From 9dda4271ee883359a5bc67138594d5beab79a173 Mon Sep 17 00:00:00 2001
From: Alejandro Gallardo Escobar <alejandro.gallardo@artica.es>
Date: Thu, 13 Aug 2015 10:58:23 +0200
Subject: [PATCH] Fixed some errors, improved the code and prepared for
 compatibility w/ the metaconsole

(cherry picked from commit c6a04813c2c3eb2eb9b4aa616af61fdd6eb64a28)
---
 pandora_console/godmode/setup/setup_auth.php | 295 ++++++++++++++-----
 1 file changed, 218 insertions(+), 77 deletions(-)

diff --git a/pandora_console/godmode/setup/setup_auth.php b/pandora_console/godmode/setup/setup_auth.php
index a03b0a7554..e5bbc6ddb2 100644
--- a/pandora_console/godmode/setup/setup_auth.php
+++ b/pandora_console/godmode/setup/setup_auth.php
@@ -13,6 +13,8 @@
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 
+// Warning: This file may be required into the metaconsole's setup
+
 // Load global vars
 global $config;
 
@@ -29,84 +31,202 @@ include_once($config['homedir'] . "/include/functions_profile.php");
 // Load enterprise extensions
 enterprise_include ('godmode/setup/setup_auth.php');
 
-
+$table = new StdClass();
 $table->data = array ();
 $table->width = '98%';
-$table->size[0] = '30%';
+$table->size['name'] = '30%';
+$table->style['name'] = "font-weight: bold";
 
-$table->data[0][0] = __('Authentication method');
+// Auth methods added to the table (doesn't take in account mysql)
+$auth_methods_added = array();
+
+// Remote options row names
+// Fill this array for every matched row
+$remote_rows = array();
+
+// Autocreate options row names
+// Fill this array for every matched row
+$autocreate_rows = array();
+
+// LDAP data row names
+// Fill this array for every matched row
+$ldap_rows = array();
+
+// Method
 $auth_methods = array ('mysql' => __('Local Pandora FMS'), 'ldap' => __('ldap'));
 if (enterprise_installed()) {
 	add_enterprise_auth_methods($auth_methods);
 }
-$table->data[0][1] = html_print_select ($auth_methods, 'auth', $config['auth'], 'show_selected_rows ();', '', 0, true);
+$row = array();
+$row['name'] = __('Authentication method');
+$row['control'] = html_print_select($auth_methods, 'auth', $config['auth'], '', '', 0, true);
+$table->data['auth'] = $row;
 
-$table->data[1][0] = __('Fallback to local authentication') . ui_print_help_tip(__("Enable this option if you want to fallback to local authentication when remote (ldap etc...) authentication failed."), true);
-$table->data[1][1] = __('Yes').'&nbsp;'.html_print_radio_button ('fallback_local_auth', 1, '', $config['fallback_local_auth'], true).'&nbsp;&nbsp;';
-$table->data[1][1] .= __('No').'&nbsp;'.html_print_radio_button ('fallback_local_auth', 0, '', $config['fallback_local_auth'], true);
+// Fallback to local authentication
+$row = array();
+$row['name'] = __('Fallback to local authentication')
+	. ui_print_help_tip(__("Enable this option if you want to fallback to local authentication when remote (ldap etc...) authentication failed."), true);
+$row['control'] = __('Yes').'&nbsp;'.html_print_radio_button('fallback_local_auth', 1, '', $config['fallback_local_auth'], true).'&nbsp;&nbsp;';
+$row['control'] .= __('No').'&nbsp;'.html_print_radio_button('fallback_local_auth', 0, '', $config['fallback_local_auth'], true);
+$table->data['fallback_local_auth'] = $row;
+$remote_rows[] = 'fallback_local_auth';
 
-$table->data[2][0] = __('Autocreate remote users');
-$table->data[2][1] = __('Yes').'&nbsp;'.html_print_radio_button_extended ('autocreate_remote_users', 1, '', $config['autocreate_remote_users'], false, 'enable_profile_options ();', '', true).'&nbsp;&nbsp;';
-$table->data[2][1] .= __('No').'&nbsp;'.html_print_radio_button_extended ('autocreate_remote_users', 0, '', $config['autocreate_remote_users'], false, 'enable_profile_options ();', '', true);
-$table->rowstyle[1] = $config['auth'] != 'mysql' ? '' : 'display: none;';
-$table->data[3][0] = __('Autocreate profile');
+// Autocreate remote users
+$row = array();
+$row['name'] = __('Autocreate remote users');
+$row['control'] = __('Yes').'&nbsp;'.html_print_radio_button_extended('autocreate_remote_users', 1, '', $config['autocreate_remote_users'], false, '', '', true).'&nbsp;&nbsp;';
+$row['control'] .= __('No').'&nbsp;'.html_print_radio_button_extended('autocreate_remote_users', 0, '', $config['autocreate_remote_users'], false, '', '', true);
+$table->data['autocreate_remote_users'] = $row;
+$remote_rows[] = 'autocreate_remote_users';
+
+// Autocreate profile
 $profile_list = profile_get_profiles ();
 if ($profile_list === false) {
 	$profile_list = array ();
 }
-$table->data[3][1] = html_print_select ($profile_list, 'default_remote_profile', $config['default_remote_profile'], '', '', '', true, false, true, '', $config['autocreate_remote_users'] == 0);
-$table->data[4][0] = __('Autocreate profile group');
-$table->data[4][1] = html_print_select_groups ($config['id_user'], "AR", 
-		true, 'default_remote_group', $config['default_remote_group'],
-			'', '', '', true, false, true, '', 
-			$config['autocreate_remote_users'] == 0);
+$row = array();
+$row['name'] = __('Autocreate profile');
+$row['control'] = html_print_select($profile_list, 'default_remote_profile', $config['default_remote_profile'], '', '', '', true, false, true, '', $config['autocreate_remote_users'] == 0);
+$table->data['default_remote_profile'] = $row;
+$remote_rows[] = 'default_remote_profile';
+$autocreate_rows[] = 'default_remote_profile';
+
+// Autocreate profile group
+$row = array();
+$row['name'] = __('Autocreate profile group');
+$row['control'] = html_print_select_groups($config['id_user'], "AR", true, 'default_remote_group', $config['default_remote_group'], '', '', '', true, false, true, '', $config['autocreate_remote_users'] == 0);
+$table->data['default_remote_group'] = $row;
+$remote_rows[] = 'default_remote_group';
+$autocreate_rows[] = 'default_remote_group';
+
+// Autocreate profile tags
 $tags = tags_get_all_tags();
-$table->data[5][0] = __('Autocreate profile tags');
-$table->data[5][1] = html_print_select($tags, 'default_assign_tags[]', explode(",",$config['default_assign_tags']), '', __('Any'), '', true, true);
-$table->data[6][0] = __('Autocreate blacklist') . ui_print_help_icon ('autocreate_blacklist', true);
-$table->data[6][1] = html_print_input_text ('autocreate_blacklist', $config['autocreate_blacklist'], '', 60, 100, true);
-for ($i = 1; $i <= 4; $i++) {
-	$table->rowstyle[$i] = $config['auth'] != 'mysql' ? '' : 'display: none;';
-	$table->rowclass[$i] = 'remote';
+$row = array();
+$row['name'] = __('Autocreate profile tags');
+$row['control'] = html_print_select($tags, 'default_assign_tags[]', explode(',', $config['default_assign_tags']), '', __('Any'), '', true, true);
+$table->data['default_assign_tags'] = $row;
+$remote_rows[] = 'default_assign_tags';
+$autocreate_rows[] = 'default_assign_tags';
+
+// Autocreate blacklist
+$row = array();
+$row['name'] = __('Autocreate blacklist') . ui_print_help_icon ('autocreate_blacklist', true);
+$row['control'] = html_print_input_text('autocreate_blacklist', $config['autocreate_blacklist'], '', 60, 100, true);
+$table->data['autocreate_blacklist'] = $row;
+$remote_rows[] = 'autocreate_blacklist';
+$autocreate_rows[] = 'autocreate_blacklist';
+
+// Add the remote class to the remote rows
+foreach ($remote_rows as $name) {
+	if (!isset($table->rowclass[$name]))
+		$table->rowclass[$name] = '';
+	$table->rowclass[$name] .= ' ' . 'remote';
 }
 
-$table->data[7][0] = __('LDAP server');
-$table->data[7][1] = html_print_input_text ('ldap_server', $config['ldap_server'], '', 30, 100, true);
-$table->data[8][0] = __('LDAP port');
-$table->data[8][1] = html_print_input_text ('ldap_port', $config['ldap_port'], '', 10, 100, true);
-$table->data[9][0] = __('LDAP version');
+// Add the autocreate class to the autocreate rows
+foreach ($autocreate_rows as $name) {
+	if (!isset($table->rowclass[$name]))
+		$table->rowclass[$name] = '';
+	$table->rowclass[$name] .= ' ' . 'autocreate';
+}
+
+
+/* ------ LDAP ------ */
+
+// LDAP server
+$row = array();
+$row['name'] = __('LDAP server');
+$row['control'] = html_print_input_text('ldap_server', $config['ldap_server'], '', 30, 100, true);
+$table->data['ldap_server'] = $row;
+$ldap_rows[] = 'ldap_server';
+
+// LDAP port
+$row = array();
+$row['name'] = __('LDAP port');
+$row['control'] = html_print_input_text('ldap_port', $config['ldap_port'], '', 10, 100, true);
+$table->data['ldap_port'] = $row;
+$ldap_rows[] = 'ldap_port';
+
+// LDAP version
 $ldap_versions = array (1 => 'LDAPv1', 2 => 'LDAPv2', 3 => 'LDAPv3');
-$table->data[9][1] = html_print_select ($ldap_versions, 'ldap_version', $config['ldap_version'], '', '', 0, true);
-$table->data[10][0] = __('Start TLS');
-$table->data[10][1] = __('Yes').'&nbsp;'.html_print_radio_button ('ldap_start_tls', 1, '', $config['ldap_start_tls'], true).'&nbsp;&nbsp;';
-$table->data[10][1] .= __('No').'&nbsp;'.html_print_radio_button ('ldap_start_tls', 0, '', $config['ldap_start_tls'], true);
-$table->data[11][0] = __('Base DN');
-$table->data[11][1] = html_print_input_text ('ldap_base_dn', $config['ldap_base_dn'], '', 60, 100, true);
-$table->data[12][0] = __('Login attribute');
-$table->data[12][1] = html_print_input_text ('ldap_login_attr', $config['ldap_login_attr'], '', 60, 100, true);
+$row = array();
+$row['name'] = __('LDAP version');
+$row['control'] = html_print_select($ldap_versions, 'ldap_version', $config['ldap_version'], '', '', 0, true);
+$table->data['ldap_version'] = $row;
+$ldap_rows[] = 'ldap_version';
 
-// Hide LDAP configuration options
-for ($i = 2; $i <= 12; $i++) {
-	$table->rowstyle[$i] = $config['auth'] == 'ldap' ? '' : 'display: none;';
-	$table->rowclass[$i] = 'ldap';
+// Start TLS
+$row = array();
+$row['name'] = __('Start TLS');
+$row['control'] = __('Yes').'&nbsp;'.html_print_radio_button ('ldap_start_tls', 1, '', $config['ldap_start_tls'], true).'&nbsp;&nbsp;';
+$row['control'] .= __('No').'&nbsp;'.html_print_radio_button ('ldap_start_tls', 0, '', $config['ldap_start_tls'], true);
+$table->data['ldap_start_tls'] = $row;
+$ldap_rows[] = 'ldap_start_tls';
+
+// Base DN
+$row = array();
+$row['name'] = __('Base DN');
+$row['control'] = html_print_input_text ('ldap_base_dn', $config['ldap_base_dn'], '', 60, 100, true);
+$table->data['ldap_base_dn'] = $row;
+$ldap_rows[] = 'ldap_base_dn';
+
+// Login attribute
+$row = array();
+$row['name'] = __('Login attribute');
+$row['control'] = html_print_input_text ('ldap_login_attr', $config['ldap_login_attr'], '', 60, 100, true);
+$table->data['ldap_login_attr'] = $row;
+$ldap_rows[] = 'ldap_login_attr';
+
+// Add the ldap class to the LDAP rows
+foreach ($ldap_rows as $name) {
+	if (!isset($table->rowclass[$name]))
+		$table->rowclass[$name] = '';
+	$table->rowclass[$name] = ' ' . 'ldap';
 }
 
-// Set the rows autocreation for Active Directory
-for ($i = 2; $i <= 6; $i++) {
-	$table->rowclass[$i] .= ' ' . 'ad';
-}
-
-// Hide fallback option when local authentication is selected.
-$table->rowstyle[1] = $config['auth'] == 'mysql' ? 'display: none;' : '';
-$table->rowclass[1] = 'remote';
+$auth_methods_added[] = 'ldap';
 
 // Add enterprise authentication options
 if (enterprise_installed()) {
-	add_enterprise_auth_options($table, 12);
+	$enterprise_auth_options_added = add_enterprise_auth_options($table);
+	
+	array_merge($auth_methods_added, $enterprise_auth_options_added);
 }
 
+// Enable double authentication
+// Set default value
+set_unless_defined($config['double_auth_enabled'], false);
+$row = array();
+$row['name'] = __('Double authentication')
+	. ui_print_help_tip(__("If this option is enabled, the users can use double authentication with their accounts"), true);
+$row['control'] = __('Yes') . '&nbsp;';
+$row['control'] .= html_print_radio_button('double_auth_enabled', 1, '', $config['double_auth_enabled'], true);
+$row['control'] .= '&nbsp;&nbsp;';
+$row['control'] .= __('No') .'&nbsp;';
+$row['control'] .= html_print_radio_button('double_auth_enabled', 0, '', $config['double_auth_enabled'], true);
+$table->data['double_auth_enabled'] = $row;
+
+// Session timeout
+// Default session timeout
+set_when_empty ($config["session_timeout"], 90);
+$row = array();
+$row['name'] = __('Session timeout (mins)')
+	. ui_print_help_tip(__("This is defined in minutes"), true);
+$row['control'] = html_print_input_text ('session_timeout', $config["session_timeout"], '', 10, 10, true);
+$table->data['session_timeout'] = $row;
+
+// Form
 echo '<form id="form_setup" method="post">';
-html_print_input_hidden ('update_config', 1);
+
+if (!is_metaconsole()) {
+	html_print_input_hidden ('update_config', 1);
+}
+else {
+	// To use it in the metasetup
+	html_print_input_hidden ('action', 'save');
+	html_print_input_hidden ('hash_save_config', md5('save' . $config['dbpass']));
+}
+
 html_print_table ($table);
 echo '<div class="action-buttons" style="width: '.$table->width.'">';
 html_print_submit_button (__('Update'), 'update_button', false, 'class="sub upd"');
@@ -115,36 +235,57 @@ echo '</form>';
 ?>
 
 <script type="text/javascript">
-	function show_selected_rows () {
-		var auth_method = $("#auth").val ();
-		
-		$(".remote").css("display", "none");
-		$(".ldap").css("display", "none");
-		$(".ad").css("display", "none");
-		$(".pandora").css("display", "none");
-		$(".babel").css("display", "none");
-		$(".integria").css("display", "none");
-		
-		if (auth_method != "mysql") {
-			$(".remote").css("display", "");
-		}
-		$("." + auth_method).css('display', '');
-	}
+	// Get 
+	var auth_methods = $.map($('select#auth option'), function(option) {
+		return option.value;
+	});
 	
-	function enable_profile_options () {
-		var remote_auto = $("input:radio[name=autocreate_remote_users]:checked").val();
+	// Add the auth select change event and perform it once
+	// for process the action on the section load
+	$('select#auth').change(show_selected_rows).change();
+	
+	// Add the click event and perform it once
+	// for process the action on the section load
+	$('input[name="autocreate_remote_users"]').change(show_autocreate_options).change();
+	
+	// Event callback for the auth select
+	function show_selected_rows (event) {
+		var auth_method = $(this).val();
 		
-		if (remote_auto == 0) {
-			$("#default_remote_profile").attr("disabled", true);
-			$("#default_remote_group").attr("disabled", true);
-			$("#text-autocreate_blacklist").attr("disabled", true);
+		if (auth_method !== 'mysql') {
+			$('tr.remote').show();
+			show_autocreate_options(null);
 		}
 		else {
-			$("#default_remote_profile").removeAttr('disabled');
-			$("#default_remote_group").removeAttr('disabled');
-			$("#text-autocreate_blacklist").removeAttr('disabled');
+			$('tr.remote').hide();
 		}
+		
+		// Hide all the auth methods (except mysql)
+		_.each(auth_methods, function(value, key) {
+			if (value !== 'mysql')
+				$('tr.' + value).hide();
+		});
+		// Show the selected auth method
+		$('tr.' + auth_method).show();
 	}
 	
-	show_selected_rows();
+	// Event callback for the autocreate remote users radio buttons
+	function show_autocreate_options (event) {
+		var remote_auto = $('input:radio[name=autocreate_remote_users]:checked').val();
+		var disabled = false;
+		
+		if (remote_auto == 0)
+			disabled = true;
+		
+		$('select#default_remote_profile').prop('disabled', disabled);
+		$('select#default_remote_group').prop('disabled', disabled);
+		$('select#default_assign_tags').prop('disabled', disabled);
+		$('input#text-autocreate_blacklist').prop('disabled', disabled);
+		
+		// Show when disabled = false and hide when disabled = true
+		if (disabled)
+			$('tr.autocreate').hide();
+		else
+			$('tr.autocreate').show();
+	}
 </script>