tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-09-25 18:59:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

Start implementing guest mode

Browse Source 
refs #11281
This commit is contained in:
Markus Frosch 2016-03-02 22:33:23 +01:00
parent 88d973ac39
commit bb03262855
4 changed files with 98 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
application/controllers/AuthenticationController.php
View File

@ -24,6 +24,12 @@ class AuthenticationController extends Controller
*/
protected $innerLayout = 'inline';
public function init() {
parent::init();
if ($this->Auth()->canLogin() === false)
$this->redirectNow('/');
}
/**
* Log into the application
*/
@ -34,7 +40,7 @@ class AuthenticationController extends Controller
$this->redirectNow(Url::fromPath('setup'));
}
$form = new LoginForm();
if ($this->Auth()->isAuthenticated()) {
if ($this->Auth()->isAuthenticated() && !$this->Auth()->getUser()->isGuest()) {
$this->redirectNow($form->getRedirectUrl());
}
if (! $requiresSetup) {
@ -69,6 +75,9 @@ class AuthenticationController extends Controller
$auth->removeAuthorization();
if ($isExternalUser) {
$this->getResponse()->setHttpResponseCode(401);
} elseif ($auth->isGuestLoginAllowed()) {
// redirect to guest view
$this->redirectNow('/');
} else {
$this->redirectToLogin();
}

22
library/Icinga/Application/Web.php
View File

@ -339,8 +339,24 @@ class Web extends EmbeddedWeb
'priority' => 890
)
)
),
'user' => array(
)
);
if ($this->user->isGuest()) {
// logged in guest can log in as a user
if (Auth::getInstance()->canLogin()) {
$menu['login'] = array(
'cssClass' => 'user-nav-item',
'label' => t('Login'),
'icon' => 'user',
'priority' => 900,
'attributes' => array('target' => '_self'),
'url' => 'authentication/login'
);
}
}
else {
$menu['user'] = array(
'cssClass' => 'user-nav-item',
'label' => $this->user->getUsername(),
'icon' => 'user',
@ -358,8 +374,8 @@ class Web extends EmbeddedWeb
'url' => 'authentication/logout'
)
)
)
);
}
if (Logger::writesToFile()) {
$menu['system']['children']['application_log'] = array(

35
library/Icinga/Authentication/Auth.php
View File

@ -47,12 +47,18 @@ class Auth
*/
private $user;
/**
* @var Config
*/
private $config;
/**
* @see getInstance()
*/
private function __construct()
{
$this->config = Config::app();
}
/**
@ -91,17 +97,27 @@ class Auth
$this->authenticateFromSession();
}
if ($this->user === null && ! $this->authExternal()) {
return $this->authHttp();
$this->authHttp();
}
// guest mode
if ($this->user === null && $this->isGuestLoginAllowed()) {
$this->user = new User('_guest_');
$this->user->setGuest(true);
}
if ($this->user !== null) {
return true;
}
else return false;
}
public function setAuthenticated(User $user, $persist = true)
{
$username = $user->getUsername();
// TODO: migrate to $this->config
try {
$config = Config::app();
} catch (NotReadableError $e) {
// TODO: wrong error?
Logger::error(
new IcingaException(
'Cannot load preferences for user "%s". An exception was thrown: %s',
@ -247,7 +263,9 @@ class Auth
$username = getenv($field); // usually REMOTE_USER here
if ( !$username || $username !== $originUsername) {
$this->removeAuthorization();
return false;
}
else return true;
}
}
@ -365,4 +383,19 @@ class Auth
$this->user = null;
Session::getSession()->purge();
}
/**
* @return boolean
*/
public function isGuestLoginAllowed()
{
return $this->config->get('global', 'guest_allowed', false) === '1';
}
public function canLogin()
{
if (!$this->isGuestLoginAllowed()) return true;
return $this->config->get('global', 'guest_only', false) !== '1';
}
}

18
library/Icinga/User.php
View File

@ -105,6 +105,8 @@ class User
*/
protected $isHttpUser = false;
protected $guest = false;
/**
* Creates a user object given the provided information
*
@ -513,4 +515,20 @@ class User
return $navigation;
}
/**
* @return boolean
*/
public function isGuest()
{
return $this->guest;
}
/**
* @param boolean $guest
*/
public function setGuest($guest)
{
$this->guest = $guest;
}
}