tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

UserBackendConfigForm: Allow to configure user backends of type msldap 

fixes #9355
This commit is contained in:
Johannes Meyer 2015-06-05 17:20:31 +02:00
parent c800f1e6aa
commit e66f8731af
3 changed files with 50 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
application/forms/Config/UserBackend/LdapBackendForm.php
View File

@ -8,7 +8,7 @@ use Icinga\Web\Form;
use Icinga\Data\ConfigObject; use Icinga\Data\ConfigObject;
use Icinga\Data\ResourceFactory; use Icinga\Data\ResourceFactory;
use Icinga\Exception\AuthenticationException; use Icinga\Exception\AuthenticationException;
use Icinga\Authentication\User\LdapUserBackend; use Icinga\Authentication\User\UserBackend;
/** /**
* Form class for adding/modifying LDAP user backends * Form class for adding/modifying LDAP user backends
@ -48,6 +48,8 @@ class LdapBackendForm extends Form
*/ */
public function createElements(array $formData) public function createElements(array $formData)
{ {
$isAd = isset($formData['type']) ? $formData['type'] === 'msldap' : false;
$this->addElement( $this->addElement(
'text', 'text',
'name', 'name',
@ -77,10 +79,13 @@ class LdapBackendForm extends Form
'text', 'text',
'user_class', 'user_class',
array( array(
'required' => true, 'preserveDefault' => true,
'required' => ! $isAd,
'ignore' => $isAd,
'disabled' => $isAd ?: null,
'label' => $this->translate('LDAP User Object Class'), 'label' => $this->translate('LDAP User Object Class'),
'description' => $this->translate('The object class used for storing users on the LDAP server.'), 'description' => $this->translate('The object class used for storing users on the LDAP server.'),
'value' => 'inetOrgPerson' 'value' => $isAd ? 'user' : 'inetOrgPerson'
) )
); );
$this->addElement( $this->addElement(
@ -117,12 +122,15 @@ class LdapBackendForm extends Form
'text', 'text',
'user_name_attribute', 'user_name_attribute',
array( array(
'required' => true, 'preserveDefault' => true,
'required' => ! $isAd,
'ignore' => $isAd,
'disabled' => $isAd ?: null,
'label' => $this->translate('LDAP User Name Attribute'), 'label' => $this->translate('LDAP User Name Attribute'),
'description' => $this->translate( 'description' => $this->translate(
'The attribute name used for storing the user name on the LDAP server.' 'The attribute name used for storing the user name on the LDAP server.'
), ),
'value' => 'uid' 'value' => $isAd ? 'sAMAccountName' : 'uid'
) )
); );
$this->addElement( $this->addElement(
@ -130,7 +138,7 @@ class LdapBackendForm extends Form
'backend', 'backend',
array( array(
'disabled' => true, 'disabled' => true,
'value' => 'ldap' 'value' => $isAd ? 'msldap' : 'ldap'
) )
); );
$this->addElement( $this->addElement(
@ -170,8 +178,7 @@ class LdapBackendForm extends Form
public static function isValidUserBackend(Form $form) public static function isValidUserBackend(Form $form)
{ {
try { try {
$ldapUserBackend = new LdapUserBackend(ResourceFactory::createResource($form->getResourceConfig())); $ldapUserBackend = UserBackend::create(null, new ConfigObject($form->getValues()));
$ldapUserBackend->setConfig(new ConfigObject($form->getValues()));
$ldapUserBackend->assertAuthenticationPossible(); $ldapUserBackend->assertAuthenticationPossible();
} catch (AuthenticationException $e) { } catch (AuthenticationException $e) {
if (($previous = $e->getPrevious()) !== null) { if (($previous = $e->getPrevious()) !== null) {
@ -193,6 +200,8 @@ class LdapBackendForm extends Form
* Return the configuration for the chosen resource * Return the configuration for the chosen resource
* *
* @return ConfigObject * @return ConfigObject
*
* @todo Check whether it's possible to drop this (Or even all occurences!)
*/ */
public function getResourceConfig() public function getResourceConfig()
{ {

19
application/forms/Config/UserBackendConfigForm.php
View File

@ -60,16 +60,24 @@ class UserBackendConfigForm extends ConfigForm
*/ */
public function getBackendForm($type) public function getBackendForm($type)
{ {
if ($type === 'db') { switch ($type)
{
case 'db':
$form = new DbBackendForm(); $form = new DbBackendForm();
$form->setResources(isset($this->resources['db']) ? $this->resources['db'] : array()); $form->setResources(isset($this->resources['db']) ? $this->resources['db'] : array());
} elseif ($type === 'ldap') { break;
case 'ldap':
case 'msldap':
$form = new LdapBackendForm(); $form = new LdapBackendForm();
$form->setResources(isset($this->resources['ldap']) ? $this->resources['ldap'] : array()); $form->setResources(isset($this->resources['ldap']) ? $this->resources['ldap'] : array());
} elseif ($type === 'external') { break;
case 'external':
$form = new ExternalBackendForm(); $form = new ExternalBackendForm();
} else { break;
throw new InvalidArgumentException(sprintf($this->translate('Invalid backend type "%s" provided'), $type)); default:
throw new InvalidArgumentException(
sprintf($this->translate('Invalid backend type "%s" provided'), $type)
);
} }
return $form; return $form;
@ -296,6 +304,7 @@ class UserBackendConfigForm extends ConfigForm
} }
if (isset($this->resources['ldap']) && ($backendType === 'ldap' || Platform::extensionLoaded('ldap'))) { if (isset($this->resources['ldap']) && ($backendType === 'ldap' || Platform::extensionLoaded('ldap'))) {
$backendTypes['ldap'] = 'LDAP'; $backendTypes['ldap'] = 'LDAP';
$backendTypes['msldap'] = 'ActiveDirectory';
} }
$externalBackends = array_filter( $externalBackends = array_filter(

23
test/php/application/forms/Config/UserBackend/LdapBackendFormTest.php
View File

@ -27,10 +27,9 @@ class LdapBackendFormTest extends BaseTestCase
*/ */
public function testValidBackendIsValid() public function testValidBackendIsValid()
{ {
$this->setUpResourceFactoryMock(); $ldapUserBackendMock = Mockery::mock('overload:Icinga\Authentication\User\LdapUserBackend');
Mockery::mock('overload:Icinga\Authentication\User\LdapUserBackend') $ldapUserBackendMock->shouldReceive('assertAuthenticationPossible')->andReturnNull();
->shouldReceive('assertAuthenticationPossible')->andReturnNull() $this->setUpUserBackendMock($ldapUserBackendMock);
->shouldReceive('setConfig')->andReturnNull();
// Passing array(null) is required to make Mockery call the constructor... // Passing array(null) is required to make Mockery call the constructor...
$form = Mockery::mock('Icinga\Forms\Config\UserBackend\LdapBackendForm[getView]', array(null)); $form = Mockery::mock('Icinga\Forms\Config\UserBackend\LdapBackendForm[getView]', array(null));
@ -53,9 +52,9 @@ class LdapBackendFormTest extends BaseTestCase
*/ */
public function testInvalidBackendIsNotValid() public function testInvalidBackendIsNotValid()
{ {
$this->setUpResourceFactoryMock(); $ldapUserBackendMock = Mockery::mock('overload:Icinga\Authentication\User\LdapUserBackend');
Mockery::mock('overload:Icinga\Authentication\User\LdapUserBackend') $ldapUserBackendMock->shouldReceive('assertAuthenticationPossible')->andThrow(new AuthenticationException);
->shouldReceive('assertAuthenticationPossible')->andThrow(new AuthenticationException); $this->setUpUserBackendMock($ldapUserBackendMock);
// Passing array(null) is required to make Mockery call the constructor... // Passing array(null) is required to make Mockery call the constructor...
$form = Mockery::mock('Icinga\Forms\Config\UserBackend\LdapBackendForm[getView]', array(null)); $form = Mockery::mock('Icinga\Forms\Config\UserBackend\LdapBackendForm[getView]', array(null));
@ -72,12 +71,10 @@ class LdapBackendFormTest extends BaseTestCase
); );
} }
protected function setUpResourceFactoryMock() protected function setUpUserBackendMock($ldapUserBackendMock)
{ {
Mockery::mock('alias:Icinga\Data\ResourceFactory') Mockery::mock('alias:Icinga\Authentication\User\UserBackend')
->shouldReceive('createResource') ->shouldReceive('create')
->andReturn(Mockery::mock('Icinga\Protocol\Ldap\Connection')) ->andReturn($ldapUserBackendMock);
->shouldReceive('getResourceConfig')
->andReturn(new ConfigObject());
} }
} }