tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move all assertion functions into the inspect functions 

Reduce code duplication and add class Inspection

refs
This commit is contained in:
Matthias Jentsch 2015-07-16 11:34:15 +02:00
parent 59c4f8d056
commit 6b8e5da76d
2 changed files with 161 additions and 39 deletions
library/Icinga
Authentication/User
LdapUserBackend.php
Data
Inspection.php

73
library/Icinga/Authentication/User/LdapUserBackend.php
View File

@ -308,49 +308,14 @@ class LdapUserBackend extends LdapRepository implements UserBackendInterface, In
}
/**
* Probe the backend to test if authentication is possible
*
* Try to bind to the backend and fetch a single user to check if:
* <ul>
* <li>Connection credentials are correct and the bind is possible</li>
* <li>At least one user exists</li>
* <li>The specified userClass has the property specified by userNameAttribute</li>
* </ul>
*
* @param Inspection $info Optional inspection to fill with diagnostic info
*
* @throws AuthenticationException When authentication is not possible
*/
public function assertAuthenticationPossible(Inspection $insp = null)
{
if (! isset($insp)) {
$insp = new Inspection('');
}
try {
$result = $this->select()->fetchRow();
} catch (LdapException $e) {
throw new AuthenticationException('Connection not possible.', $e);
}
$insp->write('Connection possible.');
$msg = sprintf(
'objects with objectClass "%s" in DN "%s" (Filter: %s)',
$this->userClass,
$this->baseDn ?: $this->ds->getDn(),
$this->filter ?: 'None'
);
if ($result === false) {
throw new AuthenticationException('No ' . $msg . 'found');
}
$insp->write($msg . ' exist');
if (! isset($result->user_name)) {
throw new AuthenticationException(
'UserNameAttribute "%s" not existing in objectClass "%s"',
$this->userNameAttribute,
$this->userClass
);
}
}
/**
@ -389,7 +354,15 @@ class LdapUserBackend extends LdapRepository implements UserBackendInterface, In
}
/**
* Inspect if this LDAP User Backend is working as expected
* Inspect if this LDAP User Backend is working as expected by probing the backend
* and testing if thea uthentication is possible
*
* Try to bind to the backend and fetch a single user to check if:
* <ul>
* <li>Connection credentials are correct and the bind is possible</li>
* <li>At least one user exists</li>
* <li>The specified userClass has the property specified by userNameAttribute</li>
* </ul>
*
* @return Inspection Inspection result
*/
@ -399,9 +372,31 @@ class LdapUserBackend extends LdapRepository implements UserBackendInterface, In
// inspect the used connection to get more diagnostic info in case the connection is not working
$result->write($this->ds->inspect());
try {
$this->assertAuthenticationPossible($result);
try {
$res = $this->select()->fetchRow();
} catch (LdapException $e) {
throw new AuthenticationException('Connection not possible.', $e);
}
$result->write('Connection possible.');
$msg = sprintf(
'objects with objectClass "%s" in DN "%s" (Filter: %s)',
$this->userClass,
$this->baseDn ?: $this->ds->getDn(),
$this->filter ?: 'None'
);
if ($res === false) {
throw new AuthenticationException('No ' . $msg . 'found');
}
$result->write($msg . ' exist');
if (! isset($res->user_name)) {
throw new AuthenticationException(
'UserNameAttribute "%s" not existing in objectClass "%s"',
$this->userNameAttribute,
$this->userClass
);
}
$result->write('User count: ' . $this->select()->count());
} catch (AuthenticationException $e) {
if (($previous = $e->getPrevious()) !== null) {

127
library/Icinga/Data/Inspection.php Normal file
View File

@ -0,0 +1,127 @@
<?php
/* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
namespace Icinga\Data;
use Icinga\Application\Logger;
use Icinga\Exception\ProgrammingError;
/**
* Contains information about an object in the form of human-readable log entries and indicates if the object has errors
*/
class Inspection
{
/**
* @var array
*/
protected $log = array();
/**
* @var string
*/
protected $description;
/**
* @var string|Inspection
*/
protected $error;
/**
* @param $description Describes the object that is being inspected
*/
public function __construct($description)
{
$this->description = $description;
}
/**
* Get the name of this Inspection
*
* @return mixed
*/
public function getDescription()
{
return $this->description;
}
/**
* Append the given log entry or nested inspection
*
* @throws ProgrammingError When called after erroring
*
* @param $entry string|Inspection A log entry or nested inspection
*/
public function write($entry)
{
if (isset($this->error)) {
throw new ProgrammingError('Inspection object used after error');
}
if ($entry instanceof Inspection) {
$this->log[$entry->description] = $entry->toArray();
} else {
$this->log[] = $entry;
}
}
/**
* Append the given log entry and fail this inspection with the given error
*
* @param $entry string|Inspection A log entry or nested inspection
*
* @throws ProgrammingError When called multiple times
*
* @return this fluent interface
*/
public function error($entry)
{
if (isset($this->error)) {
throw new ProgrammingError('Inspection object used after error');
}
$this->write($entry);
$this->error = $entry;
return $this;
}
/**
* If the inspection resulted in an error
*
* @return bool
*/
public function hasError()
{
return isset($this->error);
}
/**
* The error that caused the inspection to fail
*
* @return Inspection|string
*/
public function getError()
{
return $this->error;
}
/**
* Convert the inspection to an array
*
* @return array An array of strings that describe the state in a human-readable form, each array element
* represents one log entry about this object.
*/
public function toArray()
{
return $this->log;
}
/**
* Return a text representation of the inspection log entries
*/
public function __toString()
{
return sprintf(
'Inspection: description: "%s" error: "%s"',
$this->description,
$this->error
);
}
}