mirror of
https://github.com/Icinga/icingaweb2.git
synced 2025-07-23 13:54:26 +02:00
LdapUserGroupBackend: Let the backend decide which defaults to use
refs #7343
This commit is contained in:
parent
3fd0d99db2
commit
ee2462a6b2
@ -3,6 +3,7 @@
|
|||||||
|
|
||||||
namespace Icinga\Authentication\UserGroup;
|
namespace Icinga\Authentication\UserGroup;
|
||||||
|
|
||||||
|
use Icinga\Data\ConfigObject;
|
||||||
use Icinga\Exception\ProgrammingError;
|
use Icinga\Exception\ProgrammingError;
|
||||||
use Icinga\Protocol\Ldap\Expression;
|
use Icinga\Protocol\Ldap\Expression;
|
||||||
use Icinga\Repository\LdapRepository;
|
use Icinga\Repository\LdapRepository;
|
||||||
@ -532,4 +533,65 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
|
|||||||
|
|
||||||
return $groups;
|
return $groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Apply the given configuration on this backend
|
||||||
|
*
|
||||||
|
* @param ConfigObject $config
|
||||||
|
*
|
||||||
|
* @return $this
|
||||||
|
*/
|
||||||
|
public function setConfig(ConfigObject $config)
|
||||||
|
{
|
||||||
|
if ($config->backend === 'ldap') {
|
||||||
|
$defaults = $this->getOpenLdapDefaults();
|
||||||
|
} elseif ($config->backend === 'msldap') {
|
||||||
|
$defaults = $this->getActiveDirectoryDefaults();
|
||||||
|
} else {
|
||||||
|
$defaults = new ConfigObject();
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this
|
||||||
|
->setGroupBaseDn($config->base_dn)
|
||||||
|
->setUserBaseDn($config->get('user_base_dn', $this->getGroupBaseDn()))
|
||||||
|
->setGroupClass($config->get('group_class', $defaults->group_class))
|
||||||
|
->setUserClass($config->get('user_class', $defaults->user_class))
|
||||||
|
->setGroupNameAttribute($config->get('group_name_attribute', $defaults->group_name_attribute))
|
||||||
|
->setUserNameAttribute($config->get('user_name_attribute', $defaults->user_name_attribute))
|
||||||
|
->setGroupMemberAttribute($config->get('group_member_attribute', $defaults->group_member_attribute))
|
||||||
|
->setGroupFilter($config->filter)
|
||||||
|
->setUserFilter($config->user_filter);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the configuration defaults for an OpenLDAP environment
|
||||||
|
*
|
||||||
|
* @return ConfigObject
|
||||||
|
*/
|
||||||
|
protected function getOpenLdapDefaults()
|
||||||
|
{
|
||||||
|
return new ConfigObject(array(
|
||||||
|
'group_class' => 'group',
|
||||||
|
'user_class' => 'inetOrgPerson',
|
||||||
|
'group_name_attribute' => 'gid',
|
||||||
|
'user_name_attribute' => 'uid',
|
||||||
|
'group_member_attribute' => 'member'
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the configuration defaults for an ActiveDirectory environment
|
||||||
|
*
|
||||||
|
* @return ConfigObject
|
||||||
|
*/
|
||||||
|
protected function getActiveDirectoryDefaults()
|
||||||
|
{
|
||||||
|
return new ConfigObject(array(
|
||||||
|
'group_class' => 'group',
|
||||||
|
'user_class' => 'user',
|
||||||
|
'group_name_attribute' => 'sAMAccountName',
|
||||||
|
'user_name_attribute' => 'sAMAccountName',
|
||||||
|
'group_member_attribute' => 'member'
|
||||||
|
));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -159,26 +159,9 @@ class UserGroupBackend
|
|||||||
$backend = new IniUserGroupBackend($resource);
|
$backend = new IniUserGroupBackend($resource);
|
||||||
break;
|
break;
|
||||||
case 'ldap':
|
case 'ldap':
|
||||||
$backend = new LdapUserGroupBackend($resource);
|
|
||||||
$backend
|
|
||||||
->setGroupBaseDn($backendConfig->base_dn)
|
|
||||||
->setUserBaseDn($backendConfig->get('user_base_dn', $backend->getGroupBaseDn()))
|
|
||||||
->setGroupClass($backendConfig->get('group_class', 'group'))
|
|
||||||
->setUserClass($backendConfig->get('user_class', 'inetOrgPerson'))
|
|
||||||
->setGroupNameAttribute($backendConfig->get('group_name_attribute', 'gid'))
|
|
||||||
->setUserNameAttribute($backendConfig->get('user_name_attribute', 'uid'))
|
|
||||||
->setGroupMemberAttribute($backendConfig->get('group_member_attribute', 'member'));
|
|
||||||
break;
|
|
||||||
case 'msldap':
|
case 'msldap':
|
||||||
$backend = new LdapUserGroupBackend($resource);
|
$backend = new LdapUserGroupBackend($resource);
|
||||||
$backend
|
$backend->setConfig($backendConfig);
|
||||||
->setGroupBaseDn($backendConfig->base_dn)
|
|
||||||
->setUserBaseDn($backendConfig->get('user_base_dn', $backend->getGroupBaseDn()))
|
|
||||||
->setGroupClass($backendConfig->get('group_class', 'group'))
|
|
||||||
->setUserClass($backendConfig->get('user_class', 'user'))
|
|
||||||
->setGroupNameAttribute($backendConfig->get('group_name_attribute', 'sAMAccountName'))
|
|
||||||
->setUserNameAttribute($backendConfig->get('user_name_attribute', $backend->getGroupNameAttribute()))
|
|
||||||
->setGroupMemberAttribute($backendConfig->get('group_member_attribute', 'member'));
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user