* @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2 * @author Icinga Development Team * */ // {{{ICINGA_LICENSE_HEADER}}} use \Icinga\Web\Controller\BaseConfigController; use \Icinga\Web\Widget\Tab; use \Icinga\Web\Widget\AlertMessageBox; use \Icinga\Web\Url; use \Icinga\Web\Hook\Configuration\ConfigurationTabBuilder; use \Icinga\User\Message; use \Icinga\Application\Icinga; use \Icinga\Application\Config as IcingaConfig; use \Icinga\Data\ResourceFactory; use \Icinga\Form\Config\GeneralForm; use \Icinga\Authentication\Manager as AuthenticationManager; use \Icinga\Form\Config\Authentication\ReorderForm; use \Icinga\Form\Config\Authentication\LdapBackendForm; use \Icinga\Form\Config\Authentication\DbBackendForm; use \Icinga\Form\Config\Resource\EditResourceForm; use \Icinga\Form\Config\LoggingForm; use \Icinga\Form\Config\ConfirmRemovalForm; use \Icinga\Config\PreservingIniWriter; /** * Application wide controller for application preferences */ class ConfigController extends BaseConfigController { /** * The resource types that are available. * * @var array */ private $resourceTypes = array('livestatus', 'ido', 'statusdat', 'ldap'); /** * Create tabs for this configuration controller * * @return array * * @see BaseConfigController::createProvidedTabs() */ public static function createProvidedTabs() { return array( 'index' => new Tab( array( 'name' => 'index', 'title' => 'Application', 'url' => Url::fromPath('/config') ) ), 'authentication' => new Tab( array( 'name' => 'auth', 'title' => 'Authentication', 'url' => Url::fromPath('/config/authentication') ) ), 'resources' => new Tab( array( 'name' => 'resource', 'title' => 'Resources', 'url' => Url::fromPath('/config/resource') ) ), 'logging' => new Tab( array( 'name' => 'logging', 'title' => 'Logging', 'url' => Url::fromPath('/config/logging') ) ), 'modules' => new Tab( array( 'name' => 'modules', 'title' => 'Modules', 'url' => Url::fromPath('/config/moduleoverview') ) ) ); } /** * Index action, entry point for configuration */ public function indexAction() { $this->view->messageBox = new AlertMessageBox(true); $form = new GeneralForm(); $form->setConfiguration(IcingaConfig::app()); $form->setRequest($this->_request); if ($form->isSubmittedAndValid()) { if (!$this->writeConfigFile($form->getConfig(), 'config')) { return; } $this->addSuccessMessage("Configuration Sucessfully Updated"); $form->setConfiguration(IcingaConfig::app(), true); $this->redirectNow('config/index'); } $this->view->form = $form; } /** * Form for modifying the logging configuration */ public function loggingAction() { $this->view->messageBox = new AlertMessageBox(true); $form = new LoggingForm(); $form->setConfiguration(IcingaConfig::app()); $form->setRequest($this->_request); if ($form->isSubmittedAndValid()) { if (!$this->writeConfigFile($form->getConfig(), 'config')) { return; } $this->addSuccessMessage("Configuration Sucessfully Updated"); $form->setConfiguration(IcingaConfig::app(), true); $this->redirectNow('config/logging'); } $this->view->form = $form; } /** * Display the list of all modules */ public function moduleoverviewAction() { $this->view->messageBox = new AlertMessageBox(true); $this->view->modules = Icinga::app()->getModuleManager()->select() ->from('modules') ->order('name'); $this->render('module/overview'); } /** * Enable a specific module provided by the 'name' param */ public function moduleenableAction() { $module = $this->getParam('name'); $manager = Icinga::app()->getModuleManager(); try { $manager->enableModule($module); $manager->loadModule($module); $this->addSuccessMessage('Module "' . $module . '" enabled'); $this->redirectNow('config/moduleoverview'); return; } catch (Exception $e) { $this->view->exceptionMesssage = $e->getMessage(); $this->view->moduleName = $module; $this->view->action = 'enable'; $this->render('module-configuration-error'); } } /** * Disable a module specific module provided by the 'name' param */ public function moduledisableAction() { $module = $this->getParam('name'); $manager = Icinga::app()->getModuleManager(); try { $manager->disableModule($module); $this->addSuccessMessage('Module "' . $module . '" disabled'); $this->redirectNow('config/moduleoverview'); return; } catch (Exception $e) { $this->view->exceptionMessage = $e->getMessage(); $this->view->moduleName = $module; $this->view->action = 'disable'; $this->render('module-configuration-error'); } } /** * Action for creating a new authentication backend */ public function authenticationAction($showOnly = false) { $config = IcingaConfig::app('authentication', true); $order = array_keys($config->toArray()); $this->view->backends = array(); $this->view->messageBox = new AlertMessageBox(true); foreach ($config as $backend=>$backendConfig) { $form = new ReorderForm(); $form->setName('form_reorder_backend_' . $backend); $form->setAuthenticationBackend($backend); $form->setCurrentOrder($order); $form->setRequest($this->_request); if (!$showOnly && $form->isSubmittedAndValid()) { if ($this->writeAuthenticationFile($form->getReorderedConfig($config))) { $this->addSuccessMessage('Authentication Order Updated'); $this->redirectNow('config/authentication'); } return; } $this->view->backends[] = (object) array( 'name' => $backend, 'reorderForm' => $form ); } $this->render('authentication'); } /** * Action for creating a new authentication backend */ public function createauthenticationbackendAction() { $this->view->messageBox = new AlertMessageBox(true); if ($this->getRequest()->getParam('type') === 'ldap') { $form = new LdapBackendForm(); } else { $form = new DbBackendForm(); } if ($this->getParam('auth_backend')) { $form->setBackendName($this->getParam('auth_backend')); } $form->setRequest($this->getRequest()); if ($form->isSubmittedAndValid()) { $backendCfg = IcingaConfig::app('authentication')->toArray(); foreach ($backendCfg as $backendName => $settings) { unset($backendCfg[$backendName]['name']); } foreach ($form->getConfig() as $backendName => $settings) { unset($settings->{'name'}); if (isset($backendCfg[$backendName])) { $this->addErrorMessage('Backend name already exists'); $this->view->form = $form; $this->render('authentication/create'); return; } $backendCfg[$backendName] = $settings; } if ($this->writeAuthenticationFile($backendCfg)) { // redirect to overview with success message $this->addSuccessMessage('Backend Modification Written.'); $this->redirectNow("config/authentication"); } return; } $this->view->messageBox->addForm($form); $this->view->form = $form; $this->render('authentication/create'); } /** * Form for editing backends * * Mostly the same like the createAuthenticationBackendAction, but with additional checks for backend existence * and form population */ public function editauthenticationbackendAction() { $this->view->messageBox = new AlertMessageBox(true); $configArray = IcingaConfig::app('authentication', true)->toArray(); $authBackend = $this->getParam('auth_backend'); if (!isset($configArray[$authBackend])) { $this->addErrorMessage('Can\'t edit: Unknown Authentication Backend Provided'); $this->configurationerrorAction(); return; } if (!array_key_exists('resource', $configArray[$authBackend])) { $this->addErrorMessage('Configuration error: Backend "' . $authBackend . '" has no Resource'); $this->configurationerrorAction(); return; } $type = ResourceFactory::getResourceConfig($configArray[$authBackend]['resource'])->type; switch ($type) { case 'ldap': $form = new LdapBackendForm(); break; case 'db': $form = new DbBackendForm(); break; default: $this->addErrorMessage('Can\'t edit: backend type "' . $type . '" of given resource not supported.'); $this->configurationerrorAction(); return; } $form->setBackendName($this->getParam('auth_backend')); $form->setBackend(IcingaConfig::app('authentication', true)->$authBackend); $form->setRequest($this->getRequest()); if ($form->isSubmittedAndValid()) { $backendCfg = IcingaConfig::app('authentication')->toArray(); foreach ($form->getConfig() as $backendName => $settings) { $backendCfg[$backendName] = $settings; // Remove the old section if the backend is renamed if ($backendName != $authBackend) { unset($backendCfg[$authBackend]); } unset($settings['name']); } if ($this->writeAuthenticationFile($backendCfg)) { // redirect to overview with success message $this->addSuccessMessage('Backend "' . $authBackend . '" created'); $this->redirectNow("config/authentication"); } return; } $this->view->messageBox->addForm($form); $this->view->name = $authBackend; $this->view->form = $form; $this->render('authentication/modify'); } /** * Action for removing a backend from the authentication list. * * Redirects to the overview after removal is finished */ public function removeauthenticationbackendAction() { $this->view->messageBox = new AlertMessageBox(true); $configArray = IcingaConfig::app('authentication', true)->toArray(); $authBackend = $this->getParam('auth_backend'); if (!isset($configArray[$authBackend])) { $this->addSuccessMessage('Can\'t perform removal: Unknown Authentication Backend Provided'); $this->render('authentication/remove'); return; } $form = new ConfirmRemovalForm(); $form->setRequest($this->getRequest()); $form->setRemoveTarget('auth_backend', $authBackend); if ($form->isSubmittedAndValid()) { unset($configArray[$authBackend]); if ($this->writeAuthenticationFile($configArray)) { $this->addSuccessMessage('Authentication Backend "' . $authBackend . '" Removed'); $this->redirectNow("config/authentication"); } return; } $this->view->form = $form; $this->view->name = $authBackend; $this->render('authentication/remove'); } public function resourceAction($showOnly = false) { $this->view->messageBox = new AlertMessageBox(true); $this->view->resources = IcingaConfig::app('resources', true)->toArray(); $this->render('resource'); } public function createresourceAction() { $this->view->resourceTypes = $this->resourceTypes; $resources = IcingaConfig::app('resources', true); $form = new EditResourceForm(); $form->setRequest($this->_request); if ($form->isSubmittedAndValid()) { $name = $form->getName(); if (isset($resources->{$name})) { $this->addErrorMessage('Resource name "' . $name .'" already in use.'); } else { $resources->{$name} = $form->getConfig(); if ($this->writeConfigFile($resources, 'resources')) { $this->addSuccessMessage('Resource "' . $name . '" created.'); $this->redirectNow("config/resource"); } } } $this->view->messageBox = new AlertMessageBox(true); $this->view->messageBox->addForm($form); $this->view->form = $form; $this->render('resource/create'); } public function editresourceAction() { $this->view->messageBox = new AlertMessageBox(true); $resources = ResourceFactory::getResourceConfigs(); $name = $this->getParam('resource'); if ($resources->get($name) === null) { $this->addErrorMessage('Can\'t edit: Unknown Resource Provided'); $this->render('resource/modify'); return; } $form = new EditResourceForm(); if ($this->_request->isPost() === false) { $form->setOldName($name); $form->setName($name); } $form->setRequest($this->_request); $form->setResource($resources->get($name)); if ($form->isSubmittedAndValid()) { $oldName = $form->getOldName(); $name = $form->getName(); if ($oldName !== $name) { unset($resources->{$oldName}); } $resources->{$name} = $form->getConfig(); if ($this->writeConfigFile($resources, 'resources')) { $this->addSuccessMessage('Resource "' . $name . '" edited.'); $this->redirectNow("config/resource"); } return; } $this->view->messageBox->addForm($form); $this->view->form = $form; $this->view->name = $name; $this->render('resource/modify'); } public function removeresourceAction() { $this->view->messageBox = new AlertMessageBox(true); $resources = ResourceFactory::getResourceConfigs()->toArray(); $name = $this->getParam('resource'); if (!isset($resources[$name])) { $this->addSuccessMessage('Can\'t remove: Unknown resource provided'); $this->render('resource/remove'); return; } $form = new ConfirmRemovalForm(); $form->setRequest($this->getRequest()); $form->setRemoveTarget('resource', $name); // Check if selected resource is currently used for authentication $authConfig = IcingaConfig::app('authentication', true)->toArray(); foreach ($authConfig as $backendName => $config) { if (array_key_exists('resource', $config) && $config['resource'] === $name) { $this->addErrorMessage( 'Warning: The resource "' . $name . '" is currently used for user authentication by "' . $backendName . '". ' . ' Deleting it could eventally make login impossible.' ); } } if ($form->isSubmittedAndValid()) { unset($resources[$name]); if ($this->writeConfigFile($resources, 'resources')) { $this->addSuccessMessage('Resource "' . $name . '" removed.'); $this->redirectNow('config/resource'); } return; } $this->view->name = $name; $this->view->form = $form; $this->render('resource/remove'); } /** * Redirect target only for error-states * * When an error is opened in the side-pane, redirecting this request to the index or the overview will look * weird. This action returns a clear page containing only an AlertMessageBox. */ public function configurationerrorAction() { $this->view->messageBox = new AlertMessageBox(true); $this->render('error/error'); } /** * Write changes to an authentication file * * @param array $config The configuration changes * * @return bool True when persisting succeeded, otherwise false * * @see writeConfigFile() */ private function writeAuthenticationFile($config) { return $this->writeConfigFile($config, 'authentication'); } /** * Write changes to a configuration file $file, using the supplied writer or PreservingIniWriter if none is set * * @param array|Zend_Config $config The configuration to write * @param string $file The filename to write to (without .ini) * @param Zend_Config_Writer $writer An optional writer to use for persisting changes * * @return bool True when persisting succeeded, otherwise false */ private function writeConfigFile($config, $file, $writer = null) { if (is_array($config)) { $config = new Zend_Config($config); } if ($writer === null) { $writer = new PreservingIniWriter( array( 'config' => $config, 'filename' => IcingaConfig::app($file)->getConfigFile() ) ); } try { $writer->write(); return true; } catch (Exception $exc) { $this->view->exceptionMessage = $exc->getMessage(); $this->view->iniConfigurationString = $writer->render(); $this->view->file = $file; $this->render('show-configuration'); return false; } } } // @codingStandardsIgnoreEnd