tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-27 07:44:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/non-collated-ido-queries-8613

Browse Source
This commit is contained in:
Johannes Meyer 2015-04-13 15:55:32 +02:00
commit 638c00d685
8 changed files with 62 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
library/Icinga/Web/Controller.php
View File

@ -4,6 +4,7 @@
namespace Icinga\Web; namespace Icinga\Web;
use Icinga\Web\Controller\ModuleActionController; use Icinga\Web\Controller\ModuleActionController;
use Icinga\Web\Widget\SortBox;
/** /**
* This is the controller all modules should inherit from * This is the controller all modules should inherit from
@ -12,4 +13,18 @@ use Icinga\Web\Controller\ModuleActionController;
*/ */
class Controller extends ModuleActionController class Controller extends ModuleActionController
{ {
/**
* Create a sort control box at the 'sortControl' view parameter
*
* @param array $columns An array containing the sort columns, with the
* submit value as the key and the label as the value
*/
protected function setupSortControl(array $columns)
{
$req = $this->getRequest();
$this->view->sortControl = SortBox::create(
'sortbox-' . $req->getActionName(),
$columns
)->applyRequest($req);
}
} }

4
modules/doc/library/Doc/DocController.php
View File

@ -5,9 +5,9 @@ namespace Icinga\Module\Doc;
use Icinga\Module\Doc\Renderer\DocSectionRenderer; use Icinga\Module\Doc\Renderer\DocSectionRenderer;
use Icinga\Module\Doc\Renderer\DocTocRenderer; use Icinga\Module\Doc\Renderer\DocTocRenderer;
use Icinga\Web\Controller\ModuleActionController; use Icinga\Web\Controller;
class DocController extends ModuleActionController class DocController extends Controller
{ {
/** /**
* Render a chapter * Render a chapter

4
modules/monitoring/application/controllers/ConfigController.php
View File

@ -4,7 +4,7 @@
use Icinga\Web\Notification; use Icinga\Web\Notification;
use Icinga\Data\ResourceFactory; use Icinga\Data\ResourceFactory;
use Icinga\Forms\ConfirmRemovalForm; use Icinga\Forms\ConfirmRemovalForm;
use Icinga\Web\Controller\ModuleActionController; use Icinga\Web\Controller;
use Icinga\Module\Monitoring\Forms\Config\BackendConfigForm; use Icinga\Module\Monitoring\Forms\Config\BackendConfigForm;
use Icinga\Module\Monitoring\Forms\Config\InstanceConfigForm; use Icinga\Module\Monitoring\Forms\Config\InstanceConfigForm;
use Icinga\Module\Monitoring\Forms\Config\SecurityConfigForm; use Icinga\Module\Monitoring\Forms\Config\SecurityConfigForm;
@ -12,7 +12,7 @@ use Icinga\Module\Monitoring\Forms\Config\SecurityConfigForm;
/** /**
* Configuration controller for editing monitoring resources * Configuration controller for editing monitoring resources
*/ */
class Monitoring_ConfigController extends ModuleActionController class Monitoring_ConfigController extends Controller
{ {
/** /**
* Display a list of available backends and instances * Display a list of available backends and instances

16
modules/monitoring/application/controllers/ListController.php
View File

@ -9,7 +9,6 @@ use Icinga\Web\Url;
use Icinga\Web\Widget\Tabextension\DashboardAction; use Icinga\Web\Widget\Tabextension\DashboardAction;
use Icinga\Web\Widget\Tabextension\OutputFormat; use Icinga\Web\Widget\Tabextension\OutputFormat;
use Icinga\Web\Widget\Tabs; use Icinga\Web\Widget\Tabs;
use Icinga\Web\Widget\SortBox;
use Icinga\Data\Filter\Filter; use Icinga\Data\Filter\Filter;
use Icinga\Web\Widget; use Icinga\Web\Widget;
use Icinga\Module\Monitoring\Forms\StatehistoryForm; use Icinga\Module\Monitoring\Forms\StatehistoryForm;
@ -690,21 +689,6 @@ class Monitoring_ListController extends Controller
return $columns; return $columns;
} }
/**
* Create a sort control box at the 'sortControl' view parameter
*
* @param array $columns An array containing the sort columns, with the
* submit value as the key and the value as the label
*/
private function setupSortControl(array $columns)
{
$this->view->sortControl = new SortBox(
'sortbox-' . $this->getRequest()->getActionName(),
$columns
);
$this->view->sortControl->applyRequest($this->getRequest());
}
protected function addTitleTab($action, $title, $tip) protected function addTitleTab($action, $title, $tip)
{ {
$this->getTabs()->add($action, array( $this->getTabs()->add($action, array(

4
modules/monitoring/library/Monitoring/Controller.php
View File

@ -6,13 +6,13 @@ namespace Icinga\Module\Monitoring;
use Icinga\Data\Filter\Filter; use Icinga\Data\Filter\Filter;
use Icinga\Data\Filterable; use Icinga\Data\Filterable;
use Icinga\File\Csv; use Icinga\File\Csv;
use Icinga\Web\Controller\ModuleActionController; use Icinga\Web\Controller as IcingaWebController;
use Icinga\Web\Url; use Icinga\Web\Url;
/** /**
* Base class for all monitoring action controller * Base class for all monitoring action controller
*/ */
class Controller extends ModuleActionController class Controller extends IcingaWebController
{ {
/** /**
* The backend used for this controller * The backend used for this controller

4
modules/setup/application/controllers/IndexController.php
View File

@ -1,10 +1,10 @@
<?php <?php
/* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */ /* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
use Icinga\Web\Controller\ModuleActionController; use Icinga\Web\Controller;
use Icinga\Module\Setup\WebWizard; use Icinga\Module\Setup\WebWizard;
class Setup_IndexController extends ModuleActionController class Setup_IndexController extends Controller
{ {
/** /**
* Whether the controller requires the user to be authenticated * Whether the controller requires the user to be authenticated

35
modules/setup/library/Setup/Utils/DbTool.php
View File

@ -78,7 +78,7 @@ class DbTool
'INSERT' => 29, 'INSERT' => 29,
'LOCK TABLES' => 5, 'LOCK TABLES' => 5,
'PROCESS' => 1, 'PROCESS' => 1,
'REFERENCES' => 0, 'REFERENCES' => 12,
'RELOAD' => 1, 'RELOAD' => 1,
'REPLICATION CLIENT' => 1, 'REPLICATION CLIENT' => 1,
'REPLICATION SLAVE' => 1, 'REPLICATION SLAVE' => 1,
@ -629,10 +629,6 @@ EOD;
$mysqlPrivileges = array_intersect($privileges, array_keys($this->mysqlGrantContexts)); $mysqlPrivileges = array_intersect($privileges, array_keys($this->mysqlGrantContexts));
list($_, $host) = explode('@', $this->query('select current_user()')->fetchColumn()); list($_, $host) = explode('@', $this->query('select current_user()')->fetchColumn());
$grantee = "'" . ($username === null ? $this->config['username'] : $username) . "'@'" . $host . "'"; $grantee = "'" . ($username === null ? $this->config['username'] : $username) . "'@'" . $host . "'";
$privilegeCondition = sprintf(
'privilege_type IN (%s)',
join(',', array_map(array($this, 'quote'), $mysqlPrivileges))
);
if (isset($this->config['dbname'])) { if (isset($this->config['dbname'])) {
$dbPrivileges = array(); $dbPrivileges = array();
@ -653,7 +649,7 @@ EOD;
. ' FROM information_schema.schema_privileges' . ' FROM information_schema.schema_privileges'
. ' WHERE grantee = :grantee' . ' WHERE grantee = :grantee'
. ' AND table_schema = :dbname' . ' AND table_schema = :dbname'
. ' AND ' . $privilegeCondition . ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $dbPrivileges)) . ')'
. ($requireGrants ? " AND is_grantable = 'YES'" : ''), . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
array(':grantee' => $grantee, ':dbname' => $this->config['dbname']) array(':grantee' => $grantee, ':dbname' => $this->config['dbname'])
); );
@ -666,14 +662,13 @@ EOD;
!$dbPrivilegesGranted || array_intersect($dbPrivileges, $tablePrivileges) != $tablePrivileges !$dbPrivilegesGranted || array_intersect($dbPrivileges, $tablePrivileges) != $tablePrivileges
) )
) { ) {
$tableCondition = 'table_name IN (' . join(',', array_map(array($this, 'quote'), $context)) . ')';
$query = $this->query( $query = $this->query(
'SELECT COUNT(*) as matches' 'SELECT COUNT(*) as matches'
. ' FROM information_schema.table_privileges' . ' FROM information_schema.table_privileges'
. ' WHERE grantee = :grantee' . ' WHERE grantee = :grantee'
. ' AND table_schema = :dbname' . ' AND table_schema = :dbname'
. ' AND ' . $tableCondition . ' AND table_name IN (' . join(',', array_map(array($this, 'quote'), $context)) . ')'
. ' AND ' . $privilegeCondition . ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $tablePrivileges)) . ')'
. ($requireGrants ? " AND is_grantable = 'YES'" : ''), . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
array(':grantee' => $grantee, ':dbname' => $this->config['dbname']) array(':grantee' => $grantee, ':dbname' => $this->config['dbname'])
); );
@ -688,10 +683,11 @@ EOD;
$query = $this->query( $query = $this->query(
'SELECT COUNT(*) as matches FROM information_schema.user_privileges WHERE grantee = :grantee' 'SELECT COUNT(*) as matches FROM information_schema.user_privileges WHERE grantee = :grantee'
. ' AND ' . $privilegeCondition . ($requireGrants ? " AND is_grantable = 'YES'" : ''), . ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $mysqlPrivileges)) . ')'
. ($requireGrants ? " AND is_grantable = 'YES'" : ''),
array(':grantee' => $grantee) array(':grantee' => $grantee)
); );
return $query->fetchObject()->matches === count($mysqlPrivileges); return (int) $query->fetchObject()->matches === count($mysqlPrivileges);
} }
/** /**
@ -721,7 +717,8 @@ EOD;
foreach (array_intersect($privileges, array_keys($this->pgsqlGrantContexts)) as $privilege) { foreach (array_intersect($privileges, array_keys($this->pgsqlGrantContexts)) as $privilege) {
if (false === empty($context) && $this->pgsqlGrantContexts[$privilege] & static::TABLE_LEVEL) { if (false === empty($context) && $this->pgsqlGrantContexts[$privilege] & static::TABLE_LEVEL) {
$tablePrivileges[] = $privilege; $tablePrivileges[] = $privilege;
} elseif ($this->pgsqlGrantContexts[$privilege] & static::DATABASE_LEVEL) { }
if ($this->pgsqlGrantContexts[$privilege] & static::DATABASE_LEVEL) {
$dbPrivileges[] = $privilege; $dbPrivileges[] = $privilege;
} }
} }
@ -760,14 +757,14 @@ EOD;
// connected to the database defined in the resource configuration it is safe to just ignore them // connected to the database defined in the resource configuration it is safe to just ignore them
// as the chances are very high that the database is created later causing the current user being // as the chances are very high that the database is created later causing the current user being
// the owner with ALL privileges. (Which in turn can be granted to others.) // the owner with ALL privileges. (Which in turn can be granted to others.)
}
if (array_search('CREATE', $privileges) !== false) { if (array_search('CREATE', $privileges) !== false) {
$query = $this->query( $query = $this->query(
'select rolcreatedb from pg_roles where rolname = :user', 'select rolcreatedb from pg_roles where rolname = :user',
array(':user' => $username !== null ? $username : $this->config['username']) array(':user' => $username !== null ? $username : $this->config['username'])
); );
$privilegesGranted &= $query->fetchColumn() !== false; $privilegesGranted &= $query->fetchColumn() !== false;
}
} }
if (array_search('CREATEROLE', $privileges) !== false) { if (array_search('CREATEROLE', $privileges) !== false) {

32
modules/setup/library/Setup/WebWizard.php
View File

@ -17,7 +17,7 @@ use Icinga\Module\Setup\Forms\PreferencesPage;
use Icinga\Module\Setup\Forms\AuthBackendPage; use Icinga\Module\Setup\Forms\AuthBackendPage;
use Icinga\Module\Setup\Forms\AdminAccountPage; use Icinga\Module\Setup\Forms\AdminAccountPage;
use Icinga\Module\Setup\Forms\LdapDiscoveryPage; use Icinga\Module\Setup\Forms\LdapDiscoveryPage;
use Icinga\Module\Setup\Forms\LdapDiscoveryConfirmPage; //use Icinga\Module\Setup\Forms\LdapDiscoveryConfirmPage;
use Icinga\Module\Setup\Forms\LdapResourcePage; use Icinga\Module\Setup\Forms\LdapResourcePage;
use Icinga\Module\Setup\Forms\RequirementsPage; use Icinga\Module\Setup\Forms\RequirementsPage;
use Icinga\Module\Setup\Forms\GeneralConfigPage; use Icinga\Module\Setup\Forms\GeneralConfigPage;
@ -41,6 +41,17 @@ use Icinga\Module\Setup\Requirement\ConfigDirectoryRequirement;
*/ */
class WebWizard extends Wizard implements SetupWizard class WebWizard extends Wizard implements SetupWizard
{ {
/**
* The privileges required by Icinga Web 2 to create the database and a login
*
* @var array
*/
protected $databaseCreationPrivileges = array(
'CREATE',
'CREATE USER', // MySQL
'CREATEROLE' // PostgreSQL
);
/** /**
* The privileges required by Icinga Web 2 to setup the database * The privileges required by Icinga Web 2 to setup the database
* *
@ -48,10 +59,8 @@ class WebWizard extends Wizard implements SetupWizard
*/ */
protected $databaseSetupPrivileges = array( protected $databaseSetupPrivileges = array(
'CREATE', 'CREATE',
'ALTER', 'ALTER', // MySQL only
'REFERENCES', 'REFERENCES'
'CREATE USER', // MySQL
'CREATEROLE' // PostgreSQL
); );
/** /**
@ -148,7 +157,9 @@ class WebWizard extends Wizard implements SetupWizard
$page->setResourceConfig($this->getPageData('setup_ldap_resource')); $page->setResourceConfig($this->getPageData('setup_ldap_resource'));
} }
} elseif ($page->getName() === 'setup_database_creation') { } elseif ($page->getName() === 'setup_database_creation') {
$page->setDatabaseSetupPrivileges($this->databaseSetupPrivileges); $page->setDatabaseSetupPrivileges(
array_merge($this->databaseCreationPrivileges, $this->databaseSetupPrivileges)
);
$page->setDatabaseUsagePrivileges($this->databaseUsagePrivileges); $page->setDatabaseUsagePrivileges($this->databaseUsagePrivileges);
$page->setResourceConfig($this->getPageData('setup_db_resource')); $page->setResourceConfig($this->getPageData('setup_db_resource'));
} elseif ($page->getName() === 'setup_summary') { } elseif ($page->getName() === 'setup_summary') {
@ -211,8 +222,8 @@ class WebWizard extends Wizard implements SetupWizard
try { try {
$db->connectToDb(); // Are we able to login on the database? $db->connectToDb(); // Are we able to login on the database?
if (array_search(key($this->databaseTables), $db->listTables()) === false) { if (array_search(key($this->databaseTables), $db->listTables()) === false) {
// In case the database schema does not yet exist the user // In case the database schema does not yet exist the
// needs the privileges to create and setup the database // user needs the privileges to setup the database
$skip = $db->checkPrivileges($this->databaseSetupPrivileges, $this->databaseTables); $skip = $db->checkPrivileges($this->databaseSetupPrivileges, $this->databaseTables);
} else { } else {
// In case the database schema exists the user needs the required privileges // In case the database schema exists the user needs the required privileges
@ -224,7 +235,10 @@ class WebWizard extends Wizard implements SetupWizard
$db->connectToHost(); // Are we able to login on the server? $db->connectToHost(); // Are we able to login on the server?
// It is not possible to reliably determine whether a database exists or not if a user can't // It is not possible to reliably determine whether a database exists or not if a user can't
// log in to the database, so we just require the user to be able to create the database // log in to the database, so we just require the user to be able to create the database
$skip = $db->checkPrivileges($this->databaseSetupPrivileges, $this->databaseTables); $skip = $db->checkPrivileges(
array_merge($this->databaseCreationPrivileges, $this->databaseSetupPrivileges),
$this->databaseTables
);
} catch (PDOException $_) { } catch (PDOException $_) {
// We are NOT able to login on the server.. // We are NOT able to login on the server..
} }