\User\Preferences;
|
||||||
use Icinga\User\Preferences\PreferencesStore;
|
use Icinga\User\Preferences\PreferencesStore;
|
||||||
use Icinga\Exception\IcingaException;
|
use Icinga\Web\Session;
|
||||||
|
|
||||||
class Manager
|
class Manager
|
||||||
{
|
{
|
||||||
|
|
@ -53,7 +53,7 @@ class Manager
|
||||||
{
|
{
|
||||||
$username = $user->getUsername();
|
$username = $user->getUsername();
|
||||||
try {
|
try {
|
||||||
$config = IcingaConfig::app();
|
$config = Config::app();
|
||||||
} catch (NotReadableError $e) {
|
} catch (NotReadableError $e) {
|
||||||
Logger::error(
|
Logger::error(
|
||||||
new IcingaException(
|
new IcingaException(
|
||||||
|
|
@ -85,18 +85,32 @@ class Manager
|
||||||
$preferences = new Preferences();
|
$preferences = new Preferences();
|
||||||
}
|
}
|
||||||
$user->setPreferences($preferences);
|
$user->setPreferences($preferences);
|
||||||
$membership = new Membership();
|
$groups = array();
|
||||||
$groups = $membership->getGroupsByUsername($username);
|
foreach (Config::app('groups') as $name => $config) {
|
||||||
|
try {
|
||||||
|
$groupBackend = UserGroupBackend::create($name, $config);
|
||||||
|
$groupsFromBackend = $groupBackend->getMemberships($user);
|
||||||
|
} catch (Exception $e) {
|
||||||
|
Logger::error(
|
||||||
|
'Can\'t get group memberships for user \'%s\' from backend \'%s\'. An exception was thrown:',
|
||||||
|
$username,
|
||||||
|
$name,
|
||||||
|
$e
|
||||||
|
);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (empty($groupsFromBackend)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
$groupsFromBackend = array_values($groupsFromBackend);
|
||||||
|
$groups = array_merge($groups, array_combine($groupsFromBackend, $groupsFromBackend));
|
||||||
|
}
|
||||||
$user->setGroups($groups);
|
$user->setGroups($groups);
|
||||||
$admissionLoader = new AdmissionLoader();
|
$admissionLoader = new AdmissionLoader();
|
||||||
$user->setPermissions(
|
$user->setPermissions($admissionLoader->getPermissions($user));
|
||||||
$admissionLoader->getPermissions($username, $groups)
|
$user->setRestrictions($admissionLoader->getRestrictions($user));
|
||||||
);
|
|
||||||
$user->setRestrictions(
|
|
||||||
$admissionLoader->getRestrictions($username, $groups)
|
|
||||||
);
|
|
||||||
$this->user = $user;
|
$this->user = $user;
|
||||||
if ($persist == true) {
|
if ($persist) {
|
||||||
$this->persistCurrentUser();
|
$this->persistCurrentUser();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue