tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Wizard: Apply user group backend configuration 

refs #9609
This commit is contained in:
Johannes Meyer 2015-07-30 13:22:51 +02:00
parent c5761243c1
commit 47079b723d
2 changed files with 230 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

209
modules/setup/library/Setup/Steps/UserGroupStep.php Normal file
View File

@ -0,0 +1,209 @@
<?php
/* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
namespace Icinga\Module\Setup\Steps;
use Exception;
use Icinga\Application\Config;
use Icinga\Authentication\UserGroup\DbUserGroupBackend;
use Icinga\Data\ConfigObject;
use Icinga\Data\ResourceFactory;
use Icinga\Exception\IcingaException;
use Icinga\Module\Setup\Step;
class UserGroupStep extends Step
{
protected $data;
protected $groupError;
protected $memberError;
protected $groupIniError;
public function __construct(array $data)
{
$this->data = $data;
}
public function apply()
{
$success &= $this->createGroupsIni();
if (isset($this->data['resourceConfig'])) {
$success &= $this->createUserGroup();
if ($success) {
$success &= $this->createMembership();
}
}
return $success;
}
protected function createGroupsIni()
{
$config = array();
if (isset($this->data['groupConfig'])) {
$backendConfig = $this->data['groupConfig'];
$backendName = $backendConfig['name'];
unset($backendConfig['name']);
$config[$backendName] = $backendConfig;
} else {
$backendConfig = array(
'backend' => $this->data['backendConfig']['backend'], // "db" or "msldap"
'resource' => $this->data['resourceName']
);
if ($backendConfig['backend'] === 'msldap') {
$backendConfig['user_backend'] = $this->data['backendConfig']['name'];
}
$config[$this->data['backendConfig']['name']] = $backendConfig;
}
try {
Config::fromArray($config)
->setConfigFile(Config::resolvePath('groups.ini'))
->saveIni();
} catch (Exception $e) {
$this->groupIniError = $e;
return false;
}
$this->groupIniError = false;
return true;
}
protected function createUserGroup()
{
try {
$backend = new DbUserGroupBackend(
ResourceFactory::createResource(new ConfigObject($this->data['resourceConfig']))
);
$groupName = mt('setup', 'Administrators', 'setup.role.name');
if ($backend->select()->where('group_name', $groupName)->count() === 0) {
$backend->insert('group', array(
'group_name' => $groupName
));
$this->groupError = false;
}
} catch (Exception $e) {
$this->groupError = $e;
return false;
}
return true;
}
protected function createMembership()
{
try {
$backend = new DbUserGroupBackend(
ResourceFactory::createResource(new ConfigObject($this->data['resourceConfig']))
);
$groupName = mt('setup', 'Administrators', 'setup.role.name');
$userName = $this->data['username'];
if ($backend
->select()
->from('group_membership')
->where('group_name', $groupName)
->where('user_name', $userName)
->count() === 0
) {
$backend->insert('group_membership', array(
'group_name' => $groupName,
'user_name' => $userName
));
$this->memberError = false;
}
} catch (Exception $e) {
$this->memberError = $e;
return false;
}
return true;
}
public function getSummary()
{
if (! isset($this->data['groupConfig'])) {
return; // It's not necessary to show the user something he didn't configure..
}
$pageTitle = '<h2>' . mt('setup', 'User Groups', 'setup.page.title') . '</h2>';
$backendTitle = '<h3>' . mt('setup', 'User Group Backend', 'setup.page.title') . '</h3>';
$backendHtml = ''
. '<table>'
. '<tbody>'
. '<tr>'
. '<td><strong>' . t('Backend Name') . '</strong></td>'
. '<td>' . $this->data['groupConfig']['name'] . '</td>'
. '</tr>'
. '<tr>'
. '<td><strong>' . mt('setup', 'Group Object Class') . '</strong></td>'
. '<td>' . $this->data['groupConfig']['group_class'] . '</td>'
. '</tr>'
. '<tr>'
. '<td><strong>' . mt('setup', 'Custom Filter') . '</strong></td>'
. '<td>' . trim($this->data['groupConfig']['group_filter']) ?: t('None', 'auth.ldap.filter') . '</td>'
. '</tr>'
. '<tr>'
. '<td><strong>' . mt('setup', 'Group Name Attribute') . '</strong></td>'
. '<td>' . $this->data['groupConfig']['group_name_attribute'] . '</td>'
. '</tr>'
. '</tbody>'
. '</table>';
return $pageTitle . '<div class="topic">' . $backendTitle . $backendHtml . '</div>';
}
public function getReport()
{
$report = array();
if ($this->groupIniError === false) {
$report[] = sprintf(
mt('setup', 'User Group Backend configuration has been successfully written to: %s'),
Config::resolvePath('groups.ini')
);
} elseif ($this->groupIniError !== null) {
$report[] = sprintf(
mt('setup', 'User Group Backend configuration could not be written to: %s. An error occured:'),
Config::resolvePath('groups.ini')
);
$report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->groupIniError));
}
if ($this->groupError === false) {
$report[] = sprintf(
mt('setup', 'User Group "%s" has been successfully created.'),
mt('setup', 'Administrators', 'setup.role.name')
);
} elseif ($this->groupError !== null) {
$report[] = sprintf(
mt('setup', 'Unable to create user group "%s". An error occured:'),
mt('setup', 'Administrators', 'setup.role.name')
);
$report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->groupError));
}
if ($this->memberError === false) {
$report[] = sprintf(
mt('setup', 'Account "%s" has been successfully added as member to user group "%s".'),
$this->data['username'],
mt('setup', 'Administrators', 'setup.role.name')
);
} elseif ($this->memberError !== null) {
$report[] = sprintf(
mt('setup', 'Unable to add account "%s" as member to user group "%s". An error occured:'),
$this->data['username'],
mt('setup', 'Administrators', 'setup.role.name')
);
$report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->memberError));
}
return $report;
}
}

21
modules/setup/library/Setup/WebWizard.php
View File

@ -27,6 +27,7 @@ use Icinga\Module\Setup\Steps\DatabaseStep;
use Icinga\Module\Setup\Steps\GeneralConfigStep; use Icinga\Module\Setup\Steps\GeneralConfigStep;
use Icinga\Module\Setup\Steps\ResourceStep; use Icinga\Module\Setup\Steps\ResourceStep;
use Icinga\Module\Setup\Steps\AuthenticationStep; use Icinga\Module\Setup\Steps\AuthenticationStep;
use Icinga\Module\Setup\Steps\UserGroupStep;
use Icinga\Module\Setup\Utils\EnableModuleStep; use Icinga\Module\Setup\Utils\EnableModuleStep;
use Icinga\Module\Setup\Utils\DbTool; use Icinga\Module\Setup\Utils\DbTool;
use Icinga\Module\Setup\Requirement\OSRequirement; use Icinga\Module\Setup\Requirement\OSRequirement;
@ -458,6 +459,26 @@ class WebWizard extends Wizard implements SetupWizard
)) ))
); );
if ($authType !== 'external') {
$setup->addStep(
new UserGroupStep(array(
'backendConfig' => $pageData['setup_authentication_backend'],
'groupConfig' => isset($pageData['setup_usergroup_backend'])
? $pageData['setup_usergroup_backend']
: null,
'resourceName' => $authType === 'db'
? $pageData['setup_auth_db_resource']['name']
: $pageData['setup_ldap_resource']['name'],
'resourceConfig' => $authType === 'db'
? $pageData['setup_auth_db_resource']
: null,
'username' => $authType === 'db'
? $pageData['setup_admin_account'][$adminAccountType]
: null
))
);
}
if ( if (
isset($pageData['setup_auth_db_resource']) isset($pageData['setup_auth_db_resource'])
|| isset($pageData['setup_config_db_resource']) || isset($pageData['setup_config_db_resource'])