5602d57d0b
Indicate that the configuration is being validated
...
refs #8369
2015-08-20 15:48:41 +02:00
bf1e177023
LoginForm: Provide a progress label
...
refs #8369
2015-08-20 15:32:53 +02:00
9e40f5f2c7
Remove option to skip certificate validation to prevent insecure configurations
...
Skipping certificate validation will allow MITM on every single request and not give any real security over just running unencrypted queries. On top of that, there is no way to configure this behavior from within PHP except of setting environment variables, which is really hacky and has side effects on other requests.
fixes #9607
2015-08-19 16:20:33 +02:00
d51ecc3d72
Use better icons for resource and auth views
...
refs #9908
2015-08-18 11:42:42 +02:00
7095ad5bc7
Improve ini editor and dashlet input validation
2015-08-04 13:23:30 +02:00
dafa722cec
Hide non-essential form fields when configuring LDAP user group backends
...
resolves #9780
2015-07-31 15:56:13 +02:00
316a4d8b82
Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609
2015-07-30 16:16:04 +02:00
5ca0e981c4
UserGroupBackendPage: Ensure that all required fields exist
...
refs #9609
2015-07-30 15:49:04 +02:00
3aae37aff3
Don't redirect on external auth
...
refs #9660
2015-07-30 12:02:42 +02:00
c3a057dbdb
lib: Add AuthChain::setSkipExternalBackends() in favor of setIteratorMode()
...
There's only one mode.
refs #9660
2015-07-29 16:18:30 +02:00
257a9f9d1d
Set Response::rerenderLayout() in the LoginForm
...
refs #9660
2015-07-29 15:09:29 +02:00
db78f810ff
lib: Add log in functionality to the LoginForm
...
refs #9660
2015-07-29 14:15:11 +02:00
155bcc5db7
LdapUserGroupBackendForm: Fetch config from the factory, not the app
...
refs #9609
2015-07-29 13:45:18 +02:00
07849e0fea
lib: Rename Authentication/Manager to Authentication/Auth
...
refs #9660
2015-07-28 17:08:55 +02:00
5411efd546
LdapBackendForm: Fail gracefully if the discovery is not possible
2015-07-28 15:07:33 +02:00
7cfc78558d
Merge branch 'master' into feature/secure-modules-9644
...
Conflicts:
library/Icinga/Exception/IcingaException.php
2015-07-28 13:42:02 +02:00
a51f0ad65e
Roles: Include permissions and restrictions of unloaded modules too
...
Because we now have module permissions it makes sense to allow an admin to configure permissions and restrictions from a module
before allowing access to it.
refs #9644
2015-07-24 16:13:08 +02:00
df81fd502d
ResourceConfigForm: Allow to manually validate the configuration
...
refs #7588
2015-07-24 14:31:02 +02:00
2c4b6eb915
ResourceConfigForm: Replace isValid- with inspectResource()
...
refs #7588
2015-07-24 14:24:11 +02:00
ccc809853a
UserBackendConfigForm: Allow to manually validate the configuration
...
refs #7588
2015-07-24 13:46:17 +02:00
b3e6b2755c
UserBackendConfigForm: Replace isValid- with inspectUserBackend()
...
refs #7588
2015-07-24 11:45:49 +02:00
760c7e4374
LdapBackendForm: Allow to discover a connection's default settings
...
refs #9602
2015-07-23 17:42:02 +02:00
44643a6c4b
PreferenceForm: Improve button placement
2015-07-23 16:49:50 +02:00
4e3da3a6eb
UserBackendConfigForm: Adjust how to process requests...
...
...and use sub-forms, finally.
refs #9602
2015-07-23 16:18:09 +02:00
7c5b4de087
Fix coding style in RoleForm.php
2015-07-23 12:50:42 +02:00
bf590ed380
Provide module permissions automatically
...
refs #9644
2015-07-22 15:01:54 +02:00
e357960d1e
Add Inspection API to DB backend
...
refs #9641
2015-07-16 16:16:55 +02:00
f4054d575b
Add Inspection API to db connection
...
refs #9641
2015-07-16 15:29:45 +02:00
59c4f8d056
Use Inspection API in User Backend Form
...
refs #9630
2015-07-15 19:35:25 +02:00
cf8b760ade
Use Inspection API in LdapResourceForm
...
refs #9630
2015-07-15 19:33:47 +02:00
a8ac420897
LdapConnection: Establish a connection lazily
2015-07-10 09:51:39 +02:00
066b3d9e28
ApplicationConfigForm: Make preference options be global options
...
refs #8709
2015-07-01 15:41:45 +02:00
8c8198eeea
UserGroupBackendForm: Some small documentation fixes
2015-06-29 11:11:06 +02:00
3dddee8b7d
Setup: Fix authentication backend validation
...
This is a ridiculous dirty fix. We'll definitely need to
improve how we create authentication backends...
fixes #9509
2015-06-25 14:36:51 +02:00
d95874b84c
Setup: Provide a default user filter for ActiveDirectory backends
...
fixes #8703
2015-06-25 14:22:50 +02:00
c3ad7b211a
Ldap\Connection: Rename to LdapConnection
...
refs #8954
2015-06-24 09:05:29 +02:00
5fd2eb639a
LdapResourceForm: Display exact error messages to the user
2015-06-23 14:08:50 +02:00
15220da645
Automatically strip unnecessary parentheses from custom ldap filters
...
fixes #9348
2015-06-23 10:32:45 +02:00
b154e13ad9
RoleForm: hide config/"all-but-*" for rc1
2015-06-18 15:49:49 +02:00
42de13a2b9
Merge branch 'feature/ssh-remote-connection-resource-configuration-7595'
...
resolves #7595
2015-06-15 17:30:42 +02:00
2dd04bb6c9
LdapUserGroupBackendForm: Do not disable `user_filter' and `group_filter'
...
refs #7343
2015-06-05 17:24:03 +02:00
e66f8731af
UserBackendConfigForm: Allow to configure user backends of type msldap
...
fixes #9355
2015-06-05 17:20:31 +02:00
c800f1e6aa
UserGroupBackendForm: Do not translate LDAP and ActiveDirectory
...
refs #7343
2015-06-05 16:40:17 +02:00
840069b436
LdapUserGroupBackendForm: Do not persist default values
...
...
refs #7343
2015-06-05 16:34:28 +02:00
e910a5a254
LdapUserGroupBackendForm: Do not disable `base_dn' and `user_base_dn'
...
refs #7343
2015-06-05 16:16:35 +02:00
797e9de629
LdapUserGroupBackendForm: Do not disable group configuration..
...
..when no user backend has been linked and it's not a ActiveDirectory.
refs #7343
2015-06-05 16:07:27 +02:00
975edbe548
UserGroupBackendForm: Do not persist null values, really
...
Revert this once #9376 has been fixed.
refs #9376
2015-06-05 15:45:33 +02:00
e9e97cb1b3
UserGroupBackendForm: Unset the `name' property, always
...
refs #7343
2015-06-05 15:41:24 +02:00
5688f0cb85
Allow to configure user group backends of type LDAP
...
refs #7343
2015-06-05 14:53:29 +02:00
447088af22
Introduce form LdapUserGroupBackendForm
...
refs #7343
2015-06-05 14:52:46 +02:00
7ebf185036
UserGroupBackendForm: Fix that autosubmit do not have any effect
...
refs #7343
2015-06-05 13:07:16 +02:00
cd0c418854
Merge branch 'master' into feature/user-and-group-management-8826
2015-06-02 10:44:13 +02:00
2490d0ae67
ConfigController: We're configuring user backends from now on
...
refs #8826
2015-06-02 09:58:57 +02:00
8875ce7d95
Provide permission config/authentication/*
2015-06-02 09:09:11 +02:00
9bd5d4148e
Drop permission config/application/groups/member
...
refs #8826
2015-06-02 09:08:16 +02:00
cf96e66ff2
Rename permission config/application/roles* to config/authentication/...
...
Does also split it into *, show, add, edit, remove as this should behave like
any other authentication configuration.
refs #8826
2015-06-02 09:07:06 +02:00
3fffd90135
Rename permission config/application/groups* to config/authentication/...
...
refs #8826
2015-06-02 09:04:34 +02:00
a558f2873a
Rename permission config/application/users* to config/authentication/...
...
refs #8826
2015-06-02 09:02:57 +02:00
46e2393074
UsergroupbackendController: Do only assert that the user has one permission
...
The configuration of a backend itself should not be that granular.
refs #8826
2015-06-02 08:58:21 +02:00
4bd36bc500
UserGroupForm: Notify the user that memberships will be cleared...
...
...when removing a group.
refs #8826
2015-06-01 14:25:29 +02:00
ea959c2dfd
Introduce controller UsergroupbackendController
...
refs #8826
2015-05-29 16:35:30 +02:00
04835db13e
Introduce form UserGroupBackendForm
...
refs #8826
2015-05-29 16:34:34 +02:00
cb4d6f013a
GroupController: Properly handle 404's when handling group members
...
refs #8826
2015-05-29 12:57:39 +02:00
385042ea92
RepositoryForm: Verify that the entry to work with is valid
...
refs #8826
2015-05-28 16:27:48 +02:00
49589128ef
Rename identity_key with private_key in ssh resource
...
refs #7595
2015-05-28 14:09:13 +02:00
8b07a0e29a
Add missing return argument in the ResourceConfigForm
2015-05-28 13:17:00 +02:00
558120e23b
Add resource ssh usage to resources and instances
...
refs #7595
2015-05-28 10:50:13 +02:00
bf21f55656
Add a new ssh resource form
...
refs #7595
2015-05-28 10:44:58 +02:00
e55d43418d
RoleForm: Add new permission sets for user and group management
...
refs #8826
2015-05-27 10:39:29 +02:00
170379b743
CreateMembershipForm: Properly handle errors when fetching groups
...
refs #8826
2015-05-27 08:55:53 +02:00
a75c74eae1
Introduce form CreateMembershipForm
...
refs #8826
2015-05-26 17:02:27 +02:00
86146b8048
Introduce form AddMemberForm
...
refs #8826
2015-05-26 14:30:55 +02:00
75c5aa2869
Move UserGroupForm to the Icinga\Forms\Config\UserGroup namespace
...
refs #8826
2015-05-26 10:24:13 +02:00
e2c250ca77
Move UserForm to the Icinga\Forms\Config\User namespace
...
refs #8826
2015-05-26 10:23:40 +02:00
ec556edc65
Merge branch 'master' into feature/user-and-group-management-8826
2015-05-26 09:28:35 +02:00
f3124ffd59
UserGroupForm: Fix redirect when renaming a group
...
refs #8826
2015-05-22 17:03:02 +02:00
18e413d15a
UserForm: Fix redirect when renaming a user
...
refs #8826
2015-05-22 17:01:34 +02:00
250f863faa
Allow anonymous LDAP binding
...
fixes #9224
2015-05-22 14:15:59 +02:00
9c6a8898fd
Introduce class UserGroupForm
...
refs #8826
2015-05-20 11:53:04 +02:00
32d1569520
Introduce class UserForm
...
refs #8826
2015-05-20 10:54:06 +02:00
8ea3cd0a13
Introduce class RepositoryForm
...
refs #8826
2015-05-20 10:53:31 +02:00
71fa736144
Merge branch 'master' into feature/user-and-group-management-8826
2015-05-20 10:46:55 +02:00
bd54784496
Don't override submit label in the ConfirmRemovalForm
2015-05-20 10:30:00 +02:00
5a69c26d2c
Fix typo in PHPDoc of ConfirmRemovalForm::init()
2015-05-20 10:30:00 +02:00
c441117324
LdapUserBackend: Extend Repository and implement UserBackendInterface
...
refs #8826
2015-05-04 12:18:25 +02:00
99ac0b78ea
DbUserBackend: Extend DbRepository and implement UserBackendInterface
...
refs #8826
2015-05-04 12:15:05 +02:00
d09ea2845d
Merge branch 'master' into feature/user-and-group-management-8826
2015-04-30 15:20:40 +02:00
c839cc0b08
Remove exclamation mark from the notification "Authentication order updated!"
...
resolves #8960
2015-04-27 13:16:54 +02:00
6ca68f438d
Move concrete UserBackend classes to Icinga\Authentication\User
...
refs #8826
2015-04-21 12:51:31 +02:00
62bb35a71e
Fix that the ldap port does not change when updating the encryption to use
...
fixes #8958
2015-04-07 15:07:36 +02:00
dc4d1246a9
Fix that the sql port does not change when updating the type of the database
...
fixes #7491
2015-04-07 15:07:36 +02:00
967a2e82dc
Use (only) "@return $this" in fluent interfaces' documentation
2015-04-07 14:24:11 +02:00
cdd5da80f0
Use Url::getRelativeUrl() when updating dashlets
...
fixes #8363
2015-04-07 13:05:12 +02:00
a3f2d7de7e
LdapResourceForm: Translate "None" with a context as it's ambiguous
2015-03-13 08:53:08 +01:00
e36c430bb3
Merge branch 'feature/protected-menu-8720'
...
resolves #8720
2015-03-13 04:26:19 +01:00
f60a0b86ec
POST disable/enable auto-refresh always against the current location
...
refs #8605
2015-03-13 04:01:08 +01:00
9f0af662a7
Write none instead of plaintext for unencrypted LDAP resources
2015-03-13 00:47:23 +01:00
020329d201
List STARTTLS before LDAPS ...
...
... when choosing encryption for a LDAP resource.
2015-03-13 00:03:01 +01:00
708f08302f
Use encryption instead of connection for the encryption setting of a LDAP resource
2015-03-13 00:02:18 +01:00
61e01a4439
Fix SSL, TLS vs LDAPS, STARTTLS in the LDAP resource form
2015-03-13 00:00:21 +01:00
86f3ce9133
Rename Ldap\Connetion::SSL to ::LDAPS
...
The SSL constant was used to denote LDAP over TLS/SSL. In fact both STARTTLS and LDAPS use encrypted TLS/SSL communication
w/ STARTTLS upgrading a plain text connection and LDAPS using a separate port. Thus speaking of SSL only for LDAPS and TLS only for STARTTLS
is not correct.
2015-03-12 23:56:08 +01:00
8563d5ed3f
PHPDoc: Use @var instead of @type
...
Becasue of too many kittens PSR-5 backed off of deprecating @var.
So that's the way we go too.
2015-03-12 16:08:47 +01:00
33112f6a18
Use {@inheritdoc} in the RoleForm
...
refs #8720
2015-03-12 15:45:22 +01:00
517437eb1b
Security: Add wildcard permissions to the config/ tree
...
refs #8720
2015-03-12 15:45:17 +01:00
195fe6f04b
Security: Rename system/config/modules to config/modules
...
Module config permission and application config permission have to be separeted.
Application config related permissions were added beneath config/application and module
related config permissions will be config/modules for now.
refs #8720
2015-03-12 15:45:14 +01:00
f6e9551235
Security: Rename system/config/roles to config/application/roles
...
Module config permission and application config permission have to be separeted.
Application config related permissions will be added beneath config/application and module
related config permissions will be added beneath config/modules.
refs #8720
2015-03-12 15:45:10 +01:00
08abbda152
Security: Rename system/config/resources to config/application/resources
...
Module config permission and application config permission have to be separeted.
Application config related permissions will be added beneath config/application and module
related config permissions will be added beneath config/modules.
refs #8720
2015-03-12 15:45:07 +01:00
a4e81c320a
Security: Rename system/config/authentication to config/application/authentication
...
Module config permission and application config permission have to be separeted.
Application config related permissions will be added beneath config/application and module
related config permissions will be added beneath config/modules.
refs #8720
2015-03-12 15:45:04 +01:00
956bc3c07a
Security: Rename system/config/application to config/application/general
...
Module config permission and application config permission have to be separeted.
Application config related permissions will be added beneath config/application and module
related config permissions will be added beneath config/modules.
refs #8720
2015-03-12 15:44:58 +01:00
1b440a4f1b
Make SSL/TLS configurable for LDAP resources
...
refs #7771
2015-03-12 15:17:19 +01:00
4a982a382e
Show exception message when LDAP connection validation fails, if any
2015-03-12 14:45:16 +01:00
39a74c4f3d
LDAP-Auth backend config: Add support for custom LDAP filter rules
...
refs #8365
2015-03-11 09:52:14 +01:00
2cf09ebc48
Revert "LdapResourceForm: Validate the host field and do not require a port"
...
This reverts commit a34d6026b3#7990
2015-03-11 08:00:20 +01:00
a34d6026b3
LdapResourceForm: Validate the host field and do not require a port
...
fixes #7990
2015-03-10 15:03:48 +01:00
886cc863f0
Add form element value expectation descriptions where required
...
I did not adjust the DateTimePicker element as the sent format is
controlled by the useragent due to either the datetime-local input
type or a javascript datetimepicker. (which does not exist yet, though)
Mentioning the RFC 3339 format such a picker expects is very likely
going to lead to confusion on an end user's side otherwise.
refs #7947
2015-03-06 09:49:15 +01:00
f7785ee04a
Fix that the DashletForm handles the autosubmit manually
2015-03-03 08:24:23 +01:00
4ba281e7e8
Config: Use native form title and description support where appropriate
...
refs #7947
refs #7976
2015-03-02 18:40:47 +01:00
e9bae08a6e
Fix that one can't advance the wizard when skipping the ldap discovery
...
fixes #8506
2015-03-02 18:40:46 +01:00
65eafc0e8f
LdapDiscoveryForm: Remove waste
2015-03-02 18:40:46 +01:00
ea4de82545
Login: Disable the required cue
...
It should be obvious that it is necessary to input a name and a password
to login in case you're looking at a "login" form...
refs #7934
2015-02-27 09:09:25 +01:00
b375a4f6cc
Fix multiple renderLayout parameters in the url
...
refs #7945
2015-02-13 16:21:19 +01:00
2112676594
Implement hidden accessible control for auto refresh on the page
...
refs #7945
2015-02-13 14:34:29 +01:00
b9c9f564ec
Add editable auto_refresh parameter to the user preferences
...
refs #7945
2015-02-12 15:12:10 +01:00
c06f015210
Ensure that all utilized form validators can be translated
...
refs #8415
2015-02-12 09:11:02 +01:00
6c70a53309
Avoid to instantiate custom form element validators directly
...
refs #8415
2015-02-12 09:11:02 +01:00
6bae2e0a53
Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL
2015-02-04 10:52:27 +01:00
ed411ec9b6
Increase size of the permissions set input
...
fixes #7762
2015-02-03 16:58:53 +01:00
5b4fab0750
Add license header
...
This time without syntax errors hopefully :)
2015-02-03 16:27:59 +01:00
5fa2e3cfdc
Revert "Add license header"
...
This reverts commit 338d067aba
2015-02-03 16:16:26 +01:00
338d067aba
Add license header
...
fixes #7788
2015-02-03 15:51:04 +01:00
53e7b44308
security: Provide a permission for module configuration
2015-02-02 14:16:26 +01:00
bf470125c3
Merge branch 'master' into feature/create-missing-directories-when-creating-inis-8219
...
Conflicts:
modules/monitoring/library/Monitoring/MonitoringWizard.php
2015-01-30 16:21:42 +01:00
65a2c47506
security: Provide permissions for our config actions
2015-01-30 13:29:47 +01:00
63305fdf9a
Add Icinga\Application\Config::saveIni()
...
Simplifies saving INI files. Icinga\File\Ini\IniWriter does already require an
instance of Icinga\Application\Config so it's obvious to give "Config" the
task to initialize the writer.. We do also have a central place to handle
creating missing ancestor directories now.
refs #8219
2015-01-30 09:32:08 +01:00
50fc85d7ff
Rename authentication type "autologin" to "external"
...
refs #8274
2015-01-27 09:49:36 +01:00
55c20abddc
Only show the "save to session" button in case preferences store = none
...
refs #8234
2015-01-23 16:25:24 +01:00
359336243c
Save "none" instead of "null" when choosing to not to store preferences
...
refs #8234
2015-01-23 16:25:24 +01:00
2a543bb5ae
Rename the preference setting `type' to `store'
...
refs #8234
2015-01-23 16:25:23 +01:00
14a4aaeb77
Revert "Fix that when chosing to not to store preferences an invalid config is created"
...
This reverts commit 6284da451e
2015-01-23 15:23:43 +01:00
6284da451e
Fix that when chosing to not to store preferences an invalid config is created
...
fixes #8234
2015-01-23 14:42:09 +01:00
e93628f4b4
Prefer 'hostname' over 'host name' in the LdapDiscoveryForm
2015-01-20 16:53:27 +01:00
2d957205ef
Using $this when not in object context, doesn't work.
...
refs #7551
2015-01-19 13:47:53 +01:00
dbd69ba693
Replace t() and mt() with translate() in the application's forms
...
refs #7551
2015-01-19 11:26:23 +01:00
f0fe6246ac
Use '/var/log/icingaweb2/icingaweb2.log' as default path when logging to file
2014-12-29 16:02:40 +01:00
5bc2144b18
Use 'icingaweb2' as default application prefix for logging to syslog
2014-12-29 16:01:07 +01:00
cfb52eeadb
Do not use a default regular expression for stripping off parts of a username when configuring an auto-login backend
...
There's no safe default for this.
2014-12-29 15:56:32 +01:00
e1bedc9afe
Use Icinga 2's default Livestatus socket path as default when configuring a livestatus resource
2014-12-29 15:55:57 +01:00
4441c1d4de
Allow to grant every permission
2014-12-29 11:53:55 +01:00
49dad43a0a
Use @type instead of @var in Security/RoleForm.php
2014-12-29 11:53:06 +01:00
2c1a37afa3
Use Zend_Form_Element::filterName() for translating restriction names to element names
...
fixes #8086
2014-12-29 10:51:12 +01:00
Johannes Meyer
Matthias Jentsch
Eric Lippmann
Thomas Gelf
Alexander Fuhr
Alexander A. Klimov