From ee2462a6b2e55eddfb796d20a16f70946c92764d Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@netways.de>
Date: Fri, 5 Jun 2015 10:19:28 +0200
Subject: [PATCH] LdapUserGroupBackend: Let the backend decide which defaults
 to use

refs #7343
---
 .../UserGroup/LdapUserGroupBackend.php        | 62 +++++++++++++++++++
 .../UserGroup/UserGroupBackend.php            | 19 +-----
 2 files changed, 63 insertions(+), 18 deletions(-)

diff --git a/library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php b/library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
index c0eaa0cb4..d2387b7b4 100644
--- a/library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
+++ b/library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
@@ -3,6 +3,7 @@
 
 namespace Icinga\Authentication\UserGroup;
 
+use Icinga\Data\ConfigObject;
 use Icinga\Exception\ProgrammingError;
 use Icinga\Protocol\Ldap\Expression;
 use Icinga\Repository\LdapRepository;
@@ -532,4 +533,65 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
 
         return $groups;
     }
+
+    /**
+     * Apply the given configuration on this backend
+     *
+     * @param   ConfigObject    $config
+     *
+     * @return  $this
+     */
+    public function setConfig(ConfigObject $config)
+    {
+        if ($config->backend === 'ldap') {
+            $defaults = $this->getOpenLdapDefaults();
+        } elseif ($config->backend === 'msldap') {
+            $defaults = $this->getActiveDirectoryDefaults();
+        } else {
+            $defaults = new ConfigObject();
+        }
+
+        return $this
+            ->setGroupBaseDn($config->base_dn)
+            ->setUserBaseDn($config->get('user_base_dn', $this->getGroupBaseDn()))
+            ->setGroupClass($config->get('group_class', $defaults->group_class))
+            ->setUserClass($config->get('user_class', $defaults->user_class))
+            ->setGroupNameAttribute($config->get('group_name_attribute', $defaults->group_name_attribute))
+            ->setUserNameAttribute($config->get('user_name_attribute', $defaults->user_name_attribute))
+            ->setGroupMemberAttribute($config->get('group_member_attribute', $defaults->group_member_attribute))
+            ->setGroupFilter($config->filter)
+            ->setUserFilter($config->user_filter);
+    }
+
+    /**
+     * Return the configuration defaults for an OpenLDAP environment
+     *
+     * @return  ConfigObject
+     */
+    protected function getOpenLdapDefaults()
+    {
+        return new ConfigObject(array(
+            'group_class'               => 'group',
+            'user_class'                => 'inetOrgPerson',
+            'group_name_attribute'      => 'gid',
+            'user_name_attribute'       => 'uid',
+            'group_member_attribute'    => 'member'
+        ));
+    }
+
+    /**
+     * Return the configuration defaults for an ActiveDirectory environment
+     *
+     * @return  ConfigObject
+     */
+    protected function getActiveDirectoryDefaults()
+    {
+        return new ConfigObject(array(
+            'group_class'               => 'group',
+            'user_class'                => 'user',
+            'group_name_attribute'      => 'sAMAccountName',
+            'user_name_attribute'       => 'sAMAccountName',
+            'group_member_attribute'    => 'member'
+        ));
+    }
 }
diff --git a/library/Icinga/Authentication/UserGroup/UserGroupBackend.php b/library/Icinga/Authentication/UserGroup/UserGroupBackend.php
index 585f7c449..978860a37 100644
--- a/library/Icinga/Authentication/UserGroup/UserGroupBackend.php
+++ b/library/Icinga/Authentication/UserGroup/UserGroupBackend.php
@@ -159,26 +159,9 @@ class UserGroupBackend
                 $backend = new IniUserGroupBackend($resource);
                 break;
             case 'ldap':
-                $backend = new LdapUserGroupBackend($resource);
-                $backend
-                    ->setGroupBaseDn($backendConfig->base_dn)
-                    ->setUserBaseDn($backendConfig->get('user_base_dn', $backend->getGroupBaseDn()))
-                    ->setGroupClass($backendConfig->get('group_class', 'group'))
-                    ->setUserClass($backendConfig->get('user_class', 'inetOrgPerson'))
-                    ->setGroupNameAttribute($backendConfig->get('group_name_attribute', 'gid'))
-                    ->setUserNameAttribute($backendConfig->get('user_name_attribute', 'uid'))
-                    ->setGroupMemberAttribute($backendConfig->get('group_member_attribute', 'member'));
-                break;
             case 'msldap':
                 $backend = new LdapUserGroupBackend($resource);
-                $backend
-                    ->setGroupBaseDn($backendConfig->base_dn)
-                    ->setUserBaseDn($backendConfig->get('user_base_dn', $backend->getGroupBaseDn()))
-                    ->setGroupClass($backendConfig->get('group_class', 'group'))
-                    ->setUserClass($backendConfig->get('user_class', 'user'))
-                    ->setGroupNameAttribute($backendConfig->get('group_name_attribute', 'sAMAccountName'))
-                    ->setUserNameAttribute($backendConfig->get('user_name_attribute', $backend->getGroupNameAttribute()))
-                    ->setGroupMemberAttribute($backendConfig->get('group_member_attribute', 'member'));
+                $backend->setConfig($backendConfig);
                 break;
         }