Merge branch 'master' into feature/non-collated-ido-queries-8613
This commit is contained in:
Johannes Meyer
commit
638c00d685
|
|
@ -4,6 +4,7 @@
|
|||
namespace Icinga\Web;
|
||||
|
||||
use Icinga\Web\Controller\ModuleActionController;
|
||||
use Icinga\Web\Widget\SortBox;
|
||||
|
||||
/**
|
||||
* This is the controller all modules should inherit from
|
||||
|
|
@ -12,4 +13,18 @@ use Icinga\Web\Controller\ModuleActionController;
|
|||
*/
|
||||
class Controller extends ModuleActionController
|
||||
{
|
||||
/**
|
||||
* Create a sort control box at the 'sortControl' view parameter
|
||||
*
|
||||
* @param array $columns An array containing the sort columns, with the
|
||||
* submit value as the key and the label as the value
|
||||
*/
|
||||
protected function setupSortControl(array $columns)
|
||||
{
|
||||
$req = $this->getRequest();
|
||||
$this->view->sortControl = SortBox::create(
|
||||
'sortbox-' . $req->getActionName(),
|
||||
$columns
|
||||
)->applyRequest($req);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,9 +5,9 @@ namespace Icinga\Module\Doc;
|
|||
|
||||
use Icinga\Module\Doc\Renderer\DocSectionRenderer;
|
||||
use Icinga\Module\Doc\Renderer\DocTocRenderer;
|
||||
use Icinga\Web\Controller\ModuleActionController;
|
||||
use Icinga\Web\Controller;
|
||||
|
||||
class DocController extends ModuleActionController
|
||||
class DocController extends Controller
|
||||
{
|
||||
/**
|
||||
* Render a chapter
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
use Icinga\Web\Notification;
|
||||
use Icinga\Data\ResourceFactory;
|
||||
use Icinga\Forms\ConfirmRemovalForm;
|
||||
use Icinga\Web\Controller\ModuleActionController;
|
||||
use Icinga\Web\Controller;
|
||||
use Icinga\Module\Monitoring\Forms\Config\BackendConfigForm;
|
||||
use Icinga\Module\Monitoring\Forms\Config\InstanceConfigForm;
|
||||
use Icinga\Module\Monitoring\Forms\Config\SecurityConfigForm;
|
||||
|
|
@ -12,7 +12,7 @@ use Icinga\Module\Monitoring\Forms\Config\SecurityConfigForm;
|
|||
/**
|
||||
* Configuration controller for editing monitoring resources
|
||||
*/
|
||||
class Monitoring_ConfigController extends ModuleActionController
|
||||
class Monitoring_ConfigController extends Controller
|
||||
{
|
||||
/**
|
||||
* Display a list of available backends and instances
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ use Icinga\Web\Url;
|
|||
use Icinga\Web\Widget\Tabextension\DashboardAction;
|
||||
use Icinga\Web\Widget\Tabextension\OutputFormat;
|
||||
use Icinga\Web\Widget\Tabs;
|
||||
use Icinga\Web\Widget\SortBox;
|
||||
use Icinga\Data\Filter\Filter;
|
||||
use Icinga\Web\Widget;
|
||||
use Icinga\Module\Monitoring\Forms\StatehistoryForm;
|
||||
|
|
@ -690,21 +689,6 @@ class Monitoring_ListController extends Controller
|
|||
return $columns;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a sort control box at the 'sortControl' view parameter
|
||||
*
|
||||
* @param array $columns An array containing the sort columns, with the
|
||||
* submit value as the key and the value as the label
|
||||
*/
|
||||
private function setupSortControl(array $columns)
|
||||
{
|
||||
$this->view->sortControl = new SortBox(
|
||||
'sortbox-' . $this->getRequest()->getActionName(),
|
||||
$columns
|
||||
);
|
||||
$this->view->sortControl->applyRequest($this->getRequest());
|
||||
}
|
||||
|
||||
protected function addTitleTab($action, $title, $tip)
|
||||
{
|
||||
$this->getTabs()->add($action, array(
|
||||
|
|
|
|||
|
|
@ -6,13 +6,13 @@ namespace Icinga\Module\Monitoring;
|
|||
use Icinga\Data\Filter\Filter;
|
||||
use Icinga\Data\Filterable;
|
||||
use Icinga\File\Csv;
|
||||
use Icinga\Web\Controller\ModuleActionController;
|
||||
use Icinga\Web\Controller as IcingaWebController;
|
||||
use Icinga\Web\Url;
|
||||
|
||||
/**
|
||||
* Base class for all monitoring action controller
|
||||
*/
|
||||
class Controller extends ModuleActionController
|
||||
class Controller extends IcingaWebController
|
||||
{
|
||||
/**
|
||||
* The backend used for this controller
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
<?php
|
||||
/* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
|
||||
|
||||
use Icinga\Web\Controller\ModuleActionController;
|
||||
use Icinga\Web\Controller;
|
||||
use Icinga\Module\Setup\WebWizard;
|
||||
|
||||
class Setup_IndexController extends ModuleActionController
|
||||
class Setup_IndexController extends Controller
|
||||
{
|
||||
/**
|
||||
* Whether the controller requires the user to be authenticated
|
||||
|
|
|
|||
|
|
@ -78,7 +78,7 @@ class DbTool
|
|||
'INSERT' => 29,
|
||||
'LOCK TABLES' => 5,
|
||||
'PROCESS' => 1,
|
||||
'REFERENCES' => 0,
|
||||
'REFERENCES' => 12,
|
||||
'RELOAD' => 1,
|
||||
'REPLICATION CLIENT' => 1,
|
||||
'REPLICATION SLAVE' => 1,
|
||||
|
|
@ -629,10 +629,6 @@ EOD;
|
|||
$mysqlPrivileges = array_intersect($privileges, array_keys($this->mysqlGrantContexts));
|
||||
list($_, $host) = explode('@', $this->query('select current_user()')->fetchColumn());
|
||||
$grantee = "'" . ($username === null ? $this->config['username'] : $username) . "'@'" . $host . "'";
|
||||
$privilegeCondition = sprintf(
|
||||
'privilege_type IN (%s)',
|
||||
join(',', array_map(array($this, 'quote'), $mysqlPrivileges))
|
||||
);
|
||||
|
||||
if (isset($this->config['dbname'])) {
|
||||
$dbPrivileges = array();
|
||||
|
|
@ -653,7 +649,7 @@ EOD;
|
|||
. ' FROM information_schema.schema_privileges'
|
||||
. ' WHERE grantee = :grantee'
|
||||
. ' AND table_schema = :dbname'
|
||||
. ' AND ' . $privilegeCondition
|
||||
. ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $dbPrivileges)) . ')'
|
||||
. ($requireGrants ? " AND is_grantable = 'YES'" : ''),
|
||||
array(':grantee' => $grantee, ':dbname' => $this->config['dbname'])
|
||||
);
|
||||
|
|
@ -666,14 +662,13 @@ EOD;
|
|||
!$dbPrivilegesGranted || array_intersect($dbPrivileges, $tablePrivileges) != $tablePrivileges
|
||||
)
|
||||
) {
|
||||
$tableCondition = 'table_name IN (' . join(',', array_map(array($this, 'quote'), $context)) . ')';
|
||||
$query = $this->query(
|
||||
'SELECT COUNT(*) as matches'
|
||||
. ' FROM information_schema.table_privileges'
|
||||
. ' WHERE grantee = :grantee'
|
||||
. ' AND table_schema = :dbname'
|
||||
. ' AND ' . $tableCondition
|
||||
. ' AND ' . $privilegeCondition
|
||||
. ' AND table_name IN (' . join(',', array_map(array($this, 'quote'), $context)) . ')'
|
||||
. ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $tablePrivileges)) . ')'
|
||||
. ($requireGrants ? " AND is_grantable = 'YES'" : ''),
|
||||
array(':grantee' => $grantee, ':dbname' => $this->config['dbname'])
|
||||
);
|
||||
|
|
@ -688,10 +683,11 @@ EOD;
|
|||
|
||||
$query = $this->query(
|
||||
'SELECT COUNT(*) as matches FROM information_schema.user_privileges WHERE grantee = :grantee'
|
||||
. ' AND ' . $privilegeCondition . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
|
||||
. ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $mysqlPrivileges)) . ')'
|
||||
. ($requireGrants ? " AND is_grantable = 'YES'" : ''),
|
||||
array(':grantee' => $grantee)
|
||||
);
|
||||
return $query->fetchObject()->matches === count($mysqlPrivileges);
|
||||
return (int) $query->fetchObject()->matches === count($mysqlPrivileges);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -721,7 +717,8 @@ EOD;
|
|||
foreach (array_intersect($privileges, array_keys($this->pgsqlGrantContexts)) as $privilege) {
|
||||
if (false === empty($context) && $this->pgsqlGrantContexts[$privilege] & static::TABLE_LEVEL) {
|
||||
$tablePrivileges[] = $privilege;
|
||||
} elseif ($this->pgsqlGrantContexts[$privilege] & static::DATABASE_LEVEL) {
|
||||
}
|
||||
if ($this->pgsqlGrantContexts[$privilege] & static::DATABASE_LEVEL) {
|
||||
$dbPrivileges[] = $privilege;
|
||||
}
|
||||
}
|
||||
|
|
@ -760,7 +757,6 @@ EOD;
|
|||
// connected to the database defined in the resource configuration it is safe to just ignore them
|
||||
// as the chances are very high that the database is created later causing the current user being
|
||||
// the owner with ALL privileges. (Which in turn can be granted to others.)
|
||||
}
|
||||
|
||||
if (array_search('CREATE', $privileges) !== false) {
|
||||
$query = $this->query(
|
||||
|
|
@ -769,6 +765,7 @@ EOD;
|
|||
);
|
||||
$privilegesGranted &= $query->fetchColumn() !== false;
|
||||
}
|
||||
}
|
||||
|
||||
if (array_search('CREATEROLE', $privileges) !== false) {
|
||||
$query = $this->query(
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ use Icinga\Module\Setup\Forms\PreferencesPage;
|
|||
use Icinga\Module\Setup\Forms\AuthBackendPage;
|
||||
use Icinga\Module\Setup\Forms\AdminAccountPage;
|
||||
use Icinga\Module\Setup\Forms\LdapDiscoveryPage;
|
||||
use Icinga\Module\Setup\Forms\LdapDiscoveryConfirmPage;
|
||||
//use Icinga\Module\Setup\Forms\LdapDiscoveryConfirmPage;
|
||||
use Icinga\Module\Setup\Forms\LdapResourcePage;
|
||||
use Icinga\Module\Setup\Forms\RequirementsPage;
|
||||
use Icinga\Module\Setup\Forms\GeneralConfigPage;
|
||||
|
|
@ -41,6 +41,17 @@ use Icinga\Module\Setup\Requirement\ConfigDirectoryRequirement;
|
|||
*/
|
||||
class WebWizard extends Wizard implements SetupWizard
|
||||
{
|
||||
/**
|
||||
* The privileges required by Icinga Web 2 to create the database and a login
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $databaseCreationPrivileges = array(
|
||||
'CREATE',
|
||||
'CREATE USER', // MySQL
|
||||
'CREATEROLE' // PostgreSQL
|
||||
);
|
||||
|
||||
/**
|
||||
* The privileges required by Icinga Web 2 to setup the database
|
||||
*
|
||||
|
|
@ -48,10 +59,8 @@ class WebWizard extends Wizard implements SetupWizard
|
|||
*/
|
||||
protected $databaseSetupPrivileges = array(
|
||||
'CREATE',
|
||||
'ALTER',
|
||||
'REFERENCES',
|
||||
'CREATE USER', // MySQL
|
||||
'CREATEROLE' // PostgreSQL
|
||||
'ALTER', // MySQL only
|
||||
'REFERENCES'
|
||||
);
|
||||
|
||||
/**
|
||||
|
|
@ -148,7 +157,9 @@ class WebWizard extends Wizard implements SetupWizard
|
|||
$page->setResourceConfig($this->getPageData('setup_ldap_resource'));
|
||||
}
|
||||
} elseif ($page->getName() === 'setup_database_creation') {
|
||||
$page->setDatabaseSetupPrivileges($this->databaseSetupPrivileges);
|
||||
$page->setDatabaseSetupPrivileges(
|
||||
array_merge($this->databaseCreationPrivileges, $this->databaseSetupPrivileges)
|
||||
);
|
||||
$page->setDatabaseUsagePrivileges($this->databaseUsagePrivileges);
|
||||
$page->setResourceConfig($this->getPageData('setup_db_resource'));
|
||||
} elseif ($page->getName() === 'setup_summary') {
|
||||
|
|
@ -211,8 +222,8 @@ class WebWizard extends Wizard implements SetupWizard
|
|||
try {
|
||||
$db->connectToDb(); // Are we able to login on the database?
|
||||
if (array_search(key($this->databaseTables), $db->listTables()) === false) {
|
||||
// In case the database schema does not yet exist the user
|
||||
// needs the privileges to create and setup the database
|
||||
// In case the database schema does not yet exist the
|
||||
// user needs the privileges to setup the database
|
||||
$skip = $db->checkPrivileges($this->databaseSetupPrivileges, $this->databaseTables);
|
||||
} else {
|
||||
// In case the database schema exists the user needs the required privileges
|
||||
|
|
@ -224,7 +235,10 @@ class WebWizard extends Wizard implements SetupWizard
|
|||
$db->connectToHost(); // Are we able to login on the server?
|
||||
// It is not possible to reliably determine whether a database exists or not if a user can't
|
||||
// log in to the database, so we just require the user to be able to create the database
|
||||
$skip = $db->checkPrivileges($this->databaseSetupPrivileges, $this->databaseTables);
|
||||
$skip = $db->checkPrivileges(
|
||||
array_merge($this->databaseCreationPrivileges, $this->databaseSetupPrivileges),
|
||||
$this->databaseTables
|
||||
);
|
||||
} catch (PDOException $_) {
|
||||
// We are NOT able to login on the server..
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue