Alexander Klimov
commit
bb65fb396a
|
|
@ -0,0 +1,2 @@
|
|||
[security]
|
||||
protected_customvars = "*pw*,*pass*,community"
|
||||
|
|
@ -735,6 +735,12 @@ file { '/etc/icingaweb/modules/monitoring/backends.ini':
|
|||
group => 'apache',
|
||||
}
|
||||
|
||||
file { '/etc/icingaweb/modules/monitoring/config.ini':
|
||||
source => 'puppet:////vagrant/.vagrant-puppet/files/etc/icingaweb/modules/monitoring/config.ini',
|
||||
owner => 'apache',
|
||||
group => 'apache',
|
||||
}
|
||||
|
||||
file { '/etc/icingaweb/modules/monitoring/instances.ini':
|
||||
source => 'puppet:////vagrant/.vagrant-puppet/files/etc/icingaweb/modules/monitoring/instances.ini',
|
||||
owner => 'apache',
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
[security]
|
||||
protected_customvars = "*pw*,*pass*,community"
|
||||
|
|
@ -14,6 +14,7 @@ use Icinga\Module\Monitoring\Form\Config\Backend\EditBackendForm;
|
|||
use Icinga\Module\Monitoring\Form\Config\Backend\CreateBackendForm;
|
||||
use Icinga\Module\Monitoring\Form\Config\Instance\EditInstanceForm;
|
||||
use Icinga\Module\Monitoring\Form\Config\Instance\CreateInstanceForm;
|
||||
use Icinga\Module\Monitoring\Form\Config\SecurityForm;
|
||||
|
||||
use Icinga\Exception\NotReadableError;
|
||||
|
||||
|
|
@ -216,7 +217,7 @@ class Monitoring_ConfigController extends ModuleActionController
|
|||
/**
|
||||
* Display a form to remove the instance identified by the 'instance' parameter
|
||||
*/
|
||||
private function writeConfiguration($config, $file)
|
||||
private function writeConfiguration($config, $file = null)
|
||||
{
|
||||
$target = $this->Config($file)->getConfigFile();
|
||||
$writer = new PreservingIniWriter(array('filename' => $target, 'config' => $config));
|
||||
|
|
@ -258,4 +259,25 @@ class Monitoring_ConfigController extends ModuleActionController
|
|||
$instanceCfg = $this->Config('instances');
|
||||
return $instanceCfg && $instanceCfg->get($instance);
|
||||
}
|
||||
|
||||
public function securityAction()
|
||||
{
|
||||
$this->view->tabs = $this->Module()->getConfigTabs()->activate('security');
|
||||
|
||||
$form = new SecurityForm();
|
||||
$form->setConfiguration($this->Config()->get('security'));
|
||||
$form->setRequest($this->getRequest());
|
||||
if ($form->isSubmittedAndValid()) {
|
||||
$config = $this->Config()->toArray();
|
||||
$config['security'] = $form->getConfig();
|
||||
if ($this->writeConfiguration(new Zend_Config($config))) {
|
||||
Notification::success('Configuration modified successfully');
|
||||
$this->redirectNow('monitoring/config/security');
|
||||
} else {
|
||||
$this->render('show-configuration');
|
||||
return;
|
||||
}
|
||||
}
|
||||
$this->view->form = $form;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,59 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Module\Monitoring\Form\Config;
|
||||
|
||||
use Zend_Config;
|
||||
use Icinga\Web\Form;
|
||||
|
||||
class SecurityForm extends Form
|
||||
{
|
||||
/**
|
||||
* The configuration to use for populating the form
|
||||
*/
|
||||
protected $config;
|
||||
|
||||
/**
|
||||
* Create this form
|
||||
*
|
||||
* @see Icinga\Web\Form::create
|
||||
*/
|
||||
public function create()
|
||||
{
|
||||
$this->addElement(
|
||||
'text',
|
||||
'protected_customvars',
|
||||
array(
|
||||
'label' => 'Protected Custom Variables',
|
||||
'required' => true,
|
||||
'value' => $this->config->protected_customvars,
|
||||
'helptext' => 'Comma separated case insensitive list of protected custom variables.'
|
||||
. ' Use * as a placeholder for zero or more wildcard characters.'
|
||||
. ' Existance of those custom variables will be shown, but their values will be masked.'
|
||||
)
|
||||
);
|
||||
$this->setSubmitLabel('Save');
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the configuration to be used for initial population of the form
|
||||
*/
|
||||
public function setConfiguration($config)
|
||||
{
|
||||
$this->config = $config;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the configuration set by this form
|
||||
*
|
||||
* @return Zend_Config The configuration set in this form
|
||||
*/
|
||||
public function getConfig()
|
||||
{
|
||||
$values = $this->getValues();
|
||||
return new Zend_Config(array(
|
||||
'protected_customvars' => $values['protected_customvars']
|
||||
));
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
<div class="controls">
|
||||
<?= $this->tabs ?>
|
||||
</div>
|
||||
<div class="content">
|
||||
<?= $this->form ?>
|
||||
</div>
|
||||
|
|
@ -1,16 +1,8 @@
|
|||
<?php
|
||||
|
||||
if (! $object->customvars) { return; }
|
||||
|
||||
foreach ($object->customvars as $name => $value) {
|
||||
$name = ucwords(str_replace('_', ' ', strtolower($name)));
|
||||
if (preg_match('~(?:pw|pass|community)~', strtolower($name))) {
|
||||
$value = '***';
|
||||
}
|
||||
printf(
|
||||
"<tr><th>%s</th><td>%s</td></tr>\n",
|
||||
$this->escape($name),
|
||||
$this->escape($value)
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,4 +12,7 @@ $this->provideConfigTab('backends', array(
|
|||
'title' => 'Backends',
|
||||
'url' => 'config'
|
||||
));
|
||||
|
||||
$this->provideConfigTab('security', array(
|
||||
'title' => 'Security',
|
||||
'url' => 'config/security'
|
||||
));
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ use Icinga\Module\Monitoring\DataView\Comment;
|
|||
use Icinga\Module\Monitoring\DataView\Servicegroup;
|
||||
use Icinga\Module\Monitoring\DataView\Customvar;
|
||||
use Icinga\Web\UrlParams;
|
||||
use Icinga\Application\Config;
|
||||
|
||||
|
||||
abstract class AbstractObject
|
||||
|
|
@ -120,6 +121,17 @@ abstract class AbstractObject
|
|||
|
||||
public function fetchCustomvars()
|
||||
{
|
||||
$monitoringSecurity = Config::module('monitoring')->get('security')->toArray();
|
||||
$customvars = array();
|
||||
foreach (explode(',', $monitoringSecurity['protected_customvars']) as $customvar) {
|
||||
$nonWildcards = array();
|
||||
foreach (explode('*', $customvar) as $nonWildcard) {
|
||||
$nonWildcards[] = preg_quote($nonWildcard, '/');
|
||||
}
|
||||
$customvars[] = implode('.*', $nonWildcards);
|
||||
}
|
||||
$customvars = '/^(' . implode('|', $customvars) . ')$/i';
|
||||
|
||||
$query = Customvar::fromParams(array('backend' => null), array(
|
||||
'varname',
|
||||
'varvalue'
|
||||
|
|
@ -136,6 +148,12 @@ abstract class AbstractObject
|
|||
}
|
||||
|
||||
$this->customvars = $query->getQuery()->fetchPairs();
|
||||
foreach ($this->customvars as $name => &$value) {
|
||||
if (preg_match($customvars, ucwords(str_replace('_', ' ', strtolower($name))))) {
|
||||
$value = '***';
|
||||
}
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue