From 89029308ef578bbfa0f49e9a76d81656578bbb72 Mon Sep 17 00:00:00 2001 From: Johannes Meyer Date: Tue, 5 May 2015 15:24:18 +0200 Subject: [PATCH] IniUserGroupBackend: Extend Repository and implement UserGroupBackendInterface Note that it was necessary to change the structure of ini files providing the membership information. They need to be structured like our db table rows now. refs #8826 --- .../UserGroup/IniUserGroupBackend.php | 97 ++++++++++++------- 1 file changed, 60 insertions(+), 37 deletions(-) diff --git a/library/Icinga/Authentication/UserGroup/IniUserGroupBackend.php b/library/Icinga/Authentication/UserGroup/IniUserGroupBackend.php index ad9178899..6377bd9c0 100644 --- a/library/Icinga/Authentication/UserGroup/IniUserGroupBackend.php +++ b/library/Icinga/Authentication/UserGroup/IniUserGroupBackend.php @@ -3,61 +3,84 @@ namespace Icinga\Authentication\UserGroup; -use Icinga\Application\Config; -use Icinga\Exception\ConfigurationError; +use Icinga\Repository\Repository; use Icinga\User; use Icinga\Util\String; -/** - * INI user group backend - */ -class IniUserGroupBackend extends UserGroupBackend +class IniUserGroupBackend extends Repository implements UserGroupBackendInterface { /** - * Config + * The query columns being provided * - * @var Config + * @var array */ - private $config; + protected $queryColumns = array( + 'groups' => array( + 'group' => 'name', + 'group_name' => 'name', + 'parent' => 'parent', + 'parent_name' => 'parent', + 'created_at' => 'ctime', + 'last_modified' => 'mtime', + 'users' + ) + ); /** - * Create a new INI user group backend + * The columns which are not permitted to be queried * - * @param Config $config + * @var array */ - public function __construct(Config $config) - { - $this->config = $config; - } + protected $filterColumns = array('group', 'parent'); /** - * (non-PHPDoc) - * @see UserGroupBackend::getMemberships() For the method documentation. + * The default sort rules to be applied on a query + * + * @var array + */ + protected $sortRules = array( + 'group_name' => array( + 'columns' => array( + 'group_name', + 'parent_name' + ) + ) + ); + + /** + * Return the groups the given user is a member of + * + * @param User $user + * + * @return array */ public function getMemberships(User $user) { - $username = strtolower($user->getUsername()); + $result = $this->select()->fetchAll(); + $groups = array(); - foreach ($this->config as $name => $section) { - if (empty($section->users)) { - throw new ConfigurationError( - 'Membership section \'%s\' in \'%s\' is missing the \'users\' section', - $name, - $this->config->getConfigFile() - ); - } - if (empty($section->groups)) { - throw new ConfigurationError( - 'Membership section \'%s\' in \'%s\' is missing the \'groups\' section', - $name, - $this->config->getConfigFile() - ); - } - $users = array_map('strtolower', String::trimSplit($section->users)); - if (in_array($username, $users)) { - $groups = array_merge($groups, array_diff(String::trimSplit($section->groups), $groups)); + foreach ($result as $group) { + if ($group->group_name) { // TODO: Can we set this somehow automatically to the section's name?? + $groups[$group->group_name] = $group->parent_name; } } - return $groups; + + $username = strtolower($user->getUsername()); + $memberships = array(); + foreach ($result as $group) { + if ($group->group_name && $group->users) { + $users = array_map('strtolower', String::trimSplit($group->users)); + if (! in_array($group->group_name, $memberships) && in_array($username, $users)) { + $memberships[] = $group->group_name; + $parent = $groups[$group->group_name]; + while ($parent !== null) { + $memberships[] = $parent; + $parent = isset($groups[$parent]) ? $groups[$parent] : null; + } + } + } + } + + return $memberships; } }